www.servicescorp.shop Open in urlscan Pro
2606:4700:3037::6815:3346 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.servicescorp.shop/
Submission: On December 26 via automatic, source certstream-suspicious (December 26th 2023, 11:35:13 pm UTC) — Scanned from DE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3037::6815:3346, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.servicescorp.shop.
TLS certificate: Issued by GTS CA 1P5 on December 19th 2023. Valid for: 3 months.

This is the only time www.servicescorp.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3037::6815:3346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3033::6815:2109	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6814:4f63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	149.56.240.127 149.56.240.127	16276 (OVH) (OVH)
3	139.45.197.238 139.45.197.238	9002 (RETN-AS) (RETN-AS)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
27	8

10 2606:4700:3037::6815:3346 (United States)

ASN13335 (CLOUDFLARENET, US)

www.servicescorp.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:2109 (United States)

ASN13335 (CLOUDFLARENET, US)

www.counter12.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

meuip.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:4f63 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 149.56.240.127 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534295.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.197.238 (United Kingdom)

ASN9002 (RETN-AS, GB)

ashoupsu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	servicescorp.shop www.servicescorp.shop	195 KB
7	histats.com s10.histats.com — Cisco Umbrella Rank: 15174 s4.histats.com — Cisco Umbrella Rank: 14862	10 KB
3	ashoupsu.com ashoupsu.com — Cisco Umbrella Rank: 672242	31 KB
2	meuip.page meuip.page	20 KB
2	counter12.com www.counter12.com	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	82 KB
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 12331	541 B
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 5695	283 B
27	8

	Domain	Requested by
10	www.servicescorp.shop	www.servicescorp.shop
5	s4.histats.com	s10.histats.com
3	ashoupsu.com	meuip.page ashoupsu.com
2	s10.histats.com	www.counter12.com meuip.page
2	meuip.page	www.counter12.com meuip.page
2	www.counter12.com	www.servicescorp.shop
2	cdnjs.cloudflare.com	www.servicescorp.shop cdnjs.cloudflare.com
1	my.rtmark.net	ashoupsu.com
1	bit.ly	1 redirects
27	9

This site contains no links.

Subject Issuer	Validity	Valid
servicescorp.shop GTS CA 1P5	`2023-12-19` - `2024-03-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
counter12.com GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
meuip.page E1	`2023-11-08` - `2024-02-06`	3 months	crt.sh
histats.com R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
ashoupsu.com R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
rtmark.net R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.servicescorp.shop/
Frame ID: C2AEDC0EBCBB23A297D2378E6721DF1E
Requests: 19 HTTP requests in this frame

Frame: https://meuip.page/ads5.php
Frame ID: A639C26FD104FEAEF7990CDBCF4190AB
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Msufcu & Accounting| Michigan State University Federal Credit Union | MSUFCU

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

341 kB
Transfer

698 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://bit.ly/3zzKlOA HTTP 301
https://meuip.page/ads5.php

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.servicescorp.shop/ 8 KB
3 KB 206ms
133ms Document
text/html 2606:4700:3037::6815:3346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.servicescorp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8407cd60b6b7639e1c09be6ee74a32f3d2f2d6fe9c605e234ba6a713b6b6d6d0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83bd23758dcf0414-FRA
content-encoding: br
content-type: text/html
date: Tue, 26 Dec 2023 23:35:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9p1SesF8CrajqQCuu1eHPOmvswHsgl%2BnMaHadkdI%2Fbz7wrTf89UhdPKkQPhMLJOslyusG0c5KFQHMWmxKTM2jnStXrYv6ByN%2FDjgsLwE8FzwmD40e0w1me8eRDSYty0wQMjBGnMmlunRsXZEJFqSg6y%2FN14%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
www.servicescorp.shop/css/ 141 KB
22 KB 184ms
183ms Stylesheet
text/css 2606:4700:3037::6815:3346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.servicescorp.shop/css/bootstrap.min.css
Requested by: Host: www.servicescorp.shop
URL: https://www.servicescorp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 31 Jan 2019 04:10:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5c527550-235ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kg77%2FSfLgHU81LUWJjSQo95zwB8wePSUJ%2FXgm33w7Ne04pus%2FlvxcshpzZWZ4%2FirgNy1QQHynnaf3J3HdteNN95MN0Rhzfz%2FUzBxUW4TWT9XkDBqFn0%2FXgh54ppna03WSKBDQdkvYHQaGSA3g6h3hoZ7Swk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 83bd23765e770414-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 27 Dec 2023 23:35:08 GMT

