urlscan.io logo urlscan.io
SecurityTrails logo

13.54.216.66 Open in urlscan Pro
13.54.216.66  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://disadco.gq/
Effective URL: http://13.54.216.66/?rip=7ed5257b7776381763a521c50a4c9292&idou=2888&meta=3_file-a73202ed2&stlss=387470&d=3
Submission: On September 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 9 domains to perform 15 HTTP transactions. The main IP is 13.54.216.66, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is 13.54.216.66.
This is the only time 13.54.216.66 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 104.21.87.53 13335 (CLOUDFLAR...)
1 165.22.198.175 14061 (DIGITALOC...)
1 213.174.135.25 39572 (ADVANCEDH...)
1 2 88.212.201.204 39134 (UNITEDNET)
1 172.67.220.34 13335 (CLOUDFLAR...)
1 54.215.244.207 16509 (AMAZON-02)
1 13.54.216.66 16509 (AMAZON-02)
3 104.16.19.94 13335 (CLOUDFLAR...)
1 142.250.64.106 15169 (GOOGLE)
1 64.233.184.94 15169 (GOOGLE)
15 11
4    104.21.87.53 (None, )

ASN13335 (CLOUDFLARENET, US)
disadco.gq
1    165.22.198.175 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
lib1.biz
1    213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
sw.wpush.org
2    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
counter.yadro.ru
1    172.67.220.34 (United States)

ASN13335 (CLOUDFLARENET, US)
ziskarhotsngz.xyz
1    54.215.244.207 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-215-244-207.us-west-1.compute.amazonaws.com
54.215.244.207
1    13.54.216.66 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-54-216-66.ap-southeast-2.compute.amazonaws.com
13.54.216.66
3    104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.250.64.106 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f10.1e100.net
fonts.googleapis.com
1    64.233.184.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f94.1e100.net
fonts.gstatic.com
Domain Requested by
4 disadco.gq 1 redirects disadco.gq
3 cdnjs.cloudflare.com 13.54.216.66
cdnjs.cloudflare.com
2 counter.yadro.ru 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com 13.54.216.66
1 ziskarhotsngz.xyz disadco.gq
1 sw.wpush.org disadco.gq
1 lib1.biz disadco.gq
0 js.wpushsdk.com Failed sw.wpush.org
15 9

This site contains no links.

Subject Issuer Validity Valid
*.disadco.gq
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh
10.lib2.biz
R3		 2021-09-10 -
2021-12-09		 3 months crt.sh
sw.wpush.org
R3		 2021-07-18 -
2021-10-16		 3 months crt.sh
counter.yadro.ru
GoGetSSL ECC DV CA		 2020-02-02 -
2022-05-02		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-01 -
2022-08-31		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://13.54.216.66/?rip=7ed5257b7776381763a521c50a4c9292&idou=2888&meta=3_file-a73202ed2&stlss=387470&d=3
Frame ID: 4144A56F9FC8125CAB30663DA793A6F2
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://disadco.gq/ HTTP 301
    https://disadco.gq/ Page URL
  2. https://ziskarhotsngz.xyz/?z=2888&f=3&n=file-a73202ed2 Page URL
  3. http://54.215.244.207/?http://13.54.216.66/?rip=7ed5257b7776381763a521c50a4c9292&idou=2888&meta=3_... Page URL
  4. http://13.54.216.66/?rip=7ed5257b7776381763a521c50a4c9292&idou=2888&meta=3_file-a73202ed2&stlss=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

80 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

11
IPs

5
Countries

208 kB
Transfer

407 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://disadco.gq/ HTTP 301
    https://disadco.gq/ Page URL
  2. https://ziskarhotsngz.xyz/?z=2888&f=3&n=file-a73202ed2 Page URL
  3. http://54.215.244.207/?http://13.54.216.66/?rip=7ed5257b7776381763a521c50a4c9292&idou=2888&meta=3_file-a73202ed2&stlss=387470&d=3 Page URL
  4. http://13.54.216.66/?rip=7ed5257b7776381763a521c50a4c9292&idou=2888&meta=3_file-a73202ed2&stlss=387470&d=3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://disadco.gq/ HTTP 301
  • https://disadco.gq/
Request Chain 6
  • https://counter.yadro.ru/hit;porno_kobec_freenom_real?t52.6;r;s1600*1200*24;uhttps%3A//disadco.gq/;hAccess%20page;0.6880550873763513 HTTP 302
  • https://counter.yadro.ru/hit;porno_kobec_freenom_real?q;t52.6;r;s1600*1200*24;uhttps%3A//disadco.gq/;hAccess%20page;0.6880550873763513
Request Chain 10
  • http://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/bootstrap.min.css HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/bootstrap.min.css
Request Chain 11
  • http://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP 307
  • https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
disadco.gq/
Redirect Chain
  • http://disadco.gq/
  • https://disadco.gq/
11 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disadco.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.87.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
a524eeb96380365110bf7ce08fcdf0133d08ab5b9f829ec6adbdeb8b7585e2a1

