urlscan.io logo urlscan.io
SecurityTrails logo

urlquery.net Open in urlscan Pro
95.34.115.158  Public Scan

Go To Rescan Add Verdict Report
URL: http://urlquery.net/report.php?id=1485967112226
Submission: On February 01 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 29 HTTP transactions. The main IP is 95.34.115.158, located in Oslo, Norway and belongs to TELENOR-NEXTEL Telenor Norge AS, NO. The main domain is urlquery.net.
This is the only time urlquery.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 95.34.115.158 2119 (TELENOR-N...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:401... 15169 (GOOGLE)
29 4
Domain Requested by
19 urlquery.net urlquery.net
5 pagead2.googlesyndication.com urlquery.net
pagead2.googlesyndication.com
2 www.google-analytics.com urlquery.net
0 googleads.g.doubleclick.net Failed pagead2.googlesyndication.com
29 4

This site contains no links.

Subject Issuer Validity Valid
*.google-analytics.com
Google Internet Authority G2		 2017-01-25 -
2017-04-19		 3 months crt.sh
*.googleusercontent.com
Google Internet Authority G2		 2017-01-25 -
2017-04-19		 3 months crt.sh

This page contains 6 frames:

Primary Page: http://urlquery.net/report.php?id=1485967112226
Frame ID: 31750.1
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20170125/r20170110/zrt_lookup.html
Frame ID: 31750.3
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170125/r20170110/show_ads_impl.js
Frame ID: 31750.2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1735799678798963&format=728x90&output=html&h=90&slotname=9633479935&adk=3595968170&adf=2927148258&w=728&lmt=1485970617&loeid=453848105&flash=24.0.0&url=http%3A%2F%2Furlquery.net%2Freport.php%3Fid%3D1485967112226&wgl=1&dt=1485970617136&bpp=9&bdt=383&fdt=11&idt=110&shv=r20170125&cbv=r20170110&saldr=aa&correlator=4742032531892&frm=20&ga_vid=1527398354.1485970617&ga_sid=1485970617&ga_hid=2126574967&ga_fc=1&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&dff=segoe%20ui&dfs=12&adx=428&ady=366&biw=1583&bih=1083&eid=575144605%2C41100127&oid=3&rx=0&eae=0&fc=16&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1083&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&xpc=zB6kYTlsFa&p=http%3A//urlquery.net&dtd=128
Frame ID: 31750.5
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170125/r20170110/show_ads_impl.js
Frame ID: 31750.4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1735799678798963&format=728x90&output=html&h=90&slotname=9633479935&adk=3595968170&adf=2998193008&w=728&lmt=1485970617&loeid=453848105&flash=24.0.0&url=http%3A%2F%2Furlquery.net%2Freport.php%3Fid%3D1485967112226&wgl=1&dt=1485970617148&bpp=6&bdt=395&fdt=124&idt=140&shv=r20170125&cbv=r20170110&saldr=aa&prev_fmts=728x90&correlator=4742032531892&frm=20&ga_vid=1527398354.1485970617&ga_sid=1485970617&ga_hid=2126574967&ga_fc=1&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&dff=segoe%20ui&dfs=12&adx=428&ady=1363&biw=1583&bih=1083&eid=575144605%2C41100127&oid=3&rx=0&eae=0&fc=16&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1083&vis=1&rsz=%7C%7CeEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&xpc=5IFU76jYSI&p=http%3A//urlquery.net&dtd=156
Frame ID: 31750.6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

29
Requests

14 %
HTTPS

67 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

378 kB
Transfer

1273 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 18
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
Request 22
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=592521172&utmhn=urlquery.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1583x1083&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=24.0%20r0&utmdt=u...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=592521172&utmhn=urlquery.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1583x1083&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=24.0%20r0&utmdt=...

