urlscan.io logo urlscan.io
SecurityTrails logo

userservice06b.dynamic-dns.net Open in urlscan Pro
129.151.74.222  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://userservice06b.dynamic-dns.net/billing.php
Submission: On July 08 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 31 HTTP transactions. The main IP is 129.151.74.222, located in Cardiff, United Kingdom and belongs to ORACLE-BMC-31898, US. The main domain is userservice06b.dynamic-dns.net.
This is the only time userservice06b.dynamic-dns.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Navy Federal Credit Union (Government)

Domain & IP information

15    129.151.74.222 (Cardiff, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)
userservice06b.dynamic-dns.net
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f102.1e100.net
9749892.fls.doubleclick.net
1    54.77.48.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-48-133.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
2    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
www.googleadservices.com
3    104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
ct.pinterest.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
15 userservice06b.dynamic-dns.net userservice06b.dynamic-dns.net
3 ct.pinterest.com 9749892.fls.doubleclick.net
3 fonts.gstatic.com fonts.googleapis.com
2 www.googleadservices.com 9749892.fls.doubleclick.net
www.googleadservices.com
2 www.googletagmanager.com 1 redirects userservice06b.dynamic-dns.net
2 adservice.google.com 1 redirects userservice06b.dynamic-dns.net
1 www.google.de 9749892.fls.doubleclick.net
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 insight.adsrvr.org 9749892.fls.doubleclick.net
1 9749892.fls.doubleclick.net adservice.google.com
1 adservice.google.de 1 redirects
1 fonts.googleapis.com userservice06b.dynamic-dns.net
31 13

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2020-07-16 -
2021-08-04		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://userservice06b.dynamic-dns.net/billing.php
Frame ID: 2F8399217D24544B5F1D8F3764A691EB
Requests: 21 HTTP requests in this frame

Frame: http://userservice06b.dynamic-dns.net/assets/billing_files/activityi_002.html
Frame ID: C20F06C4FD504655180FBF31A0F7D396
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Frame ID: 8BABEA54A528B2F4BB07901002C440C0
Requests: 1 HTTP requests in this frame

Frame: https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Frame ID: ABA8668C3CA48C4773A2544F5DA079C4
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

31
Requests

45 %
HTTPS

62 %
IPv6

10
Domains

13
Subdomains

11
IPs

4
Countries

569 kB
Transfer

655 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://adservice.google.com/ddm/fls/i/src=9749892;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php HTTP 302
  • https://adservice.google.com/ddm/fls/i/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Request Chain 20
  • http://www.googletagmanager.com/gtag/js?id=DC-5053096&l=dataLayer&cx=c HTTP 302
  • https://www.googletagmanager.com/gtag/js?id=DC-5053096&l=dataLayer&cx=c
Request Chain 21
  • https://adservice.google.de/ddm/fls/i/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php HTTP 302
  • https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Request Chain 29
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/683427688/?random=121444265&cv=9&fst=1625708214409&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Bdc_pre%3DCK2Y5ISr0vECFYyr1QodjFcCcg%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D977151884502%3Bgtm%3D2od9u1%3Bauiddc%3D1712041899.1603295711%3B~oref%3Dfile%253A%252F%252F%252FC%253A%252FUsers%252FJay%252FDesktop%252FNavyFederal%252Fbilling.php&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=tlbmYLGHINT33wP3_7PgBA&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/683427688/?random=121444265&cv=9&fst=1625708214409&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Bdc_pre%3DCK2Y5ISr0vECFYyr1QodjFcCcg%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D977151884502%3Bgtm%3D2od9u1%3Bauiddc%3D1712041899.1603295711%3B~oref%3Dfile%253A%252F%252F%252FC%253A%252FUsers%252FJay%252FDesktop%252FNavyFederal%252Fbilling.php&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tlbmYLGHINT33wP3_7PgBA&cid=CAQSKQCNIrLMMgctodoX6yYsmuilpgS3fzXyBEqrSGzG8POS6_Te3kKTJqhA&random=665971037&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/683427688/?random=121444265&cv=9&fst=1625708214409&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Bdc_pre%3DCK2Y5ISr0vECFYyr1QodjFcCcg%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D977151884502%3Bgtm%3D2od9u1%3Bauiddc%3D1712041899.1603295711%3B~oref%3Dfile%253A%252F%252F%252FC%253A%252FUsers%252FJay%252FDesktop%252FNavyFederal%252Fbilling.php&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tlbmYLGHINT33wP3_7PgBA&cid=CAQSKQCNIrLMMgctodoX6yYsmuilpgS3fzXyBEqrSGzG8POS6_Te3kKTJqhA&random=665971037&resp=GooglemKTybQhCsO&ipr=y

