urlscan.io logo urlscan.io
SecurityTrails logo

104.236.234.236 Open in urlscan Pro
104.236.234.236  Public Scan

Go To Rescan Add Verdict Report
URL: http://104.236.234.236/input.php
Submission: On June 28 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 23 HTTP transactions. The main IP is 104.236.234.236, located in Clifton, United States and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is 104.236.234.236.
This is the only time 104.236.234.236 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 104.236.234.236 14061 (DIGITALOC...)
1 205.185.208.52 20446 (HIGHWINDS3)
1 2.18.233.20 16625 (AKAMAI-AS)
1 104.131.112.188 14061 (DIGITALOC...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
23 7
10    104.236.234.236 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
104.236.234.236
1    205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com
1    2.18.233.20 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-20.deploy.static.akamaitechnologies.com
www.paypalobjects.com
1    104.131.112.188 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
www.cfiresim.com
6    2a00:1450:4001:81e::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
adservice.google.de
1    2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
3    2a00:1450:4001:817::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
Domain Requested by
5 pagead2.googlesyndication.com 104.236.234.236
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 www.cfiresim.com 104.236.234.236
1 www.paypalobjects.com 104.236.234.236
1 code.jquery.com 104.236.234.236
23 7
Subject Issuer Validity Valid
*.g.doubleclick.net
Google Internet Authority G3		 2018-06-12 -
2018-08-21		 2 months crt.sh

This page contains 6 frames:

Primary Page: http://104.236.234.236/input.php
Frame ID: 374FBDA1C8B4CEE0DDD4305B24099011
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180620/r20180604/zrt_lookup.html
Frame ID: DF6B497C57D548EC00F9F9A4C0B52C03
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/show_ads_impl.js
Frame ID: 1B6CF20FA3D71EF2E4989EFF042CAFC1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5980092593965662&output=html&h=90&slotname=7690742991&adk=2691980066&adf=1594227400&w=728&lmt=1530203922&guci=1.2.0.0.2.2.0&format=728x90&url=http%3A%2F%2F104.236.234.236%2Finput.php&flash=0&wgl=1&dt=1530203922543&bpp=12&bdt=306&fdt=15&idt=56&shv=r20180620&cbv=r20180604&saldr=aa&abxe=1&correlator=5027484912808&frm=20&pv=2&ga_vid=1572132588.1530203923&ga_sid=1530203923&ga_hid=468539388&ga_fc=0&iag=0&icsg=692218&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=158&ady=339&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=10573695%2C21061122%2C368226400%2C370204029&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&fsb=1&xpc=0HdftGAMPL&p=http%3A//104.236.234.236&dtd=76
Frame ID: 1C56C054B7D14FD46AE5EC1EB8C57998
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/show_ads_impl.js
Frame ID: 8BB1DEC57643030C59E280EF3E44978C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5980092593965662&output=html&h=600&slotname=3595070993&adk=4170567022&adf=3394638364&w=300&lmt=1530203922&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2F104.236.234.236%2Finput.php&flash=0&wgl=1&dt=1530203922558&bpp=5&bdt=321&fdt=74&idt=77&shv=r20180620&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5027484912808&frm=20&pv=1&ga_vid=1572132588.1530203923&ga_sid=1530203923&ga_hid=468539388&ga_fc=0&iag=0&icsg=2789370&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1201&ady=915&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=10573695%2C21061122%2C368226400%2C370204029&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=2&fsb=1&xpc=tOH6lJmpu9&p=http%3A//104.236.234.236&dtd=83
Frame ID: 796AD717BC9A664B137C039E12C667E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /(?:Powered by <a[^>]+phpbb|<a[^>]+phpbb[^>]+class=\.copyright| phpBB style name|<[^>]+styles\/(?:sub|pro)silver\/theme|<img[^>]+i_icon_mini|<table class="forumline)/i
Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
  • html /(?:Powered by <a[^>]+phpbb|<a[^>]+phpbb[^>]+class=\.copyright| phpBB style name|<[^>]+styles\/(?:sub|pro)silver\/theme|<img[^>]+i_icon_mini|<table class="forumline)/i
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<input[^>]+_s-xclick/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
  • script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i