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set report.php
urlquery.net/ 		79 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
7188314ca158da18a975056b44ccbd42f977ee3124f6eac9d873d28f7874f5f0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
urlquery.net
Accept-Language
en-US,en;q=0.8
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
UQAPI-Forwarded-For
0
Content-Length
12202
Date
Wed, 01 Feb 2017 17:36:56 GMT
Server
nginx/1.10.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Set-Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6; path=/
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Content-Encoding
gzip
main.css
urlquery.net/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://urlquery.net/main.css
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
6cba6f198aa30577b20c00297c53ae77c05f2e013c347f32578775f4d727533b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Referer
http://urlquery.net/report.php?id=1485967112226
Connection
keep-alive
Cache-Control
no-cache
Host
urlquery.net
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
Accept
text/css,*/*;q=0.1
Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Pragma
no-cache
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Vary
Accept-Encoding
Content-Type
text/css
Content-Length
2062
Content-Encoding
gzip
Last-Modified
Sun, 21 Aug 2016 23:20:38 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"1e87-53a9d2defff3c-gzip"
Date
Wed, 01 Feb 2017 17:36:56 GMT
Connection
keep-alive
Accept-Ranges
bytes
jquery.fancybox-1.3.4.css
urlquery.net/fancybox/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://urlquery.net/fancybox/jquery.fancybox-1.3.4.css
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
b16dc95bb0dee2be9a35dd088b2624c26b574a51611cf64aa9f04e9464e054a9

Request headers

Referer
http://urlquery.net/report.php?id=1485967112226
Pragma
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Accept
text/css,*/*;q=0.1
Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Connection
keep-alive
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
urlquery.net
Accept-Language
en-US,en;q=0.8
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Content-Type
text/css
Connection
keep-alive
Date
Wed, 01 Feb 2017 17:36:56 GMT
Last-Modified
Sun, 21 Aug 2016 23:20:38 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"2294-53a9d2defa17c-gzip"
Vary
Accept-Encoding
Content-Encoding
gzip
Accept-Ranges
bytes
Content-Length
1814
jquery-1.8.3.js
urlquery.net/javascript/ 		261 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://urlquery.net/javascript/jquery-1.8.3.js
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
b79048269194de2a460e6b267695f420be996434fad12f90e3712a1c5b3b2544

Request headers

Pragma
no-cache
Referer
http://urlquery.net/report.php?id=1485967112226
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Accept
*/*
Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
urlquery.net
Accept-Language
en-US,en;q=0.8
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Server
nginx/1.10.0 (Ubuntu)
Content-Type
application/javascript
Connection
keep-alive
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sun, 21 Aug 2016 23:20:38 GMT
ETag
"415db-53a9d2defa17c-gzip"
Transfer-Encoding
chunked
Accept-Ranges
bytes
Date
Wed, 01 Feb 2017 17:36:56 GMT
jquery-ui-1.9.2.custom.min.js
urlquery.net/javascript/ 		232 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://urlquery.net/javascript/jquery-ui-1.9.2.custom.min.js
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
119686e648e0c8aa55a8879f2f65fa94b42ea22cf7aad7e72ba9113c8b246963

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
urlquery.net
Connection
keep-alive
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Accept
*/*
Referer
http://urlquery.net/report.php?id=1485967112226
Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Cache-Control
no-cache
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Date
Wed, 01 Feb 2017 17:36:56 GMT
Content-Encoding
gzip
Last-Modified
Sun, 21 Aug 2016 23:20:38 GMT
Server
nginx/1.10.0 (Ubuntu)
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
ETag
"3a0ea-53a9d2defa17c-gzip"
Transfer-Encoding
chunked
Content-Type
application/javascript
jquery.fancybox-1.3.4.pack.js
urlquery.net/fancybox/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://urlquery.net/fancybox/jquery.fancybox-1.3.4.pack.js
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
d84bac3710c2842dc8d5d5ae6e324007443cbd8ae26b909dd89bc2bdc31c8561

Request headers

Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Connection
keep-alive
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
Referer
http://urlquery.net/report.php?id=1485967112226
Accept
*/*
Cache-Control
no-cache
Pragma
no-cache
Host
urlquery.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Referer
http://urlquery.net/report.php?id=1485967112226

Response headers

Accept-Ranges
bytes
Content-Length
5574
Content-Encoding
gzip
Server
nginx/1.10.0 (Ubuntu)
ETag
"3d08-53a9d2defa17c-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Date
Wed, 01 Feb 2017 17:36:56 GMT
Last-Modified
Sun, 21 Aug 2016 23:20:38 GMT
Connection
keep-alive
js_pp.js
urlquery.net/javascript/ 		40 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://urlquery.net/javascript/js_pp.js
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
973693e9151bb3f67507a768fae9fcf4a33b275bc84eab9289dfdfe8637f8dda

