urlscan.io logo urlscan.io
SecurityTrails logo

ada.giffordmonument.com Open in urlscan Pro
50.87.147.93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://trackmyelta.com/
Effective URL: https://ada.giffordmonument.com/.elta//login/login.php
Submission: On July 21 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 26 HTTP transactions. The main IP is 50.87.147.93, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is ada.giffordmonument.com.
TLS certificate: Issued by R3 on July 11th 2022. Valid for: 3 months.
This is the only time ada.giffordmonument.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 217.160.71.61 8560 (IONOS-AS ...)
1 17 50.87.147.93 46606 (UNIFIEDLA...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... ()
26 6
1    217.160.71.61 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
trackmyelta.com
17    50.87.147.93 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 50-87-147-93.unifiedlayer.com
ada.giffordmonument.com
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700:3030::6815:ba0 (None, )

ASN- ()
files.killbot.org
killbot.org
Apex Domain
Subdomains		 Transfer
17 giffordmonument.com
ada.giffordmonument.com
227 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
328 KB
2 killbot.org
files.killbot.org
killbot.org
3 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 10
2 KB
1 trackmyelta.com
trackmyelta.com
143 B
26 5
Domain Requested by
17 ada.giffordmonument.com 1 redirects ada.giffordmonument.com
4 www.gstatic.com ada.giffordmonument.com
www.google.com
www.gstatic.com
1 killbot.org files.killbot.org
1 files.killbot.org ada.giffordmonument.com
1 fonts.gstatic.com www.google.com
1 www.google.com www.gstatic.com
1 trackmyelta.com 1 redirects
26 7

This site contains no links.

Subject Issuer Validity Valid
*.giffordmonument.com
R3		 2022-07-11 -
2022-10-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-29 -
2023-06-28		 a year crt.sh

This page contains 2 frames:

Primary Page: https://ada.giffordmonument.com/.elta//login/login.php
Frame ID: FCD2B3EA5E61011F35430B81E06844A3
Requests: 21 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LctgF0gAAAAAIB320Ed5C5X_fyS5WZzHqTfji1C&co=aHR0cHM6Ly9hZGEuZ2lmZm9yZG1vbnVtZW50LmNvbTo0NDM.&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7k3rrjk5f10i
Frame ID: 69CCF249605249E7B4C80DF52CAFD012
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://trackmyelta.com/ HTTP 302
    https://ada.giffordmonument.com/.elta// HTTP 302
    https://ada.giffordmonument.com/.elta//login/loading.php Page URL
  2. https://ada.giffordmonument.com/.elta//login/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

26
Requests

92 %
HTTPS

67 %
IPv6

5
Domains

7
Subdomains

6
IPs

2
Countries

560 kB
Transfer

1356 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trackmyelta.com/ HTTP 302
    https://ada.giffordmonument.com/.elta// HTTP 302
    https://ada.giffordmonument.com/.elta//login/loading.php Page URL
  2. https://ada.giffordmonument.com/.elta//login/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://trackmyelta.com/ HTTP 302
  • https://ada.giffordmonument.com/.elta// HTTP 302
  • https://ada.giffordmonument.com/.elta//login/loading.php

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
loading.php
ada.giffordmonument.com/.elta//login/
Redirect Chain
  • https://trackmyelta.com/
  • https://ada.giffordmonument.com/.elta//
  • https://ada.giffordmonument.com/.elta//login/loading.php
2 KB
848 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ada.giffordmonument.com/.elta//login/loading.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.147.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-147-93.unifiedlayer.com
Software
Apache /
Resource Hash
bade4066c37a996c8b1cbf5570c59b66bd33c7eab0fed60a9992fe07b4360637