Page Statistics

23
Requests

13 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

213 kB
Transfer

845 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request input.php
104.236.234.236/ 		46 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://104.236.234.236/input.php
Protocol
HTTP/1.1
Server
104.236.234.236 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.2.22 (Ubuntu) / PHP/5.3.10-1ubuntu3.25
Resource Hash
0fd7df9f559c453aa342dd41333a0ae900fa526835b5caa4eb5e53ea276019a4

Request headers

Host
104.236.234.236
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
374FBDA1C8B4CEE0DDD4305B24099011

Response headers

Date
Thu, 28 Jun 2018 16:33:05 GMT
Server
Apache/2.2.22 (Ubuntu)
X-Powered-By
PHP/5.3.10-1ubuntu3.25
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
8184
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
bootstrap.min.css
104.236.234.236/css/ 		98 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://104.236.234.236/css/bootstrap.min.css
Requested by
Host: 104.236.234.236
URL: http://104.236.234.236/input.php
Protocol
HTTP/1.1
Server
104.236.234.236 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.2.22 (Ubuntu) /
Resource Hash
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
104.236.234.236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://104.236.234.236/input.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Jun 2018 16:33:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Dec 2016 16:57:40 GMT
Server
Apache/2.2.22 (Ubuntu)
ETag
"ff5e8-18679-544a6c008a918"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
17162
bootstrap-select.min.css
104.236.234.236/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://104.236.234.236/css/bootstrap-select.min.css
Requested by
Host: 104.236.234.236
URL: http://104.236.234.236/input.php
Protocol
HTTP/1.1
Server
104.236.234.236 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.2.22 (Ubuntu) /
Resource Hash
97b66be7d96b63e66d883c7804f667f0ca57da49b538c0185223dbfd58f352b3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
104.236.234.236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://104.236.234.236/input.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Jun 2018 16:33:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Dec 2016 16:57:40 GMT
Server
Apache/2.2.22 (Ubuntu)
ETag
"ff5ed-1621-544a6c008b8b8"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1440
grid.css
104.236.234.236/css/ 		572 B
604 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://104.236.234.236/css/grid.css
Requested by
Host: 104.236.234.236
URL: http://104.236.234.236/input.php
Protocol
HTTP/1.1
Server
104.236.234.236 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.2.22 (Ubuntu) /
Resource Hash
54839c12de05dd3cb4fb85cd5b6b13501a3d45a0a25d8d01e961dfd565de9e05

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
104.236.234.236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://104.236.234.236/input.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Jun 2018 16:33:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Dec 2016 16:57:40 GMT
Server
Apache/2.2.22 (Ubuntu)
ETag
"ff5d6-23c-544a6c0089978"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
267
jquery-1.10.2.min.js
code.jquery.com/ 		91 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://code.jquery.com/jquery-1.10.2.min.js
Requested by
Host: 104.236.234.236
URL: http://104.236.234.236/input.php
Protocol
HTTP/1.1
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Jun 2018 16:38:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:07 GMT
Server
nginx
ETag
W/"54499a47-16bb3"
Vary
Accept-Encoding
X-HW
1530203922.dop007.fr8.t,1530203922.cds032.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
38145
formManipNew.js
104.236.234.236/js/ 		35 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://104.236.234.236/js/formManipNew.js
Requested by
Host: 104.236.234.236
URL: http://104.236.234.236/input.php
Protocol
HTTP/1.1
Server
104.236.234.236 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.2.22 (Ubuntu) /
Resource Hash
70a64710c3925ec1156390d7925aaba48c3d3b67ad4f01373b2fdb0178238bf2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
104.236.234.236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://104.236.234.236/input.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Jun 2018 16:33:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Dec 2016 16:57:40 GMT
Server
Apache/2.2.22 (Ubuntu)
ETag
"ff74c-8cf2-544a6c0096498"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4086
userFunctions.js
104.236.234.236/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://104.236.234.236/js/userFunctions.js
Requested by
Host: 104.236.234.236
URL: http://104.236.234.236/input.php
Protocol
HTTP/1.1
Server
104.236.234.236 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.2.22 (Ubuntu) /
Resource Hash
5879c2db504f506e9221ab718c17b6fc3cfc7135577702df04479c0dbb2182aa