Request headers

Accept-Encoding
gzip, deflate, sdch
Host
urlquery.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Connection
keep-alive
Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Cache-Control
no-cache
Pragma
no-cache
Accept-Language
en-US,en;q=0.8
Accept
*/*
Referer
http://urlquery.net/report.php?id=1485967112226
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Content-Encoding
gzip
Last-Modified
Sun, 21 Aug 2016 23:20:38 GMT
ETag
"9f9d-53a9d2defa17c-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Content-Length
7644
Date
Wed, 01 Feb 2017 17:36:56 GMT
Connection
keep-alive
Accept-Ranges
bytes
Server
nginx/1.10.0 (Ubuntu)
html_pp.js
urlquery.net/javascript/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://urlquery.net/javascript/html_pp.js
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
2833dcf2ab41b99889b16320aa247cda8cf58c645c9c92e37f54df075b080e25

Request headers

Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
urlquery.net
Referer
http://urlquery.net/report.php?id=1485967112226
Connection
keep-alive
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Accept
*/*
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Vary
Accept-Encoding
Content-Length
3855
Server
nginx/1.10.0 (Ubuntu)
ETag
"3db4-53a9d2defa17c-gzip"
Last-Modified
Sun, 21 Aug 2016 23:20:38 GMT
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Date
Wed, 01 Feb 2017 17:36:56 GMT
Content-Encoding
gzip
prettify.css
urlquery.net/prettify/ 		620 B
293 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://urlquery.net/prettify/prettify.css
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
54c00a13e273d0fdbd0d9f40d311e92dd9af3d8393017a97f7ae338b76a9fe67

Request headers

Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Connection
keep-alive
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
urlquery.net
Referer
http://urlquery.net/report.php?id=1485967112226
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Server
nginx/1.10.0 (Ubuntu)
ETag
"26c-53a9d2defa17c-gzip"
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
293
Date
Wed, 01 Feb 2017 17:36:56 GMT
Content-Encoding
gzip
Last-Modified
Sun, 21 Aug 2016 23:20:38 GMT
Vary
Accept-Encoding
Connection
keep-alive
prettify.js
urlquery.net/prettify/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://urlquery.net/prettify/prettify.js
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
f2bd7d7b7131f303fea97ff7adb106c09807998f76f2d7ef05c9e84e298de3d1

Request headers

Accept-Encoding
gzip, deflate, sdch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Accept
*/*
Referer
http://urlquery.net/report.php?id=1485967112226
Pragma
no-cache
Host
urlquery.net
Accept-Language
en-US,en;q=0.8
Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Connection
keep-alive
Cache-Control
no-cache
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Content-Encoding
gzip
Last-Modified
Sun, 21 Aug 2016 23:20:38 GMT
Server
nginx/1.10.0 (Ubuntu)
Vary
Accept-Encoding
Connection
keep-alive
Date
Wed, 01 Feb 2017 17:36:56 GMT
ETag
"4940-53a9d2defa17c-gzip"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
6875
vs.css
urlquery.net/styles/ 		1 KB
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://urlquery.net/styles/vs.css
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
63621e01ea1849f135a82f79bbbbc584ca755c361fe4dea0951936bf69512ab2

Request headers

Accept
text/css,*/*;q=0.1
Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Connection
keep-alive
Accept-Encoding
gzip, deflate, sdch
Host
urlquery.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Referer
http://urlquery.net/report.php?id=1485967112226
Cache-Control
no-cache
Pragma
no-cache
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Content-Encoding
gzip
Server
nginx/1.10.0 (Ubuntu)
Vary
Accept-Encoding
Content-Type
text/css
Date
Wed, 01 Feb 2017 17:36:56 GMT
Last-Modified
Sun, 21 Aug 2016 23:20:38 GMT
ETag
"573-53a9d2deacf1a-gzip"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
608
highlight.pack.js
urlquery.net/javascript/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://urlquery.net/javascript/highlight.pack.js
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
daee8f9f6ae91b1e6c887ee40c461fe7101a8ea3f3b30f5b1f2950f4c4efc621