GET
H2 200 modern-business.css
www.servicescorp.shop/css/ 2 KB
1 KB 133ms
131ms Stylesheet
text/css 2606:4700:3037::6815:3346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.servicescorp.shop/css/modern-business.css
Requested by: Host: www.servicescorp.shop
URL: https://www.servicescorp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41ab04138261cba55e7eed54e52384ce10b9cf3af9b03a0901e1d65f8e1187f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 31 Jan 2019 04:10:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5c527534-6fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAGvrlmKXaFCvt7QJQ5xbS2js80dlPTM87CUmuzU2NZmx%2FozVd9GivnxJ0ZKG%2BIazlzCryOigClA0FoHKcAdUn1xOKuEMCCXUdgKrud9LxNzEdKiWBvp6ZTS2jN2GMK6wuzPdhi2XsDbv8YGzsp04n0F2Pk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 83bd23765e780414-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 27 Dec 2023 23:35:08 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 83ms
31ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.servicescorp.shop
URL: https://www.servicescorp.shop/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2497675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztRE%2BUwR5hlmxmRQHCovqxznweW8b9oIKdPMR6Q6o87lnwqvoqnOnUanAGOc4DyQj7eit2ucEL5ufVCNA%2BYCMk%2BflRdr%2FdMq4dy1iaOeGP3foW6oHdiisQpC1OkvXIRDmNJPi6SgkuMYvWi4pIJhSaZN"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83bd2376ae184d68-FRA
expires: Sun, 15 Dec 2024 23:35:08 GMT

GET
H2 200 mid-page.html
www.servicescorp.shop/ 316 B
316 B 84ms
83ms Image
text/html 2606:4700:3037::6815:3346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.servicescorp.shop/mid-page.html
Requested by: Host: www.servicescorp.shop
URL: https://www.servicescorp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7N5KELcD1eoJrY0SD%2FflgMaSoPADGMcxy8b1S6FguLDrbk4xUMdh%2BQobb695Yd8LPeL65DeCJQk5qfYrJhwmZvbSJsVuVt8Uv0DTyA%2B0I1f%2FLJBrN2DUI2IYvUNgOv%2BU7y8AsndEFZT87jl39i1N50iQg8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 83bd23765e790414-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 testo_1.jpg
www.servicescorp.shop/jpg/ 31 KB
32 KB 185ms
184ms Image
image/jpeg 2606:4700:3037::6815:3346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.servicescorp.shop/jpg/testo_1.jpg
Requested by: Host: www.servicescorp.shop
URL: https://www.servicescorp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a918fad3aa99022694ca63d40c1ef77380fbcbc993af133d8e119432121e3f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:08 GMT
cf-cache-status: MISS
last-modified: Thu, 31 Jan 2019 04:10:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c527548-7d72"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKYKKE51Jsq1qVZTxzahHxmO72rddYM15IRq9MPZXnw7huCUNRSv2Xg7pDMGh%2FOu9ppM54WpB5nj1H5JECUaa6mik6JAbJOjoCAIz2xmRg3A%2B05VjeO54Z3kDPfyKkc400pRzZkyvo8afuNISrva3xgQpn0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 83bd23765e7a0414-FRA
alt-svc: h3=":443"; ma=86400
content-length: 32114
expires: Wed, 27 Dec 2023 23:35:08 GMT

