wg1308252.virtualuser.de Open in urlscan Pro
46.20.34.168  Malicious Activity! Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://ip6.si/ Page URL
2. http://wg1308252.virtualuser.de/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set / Show response ip6.si/	8 KB 3 KB	87ms 81ms	Document text/html	2606:4700:30::681b:9574 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://ip6.si/ Protocol HTTP/1.1 Server 2606:4700:30::681b:9574 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 2ddb7a10120e6cf6838cfef37adbb7ee18b81083500ca715e30f890636627e64 Request headers Host ip6.si Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:21 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d237b05e265f135f1aa8272763c73104e1550001981; expires=Wed, 12-Feb-20 20:06:21 GMT; path=/; domain=.ip6.si; HttpOnly SESSION=8227891b; expires=Tue, 12-Feb-2019 21:06:15 GMT; Max-Age=3600 X-Powered-By X-ASPNET-VERSION Server cloudflare CF-RAY 4a81ace077dcc28d-FRA Content-Encoding gzip
GET H/1.1	200 OK	jquery-1.10.2.min.js Show response code.jquery.com/	91 KB 38 KB	896ms 860ms	Script application/javascript	205.185.208.52 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL http://code.jquery.com/jquery-1.10.2.min.js Requested by Host: ip6.si URL: http://ip6.si/ Protocol HTTP/1.1 Server 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip052.ssl.hwcdn.net Software nginx / Resource Hash 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Request headers Referer http://ip6.si/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:21 GMT Content-Encoding gzip Last-Modified Fri, 24 Oct 2014 00:16:07 GMT Server nginx ETag W/"54499a47-16bb3" Vary Accept-Encoding X-HW 1550001981.dop008.pa1.t,1550001981.cds029.pa1.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000 Connection Keep-Alive Accept-Ranges bytes Content-Length 38145
GET H/1.1	200 OK	jquery-ui.min.js Show response code.jquery.com/ui/1.10.4/	223 KB 60 KB	86ms 27ms	Script application/javascript	205.185.208.52 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL http://code.jquery.com/ui/1.10.4/jquery-ui.min.js Requested by Host: ip6.si URL: http://ip6.si/ Protocol HTTP/1.1 Server 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip052.ssl.hwcdn.net Software nginx / Resource Hash a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce Request headers Referer http://ip6.si/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:21 GMT Content-Encoding gzip Last-Modified Fri, 24 Oct 2014 00:16:08 GMT Server nginx ETag W/"54499a48-37cbb" Vary Accept-Encoding X-HW 1550001981.dop008.pa1.t,1550001981.cds009.pa1.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 61269
GET H/1.1	200 OK	jquery-ui.min.css code.jquery.com/ui/1.10.4/themes/redmond/	27 KB 6 KB	58ms 26ms	Stylesheet text/css	205.185.208.52 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL http://code.jquery.com/ui/1.10.4/themes/redmond/jquery-ui.min.css Requested by Host: ip6.si URL: http://ip6.si/ Protocol HTTP/1.1 Server 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip052.ssl.hwcdn.net Software nginx / Resource Hash ddc940750da907becde977e7932a30d68cce47c8648e57b81532d2ba8f1ca346 Request headers Referer http://ip6.si/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:21 GMT Content-Encoding gzip Last-Modified Fri, 24 Oct 2014 00:16:08 GMT Server nginx ETag W/"54499a48-6a42" Vary Accept-Encoding X-HW 1550001981.dop008.pa1.t,1550001981.cds009.pa1.c Content-Type text/css Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 5418