Request headers

Pragma
no-cache
Accept-Language
en-US,en;q=0.8
Accept
*/*
Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
urlquery.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Referer
http://urlquery.net/report.php?id=1485967112226
Connection
keep-alive
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Accept-Ranges
bytes
ETag
"24b1-53a9d2defa17c-gzip"
Content-Type
application/javascript
Last-Modified
Sun, 21 Aug 2016 23:20:38 GMT
Server
nginx/1.10.0 (Ubuntu)
Vary
Accept-Encoding
Connection
keep-alive
Content-Length
3711
Date
Wed, 01 Feb 2017 17:36:56 GMT
Content-Encoding
gzip
screenshot.php
urlquery.net/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://urlquery.net/screenshot.php?id=1485967112226
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
f733e1d2336d40dea7ea87ad93f33030ac95917e5681eaa885a1758c9fa00cd7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Referer
http://urlquery.net/report.php?id=1485967112226
Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Cache-Control
no-cache
Host
urlquery.net
Accept
image/webp,image/*,*/*;q=0.8
Connection
keep-alive
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
UQAPI-Forwarded-For
0
Content-Length
29032
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Date
Wed, 01 Feb 2017 17:36:57 GMT
Server
nginx/1.10.0 (Ubuntu)
us.png
urlquery.net/images/flags/ 		609 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://urlquery.net/images/flags/us.png
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585

Request headers

Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
Accept
image/webp,image/*,*/*;q=0.8
Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Pragma
no-cache
Host
urlquery.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Referer
http://urlquery.net/report.php?id=1485967112226
Connection
keep-alive
Cache-Control
no-cache
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Date
Wed, 01 Feb 2017 17:36:57 GMT
Last-Modified
Sun, 21 Aug 2016 23:20:38 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"261-53a9d2defff3c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
609
load.gif
urlquery.net/images/ 		673 B
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://urlquery.net/images/load.gif
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
43a526a07a078d736e5c9d67d8479dd54072b7e5c6ddd2cd466f86a086e49ef5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Connection
keep-alive
Host
urlquery.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://urlquery.net/report.php?id=1485967112226
Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Cache-Control
no-cache
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Last-Modified
Sun, 21 Aug 2016 23:20:38 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"2a1-53a9d2df00edc"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
673
Date
Wed, 01 Feb 2017 17:36:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
2a00:1450:400e:805::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
2e639a7450807c6dfaea25f1e68033a4111c6aac164f8221f1f75b76e3b1bfdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Connection
keep-alive
Cache-Control
no-cache
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Accept
*/*
Host
pagead2.googlesyndication.com
Accept-Language
en-US,en;q=0.8
Referer
http://urlquery.net/report.php?id=1485967112226
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Date
Wed, 01 Feb 2017 16:52:25 GMT
Content-Length
19133
Content-Type
text/javascript; charset=UTF-8
Content-Encoding
gzip
Server
cafe
Age
2672
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Expires
Wed, 01 Feb 2017 17:52:25 GMT
X-Content-Type-Options
nosniff
ETag
14828663910103451749
Cache-Control
public, max-age=3600
X-XSS-Protection
1; mode=block
domain_graph.php
urlquery.net/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://urlquery.net/domain_graph.php?id=1485967112226
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
3d4a085661f469e8535b4f4d88a2805bb116505686cecdbe056e982b593fda72

Request headers

Pragma
no-cache
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Referer
http://urlquery.net/report.php?id=1485967112226
Accept-Encoding
gzip, deflate, sdch
Host
urlquery.net
Accept
image/webp,image/*,*/*;q=0.8
Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Connection
keep-alive
Cache-Control
no-cache
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Date
Wed, 01 Feb 2017 17:36:57 GMT
Server
nginx/1.10.0 (Ubuntu)
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
UQAPI-Forwarded-For
0
Content-Length
38592
cz.png
urlquery.net/images/flags/ 		476 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://urlquery.net/images/flags/cz.png
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
0f39366d88fabe6f6f5c7a3cb6a11165de6bc6bc2108802c49df5f9840bc6541

Request headers

Pragma
no-cache
Host
urlquery.net
Accept
image/webp,image/*,*/*;q=0.8
Connection
keep-alive
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Referer
http://urlquery.net/report.php?id=1485967112226
Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Connection
keep-alive
Accept-Ranges
bytes
Content-Length
476
Date
Wed, 01 Feb 2017 17:36:57 GMT
Last-Modified
Sun, 21 Aug 2016 23:20:38 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"1dc-53a9d2defff3c"
Content-Type
image/png
gb.png
urlquery.net/images/flags/ 		599 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://urlquery.net/images/flags/gb.png
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc

Request headers

Pragma
no-cache
Host
urlquery.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
http://urlquery.net/report.php?id=1485967112226
Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6
Accept-Encoding
gzip, deflate, sdch
Connection
keep-alive
Cache-Control
no-cache
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Date
Wed, 01 Feb 2017 17:36:57 GMT
Last-Modified
Sun, 21 Aug 2016 23:20:38 GMT
Server
nginx/1.10.0 (Ubuntu)
ETag
"257-53a9d2df00edc"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
599
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4016:803::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
:scheme
https
referer
http://urlquery.net/report.php?id=1485967112226
:method
GET
:path
/ga.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

cache-control
public, max-age=7200
last-modified
Wed, 28 Sep 2016 20:19:01 GMT
server
Golfe2
date
Wed, 01 Feb 2017 16:44:39 GMT
content-type
text/javascript
content-length
16022
content-encoding
gzip
age
3138
alt-svc
quic=":443"; ma=2592000; v="35,34"
vary
Accept-Encoding
status
200
timing-allow-origin
*
expires
Wed, 01 Feb 2017 18:44:39 GMT
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
ca-pub-1735799678798963.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		169 B
148 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-1735799678798963.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400e:805::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
c8cf19c0ea02786bc86bed212ebd8b30d00799123938b3f15d6d41974ac7968a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
pagead2.googlesyndication.com
referer
http://urlquery.net/report.php?id=1485967112226
:path
/pub-config/r20160913/ca-pub-1735799678798963.js
pragma
no-cache
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

content-encoding
gzip
last-modified
Tue, 31 Jan 2017 20:26:22 GMT
content-type
text/javascript
status
200
age
42936
vary
Accept-Encoding
content-length
139
date
Wed, 01 Feb 2017 05:41:21 GMT
x-content-type-options
nosniff
server
sffe
cache-control
public, max-age=43200
alt-svc
quic=":443"; ma=2592000; v="35,34"
x-xss-protection
1; mode=block
expires
Wed, 01 Feb 2017 17:41:21 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20170125/r20170110/ Frame 3175 		0
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20170125/r20170110/ Frame 3175 		173 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20170125/r20170110/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:400e:805::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
3999a9504f9bf246d23d254a435df024161d3704573cd6d242bd982a26d1a7d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://urlquery.net/report.php?id=1485967112226
Pragma
no-cache
Accept-Language
en-US,en;q=0.8
Accept
*/*
Connection
keep-alive
Cache-Control
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
pagead2.googlesyndication.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

Server
cafe
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Length
65964
Expires
Wed, 01 Feb 2017 17:36:57 GMT
Content-Type
text/javascript; charset=UTF-8
Timing-Allow-Origin
*
Date
Wed, 01 Feb 2017 17:36:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
ETag
16608453050212846945
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
X-XSS-Protection
1; mode=block
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=592521172&utmhn=urlquery.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1583x1083&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=24.0%20r0&utmdt=u...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=592521172&utmhn=urlquery.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1583x1083&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=24.0%20r0&utmdt=...
 		35 B
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=592521172&utmhn=urlquery.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1583x1083&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=24.0%20r0&utmdt=urlquery.net%20-%20Free%20url%20scanner&utmhid=2126574967&utmr=-&utmp=%2Freport.php%3Fid%3D1485967112226&utmht=1485970617174&utmac=UA-21985291-1&utmcc=__utma%3D230621272.1527398354.1485970617.1485970617.1485970617.1%3B%2B__utmz%3D230621272.1485970617.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1892056182&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: urlquery.net
URL: http://urlquery.net/report.php?id=1485967112226
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4016:803::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:method
GET
accept-encoding
gzip, deflate, sdch, br
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google-analytics.com
referer
http://urlquery.net/report.php?id=1485967112226
:path
/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=592521172&utmhn=urlquery.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1583x1083&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=24.0%20r0&utmdt=urlquery.net%20-%20Free%20url%20scanner&utmhid=2126574967&utmr=-&utmp=%2Freport.php%3Fid%3D1485967112226&utmht=1485970617174&utmac=UA-21985291-1&utmcc=__utma%3D230621272.1527398354.1485970617.1485970617.1485970617.1%3B%2B__utmz%3D230621272.1485970617.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1892056182&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
pragma
no-cache
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
:scheme
https
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