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request billing.php
userservice06b.dynamic-dns.net/ 		45 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://userservice06b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
3af4052d73ba4840884ec866a1e48aa0cb05fec9105d177ecd8257b37a2f2d07

Request headers

Host
userservice06b.dynamic-dns.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 01:36:53 GMT
Server
Apache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
main-3854dce7049a84d55d5e.css
userservice06b.dynamic-dns.net/assets/billing_files/ 		156 KB
156 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://userservice06b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
582645ed04b9ca40ef2cd6924dd2b41688e03be3d8b075b722ab07c5319ffd86

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
userservice06b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://userservice06b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://userservice06b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 01:36:53 GMT
Last-Modified
Thu, 22 Oct 2020 09:19:52 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
159414
logo_004.js
userservice06b.dynamic-dns.net/assets/billing_files/ 		96 B
350 B 		Script
General
Check archive.org
Download Go to
Full URL
http://userservice06b.dynamic-dns.net/assets/billing_files/logo_004.js
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
443c606b8833a1f9a0dec16937658d295e0916e2d5843f9512d1659dba024970

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
userservice06b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://userservice06b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://userservice06b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 01:36:53 GMT
Last-Modified
Thu, 22 Oct 2020 16:16:44 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
96
checkmark.svg
userservice06b.dynamic-dns.net/assets/billing_files/ 		288 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://userservice06b.dynamic-dns.net/assets/billing_files/checkmark.svg
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
51a528c1775dd41070e1e551dc9166d635c033d7c7043477a709a68b3494836a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
userservice06b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://userservice06b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://userservice06b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 01:36:53 GMT
Last-Modified
Thu, 22 Oct 2020 14:19:48 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
288
a
userservice06b.dynamic-dns.net/assets/billing_files/ 		31 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
http://userservice06b.dynamic-dns.net/assets/billing_files/a
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
2283d95a9ed2b85158a5a0ab158c92bbb43cd78ea4c3aa9f7691f42c3350e88f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
userservice06b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://userservice06b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://userservice06b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 01:36:53 GMT
Last-Modified
Thu, 22 Oct 2020 16:16:44 GMT
Server
Apache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
31
a.txt
userservice06b.dynamic-dns.net/assets/billing_files/ 		31 B
272 B 		Script
General
Check archive.org
Download Go to
Full URL
http://userservice06b.dynamic-dns.net/assets/billing_files/a.txt
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
1cdb497b2bc18749396e3981c5b9e613c0aa5cc04ec9491bcd9c02e34cb44193

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
userservice06b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://userservice06b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://userservice06b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 01:36:53 GMT
Last-Modified
Thu, 22 Oct 2020 16:16:44 GMT
Server
Apache
Content-Type
text/plain
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
31
846112901no178e0bd7344fd8913ea6.txt
userservice06b.dynamic-dns.net/assets/billing_files/ 		71 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://userservice06b.dynamic-dns.net/assets/billing_files/846112901no178e0bd7344fd8913ea6.txt
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
e7ec9ec6ee8e08591fcae718adc05052e94a55419b47cc3cc1fefdcf3059c19c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
userservice06b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://userservice06b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://userservice06b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 01:36:53 GMT
Last-Modified
Thu, 22 Oct 2020 16:16:44 GMT
Server
Apache
Content-Type
text/plain
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
73185
activity_pixel.gif
userservice06b.dynamic-dns.net/assets/billing_files/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://userservice06b.dynamic-dns.net/assets/billing_files/activity_pixel.gif
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
userservice06b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://userservice06b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://userservice06b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 01:36:53 GMT
Last-Modified
Thu, 22 Oct 2020 14:19:48 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
43
js
userservice06b.dynamic-dns.net/assets/billing_files/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://userservice06b.dynamic-dns.net/assets/billing_files/js
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
0869fe5cc1f097d1941859058871dfd40fb1099c855d3662520c2463fb620066