GET H/1.1	200 OK	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	79 KB 30 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:820::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: ip6.si URL: http://ip6.si/ Protocol HTTP/1.1 Server 2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 528a895d8e12415bdb9a5adc043a7acfa1fb9a76022cc445a4c32702473e41d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://ip6.si/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:21 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Type text/javascript; charset=UTF-8 Server cafe ETag 14471497992939361820 Vary Accept-Encoding P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control private, max-age=3600 Content-Disposition attachment; filename="f.txt" Timing-Allow-Origin * Content-Length 30126 X-XSS-Protection 1; mode=block Expires Tue, 12 Feb 2019 20:06:21 GMT
GET H/1.1	200 OK	ip6.gif ip6.si/images/	16 KB 16 KB	9ms 9ms	Image image/gif	2606:4700:30::681b:9574 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://ip6.si/images/ip6.gif Requested by Host: ip6.si URL: http://ip6.si/ Protocol HTTP/1.1 Server 2606:4700:30::681b:9574 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 43f7069e4439fe03b9342b17d31a8a61fa4022af11f9dee8194261f65ab0876d Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ip6.si User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://ip6.si/ Cookie __cfduid=d237b05e265f135f1aa8272763c73104e1550001981; SESSION=8227891b Connection keep-alive Cache-Control no-cache Referer http://ip6.si/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:21 GMT CF-Cache-Status HIT Last-Modified Fri, 27 Jan 2017 17:29:33 GMT Server cloudflare X-ASPNET-VERSION X-Powered-By ETag "c159eecc278d21:0" Vary Accept-Encoding Content-Type image/gif Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 4a81ace120e2c28d-FRA Content-Length 16323 Expires Wed, 13 Feb 2019 00:06:21 GMT
GET H/1.1	200 OK	Cookie set short_url.php ip6.si/	37 B 400 B	82ms 81ms	XHR text/html	2606:4700:30::681b:9574 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://ip6.si/short_url.php?hash=NhxbLa&json=1 Requested by Host: code.jquery.com URL: http://code.jquery.com/jquery-1.10.2.min.js Protocol HTTP/1.1 Server 2606:4700:30::681b:9574 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ip6.si User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept application/json, text/javascript, */*; q=0.01 Referer http://ip6.si/ X-Requested-With XMLHttpRequest Connection keep-alive Cache-Control no-cache Accept application/json, text/javascript, */*; q=0.01 Referer http://ip6.si/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:22 GMT Server cloudflare X-ASPNET-VERSION X-Powered-By Content-Type text/html; charset=UTF-8 Set-Cookie __cfduid=d8c265c141f554ddcb42af148b880b45f1550001982; expires=Wed, 12-Feb-20 20:06:22 GMT; path=/; domain=.ip6.si; HttpOnly Connection keep-alive CF-RAY 4a81ace7f414c28d-FRA Content-Length 37
GET H2	200	analytics.js Show response www.google-analytics.com/	43 KB 17 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:81e::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: ip6.si URL: http://ip6.si/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://ip6.si/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 16 Jan 2019 20:01:45 GMT server Golfe2 age 1035 date Tue, 12 Feb 2019 19:49:07 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39" content-length 17543 expires Tue, 12 Feb 2019 21:49:07 GMT
GET H/1.1	200 OK	Cookie set bg.jpg ip6.si/images/	69 KB 69 KB	32ms 25ms	Image image/jpeg	2606:4700:30::681b:9474 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://ip6.si/images/bg.jpg Requested by Host: code.jquery.com URL: http://code.jquery.com/jquery-1.10.2.min.js Protocol HTTP/1.1 Server 2606:4700:30::681b:9474 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ip6.si User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://ip6.si/ Connection keep-alive Cache-Control no-cache Referer http://ip6.si/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:22 GMT CF-Cache-Status HIT X-ASPNET-VERSION X-Powered-By Connection keep-alive Content-Length 70254 Last-Modified Fri, 27 Jan 2017 17:53:52 GMT Server cloudflare ETag "413a6e52c678d21:0" Vary Accept-Encoding Content-Type image/jpeg Cache-Control public, max-age=14400 Set-Cookie __cfduid=d186302b3512229da10ec401d714ef2361550001982; expires=Wed, 12-Feb-20 20:06:22 GMT; path=/; domain=.ip6.si; HttpOnly Accept-Ranges bytes CF-RAY 4a81ace80206c2d3-FRA Expires Wed, 13 Feb 2019 00:06:22 GMT