GET
H2 200 testo_2.jpg
www.servicescorp.shop/jpg/ 30 KB
30 KB 205ms
204ms Image
image/jpeg 2606:4700:3037::6815:3346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.servicescorp.shop/jpg/testo_2.jpg
Requested by: Host: www.servicescorp.shop
URL: https://www.servicescorp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f58ebe90fdc500d7591a0498038f96b2034391d966dd633e556952e943ce32b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:08 GMT
cf-cache-status: MISS
last-modified: Thu, 31 Jan 2019 04:10:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c527548-780e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79rf5QHaWi6UMuv8Yql2aTuVahGe7kSiTBSBiRDEm5HvQD7BeM6FcXrvj3TrG49WTtD3dA0eN0nKjgQYsim%2Fa2K6dCZBIXKYfMgHvzoEg17vC0D2LhkJufLPJblTwcV07lohlpzP0F9wbrFFzCxsnpAdfpg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 83bd23766e7b0414-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30734
expires: Wed, 27 Dec 2023 23:35:08 GMT

GET
H2 200 testo_3.jpg
www.servicescorp.shop/jpg/ 24 KB
24 KB 182ms
181ms Image
image/jpeg 2606:4700:3037::6815:3346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.servicescorp.shop/jpg/testo_3.jpg
Requested by: Host: www.servicescorp.shop
URL: https://www.servicescorp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee2ee795182e7c20132b071dd651097d1834565e4ad85f2c4ef51edab5a9890

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:08 GMT
cf-cache-status: MISS
last-modified: Thu, 31 Jan 2019 04:10:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c527548-5f6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUu6iBdxlUuae0qD5KLYaGD%2BI79Ul2yBWeOS1v0l6wd1Hn8hgxwQwMrmct5FcBm4Ro%2FCCKLQlk1WYwcYQzCHWJ1Q1PHkCIgm3NFZiqkCwCAFWiIl3zz9rFCdhODqRYjtVlF4rVFAyr1nsko0tWdgKvNWQc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 83bd23766e7c0414-FRA
alt-svc: h3=":443"; ma=86400
content-length: 24426
expires: Wed, 27 Dec 2023 23:35:08 GMT

GET
H2 200 mona.jpg
www.servicescorp.shop/jpg/ 32 KB
32 KB 206ms
205ms Image
image/jpeg 2606:4700:3037::6815:3346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.servicescorp.shop/jpg/mona.jpg
Requested by: Host: www.servicescorp.shop
URL: https://www.servicescorp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 941c71d5ca1c53d0291f563568966d9f764f8e8cf5bc0589a23fa445acc04166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:08 GMT
cf-cache-status: MISS
last-modified: Thu, 31 Jan 2019 04:10:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5c527546-801c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TwjsMeGD3CCAEbDtkcYIlQjpKLjkgP%2BRmejaTbGmEpL2JHKGAZa4qYvT401uvImSocz5Ppv9pzpRa%2FQjWJqrshlHr%2BPWIrkVY%2FQRQsPUZxmODgmnEiu6BLYpUnJIQzVAyU1%2Bz1pPQHQ4q%2BWuA9cNgj6ilfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 83bd23766e7d0414-FRA
alt-svc: h3=":443"; ma=86400
content-length: 32796
expires: Wed, 27 Dec 2023 23:35:08 GMT

GET
H2 200 img-Yy4766yY5DcDC5Z0-57.gif
www.counter12.com/ 69 B
522 B 286ms
216ms Image
image/gif 2606:4700:3033::6815:2109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.counter12.com/img-Yy4766yY5DcDC5Z0-57.gif
Requested by: Host: www.servicescorp.shop
URL: https://www.servicescorp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: a92ad9369b78416b1195224c104097f2df432e1831f6d6e1dc8be344ea991096

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.3.3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=InwAz27ngcNcGzKW8zyVgDGi4dG4clKM6odin07RaNYpUr1korWZ5YvlamZhkwzKa2mmC7Yafz%2Bc6kTBU7IuDuacXL3eh1MZfcV7IXKV6JA3I8O%2BlzcBZzx%2F6U5sx2r6ZWRFlWDgqVPznkmcL8hfMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cf-ray: 83bd2376de674d28-FRA
alt-svc: h3=":443"; ma=86400
content-length: 69