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
userservice06b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://userservice06b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://userservice06b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 01:36:53 GMT
Last-Modified
Thu, 22 Oct 2020 16:16:44 GMT
Server
Apache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
96167
js_002
userservice06b.dynamic-dns.net/assets/billing_files/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://userservice06b.dynamic-dns.net/assets/billing_files/js_002
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
772485938ce21727b55d5bf3d556531fe8ba68aa88c530183127acd507648d7b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
userservice06b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://userservice06b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://userservice06b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 01:36:53 GMT
Last-Modified
Thu, 22 Oct 2020 16:16:44 GMT
Server
Apache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
96167
activity_pixel_002.gif
userservice06b.dynamic-dns.net/assets/billing_files/ 		43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://userservice06b.dynamic-dns.net/assets/billing_files/activity_pixel_002.gif
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
userservice06b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://userservice06b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://userservice06b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 01:36:53 GMT
Last-Modified
Thu, 22 Oct 2020 16:16:44 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
43
css
fonts.googleapis.com/ 		13 KB
926 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:100,200,300,400,500,600,700,800,900
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
102d69b8233684dd9b9bc94145fc332453aaa8f4fcf6221b1824ecdd042a693b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://userservice06b.dynamic-dns.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Jul 2021 01:36:53 GMT
server
ESF
date
Thu, 08 Jul 2021 01:36:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Jul 2021 01:36:53 GMT
nfculogo.png
userservice06b.dynamic-dns.net/assets/img/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://userservice06b.dynamic-dns.net/assets/img/nfculogo.png
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
userservice06b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://userservice06b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://userservice06b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 01:36:53 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
dropdown_caret.svg
userservice06b.dynamic-dns.net/assets/img/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://userservice06b.dynamic-dns.net/assets/img/dropdown_caret.svg
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
userservice06b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://userservice06b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://userservice06b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 01:36:53 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
NCUA_Logo.svg
userservice06b.dynamic-dns.net/assets/img/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://userservice06b.dynamic-dns.net/assets/img/NCUA_Logo.svg
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
userservice06b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://userservice06b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://userservice06b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 01:36:53 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://userservice06b.dynamic-dns.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Jul 2021 21:40:42 GMT
x-content-type-options
nosniff
age
186971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Jul 2022 21:40:42 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://userservice06b.dynamic-dns.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Jul 2021 21:40:42 GMT
x-content-type-options
nosniff
age
186971
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15948
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:32 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Jul 2022 21:40:42 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://userservice06b.dynamic-dns.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 08:57:43 GMT
x-content-type-options
nosniff
age
146350
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:17 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 08:57:43 GMT
846112901no178e0bd7344fd8913ea6
userservice06b.dynamic-dns.net/public/ 		0
0
activityi_002.html
userservice06b.dynamic-dns.net/assets/billing_files/ Frame C20F 		559 B
800 B 		Document
General
Check archive.org
Download Go to
Full URL
http://userservice06b.dynamic-dns.net/assets/billing_files/activityi_002.html
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
26b9f55fcb12043f0166f51b8c38e6804d03c8fe0fb18504835cf49b3f5f2b6a

Request headers

Host
userservice06b.dynamic-dns.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://userservice06b.dynamic-dns.net/billing.php
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://userservice06b.dynamic-dns.net/billing.php