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
104.236.234.236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://104.236.234.236/input.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Jun 2018 16:33:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Dec 2016 16:57:40 GMT
Server
Apache/2.2.22 (Ubuntu)
ETag
"ff75c-1152-544a6c0097438"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1274
bootstrap.min.js
104.236.234.236/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://104.236.234.236/js/bootstrap.min.js
Requested by
Host: 104.236.234.236
URL: http://104.236.234.236/input.php
Protocol
HTTP/1.1
Server
104.236.234.236 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.2.22 (Ubuntu) /
Resource Hash
03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
104.236.234.236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://104.236.234.236/input.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Jun 2018 16:33:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Dec 2016 16:57:40 GMT
Server
Apache/2.2.22 (Ubuntu)
ETag
"ff754-71a9-544a6c0096498"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7665
bootstrap-select.min.js
104.236.234.236/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://104.236.234.236/js/bootstrap-select.min.js
Requested by
Host: 104.236.234.236
URL: http://104.236.234.236/input.php
Protocol
HTTP/1.1
Server
104.236.234.236 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.2.22 (Ubuntu) /
Resource Hash
8a86b8b4534c51b5970d803dcc18a494c86da2ce13df90dc193e790cbef7f396

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
104.236.234.236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://104.236.234.236/input.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Jun 2018 16:33:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Dec 2016 16:57:40 GMT
Server
Apache/2.2.22 (Ubuntu)
ETag
"ff736-51ed-544a6c0096498"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
6075
paypal-donate.jpg
104.236.234.236/docs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://104.236.234.236/docs/paypal-donate.jpg
Requested by
Host: 104.236.234.236
URL: http://104.236.234.236/input.php
Protocol
HTTP/1.1
Server
104.236.234.236 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.2.22 (Ubuntu) /
Resource Hash
eacb4aa008ef11ae26912d54e93c0dc569775ea512fddcd39f6023b5a5c03953

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
104.236.234.236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://104.236.234.236/input.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Jun 2018 16:33:05 GMT
Last-Modified
Tue, 27 Dec 2016 16:57:40 GMT
Server
Apache/2.2.22 (Ubuntu)
ETag
"ff5f8-bc3-544a6c008b8b8"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3011
pixel.gif
www.paypalobjects.com/en_US/i/scr/ 		43 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paypalobjects.com/en_US/i/scr/pixel.gif
Requested by
Host: 104.236.234.236
URL: http://104.236.234.236/input.php
Protocol
SPDY
Server
2.18.233.20 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-233-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Jun 2018 16:38:42 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 May 2018 20:41:53 GMT
server
Apache
strict-transport-security
max-age=31536000
p3p
CP="NON DSP ADM DEV PSD OUR IND STP PHY PRE NAV UNI"
status
200
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Thu, 28 Jun 2018 16:38:42 GMT
icon_logout.gif
www.cfiresim.com/phpbb/styles/prosilver/theme/images/ 		0
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.cfiresim.com/phpbb/styles/prosilver/theme/images/icon_logout.gif
Requested by
Host: 104.236.234.236
URL: http://104.236.234.236/input.php
Protocol
HTTP/1.1
Server
104.131.112.188 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type
text/html; charset=iso-8859-1
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 104.236.234.236
URL: http://104.236.234.236/input.php
Protocol
HTTP/1.1
Server
2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
b45175d54c72b32c4482ffeab91ab8699bb303259e87a004e29dc2345a828aac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Thu, 28 Jun 2018 16:38:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
14065502725404787615
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
27312
X-XSS-Protection
1; mode=block
Expires
Thu, 28 Jun 2018 16:38:42 GMT
getSavedSims.php
104.236.234.236/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://104.236.234.236/getSavedSims.php?id=
Requested by
Host: 104.236.234.236
URL: http://104.236.234.236/js/userFunctions.js
Protocol
HTTP/1.0
Server
104.236.234.236 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache/2.2.22 (Ubuntu) / PHP/5.3.10-1ubuntu3.25
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
104.236.234.236
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://104.236.234.236/input.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 28 Jun 2018 16:33:05 GMT
Content-Encoding
gzip
Server
Apache/2.2.22 (Ubuntu)
X-Powered-By
PHP/5.3.10-1ubuntu3.25
Vary
Accept-Encoding
Content-Type
text/html
Connection
close
Content-Length
20
integrator.js
adservice.google.de/adsid/ 		109 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=104.236.234.236
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jun 2018 16:38:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
172 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=104.236.234.236
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 28 Jun 2018 16:38:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
104
x-xss-protection
1; mode=block
ca-pub-5980092593965662.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		133 B
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-5980092593965662.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 28 Jun 2018 06:46:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Jun 2018 23:09:10 GMT
server
sffe
age
35505
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
125
x-xss-protection
1; mode=block
expires
Thu, 28 Jun 2018 18:46:57 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180620/r20180604/ Frame DF6B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20180620/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20180620/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://104.236.234.236/input.php
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
374FBDA1C8B4CEE0DDD4305B24099011
Referer
http://104.236.234.236/input.php