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
818
content-type
text/html; charset=UTF-8
date
Thu, 21 Jul 2022 16:04:58 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

content-encoding
gzip
content-length
213
content-type
text/html; charset=UTF-8
date
Thu, 21 Jul 2022 16:04:58 GMT
location
login/loading.php
server
Apache
vary
Accept-Encoding
loading.css
ada.giffordmonument.com/.elta//login/oo_files/ 		198 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ada.giffordmonument.com/.elta//login/oo_files/loading.css
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/loading.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.147.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-147-93.unifiedlayer.com
Software
Apache /
Resource Hash
eee0de974dc453065f99ef24913aad33ed87c19841d8b1269786e27378fcb53b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ada.giffordmonument.com/.elta//login/loading.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:04:58 GMT
content-encoding
gzip
last-modified
Thu, 23 Jun 2022 09:28:40 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
api.js.download
ada.giffordmonument.com/.elta//login/oo_files/ 		850 B
629 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ada.giffordmonument.com/.elta//login/oo_files/api.js.download
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/loading.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.147.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-147-93.unifiedlayer.com
Software
Apache /
Resource Hash
e88460bf337dd1eed5cc800eeb07f9f03daac865bb4d2a8ea81ec9dc1da44792

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ada.giffordmonument.com/.elta//login/loading.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:04:58 GMT
content-encoding
gzip
last-modified
Thu, 23 Jun 2022 09:28:46 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
552
eltal.png
ada.giffordmonument.com/.elta//login/oo_files/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ada.giffordmonument.com/.elta//login/oo_files/eltal.png
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/loading.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.147.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-147-93.unifiedlayer.com
Software
Apache /
Resource Hash
d983bcd242c828b26a1822e76ae1372477e5fee6b1f98595ed09ac3228fa6414

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ada.giffordmonument.com/.elta//login/loading.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:04:58 GMT
last-modified
Thu, 23 Jun 2022 09:28:46 GMT
server
Apache
accept-ranges
bytes
content-length
61207
content-type
image/png
recaptcha__en.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 		362 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/oo_files/api.js.download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7394cc0158bd83bdfd6c63cebb7fb96a873394f273c873f3cdbddf1f2a43e436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ada.giffordmonument.com/
Origin
https://ada.giffordmonument.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 13:42:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146545
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 13:42:59 GMT
PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2
ada.giffordmonument.com/.elta//login/oo_files/images/ 		2 B
51 B 		Font
General
Check archive.org
Download Go to
Full URL
https://ada.giffordmonument.com/.elta//login/oo_files/images/PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/oo_files/loading.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.147.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-147-93.unifiedlayer.com
Software
Apache /
Resource Hash
34a6225b83a638ed08f01ecdbf30cf0be3478ffdd36be92295fee92c5585d57c

Request headers

Referer
https://ada.giffordmonument.com/.elta//login/oo_files/loading.css
Origin
https://ada.giffordmonument.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:04:58 GMT
content-encoding
gzip
server
Apache
content-length
22
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
anchor
www.google.com/recaptcha/api2/ Frame 69CC 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LctgF0gAAAAAIB320Ed5C5X_fyS5WZzHqTfji1C&co=aHR0cHM6Ly9hZGEuZ2lmZm9yZG1vbnVtZW50LmNvbTo0NDM.&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7k3rrjk5f10i
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
978deb263efa0c607bc64c2ddb48490e9c07d08e11c40b05ab4cf2f70e7f5797
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-01XkoycyZl5cy-JaIAgvHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ada.giffordmonument.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
1050
content-security-policy
script-src 'report-sample' 'nonce-01XkoycyZl5cy-JaIAgvHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 16:04:58 GMT
expires
Thu, 21 Jul 2022 16:04:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 69CC 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LctgF0gAAAAAIB320Ed5C5X_fyS5WZzHqTfji1C&co=aHR0cHM6Ly9hZGEuZ2lmZm9yZG1vbnVtZW50LmNvbTo0NDM.&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7k3rrjk5f10i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 16:01:30 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 69CC 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LctgF0gAAAAAIB320Ed5C5X_fyS5WZzHqTfji1C&co=aHR0cHM6Ly9hZGEuZ2lmZm9yZG1vbnVtZW50LmNvbTo0NDM.&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7k3rrjk5f10i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7394cc0158bd83bdfd6c63cebb7fb96a873394f273c873f3cdbddf1f2a43e436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 13:42:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146545
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 21 Jul 2023 13:42:59 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 69CC 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 18:59:48 GMT
x-content-type-options
nosniff
age
162311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 26 Jul 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 69CC 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LctgF0gAAAAAIB320Ed5C5X_fyS5WZzHqTfji1C&co=aHR0cHM6Ly9hZGEuZ2lmZm9yZG1vbnVtZW50LmNvbTo0NDM.&hl=en&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=7k3rrjk5f10i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 17:06:41 GMT
x-content-type-options
nosniff
age
169098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Jul 2023 17:06:41 GMT
PFDinDisplayPro-Regular.21be48ba435316c8a4cd39438cd89083.woff
ada.giffordmonument.com/.elta//login/oo_files/images/ 		2 B
74 B 		Font
General
Check archive.org
Download Go to
Full URL
https://ada.giffordmonument.com/.elta//login/oo_files/images/PFDinDisplayPro-Regular.21be48ba435316c8a4cd39438cd89083.woff
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/oo_files/loading.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.147.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-147-93.unifiedlayer.com
Software
Apache /
Resource Hash
34a6225b83a638ed08f01ecdbf30cf0be3478ffdd36be92295fee92c5585d57c