Request headers

:method
GET
:authority
disadco.gq
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 11 Sep 2021 16:48:08 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.8
set-cookie
ab_referer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vML5DUUW2WF0gqVBHrUNqeVS2yU4MRWMR4dCuVS6CR%2F1vV2Besbh8K0oqZLlE%2Fb0hBn8nVxU4wK0Uv2x7Rb66%2FPoTEu003bA9EH6jy%2F%2BVJxF5f5YeK%2BQrKsXHZTR"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68d261c6780a4126-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date
Sat, 11 Sep 2021 16:48:08 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sat, 11 Sep 2021 17:48:08 GMT
Location
https://disadco.gq/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4I3iSCUl0BSV%2Bi%2FWJNhHyk4wW90cr0tB44WIFrGv6aE61Ksyg4gs7nY9HNVwhxlEbk1WwLNc9Kzi%2BxTHfRdBSBNI2UI1zDNCnA752Yxj%2FeDOODPZ7LezmaU8kZv"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
68d261c61f26410d-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
g4zdmy3dgu5ha3ddf4zdkma
lib1.biz/code/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib1.biz/code/g4zdmy3dgu5ha3ddf4zdkma
Requested by
Host: disadco.gq
URL: https://disadco.gq/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.22.198.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
38ccc2af4906de3941222fcad50a707b94edcb9eec7d7cb0af2c263b5ffd8046
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 11 Sep 2021 16:48:08 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
arrow.png
disadco.gq/landing/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://disadco.gq/landing/arrow.png
Requested by
Host: disadco.gq
URL: https://disadco.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.87.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e33356964f2769244bb45448d9b0680582b69f344b4f09fa85231efaf05adc2

Request headers

:path
/landing/arrow.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
disadco.gq
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:48:08 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7572
last-modified
Sun, 18 Apr 2021 14:02:52 GMT
server
cloudflare
etag
"607c3c0c-1d94"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1u%2B5UxTnJ2rFH4CbjxWj56hJuKuVMBNIqOfcPCUvqp%2BPTBMyoXPDAWxhjKp5Qplc0gPXy36763dl5a5XKOmqD208oXRxNyxB6thY4LsYHI8BeRs6NFJL7HWVc0y"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
68d261c729724126-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
robot-men.png
disadco.gq/landing/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://disadco.gq/landing/robot-men.png
Requested by
Host: disadco.gq
URL: https://disadco.gq/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.87.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/landing/robot-men.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
disadco.gq
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:48:09 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35511
last-modified
Sun, 18 Apr 2021 14:02:52 GMT
server
cloudflare
etag
"607c3c0c-8ab7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPorBMX2WL8chrUkMoN4xG7n5ppr2kTevi7AK8%2F9UZHTjlGDoCBQ2QgVtGcYfAH7r2uAnHD0t%2BHDUinAzXBDTGfoSbPqrp4Jv89l4Gt2BS%2BErkMjfsWouYzPBAow"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
68d261c7bf574113-PRG
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
sw.wpush.org/script/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sw.wpush.org/script/main.js?promo=24303&tcid=2833&src=1860236680
Requested by
Host: disadco.gq
URL: https://disadco.gq/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:48:09 GMT
content-encoding
gzip
last-modified
Wed, 18 Aug 2021 13:25:45 GMT
server
nginx/1.18.0
etag
W/"611d0a59-12a35"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 11 Sep 2021 17:48:09 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
hit;porno_kobec_freenom_real
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;porno_kobec_freenom_real?t52.6;r;s1600*1200*24;uhttps%3A//disadco.gq/;hAccess%20page;0.6880550873763513
  • https://counter.yadro.ru/hit;porno_kobec_freenom_real?q;t52.6;r;s1600*1200*24;uhttps%3A//disadco.gq/;hAccess%20page;0.6880550873763513
408 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;porno_kobec_freenom_real?q;t52.6;r;s1600*1200*24;uhttps%3A//disadco.gq/;hAccess%20page;0.6880550873763513
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 11 Sep 2021 16:48:15 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
408
Expires
Thu, 10 Sep 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 11 Sep 2021 16:48:15 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;porno_kobec_freenom_real?q;t52.6;r;s1600*1200*24;uhttps%3A//disadco.gq/;hAccess%20page;0.6880550873763513
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Thu, 10 Sep 2020 21:00:00 GMT
/
ziskarhotsngz.xyz/ 		354 B
787 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ziskarhotsngz.xyz/?z=2888&f=3&n=file-a73202ed2
Requested by
Host: disadco.gq
URL: https://disadco.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
ziskarhotsngz.xyz
:scheme
https
:path
/?z=2888&f=3&n=file-a73202ed2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 11 Sep 2021 16:48:09 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=klQCUa9AYx0pS6toa8Fl28TouGAcD6Hgjb0sVyiLmorIxXG5ba7LWZpXeEFNrj1tbg8MLoeWuHOB%2B8bMGyayBVycUB12RoiPvCdsFO7AfMLxmwTKF2lqYsrzPi1nTyYlnWwAWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68d261c839522784-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
npush.js
js.wpushsdk.com/npc/sdk/wpu/ 		0
0
/
54.215.244.207/ 		669 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
http://54.215.244.207/?http://13.54.216.66/?rip=7ed5257b7776381763a521c50a4c9292&idou=2888&meta=3_file-a73202ed2&stlss=387470&d=3
Requested by
Host: ziskarhotsngz.xyz
URL: https://ziskarhotsngz.xyz/?z=2888&f=3&n=file-a73202ed2
Protocol
HTTP/1.1
Server
54.215.244.207 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-215-244-207.us-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Host
54.215.244.207
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Sat, 11 Sep 2021 16:48:09 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
Primary Request /
13.54.216.66/ 		1 KB
991 B 		Document
General
Check archive.org
Download Go to
Full URL
http://13.54.216.66/?rip=7ed5257b7776381763a521c50a4c9292&idou=2888&meta=3_file-a73202ed2&stlss=387470&d=3
Requested by
Host: 54.215.244.207
URL: http://54.215.244.207/?http://13.54.216.66/?rip=7ed5257b7776381763a521c50a4c9292&idou=2888&meta=3_file-a73202ed2&stlss=387470&d=3
Protocol
HTTP/1.1
Server
13.54.216.66 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-54-216-66.ap-southeast-2.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
49f043920844f36246fc9b7d2850f79cadb0f72365c50084165bd2c47fa7e8eb