GET H/1.1	200 OK	Cookie set footer.png ip6.si/images/	26 KB 27 KB	40ms 32ms	Image image/png	2606:4700:30::681b:9574 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://ip6.si/images/footer.png Requested by Host: code.jquery.com URL: http://code.jquery.com/jquery-1.10.2.min.js Protocol HTTP/1.1 Server 2606:4700:30::681b:9574 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 8ecb0c2532918a5d766040a25fb50db80a31525949aa22f3da19d9235144a8cb Request headers Pragma no-cache Accept-Encoding gzip, deflate Host ip6.si User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://ip6.si/ Connection keep-alive Cache-Control no-cache Referer http://ip6.si/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:22 GMT CF-Cache-Status HIT X-ASPNET-VERSION X-Powered-By Connection keep-alive Content-Length 26797 Last-Modified Fri, 27 Jan 2017 17:29:33 GMT Server cloudflare ETag "de137fecc278d21:0" Vary Accept-Encoding Content-Type image/png Cache-Control public, max-age=14400 Set-Cookie __cfduid=d6c8c9bf0c5b37564e57e4dc80db41d271550001982; expires=Wed, 12-Feb-20 20:06:22 GMT; path=/; domain=.ip6.si; HttpOnly Accept-Ranges bytes CF-RAY 4a81ace80a29c2b0-FRA Expires Wed, 13 Feb 2019 00:06:22 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	109 B 171 B	17ms 17ms	Script application/javascript	2a00:1450:4001:821::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=ip6.si Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://ip6.si/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 12 Feb 2019 20:06:22 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39" content-length 104 x-xss-protection 1; mode=block
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 171 B	21ms 15ms	Script application/javascript	2a00:1450:4001:809::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=ip6.si Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://ip6.si/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 12 Feb 2019 20:06:22 GMT content-encoding gzip x-content-type-options nosniff content-type application/javascript; charset=UTF-8 server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39" content-length 104 x-xss-protection 1; mode=block
GET H/1.1	200 OK	show_ads_impl.js pagead2.googlesyndication.com/pagead/js/r20190206/r20190131/	193 KB 72 KB	32ms 26ms	Script text/javascript	2a00:1450:4001:820::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/r20190206/r20190131/show_ads_impl.js Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol HTTP/1.1 Server 2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://ip6.si/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:22 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Type text/javascript; charset=UTF-8 Server cafe ETag 9160603346706350691 Vary Accept-Encoding P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control private, max-age=1209600 Content-Disposition attachment; filename="f.txt" Timing-Allow-Origin * Content-Length 73035 X-XSS-Protection 1; mode=block Expires Tue, 12 Feb 2019 20:06:22 GMT
GET H/1.1	200 OK	show_ads_impl.js pagead2.googlesyndication.com/pagead/js/r20190206/r20190131/ Frame 3D67	193 KB 72 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:820::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/r20190206/r20190131/show_ads_impl.js Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol HTTP/1.1 Server 2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://ip6.si/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:22 GMT Content-Encoding gzip X-Content-Type-Options nosniff Content-Type text/javascript; charset=UTF-8 Server cafe ETag 9160603346706350691 Vary Accept-Encoding P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control private, max-age=1209600 Content-Disposition attachment; filename="f.txt" Timing-Allow-Origin * Content-Length 73035 X-XSS-Protection 1; mode=block Expires Tue, 12 Feb 2019 20:06:22 GMT