x-content-type-options
nosniff
server
Golfe2
date
Wed, 01 Feb 2017 17:36:57 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="35,34"
content-length
35
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.6.7&utms=1&utmn=592521172&utmhn=urlquery.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1583x1083&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=24.0%20r0&utmdt=urlquery.net%20-%20Free%20url%20scanner&utmhid=2126574967&utmr=-&utmp=%2Freport.php%3Fid%3D1485967112226&utmht=1485970617174&utmac=UA-21985291-1&utmcc=__utma%3D230621272.1527398354.1485970617.1485970617.1485970617.1%3B%2B__utmz%3D230621272.1485970617.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1892056182&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
ads
googleads.g.doubleclick.net/pagead/ Frame 3175 		0
0
osd.js
pagead2.googlesyndication.com/pagead/ Frame 3175 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20170125/r20170110/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400e:805::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
e34bea3486743c20b35b62603c4d99e833b33023005e052813ae7fc0cf19b411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:path
/pagead/osd.js
accept-language
en-US,en;q=0.8
cache-control
no-cache
referer
http://urlquery.net/report.php?id=1485967112226
:authority
pagead2.googlesyndication.com
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
accept
*/*
Referer
http://urlquery.net/report.php?id=1485967112226
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36

Response headers

alt-svc
quic=":443"; ma=2592000; v="35,34"
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 01 Feb 2017 18:20:31 GMT
content-encoding
gzip
content-disposition
attachment; filename="f.txt"
status
200
x-content-type-options
nosniff
age
986
etag
18324158634638280381
content-type
text/javascript; charset=UTF-8
x-xss-protection
1; mode=block
server
cafe
content-length
28877
date
Wed, 01 Feb 2017 17:20:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20170125/r20170110/ Frame 3175 		173 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20170125/r20170110/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:400e:805::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
3999a9504f9bf246d23d254a435df024161d3704573cd6d242bd982a26d1a7d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Connection
keep-alive
Pragma
no-cache
Host
pagead2.googlesyndication.com
Accept-Language
en-US,en;q=0.8
Accept
*/*
Referer
http://urlquery.net/report.php?id=1485967112226
Accept-Encoding
gzip, deflate, sdch
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Cache-Control
no-cache

Response headers

Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Type
text/javascript; charset=UTF-8
Content-Length
65964
X-XSS-Protection
1; mode=block
Expires
Wed, 01 Feb 2017 17:36:57 GMT
Timing-Allow-Origin
*
Date
Wed, 01 Feb 2017 17:36:57 GMT
ETag
16608453050212846945
ads
googleads.g.doubleclick.net/pagead/ Frame 3175 		0
0
favicon.ico
urlquery.net/ 		288 B
251 B 		Other
General
Check archive.org
Download Go to
Full URL
http://urlquery.net/favicon.ico
Protocol
HTTP/1.1
Server
95.34.115.158 Oslo, Norway, ASN2119 (TELENOR-NEXTEL Telenor Norge AS, NO),
Reverse DNS
158.115.34.95.customer.cdi.no
Software
nginx/1.10.0 (Ubuntu) /
Resource Hash
fa65acb50641c1cebb87d8d4fb17df3df7d97d9ecbe94b2f849fc302826303f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Connection
keep-alive
Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch
Host
urlquery.net
Accept-Language
en-US,en;q=0.8
Referer
http://urlquery.net/report.php?id=1485967112226
Cookie
PHPSESSID=p7v5sdeokbas5betb5vm02jkh6; __utmt=1; __utma=230621272.1527398354.1485970617.1485970617.1485970617.1; __utmb=230621272.1.10.1485970617; __utmc=230621272; __utmz=230621272.1485970617.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36
Referer
http://urlquery.net/report.php?id=1485967112226