Request headers

Referer
https://ada.giffordmonument.com/.elta//login/oo_files/loading.css
Origin
https://ada.giffordmonument.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:04:59 GMT
content-encoding
gzip
server
Apache
content-length
22
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
Primary Request login.php
ada.giffordmonument.com/.elta//login/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ada.giffordmonument.com/.elta//login/login.php
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/loading.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.147.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-147-93.unifiedlayer.com
Software
Apache /
Resource Hash
1d9ea2e797426f03e507c84f0e8260069bbc1f054b02188ca9c5417fbd2fa2bc

Request headers

Referer
https://ada.giffordmonument.com/.elta//login/loading.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-length
3037
content-type
text/html; charset=UTF-8
date
Thu, 21 Jul 2022 16:05:01 GMT
server
Apache
vary
Accept-Encoding
killbot-security.js
files.killbot.org/.cdn-cgi/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://files.killbot.org/.cdn-cgi/killbot-security.js
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:ba0 -, , ASN (),
Reverse DNS
Software
cloudflare / Killbot, Inc.
Resource Hash
13f7de72970d9a3b94fcc44a294dc8159489be5195d477a95fa85a026b38242c
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ada.giffordmonument.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
485304
x-powered-by
Killbot, Inc.
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-xss-protection
1; mode=block
last-modified
Sat, 07 Aug 2021 14:01:31 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"610e923b-960"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubdomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2SxBXOnCcnateqbnJbmA322ozhtv1C6GuFPrwGnhXxS9oNxC2tDT%2BptUpdxRRWM5Frbl8mnVa8antNnk7h1b7lbxu8wGaGwO45GGRgiXhnwElOw%2B3AjNy8Gs%2FvdAk3bQEtijA5AMjIkMEaUSmLXsFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
cf-ray
72e52d02c8ec9ba0-FRA
cf-bgj
minify
bootstrap.min.css
ada.giffordmonument.com/.elta//login/style_files/ 		141 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ada.giffordmonument.com/.elta//login/style_files/bootstrap.min.css
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.147.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-147-93.unifiedlayer.com
Software
Apache /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ada.giffordmonument.com/.elta//login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:05:02 GMT
content-encoding
gzip
last-modified
Thu, 23 Jun 2022 08:56:20 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
elta.css
ada.giffordmonument.com/.elta//login/style_files/ 		74 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ada.giffordmonument.com/.elta//login/style_files/elta.css
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.147.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-147-93.unifiedlayer.com
Software
Apache /
Resource Hash
cfab0b5276224f067296f6cf7643514afcee77f051ade7fe9995bbf3e217caa9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ada.giffordmonument.com/.elta//login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:05:02 GMT
content-encoding
gzip
last-modified
Thu, 23 Jun 2022 08:56:20 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
13126
elta.jpg
ada.giffordmonument.com/.elta//login/style_files/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ada.giffordmonument.com/.elta//login/style_files/elta.jpg
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.147.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-147-93.unifiedlayer.com
Software
Apache /
Resource Hash
379efe8474dddf660d8b6b336a3f30c21743845fb6064b8e36f9c954fedd200b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ada.giffordmonument.com/.elta//login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:05:02 GMT
last-modified
Thu, 23 Jun 2022 08:56:20 GMT
server
Apache
accept-ranges
bytes
content-length
29543
content-type
image/jpeg
Blue_r2_c10.jpg
ada.giffordmonument.com/.elta//login/style_files/ 		591 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ada.giffordmonument.com/.elta//login/style_files/Blue_r2_c10.jpg
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.147.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-147-93.unifiedlayer.com
Software
Apache /
Resource Hash
98e1788388f511ddf723e903f44fd21845bfd45b45a6136f508253fbac1d0280