GET H2	200	ca-pub-8467549867037034.js pagead2.googlesyndication.com/pub-config/r20160913/	68 B 179 B	87ms 86ms	Script text/javascript	2a00:1450:4001:821::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-8467549867037034.js Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://ip6.si/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 12 Feb 2019 20:06:22 GMT content-encoding gzip x-content-type-options nosniff server sffe content-type text/javascript status 200 cache-control public, max-age=43200 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39" content-length 88 x-xss-protection 1; mode=block expires Wed, 13 Feb 2019 08:06:22 GMT
GET H2	200	zrt_lookup.html googleads.g.doubleclick.net/pagead/html/r20190206/r20190131/ Frame 7B8C	0 0	7ms 6ms	Document text/html	2a00:1450:4001:820::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20190206/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20190206/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 referer http://ip6.si/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://ip6.si/ Response headers status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * vary Accept-Encoding date Thu, 07 Feb 2019 08:44:18 GMT expires Thu, 21 Feb 2019 08:44:18 GMT content-type text/html; charset=UTF-8 etag 14090563764879558401 x-content-type-options nosniff content-encoding gzip server cafe content-length 6959 x-xss-protection 1; mode=block cache-control public, max-age=1209600 age 472924 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
GET H2	200	collect www.google-analytics.com/r/	35 B 101 B	18ms 17ms	Image image/gif	2a00:1450:4001:81e::200e Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1477553800&t=pageview&_s=1&dl=http%3A%2F%2Fip6.si%2F&ul=en-us&de=UTF-8&dt=IP6%20Short%20URL%20-%20Free%20service&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1419065098&gjid=1435414961&cid=523345183.1550001983&tid=UA-92596452-1&_gid=61108380.1550001983&_r=1&z=624105065 Requested by Host: ip6.si URL: http://ip6.si/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://ip6.si/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Tue, 12 Feb 2019 20:06:22 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 access-control-allow-origin * content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="44,43,39" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	Primary Request / Show response wg1308252.virtualuser.de/	11 KB 3 KB	73ms 25ms	Document text/html	46.20.34.168 MYLOC-AS
General Check archive.org Show headers Download Go to Full URL http://wg1308252.virtualuser.de/ Requested by Host: ip6.si URL: http://ip6.si/ Protocol HTTP/1.1 Server 46.20.34.168 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS files-win.gameserver.myloc.de Software nginx / PHP/7.2.15 PleskLin Resource Hash ff2d1cd0d4b8adafd6a681e4520bd66d57f8b3a8b740da2e23686685f5ca33ea Request headers Host wg1308252.virtualuser.de Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer http://ip6.si/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://ip6.si/ Response headers Server nginx Date Tue, 12 Feb 2019 20:06:22 GMT Content-Type text/html; charset=UTF-8 Content-Length 3231 Connection keep-alive X-Powered-By PHP/7.2.15 PleskLin Vary Accept-Encoding Content-Encoding gzip
GET		ads googleads.g.doubleclick.net/pagead/ Frame C337	0 0
GET		osd.js www.googletagservices.com/activeview/js/current/	0 0
GET H/1.1	200 OK	jsq.js Show response wg1308252.virtualuser.de/	111 KB 112 KB	21ms 18ms	Script application/javascript	46.20.34.168 MYLOC-AS