GET
H2 200 ad.js Show response
www.counter12.com/ 3 KB
1 KB 311ms
241ms Script
text/html 2606:4700:3033::6815:2109
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.counter12.com/ad.js?id=Yy4766yY5DcDC5Z0
Requested by: Host: www.servicescorp.shop
URL: https://www.servicescorp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2109 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: 1a0a99792246bbcfe50a9f73bf44c3cccd91b16ec37786a36c2b5eb7c5772a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.3.3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttAvtaBEPkhFaXnUhCr6rxfK8Rb5TgSPTcbNgL1Qq%2BZLQj9HAHdsieX7%2BAMmKk2vdCofAIHXGFMo0wdKWuarfKOGGApTP8uE717yIF7JjOuCnv0Nj36LQ3BDs44lqhI7DMuRMkA2XFzfeahJX7YWVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 83bd2376ce634d28-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
www.servicescorp.shop/js/ 85 KB
31 KB 205ms
205ms Script
application/javascript 2606:4700:3037::6815:3346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.servicescorp.shop/js/jquery.min.js
Requested by: Host: www.servicescorp.shop
URL: https://www.servicescorp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 31 Jan 2019 04:10:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5c52754a-1538f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUAUoi8pobre4mxGMdMExMvhpPh6SZTIcLPC%2FPTGPakk0pF%2BirxZHLypWKx5XBn1timsJlbQSYCuZ1og%2BoHzRMX%2FPe4BYuWsIGeHSNaFAUhl2%2B46yjFoDaGZDd9Jn8YWfotQZ6UQtqLFX%2BZVVgysn6jADiE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 83bd23766e7e0414-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 27 Dec 2023 23:35:08 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
www.servicescorp.shop/js/ 66 KB
20 KB 226ms
225ms Script
application/javascript 2606:4700:3037::6815:3346
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.servicescorp.shop/js/bootstrap.bundle.min.js
Requested by: Host: www.servicescorp.shop
URL: https://www.servicescorp.shop/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 31 Jan 2019 04:10:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5c527552-1089e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqzjYP3ynT0mM%2F3Bt%2BvF01y3LJua7mymvU42mwgYK1dAWZP2dBFDE5CHOGaQdIP8PRHuYQiphJi83j69Q%2B5Uy54Pxv3EvUSEINRCWOYVnoCXi%2BT0yV8EQc972FYiuzneXO4PzAbpbP7XkGMIZwuWhTxgY%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 83bd23766e7f0414-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 27 Dec 2023 23:35:08 GMT

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 56ms
31ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.servicescorp.shop
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:08 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 541915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etY7N11syZzR0K5FLqizVqsC7cbEJEjOeOYGGvi9mo125oAO62xriTFEnwPsc3G69KN7mDEEdhZ0dd70dVKU3%2FLvfePUaSPNFXpDI%2Fo0bEpnCviDgGw14F2tazRdnRhvzV7EgfoMAjPZS8E7JfJlncgh"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83bd2377bb44917c-FRA
expires: Sun, 15 Dec 2024 23:35:08 GMT

GET
H2

200

ads5.php Show response
meuip.page/ Frame A639
Redirect Chain

https://bit.ly/3zzKlOA
https://meuip.page/ads5.php

63 KB
20 KB

294ms
212ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meuip.page/ads5.php
Requested by: Host: www.counter12.com
URL: https://www.counter12.com/ad.js?id=Yy4766yY5DcDC5Z0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: 70c6137278dbe524911fc1b16d9acd5d9067619b787100b8189724051088ff4f

Request headers

Referer: https://www.servicescorp.shop/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83bd237a1edb71cb-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 26 Dec 2023 23:35:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vZHWDI4hnjsNsTKo9Kc1Wy8PENLuLqEBTsOHB5Bow1IfMG5poIutDGp2php9QoVl1HtVPI7bHmKl7p7kD21cQbmwSB5yQO%2FN5%2FJDJDIwOH%2FOLw7Nm8cc7s1qwlur75K%2BhjFyxunICiN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.3.3

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=90
content-length: 114
content-security-policy: referrer always;
content-type: text/html; charset=utf-8
date: Tue, 26 Dec 2023 23:35:08 GMT
location: https://meuip.page/ads5.php
referrer-policy: unsafe-url
server: nginx
via: 1.1 google