Response headers

Date
Thu, 08 Jul 2021 01:36:53 GMT
Server
Apache
Last-Modified
Thu, 22 Oct 2020 16:16:44 GMT
Accept-Ranges
bytes
Content-Length
559
Keep-Alive
timeout=5, max=96
Connection
Keep-Alive
Content-Type
text/html
src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fb...
adservice.google.com/ddm/fls/i/ Frame 8BAB
Redirect Chain
  • https://adservice.google.com/ddm/fls/i/src=9749892;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFedera...
  • https://adservice.google.com/ddm/fls/i/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2F...
521 B
432 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/assets/billing_files/activityi_002.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5a6a8c48f75f4d0061276bc8bda2b92d42581138afecce831725b49207c2d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://userservice06b.dynamic-dns.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://userservice06b.dynamic-dns.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jul 2021 01:36:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
409
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jul 2021 01:36:53 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
location
https://adservice.google.com/ddm/fls/i/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=DC-5053096&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=DC-5053096&l=dataLayer&cx=c
85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-5053096&l=dataLayer&cx=c
Requested by
Host: userservice06b.dynamic-dns.net
URL: http://userservice06b.dynamic-dns.net/billing.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
646eec559a6c0ecd6fb99cf59370413497bf28697681a3a760b879b3c424c1f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://userservice06b.dynamic-dns.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 01:36:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34811
x-xss-protection
0
last-modified
Thu, 08 Jul 2021 00:09:09 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Jul 2021 01:36:53 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=DC-5053096&l=dataLayer&cx=c
Date
Thu, 08 Jul 2021 01:36:53 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
Google Tag Manager
Content-Length
276
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fb...
9749892.fls.doubleclick.net/ddm/fls/r/ Frame ABA8
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FU...
  • https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2F...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f102.1e100.net
Software
cafe /
Resource Hash
546429158fe9c0a0fae24090f30045822d04eb63cacd8783d9cf7f0a1065b976
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9749892.fls.doubleclick.net
:scheme
https
:path
/ddm/fls/r/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jul 2021 01:36:54 GMT
expires
Thu, 08 Jul 2021 01:36:54 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
628
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 08-Jul-2021 01:51:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 08 Jul 2021 01:36:53 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
846112901no178e0bd7344fd8913ea6
userservice06b.dynamic-dns.net/public/ 		0
0
/
insight.adsrvr.org/track/pxl/ Frame ABA8 		70 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=pcl8biy&ct=0:1psqepk&fmt=3
Requested by
Host: 9749892.fls.doubleclick.net
URL: https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.48.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-48-133.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://9749892.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 01:36:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
conversion.js
www.googleadservices.com/pagead/ Frame ABA8 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 9749892.fls.doubleclick.net
URL: https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
0f506a0bf099d96a1f34c7c23cb74929b8fa381d4114509f9aef2273f2c852b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9749892.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 01:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17349
x-xss-protection
0
server
cafe
etag
3780840205288251298
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 08 Jul 2021 01:36:54 GMT
/
ct.pinterest.com/v3/ Frame ABA8 		35 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2617254381486&noscript=1
Requested by
Host: 9749892.fls.doubleclick.net
URL: https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://9749892.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 01:36:54 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.9a6656b8.1625708214.7ed39d5
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
1536567189044006
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ Frame ABA8 		35 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?event=PageView&tid=2617254381486&noscript=1
Requested by
Host: 9749892.fls.doubleclick.net
URL: https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://9749892.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 01:36:54 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.9a6656b8.1625708214.7ed39d6
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
5769403496521376
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ Frame ABA8 		35 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?event=ViewCategory&tid=2617254381486&noscript=1
Requested by
Host: 9749892.fls.doubleclick.net
URL: https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://9749892.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 01:36:54 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.9a6656b8.1625708214.7ed39db
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
1726669369079400
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/683427688/ Frame ABA8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/683427688/?random=1625708214409&cv=9&fst=1625708214409&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Bdc_pre%3DCK2Y5ISr0vECFYyr1QodjFcCcg%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D977151884502%3Bgtm%3D2od9u1%3Bauiddc%3D1712041899.1603295711%3B~oref%3Dfile%253A%252F%252F%252FC%253A%252FUsers%252FJay%252FDesktop%252FNavyFederal%252Fbilling.php&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
423b7c67e083a4157fa4e085565d6bb578370f0a76b41c2777e04b8881e21ea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9749892.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 01:36:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1267
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/683427688/ Frame ABA8
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/683427688/?random=121444265&cv=9&fst=1625708214409&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=25050596...
  • https://www.google.com/pagead/1p-conversion/683427688/?random=121444265&cv=9&fst=1625708214409&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&...
  • https://www.google.de/pagead/1p-conversion/683427688/?random=121444265&cv=9&fst=1625708214409&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u...
42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/683427688/?random=121444265&cv=9&fst=1625708214409&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Bdc_pre%3DCK2Y5ISr0vECFYyr1QodjFcCcg%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D977151884502%3Bgtm%3D2od9u1%3Bauiddc%3D1712041899.1603295711%3B~oref%3Dfile%253A%252F%252F%252FC%253A%252FUsers%252FJay%252FDesktop%252FNavyFederal%252Fbilling.php&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tlbmYLGHINT33wP3_7PgBA&cid=CAQSKQCNIrLMMgctodoX6yYsmuilpgS3fzXyBEqrSGzG8POS6_Te3kKTJqhA&random=665971037&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 9749892.fls.doubleclick.net
URL: https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CK2Y5ISr0vECFYyr1QodjFcCcg;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9749892.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Jul 2021 01:36:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Jul 2021 01:36:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/683427688/?random=121444265&cv=9&fst=1625708214409&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Bdc_pre%3DCK2Y5ISr0vECFYyr1QodjFcCcg%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D977151884502%3Bgtm%3D2od9u1%3Bauiddc%3D1712041899.1603295711%3B~oref%3Dfile%253A%252F%252F%252FC%253A%252FUsers%252FJay%252FDesktop%252FNavyFederal%252Fbilling.php&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=tlbmYLGHINT33wP3_7PgBA&cid=CAQSKQCNIrLMMgctodoX6yYsmuilpgS3fzXyBEqrSGzG8POS6_Te3kKTJqhA&random=665971037&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
userservice06b.dynamic-dns.net
URL
https://userservice06b.dynamic-dns.net/public/846112901no178e0bd7344fd8913ea6
Domain
userservice06b.dynamic-dns.net
URL
https://userservice06b.dynamic-dns.net/public/846112901no178e0bd7344fd8913ea6