General Check archive.org Show headers Download Go to Full URL http://wg1308252.virtualuser.de/jsq.js Requested by Host: wg1308252.virtualuser.de URL: http://wg1308252.virtualuser.de/ Protocol HTTP/1.1 Server 46.20.34.168 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS files-win.gameserver.myloc.de Software nginx / PleskLin Resource Hash 71345e7c99ee0f1cadbc1d9c778e97195c6859d5ba04ef931f306b06aa2ba683 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host wg1308252.virtualuser.de User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer http://wg1308252.virtualuser.de/ Connection keep-alive Cache-Control no-cache Referer http://wg1308252.virtualuser.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:22 GMT Last-Modified Tue, 12 Feb 2019 01:47:36 GMT Server nginx X-Powered-By PleskLin ETag "5c6225b8-1bdba" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 114106
GET H/1.1	200 OK	ing-logo.svg wg1308252.virtualuser.de/css/img/	11 KB 12 KB	63ms 14ms	Image image/svg+xml	46.20.34.168 MYLOC-AS
General Check archive.org Show headers Download Go to Show image Full URL http://wg1308252.virtualuser.de/css/img/ing-logo.svg Requested by Host: wg1308252.virtualuser.de URL: http://wg1308252.virtualuser.de/ Protocol HTTP/1.1 Server 46.20.34.168 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS files-win.gameserver.myloc.de Software nginx / PleskLin Resource Hash 84a60ca3b0ec180e3295696847244027db35fc8bd6f3c4919efcb0bdfa01d87a Request headers Pragma no-cache Accept-Encoding gzip, deflate Host wg1308252.virtualuser.de User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://wg1308252.virtualuser.de/ Connection keep-alive Cache-Control no-cache Referer http://wg1308252.virtualuser.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:23 GMT Last-Modified Tue, 12 Feb 2019 01:47:47 GMT Server nginx X-Powered-By PleskLin ETag "5c6225c3-2de2" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 11746
GET H/1.1	200 OK	alert-info.svg wg1308252.virtualuser.de/css/img/	590 B 877 B	63ms 15ms	Image image/svg+xml	46.20.34.168 MYLOC-AS
General Check archive.org Show headers Download Go to Show image Full URL http://wg1308252.virtualuser.de/css/img/alert-info.svg Requested by Host: wg1308252.virtualuser.de URL: http://wg1308252.virtualuser.de/ Protocol HTTP/1.1 Server 46.20.34.168 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS files-win.gameserver.myloc.de Software nginx / PleskLin Resource Hash c622f9704a79e3194eb565250143e8eb50abb9e752fe09cddbe32f68db3af923 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host wg1308252.virtualuser.de User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://wg1308252.virtualuser.de/ Connection keep-alive Cache-Control no-cache Referer http://wg1308252.virtualuser.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:23 GMT ETag "24e-581a89caccc31" Last-Modified Tue, 12 Feb 2019 01:47:46 GMT Server nginx X-Powered-By PleskLin Content-Type image/svg+xml X-Accel-Version 0.01 Connection keep-alive Accept-Ranges bytes Content-Length 590
GET H/1.1	200 OK	menu-close.svg wg1308252.virtualuser.de/css/img/	348 B 635 B	18ms 17ms	Image image/svg+xml	46.20.34.168 MYLOC-AS
General Check archive.org Show headers Download Go to Show image Full URL http://wg1308252.virtualuser.de/css/img/menu-close.svg Requested by Host: wg1308252.virtualuser.de URL: http://wg1308252.virtualuser.de/ Protocol HTTP/1.1 Server 46.20.34.168 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS files-win.gameserver.myloc.de Software nginx / PleskLin Resource Hash 9030f83b22e9a96c2aafff1a3abfdd4ffd0cffa31e1748df717d84282fba82b5 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host wg1308252.virtualuser.de User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://wg1308252.virtualuser.de/ Connection keep-alive Cache-Control no-cache Referer http://wg1308252.virtualuser.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:23 GMT ETag "15c-581a89cb5387f" Last-Modified Tue, 12 Feb 2019 01:47:47 GMT Server nginx X-Powered-By PleskLin Content-Type image/svg+xml X-Accel-Version 0.01 Connection keep-alive Accept-Ranges bytes Content-Length 348