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Wed, 20 Jun 2018 14:17:13 GMT
expires
Wed, 04 Jul 2018 14:17:13 GMT
content-type
text/html; charset=UTF-8
etag
4726315756816018096
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6958
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
699689
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/ Frame 1B6C 		184 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
a6e221c40e1ab532f8b78a1953b583944fad2be424cee707d783a7b94e797c64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Thu, 28 Jun 2018 16:38:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
17642596927668924911
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
70330
X-XSS-Protection
1; mode=block
Expires
Thu, 28 Jun 2018 16:38:42 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1C56 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5980092593965662&output=html&h=90&slotname=7690742991&adk=2691980066&adf=1594227400&w=728&lmt=1530203922&guci=1.2.0.0.2.2.0&format=728x90&url=http%3A%2F%2F104.236.234.236%2Finput.php&flash=0&wgl=1&dt=1530203922543&bpp=12&bdt=306&fdt=15&idt=56&shv=r20180620&cbv=r20180604&saldr=aa&abxe=1&correlator=5027484912808&frm=20&pv=2&ga_vid=1572132588.1530203923&ga_sid=1530203923&ga_hid=468539388&ga_fc=0&iag=0&icsg=692218&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=158&ady=339&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=10573695%2C21061122%2C368226400%2C370204029&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&fsb=1&xpc=0HdftGAMPL&p=http%3A//104.236.234.236&dtd=76
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5980092593965662&output=html&h=90&slotname=7690742991&adk=2691980066&adf=1594227400&w=728&lmt=1530203922&guci=1.2.0.0.2.2.0&format=728x90&url=http%3A%2F%2F104.236.234.236%2Finput.php&flash=0&wgl=1&dt=1530203922543&bpp=12&bdt=306&fdt=15&idt=56&shv=r20180620&cbv=r20180604&saldr=aa&abxe=1&correlator=5027484912808&frm=20&pv=2&ga_vid=1572132588.1530203923&ga_sid=1530203923&ga_hid=468539388&ga_fc=0&iag=0&icsg=692218&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=158&ady=339&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=10573695%2C21061122%2C368226400%2C370204029&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&fsb=1&xpc=0HdftGAMPL&p=http%3A//104.236.234.236&dtd=76
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://104.236.234.236/input.php
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
374FBDA1C8B4CEE0DDD4305B24099011
Referer
http://104.236.234.236/input.php

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 28 Jun 2018 16:38:42 GMT
server
cafe
cache-control
private
content-length
385
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Thu, 28-Jun-2018 16:53:42 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
expires
Thu, 28 Jun 2018 16:38:42 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/show_ads_impl.js
Protocol
SPDY
Server
2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
23a5d8589ec38afde5e9c32aee58e7077dc85865a5fb26140e53cde6197fa12f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://104.236.234.236/input.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Jun 2018 14:01:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
700656
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
26541
x-xss-protection
1; mode=block
server
cafe
etag
14699803715169814696
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jul 2018 14:01:06 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/ Frame 8BB1 		184 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
a6e221c40e1ab532f8b78a1953b583944fad2be424cee707d783a7b94e797c64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