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Navy Federal Credit Union (Government)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| io_install_flash boolean| io_install_stm number| io_exclude_stm boolean| io_enable_rip object| _cf object| _ac object| bmak string| _sd_trace function| op function| gtag object| dataLayer object| VisualIqPairs object| pages object| pixelValues undefined| pn undefined| currentPage undefined| currentPx undefined| img object| doubleClickMultipleValues undefined| currentType undefined| currentCat object| google_tag_manager object| google_tag_data

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnYXLihJ_tk0cVFxLiv8MATpVBIpeSCswcG5_Uz8aZkD_vxKyh5Vq0JjSJj
.dynamic-dns.net/ Name: _gcl_au
Value: 1.1.1997729100.1625708214

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9749892.fls.doubleclick.net
adservice.google.com
adservice.google.de
ct.pinterest.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
userservice06b.dynamic-dns.net
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
userservice06b.dynamic-dns.net
104.75.88.209
129.151.74.222
172.217.23.102
216.58.212.162
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
54.77.48.133
0869fe5cc1f097d1941859058871dfd40fb1099c855d3662520c2463fb620066
0f506a0bf099d96a1f34c7c23cb74929b8fa381d4114509f9aef2273f2c852b3
102d69b8233684dd9b9bc94145fc332453aaa8f4fcf6221b1824ecdd042a693b
1cdb497b2bc18749396e3981c5b9e613c0aa5cc04ec9491bcd9c02e34cb44193
2283d95a9ed2b85158a5a0ab158c92bbb43cd78ea4c3aa9f7691f42c3350e88f
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
26b9f55fcb12043f0166f51b8c38e6804d03c8fe0fb18504835cf49b3f5f2b6a
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3af4052d73ba4840884ec866a1e48aa0cb05fec9105d177ecd8257b37a2f2d07
423b7c67e083a4157fa4e085565d6bb578370f0a76b41c2777e04b8881e21ea8
443c606b8833a1f9a0dec16937658d295e0916e2d5843f9512d1659dba024970
51a528c1775dd41070e1e551dc9166d635c033d7c7043477a709a68b3494836a
546429158fe9c0a0fae24090f30045822d04eb63cacd8783d9cf7f0a1065b976
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
582645ed04b9ca40ef2cd6924dd2b41688e03be3d8b075b722ab07c5319ffd86
646eec559a6c0ecd6fb99cf59370413497bf28697681a3a760b879b3c424c1f2
772485938ce21727b55d5bf3d556531fe8ba68aa88c530183127acd507648d7b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e7ec9ec6ee8e08591fcae718adc05052e94a55419b47cc3cc1fefdcf3059c19c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f5a6a8c48f75f4d0061276bc8bda2b92d42581138afecce831725b49207c2d2e