GET H/1.1	200 OK	alert-error.svg wg1308252.virtualuser.de/css/img/	623 B 910 B	18ms 16ms	Image image/svg+xml	46.20.34.168 MYLOC-AS
General Check archive.org Show headers Download Go to Show image Full URL http://wg1308252.virtualuser.de/css/img/alert-error.svg Requested by Host: wg1308252.virtualuser.de URL: http://wg1308252.virtualuser.de/ Protocol HTTP/1.1 Server 46.20.34.168 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS files-win.gameserver.myloc.de Software nginx / PleskLin Resource Hash 403237e689dc78baa222a8d6cb6e3455d49c6dcef78391657e52f4161ee3da36 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host wg1308252.virtualuser.de User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://wg1308252.virtualuser.de/ Connection keep-alive Cache-Control no-cache Referer http://wg1308252.virtualuser.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:23 GMT ETag "26f-581a89cac4f31" Last-Modified Tue, 12 Feb 2019 01:47:46 GMT Server nginx X-Powered-By PleskLin Content-Type image/svg+xml X-Accel-Version 0.01 Connection keep-alive Accept-Ranges bytes Content-Length 623
GET H/1.1	200 OK	checkbox.svg wg1308252.virtualuser.de/css/img/	281 B 568 B	16ms 14ms	Image image/svg+xml	46.20.34.168 MYLOC-AS
General Check archive.org Show headers Download Go to Show image Full URL http://wg1308252.virtualuser.de/css/img/checkbox.svg Requested by Host: wg1308252.virtualuser.de URL: http://wg1308252.virtualuser.de/ Protocol HTTP/1.1 Server 46.20.34.168 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS files-win.gameserver.myloc.de Software nginx / PleskLin Resource Hash e86ba4f8dd6a82f423fbc44a456b3849eab753d9cee1057159093b9005ecb711 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host wg1308252.virtualuser.de User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://wg1308252.virtualuser.de/ Connection keep-alive Cache-Control no-cache Referer http://wg1308252.virtualuser.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:23 GMT ETag "119-581a89caf0e55" Last-Modified Tue, 12 Feb 2019 01:47:46 GMT Server nginx X-Powered-By PleskLin Content-Type image/svg+xml X-Accel-Version 0.01 Connection keep-alive Accept-Ranges bytes Content-Length 281
GET H/1.1	200 OK	arrow-chevron-open-right.svg wg1308252.virtualuser.de/css/img/	366 B 653 B	17ms 15ms	Image image/svg+xml	46.20.34.168 MYLOC-AS
General Check archive.org Show headers Download Go to Show image Full URL http://wg1308252.virtualuser.de/css/img/arrow-chevron-open-right.svg Requested by Host: wg1308252.virtualuser.de URL: http://wg1308252.virtualuser.de/ Protocol HTTP/1.1 Server 46.20.34.168 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS files-win.gameserver.myloc.de Software nginx / PleskLin Resource Hash c40c32284db736cf15432a4da1684b391bb82d244589b2001f83a4cbd8e984bb Request headers Pragma no-cache Accept-Encoding gzip, deflate Host wg1308252.virtualuser.de User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://wg1308252.virtualuser.de/ Connection keep-alive Cache-Control no-cache Referer http://wg1308252.virtualuser.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:23 GMT ETag "16e-581a89caeb094" Last-Modified Tue, 12 Feb 2019 01:47:46 GMT Server nginx X-Powered-By PleskLin Content-Type image/svg+xml X-Accel-Version 0.01 Connection keep-alive Accept-Ranges bytes Content-Length 366
GET H/1.1	200 OK	illustratie_algemenestoring.png wg1308252.virtualuser.de/css/img/	14 KB 15 KB	16ms 14ms	Image image/png	46.20.34.168 MYLOC-AS