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ada.giffordmonument.com/.elta//login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:05:02 GMT
last-modified
Thu, 23 Jun 2022 08:56:20 GMT
server
Apache
accept-ranges
bytes
content-length
591
content-type
image/jpeg
Blue_r2_c12.jpg
ada.giffordmonument.com/.elta//login/style_files/ 		553 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ada.giffordmonument.com/.elta//login/style_files/Blue_r2_c12.jpg
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.147.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-147-93.unifiedlayer.com
Software
Apache /
Resource Hash
8f495564720fb31fd18d0d49fad089e9effaf393fea8066fa8f9a04d9c12ea38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ada.giffordmonument.com/.elta//login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:05:02 GMT
last-modified
Thu, 23 Jun 2022 08:56:20 GMT
server
Apache
accept-ranges
bytes
content-length
553
content-type
image/jpeg
package.png
ada.giffordmonument.com/.elta//login/style_files/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ada.giffordmonument.com/.elta//login/style_files/package.png
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.147.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-147-93.unifiedlayer.com
Software
Apache /
Resource Hash
1dc0a5a441073d1d2adb9ee32b8a06a0efbd57c95da0ece8683a05b19745fe84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ada.giffordmonument.com/.elta//login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:05:02 GMT
last-modified
Thu, 23 Jun 2022 08:56:20 GMT
server
Apache
accept-ranges
bytes
content-length
32914
content-type
image/png
visa.svg
ada.giffordmonument.com/.elta//login/style_files/ 		692 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ada.giffordmonument.com/.elta//login/style_files/visa.svg
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.147.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-147-93.unifiedlayer.com
Software
Apache /
Resource Hash
a0d892821711c45d1968df65bbf182805614c4a5aa3b69c8e155fe98e3dfce61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ada.giffordmonument.com/.elta//login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:05:02 GMT
last-modified
Thu, 23 Jun 2022 08:56:20 GMT
server
Apache
accept-ranges
bytes
content-length
692
content-type
image/svg+xml
amex.svg
ada.giffordmonument.com/.elta//login/style_files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ada.giffordmonument.com/.elta//login/style_files/amex.svg
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.147.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-147-93.unifiedlayer.com
Software
Apache /
Resource Hash
c468397926a8ca8f8636e7247eb896d684f02d928bbd4a098dd68099269d6731

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ada.giffordmonument.com/.elta//login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:05:02 GMT
last-modified
Thu, 23 Jun 2022 08:56:20 GMT
server
Apache
accept-ranges
bytes
content-length
2040
content-type
image/svg+xml
mastercard.svg
ada.giffordmonument.com/.elta//login/style_files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ada.giffordmonument.com/.elta//login/style_files/mastercard.svg
Requested by
Host: ada.giffordmonument.com
URL: https://ada.giffordmonument.com/.elta//login/login.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
50.87.147.93 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
50-87-147-93.unifiedlayer.com
Software
Apache /
Resource Hash
5673f885b98cf21e505d9005ba1c9ad0eb65c8ce99a08dba8940c53a009f4c43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ada.giffordmonument.com/.elta//login/login.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:05:02 GMT
last-modified
Thu, 23 Jun 2022 08:56:20 GMT
server
Apache
accept-ranges
bytes
content-length
1808
content-type
image/svg+xml
whois
killbot.org/api/v2/ 		288 B
1017 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://killbot.org/api/v2/whois?apikey=NLtxriIAlOdmqDYn2rpMhu6-fqERboZba0p7smS62Nr1u
Requested by
Host: files.killbot.org
URL: https://files.killbot.org/.cdn-cgi/killbot-security.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:ba0 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7606cfa637469c27514aa1a2a49e525cea40ce4a9480885bb48aebdc1c2c7bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ada.giffordmonument.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 16:05:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SggRy3OquHVpJFwO%2F9CFVNHAq%2BawAhrJFUPvXivQ2GNzZmBMSD824AXlXpqxUCl%2FcDpJKYimfE3eOmOL%2Fv%2FGimzYQvtL6S7GkYaxMPwxMqSrdmdcb8AWJcDalTP3PG6XUC0upnhmep%2F72g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
72e52d032f589bd7-FRA
bug-bounty
Report to live chat :)
expires
Thu, 19 Nov 1981 08:52:00 GMT
whois
killbot.org/api/v2/ 		0
0
blocker
killbot.org/api/v2/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
killbot.org
URL
https://killbot.org/api/v2/whois?apikey=NLtxriIAlOdmqDYn2rpMhu6-fqERboZba0p7smS62Nr1u
Domain
killbot.org
URL
https://killbot.org/api/v2/blocker?apikey=NLtxriIAlOdmqDYn2rpMhu6-fqERboZba0p7smS62Nr1u&ip=2a02:6ea0:c71b:0:1012:a8a9:6fba:95c1&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/103.0.5060.134%20Safari/537.36&url=