Response headers

Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
Date
Wed, 01 Feb 2017 17:36:57 GMT
Content-Encoding
gzip
Server
nginx/1.10.0 (Ubuntu)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/html/r20170125/r20170110/zrt_lookup.html
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1735799678798963&format=728x90&output=html&h=90&slotname=9633479935&adk=3595968170&adf=2927148258&w=728&lmt=1485970617&loeid=453848105&flash=24.0.0&url=http%3A%2F%2Furlquery.net%2Freport.php%3Fid%3D1485967112226&wgl=1&dt=1485970617136&bpp=9&bdt=383&fdt=11&idt=110&shv=r20170125&cbv=r20170110&saldr=aa&correlator=4742032531892&frm=20&ga_vid=1527398354.1485970617&ga_sid=1485970617&ga_hid=2126574967&ga_fc=1&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&dff=segoe%20ui&dfs=12&adx=428&ady=366&biw=1583&bih=1083&eid=575144605%2C41100127&oid=3&rx=0&eae=0&fc=16&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1083&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&xpc=zB6kYTlsFa&p=http%3A//urlquery.net&dtd=128
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1735799678798963&format=728x90&output=html&h=90&slotname=9633479935&adk=3595968170&adf=2998193008&w=728&lmt=1485970617&loeid=453848105&flash=24.0.0&url=http%3A%2F%2Furlquery.net%2Freport.php%3Fid%3D1485967112226&wgl=1&dt=1485970617148&bpp=6&bdt=395&fdt=124&idt=140&shv=r20170125&cbv=r20170110&saldr=aa&prev_fmts=728x90&correlator=4742032531892&frm=20&ga_vid=1527398354.1485970617&ga_sid=1485970617&ga_hid=2126574967&ga_fc=1&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=5&u_nmime=7&dff=segoe%20ui&dfs=12&adx=428&ady=1363&biw=1583&bih=1083&eid=575144605%2C41100127&oid=3&rx=0&eae=0&fc=16&brdim=1%2C1%2C1%2C1%2C1600%2C0%2C1598%2C1198%2C1598%2C1083&vis=1&rsz=%7C%7CeEr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&xpc=5IFU76jYSI&p=http%3A//urlquery.net&dtd=156

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Domain/Path Name / Value
.urlquery.net/ Name: __utmt
Value: 1
.urlquery.net/ Name: __utmb
Value: 230621272.1.10.1485970617
.urlquery.net/ Name: __utmc
Value: 230621272
.urlquery.net/ Name: __utma
Value: 230621272.1527398354.1485970617.1485970617.1485970617.1
urlquery.net/ Name: PHPSESSID
Value: p7v5sdeokbas5betb5vm02jkh6
.urlquery.net/ Name: __utmz
Value: 230621272.1485970617.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
pagead2.googlesyndication.com
urlquery.net
www.google-analytics.com
googleads.g.doubleclick.net
2a00:1450:400e:805::2002
2a00:1450:4016:803::200e
95.34.115.158
0f39366d88fabe6f6f5c7a3cb6a11165de6bc6bc2108802c49df5f9840bc6541
119686e648e0c8aa55a8879f2f65fa94b42ea22cf7aad7e72ba9113c8b246963
2833dcf2ab41b99889b16320aa247cda8cf58c645c9c92e37f54df075b080e25
2e639a7450807c6dfaea25f1e68033a4111c6aac164f8221f1f75b76e3b1bfdd
36cce5cae3d2e0045b2b2b6cbffdad7a0aba3e99919cc219bbf0578efdc45585
3999a9504f9bf246d23d254a435df024161d3704573cd6d242bd982a26d1a7d5
3d4a085661f469e8535b4f4d88a2805bb116505686cecdbe056e982b593fda72
43a526a07a078d736e5c9d67d8479dd54072b7e5c6ddd2cd466f86a086e49ef5
4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5
54c00a13e273d0fdbd0d9f40d311e92dd9af3d8393017a97f7ae338b76a9fe67
5d72c5a8bef80fca6f99f476e15ec95ce2d5e5f65c6dab9ee8e56348be0d39fc
63621e01ea1849f135a82f79bbbbc584ca755c361fe4dea0951936bf69512ab2
6cba6f198aa30577b20c00297c53ae77c05f2e013c347f32578775f4d727533b
7188314ca158da18a975056b44ccbd42f977ee3124f6eac9d873d28f7874f5f0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
973693e9151bb3f67507a768fae9fcf4a33b275bc84eab9289dfdfe8637f8dda
b16dc95bb0dee2be9a35dd088b2624c26b574a51611cf64aa9f04e9464e054a9
b79048269194de2a460e6b267695f420be996434fad12f90e3712a1c5b3b2544
c8cf19c0ea02786bc86bed212ebd8b30d00799123938b3f15d6d41974ac7968a
d84bac3710c2842dc8d5d5ae6e324007443cbd8ae26b909dd89bc2bdc31c8561
daee8f9f6ae91b1e6c887ee40c461fe7101a8ea3f3b30f5b1f2950f4c4efc621
e34bea3486743c20b35b62603c4d99e833b33023005e052813ae7fc0cf19b411
f2bd7d7b7131f303fea97ff7adb106c09807998f76f2d7ef05c9e84e298de3d1
f733e1d2336d40dea7ea87ad93f33030ac95917e5681eaa885a1758c9fa00cd7
fa65acb50641c1cebb87d8d4fb17df3df7d97d9ecbe94b2f849fc302826303f2