General Check archive.org Show headers Download Go to Show image Full URL http://wg1308252.virtualuser.de/css/img/illustratie_algemenestoring.png Requested by Host: wg1308252.virtualuser.de URL: http://wg1308252.virtualuser.de/ Protocol HTTP/1.1 Server 46.20.34.168 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS files-win.gameserver.myloc.de Software nginx / PleskLin Resource Hash 1e932fd1c21334067f030f29d277be08c51604c49d3dffe1600b891fceae4e3f Request headers Pragma no-cache Accept-Encoding gzip, deflate Host wg1308252.virtualuser.de User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://wg1308252.virtualuser.de/ Connection keep-alive Cache-Control no-cache Referer http://wg1308252.virtualuser.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:23 GMT Last-Modified Tue, 12 Feb 2019 01:47:47 GMT Server nginx X-Powered-By PleskLin ETag "5c6225c3-39b0" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 14768
GET H/1.1	200 OK	base.css wg1308252.virtualuser.de/	15 KB 15 KB	61ms 14ms	Stylesheet text/css	46.20.34.168 MYLOC-AS
General Check archive.org Show headers Download Go to Full URL http://wg1308252.virtualuser.de/base.css Requested by Host: wg1308252.virtualuser.de URL: http://wg1308252.virtualuser.de/ Protocol HTTP/1.1 Server 46.20.34.168 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS files-win.gameserver.myloc.de Software nginx / PleskLin Resource Hash 83fd226ddbc6ab7a502849918dc525f5cd4a2c3d63711ffe9c08570d535bead9 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host wg1308252.virtualuser.de User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://wg1308252.virtualuser.de/ Connection keep-alive Cache-Control no-cache Referer http://wg1308252.virtualuser.de/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:23 GMT Last-Modified Tue, 12 Feb 2019 01:47:36 GMT Server nginx X-Powered-By PleskLin ETag "5c6225b8-3a1a" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 14874
GET H/1.1	200 OK	811383197.svg wg1308252.virtualuser.de/css/img/	21 KB 21 KB	29ms 15ms	Image image/svg+xml	46.20.34.168 MYLOC-AS
General Check archive.org Show headers Download Go to Show image Full URL http://wg1308252.virtualuser.de/css/img/811383197.svg Requested by Host: wg1308252.virtualuser.de URL: http://wg1308252.virtualuser.de/ Protocol HTTP/1.1 Server 46.20.34.168 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS files-win.gameserver.myloc.de Software nginx / PleskLin Resource Hash 3e5c9215408174cff78c491ad0cd933f2cf7c21bdaf61d71abac85e49f901fd2 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host wg1308252.virtualuser.de User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://wg1308252.virtualuser.de/base.css Connection keep-alive Cache-Control no-cache Referer http://wg1308252.virtualuser.de/base.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Tue, 12 Feb 2019 20:06:23 GMT Last-Modified Tue, 12 Feb 2019 01:47:46 GMT Server nginx X-Powered-By PleskLin ETag "5c6225c2-5346" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 21318
GET H/1.1	200 OK	1224525800.woff2 wg1308252.virtualuser.de/css/fonts/	30 KB 30 KB	24ms 14ms	Font application/octet-stream	46.20.34.168 MYLOC-AS
General Check archive.org Show headers Download Go to Full URL http://wg1308252.virtualuser.de/css/fonts/1224525800.woff2 Requested by Host: wg1308252.virtualuser.de URL: http://wg1308252.virtualuser.de/ Protocol HTTP/1.1 Server 46.20.34.168 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS files-win.gameserver.myloc.de Software nginx / PleskLin Resource Hash 3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e Request headers Pragma no-cache Origin http://wg1308252.virtualuser.de Accept-Encoding gzip, deflate Host wg1308252.virtualuser.de User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer http://wg1308252.virtualuser.de/base.css Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://wg1308252.virtualuser.de/base.css Origin http://wg1308252.virtualuser.de Response headers Date Tue, 12 Feb 2019 20:06:23 GMT Last-Modified Tue, 12 Feb 2019 01:47:44 GMT Server nginx X-Powered-By PleskLin ETag "5c6225c0-76f8" Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 30456