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

0 Cookies

4 Console Messages

Source Level URL
Text
other warning URL: https://ada.giffordmonument.com/.elta//login/loading.php
Message:
Failed to decode downloaded font: https://ada.giffordmonument.com/.elta//login/oo_files/images/PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2
other warning URL: https://ada.giffordmonument.com/.elta//login/loading.php
Message:
OTS parsing error: file less than 4 bytes
other warning URL: https://ada.giffordmonument.com/.elta//login/loading.php
Message:
Failed to decode downloaded font: https://ada.giffordmonument.com/.elta//login/oo_files/images/PFDinDisplayPro-Regular.21be48ba435316c8a4cd39438cd89083.woff
other warning URL: https://ada.giffordmonument.com/.elta//login/loading.php
Message:
OTS parsing error: file less than 4 bytes

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ada.giffordmonument.com
files.killbot.org
fonts.gstatic.com
killbot.org
trackmyelta.com
www.google.com
www.gstatic.com
killbot.org
217.160.71.61
2606:4700:3030::6815:ba0
2a00:1450:4001:80f::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2003
50.87.147.93
13f7de72970d9a3b94fcc44a294dc8159489be5195d477a95fa85a026b38242c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d9ea2e797426f03e507c84f0e8260069bbc1f054b02188ca9c5417fbd2fa2bc
1dc0a5a441073d1d2adb9ee32b8a06a0efbd57c95da0ece8683a05b19745fe84
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
34a6225b83a638ed08f01ecdbf30cf0be3478ffdd36be92295fee92c5585d57c
379efe8474dddf660d8b6b336a3f30c21743845fb6064b8e36f9c954fedd200b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
5673f885b98cf21e505d9005ba1c9ad0eb65c8ce99a08dba8940c53a009f4c43
7394cc0158bd83bdfd6c63cebb7fb96a873394f273c873f3cdbddf1f2a43e436
7606cfa637469c27514aa1a2a49e525cea40ce4a9480885bb48aebdc1c2c7bc4
8f495564720fb31fd18d0d49fad089e9effaf393fea8066fa8f9a04d9c12ea38
978deb263efa0c607bc64c2ddb48490e9c07d08e11c40b05ab4cf2f70e7f5797
98e1788388f511ddf723e903f44fd21845bfd45b45a6136f508253fbac1d0280
a0d892821711c45d1968df65bbf182805614c4a5aa3b69c8e155fe98e3dfce61
bade4066c37a996c8b1cbf5570c59b66bd33c7eab0fed60a9992fe07b4360637
c468397926a8ca8f8636e7247eb896d684f02d928bbd4a098dd68099269d6731
cfab0b5276224f067296f6cf7643514afcee77f051ade7fe9995bbf3e217caa9
d983bcd242c828b26a1822e76ae1372477e5fee6b1f98595ed09ac3228fa6414
e88460bf337dd1eed5cc800eeb07f9f03daac865bb4d2a8ea81ec9dc1da44792
eee0de974dc453065f99ef24913aad33ed87c19841d8b1269786e27378fcb53b
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48