Date
Thu, 28 Jun 2018 16:38:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
17642596927668924911
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
70330
X-XSS-Protection
1; mode=block
Expires
Thu, 28 Jun 2018 16:38:42 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 796A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5980092593965662&output=html&h=600&slotname=3595070993&adk=4170567022&adf=3394638364&w=300&lmt=1530203922&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2F104.236.234.236%2Finput.php&flash=0&wgl=1&dt=1530203922558&bpp=5&bdt=321&fdt=74&idt=77&shv=r20180620&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5027484912808&frm=20&pv=1&ga_vid=1572132588.1530203923&ga_sid=1530203923&ga_hid=468539388&ga_fc=0&iag=0&icsg=2789370&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1201&ady=915&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=10573695%2C21061122%2C368226400%2C370204029&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=2&fsb=1&xpc=tOH6lJmpu9&p=http%3A//104.236.234.236&dtd=83
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20180620/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5980092593965662&output=html&h=600&slotname=3595070993&adk=4170567022&adf=3394638364&w=300&lmt=1530203922&guci=1.2.0.0.2.2.0&format=300x600&url=http%3A%2F%2F104.236.234.236%2Finput.php&flash=0&wgl=1&dt=1530203922558&bpp=5&bdt=321&fdt=74&idt=77&shv=r20180620&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=728x90&correlator=5027484912808&frm=20&pv=1&ga_vid=1572132588.1530203923&ga_sid=1530203923&ga_hid=468539388&ga_fc=0&iag=0&icsg=2789370&dssz=16&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1201&ady=915&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=10573695%2C21061122%2C368226400%2C370204029&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&ifi=2&fsb=1&xpc=tOH6lJmpu9&p=http%3A//104.236.234.236&dtd=83
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://104.236.234.236/input.php
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
374FBDA1C8B4CEE0DDD4305B24099011
Referer
http://104.236.234.236/input.php

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 28 Jun 2018 16:38:42 GMT
server
cafe
cache-control
private
content-length
382
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Thu, 28-Jun-2018 16:53:42 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35"
expires
Thu, 28 Jun 2018 16:38:42 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| addInput function| addInputThree function| addInputFour function| showSimName function| saveAsNewName function| getSavedSims function| deleteSim function| deleteSimConfirm function| cancelAction function| saveSim function| testSaveSim object| jQuery110205684999620640183 object| adsbygoogle string| username object| xmlhttp object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken function| google_spfd number| google_unique_id object| google_sv_map object| google_t12n_vars object| google_jobrunner object| google_iframe_oncopy object| google_persistent_state_async object| google_reactive_ads_global_state object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
code.jquery.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.cfiresim.com
www.paypalobjects.com
104.131.112.188
104.236.234.236
2.18.233.20
205.185.208.52
2a00:1450:4001:817::2002
2a00:1450:4001:819::2002
2a00:1450:4001:81e::2002
03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0fd7df9f559c453aa342dd41333a0ae900fa526835b5caa4eb5e53ea276019a4
23a5d8589ec38afde5e9c32aee58e7077dc85865a5fb26140e53cde6197fa12f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
54839c12de05dd3cb4fb85cd5b6b13501a3d45a0a25d8d01e961dfd565de9e05
5879c2db504f506e9221ab718c17b6fc3cfc7135577702df04479c0dbb2182aa
70a64710c3925ec1156390d7925aaba48c3d3b67ad4f01373b2fdb0178238bf2
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
8a86b8b4534c51b5970d803dcc18a494c86da2ce13df90dc193e790cbef7f396
97b66be7d96b63e66d883c7804f667f0ca57da49b538c0185223dbfd58f352b3
a6e221c40e1ab532f8b78a1953b583944fad2be424cee707d783a7b94e797c64
b45175d54c72b32c4482ffeab91ab8699bb303259e87a004e29dc2345a828aac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
eacb4aa008ef11ae26912d54e93c0dc569775ea512fddcd39f6023b5a5c03953