GET H/1.1	200 OK	_388920554.woff2 wg1308252.virtualuser.de/css/fonts/	29 KB 29 KB	25ms 15ms	Font application/octet-stream	46.20.34.168 MYLOC-AS
General Check archive.org Show headers Download Go to Full URL http://wg1308252.virtualuser.de/css/fonts/_388920554.woff2 Requested by Host: wg1308252.virtualuser.de URL: http://wg1308252.virtualuser.de/ Protocol HTTP/1.1 Server 46.20.34.168 , Germany, ASN24961 (MYLOC-AS, DE), Reverse DNS files-win.gameserver.myloc.de Software nginx / PleskLin Resource Hash f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155 Request headers Pragma no-cache Origin http://wg1308252.virtualuser.de Accept-Encoding gzip, deflate Host wg1308252.virtualuser.de User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer http://wg1308252.virtualuser.de/base.css Connection keep-alive Cache-Control no-cache User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://wg1308252.virtualuser.de/base.css Origin http://wg1308252.virtualuser.de Response headers Date Tue, 12 Feb 2019 20:06:23 GMT Last-Modified Tue, 12 Feb 2019 01:47:45 GMT Server nginx X-Powered-By PleskLin ETag "5c6225c1-73b0" Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 29616

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

googleads.g.doubleclick.net

URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8467549867037034&output=html&h=90&slotname=2513313356&adk=3764880598&adf=2469204067&w=970&lmt=1550001982&guci=1.2.0.0.2.2.0.0&format=970x90&url=http%3A%2F%2Fip6.si%2F%23NhxbLa&flash=0&wgl=1&adsid=NT&dt=1550001982748&bpp=23&bdt=1153&fdt=131&idt=129&shv=r20190206&cbv=r20190131&saldr=aa&abxe=1&correlator=1005201833534&frm=20&pv=2&ga_vid=523345183.1550001983&ga_sid=1550001983&ga_hid=1477553800&ga_fc=0&iag=0&icsg=8234&dssz=9&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=313&ady=360&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C410075101&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeE%7C&abl=NS&ppjl=u&pfx=0&fu=16&bc=7&ifi=1&uci=1.8l12i58k2hif&fsb=1&xpc=BDaTPnOBMk&p=http%3A//ip6.si&dtd=154

Domain

www.googletagservices.com

URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: ING Group (Banking)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
code.jquery.com
googleads.g.doubleclick.net
ip6.si
pagead2.googlesyndication.com
wg1308252.virtualuser.de
www.google-analytics.com
www.googletagservices.com
googleads.g.doubleclick.net
www.googletagservices.com
205.185.208.52
2606:4700:30::681b:9474
2606:4700:30::681b:9574
2a00:1450:4001:809::2002
2a00:1450:4001:81e::200e
2a00:1450:4001:820::2002
2a00:1450:4001:821::2002
46.20.34.168
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
1e932fd1c21334067f030f29d277be08c51604c49d3dffe1600b891fceae4e3f
2ddb7a10120e6cf6838cfef37adbb7ee18b81083500ca715e30f890636627e64
3a135f82b209a59959b162a1fbc9b0b38856d1332af286f86046b06357b3811e
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
3e5c9215408174cff78c491ad0cd933f2cf7c21bdaf61d71abac85e49f901fd2
403237e689dc78baa222a8d6cb6e3455d49c6dcef78391657e52f4161ee3da36
43f7069e4439fe03b9342b17d31a8a61fa4022af11f9dee8194261f65ab0876d
528a895d8e12415bdb9a5adc043a7acfa1fb9a76022cc445a4c32702473e41d1
71345e7c99ee0f1cadbc1d9c778e97195c6859d5ba04ef931f306b06aa2ba683
83fd226ddbc6ab7a502849918dc525f5cd4a2c3d63711ffe9c08570d535bead9
84a60ca3b0ec180e3295696847244027db35fc8bd6f3c4919efcb0bdfa01d87a
8ecb0c2532918a5d766040a25fb50db80a31525949aa22f3da19d9235144a8cb
9030f83b22e9a96c2aafff1a3abfdd4ffd0cffa31e1748df717d84282fba82b5
a13c96acd88fe907edbb8becda0d113c22abde0d5ae904e5213360a1e6f145ce
c40c32284db736cf15432a4da1684b391bb82d244589b2001f83a4cbd8e984bb
c622f9704a79e3194eb565250143e8eb50abb9e752fe09cddbe32f68db3af923
ddc940750da907becde977e7932a30d68cce47c8648e57b81532d2ba8f1ca346
e86ba4f8dd6a82f423fbc44a456b3849eab753d9cee1057159093b9005ecb711
f74c344733a85af20d2754b208f12309e2a30c591795d0881cb0ad94c4be6155
ff2d1cd0d4b8adafd6a681e4520bd66d57f8b3a8b740da2e23686685f5ca33ea