Request headers

Host
13.54.216.66
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sat, 11 Sep 2021 16:48:10 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
739
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/bootstrap.min.css
  • https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/bootstrap.min.css
137 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/bootstrap.min.css
Requested by
Host: 13.54.216.66
URL: http://13.54.216.66/?rip=7ed5257b7776381763a521c50a4c9292&idou=2888&meta=3_file-a73202ed2&stlss=387470&d=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
254699
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15749
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-22485"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2EywkJZo%2BNFC7A8xI6pi4qwMabIAFfM4ARnTPXb1cInUW%2FsFmiFQ8MfpUk3r%2FMxAjRlbImtjAZBH%2Flw2i9J6l2A1KX9RdgyZn0ce5Wjp8bu9XieuDg%2F%2FsC6ZITv2zzGrPnxtxtTP"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68d261d02a272794-PRG
expires
Thu, 01 Sep 2022 16:48:10 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.0/css/bootstrap.min.css
Non-Authoritative-Reason
HSTS
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
Redirect Chain
  • http://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
  • https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: 13.54.216.66
URL: http://13.54.216.66/?rip=7ed5257b7776381763a521c50a4c9292&idou=2888&meta=3_file-a73202ed2&stlss=387470&d=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:48:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
70637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XvroRTFRIvu2aWo47IcaWoEeX92U5tcPTYEQS5cBZHr0753H97YMJVH%2BxypntmSvaC4tgCiv5RBnrjCR2qp4NEITd9IhXloGBTrR%2Bf%2ByVxVITks9Pe2QD1iE5eOv76qdTij6m8g"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68d261d02a282794-PRG
expires
Thu, 01 Sep 2022 16:48:10 GMT

Redirect headers

Location
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Non-Authoritative-Reason
HSTS
css2
fonts.googleapis.com/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400&display=swap
Requested by
Host: 13.54.216.66
URL: http://13.54.216.66/?rip=7ed5257b7776381763a521c50a4c9292&idou=2888&meta=3_file-a73202ed2&stlss=387470&d=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f10.1e100.net
Software
ESF /
Resource Hash
cf7eb3c10da480807ef3fc8032324c1c54ba467f74810218e6c3652895551714
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Sep 2021 16:35:37 GMT
server
ESF
date
Sat, 11 Sep 2021 16:48:10 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Sep 2021 16:48:10 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f94.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://13.54.216.66
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 08:39:14 GMT
x-content-type-options
nosniff
age
29336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 08:39:14 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
http://13.54.216.66
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:48:10 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
98588
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IxlvX%2B8BGJPyXVghfSUUQiZqiUk5RkndpHdhZuoTs%2FeMpYi4U6t%2BMUsHGGykjeqJ4jy1k5dpdW%2FfmkDOmmwRvamDz9j01D3DvWvMWm1XJRvA4Oy5uF7O05I3uuDADPn83yPjY%2Ft"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68d261d1de732774-PRG
expires
Thu, 01 Sep 2022 16:48:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js.wpushsdk.com
URL
https://js.wpushsdk.com/npc/sdk/wpu/npush.js

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

3 Cookies

Domain/Path Name / Value
.lib1.biz/ Name: uuid
Value: 99055012-411c-40ad-bf97-3e61a6f5c2cc
.yadro.ru/ Name: FTID
Value: 1XFDtF2BXUO91XFDtF002IyS
.yadro.ru/ Name: VID
Value: 1kuQY50OA-O91XFDtF002I-M