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 108ms
34ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: www.counter12.com
URL: https://www.counter12.com/ad.js?id=Yy4766yY5DcDC5Z0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 66498
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 83bd2378dfcbbb83-FRA
content-length: 4547

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 53 B
187 B 350ms
113ms Script
text/html 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?3908301&@f16&@g1&@h1&@i1&@j1703633708955&@k0&@l1&@mMsufcu%20%26%20Accounting%7C%20Michigan%20State%20University%20Federal%20Credit%20Union%20%7C%20MSUFCU&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-33705517&@b3:1703633709&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fwww.servicescorp.shop%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: 8ac128b45df3966b407c2f7cc8b35f7d3b73f6de46e882c9b140d84a852bc615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 23:35:09 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 53 B
187 B 345ms
111ms Script
text/html 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2998001&@f16&@g1&@h1&@i1&@j1703633708955&@k0&@l1&@mMsufcu%20%26%20Accounting%7C%20Michigan%20State%20University%20Federal%20Credit%20Union%20%7C%20MSUFCU&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:124424630&@b3:1703633709&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fwww.servicescorp.shop%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: 730616335e2e424da2b413fad39ed3b76c7599603c4b379da39f9cbccdf8e771

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 23:35:09 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 53 B
187 B 339ms
110ms Script
text/html 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?3908301&@f16&@g0&@h2&@i1&@j1703633708956&@k1&@l2&@mMsufcu%20%26%20Accounting%7C%20Michigan%20State%20University%20Federal%20Credit%20Union%20%7C%20MSUFCU&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-106941912&@b3:1703633709&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fwww.servicescorp.shop%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: 8ac128b45df3966b407c2f7cc8b35f7d3b73f6de46e882c9b140d84a852bc615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 23:35:09 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 53 B
187 B 338ms
108ms Script
text/html 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?2998001&@f16&@g0&@h2&@i1&@j1703633708956&@k1&@l2&@mMsufcu%20%26%20Accounting%7C%20Michigan%20State%20University%20Federal%20Credit%20Union%20%7C%20MSUFCU&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-110498134&@b3:1703633709&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fwww.servicescorp.shop%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: 730616335e2e424da2b413fad39ed3b76c7599603c4b379da39f9cbccdf8e771

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.servicescorp.shop/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 23:35:09 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

HEAD
H2 200 ads5.php Show response
meuip.page/ Frame A639 0
255 B 210ms
210ms XHR
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meuip.page/ads5.php
Requested by: Host: meuip.page
URL: https://meuip.page/ads5.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meuip.page/ads5.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.3.3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MK2O6Y%2BTvfyy0DjIMkU9NmsdqZUHi8JbMTktL0QECQOjCkRQbmzmG%2B6df7m1KRqdPOB26olw6UU%2BBkDGekc9kA2tbyNtyhwHgJpJtn1lKYmpiOGOo1SkxrZL%2Fd1256ZO66h31wlwmKA"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 83bd237d496b71cb-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
ashoupsu.com/5/3398217/ Frame A639 3 KB
2 KB 169ms
76ms XHR
application/json 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ashoupsu.com/5/3398217/?oo=1&aab=1
Requested by: Host: meuip.page
URL: https://meuip.page/ads5.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: baedf0d3bd778e9e628c9653af0a1b7d1ad6606adb552df1d8f7d119fb641973

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meuip.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:09 GMT
content-encoding: gzip
x-trace-id: 71facf41fa60942772f17eeeabe824ef
pragma: no-cache, no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://meuip.page
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag.min.js Show response
ashoupsu.com/ Frame A639 80 KB
26 KB 167ms
75ms Script
text/javascript 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ashoupsu.com/tag.min.js

Requested by

Host: meuip.page
URL: https://meuip.page/ads5.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c12fcafa5d0fff6fa9f1861ce234b85953d0a47d234e0ef782953c4ae05bde48

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meuip.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=1
content-length: 25795
x-trace-id: 710c1c1e24b73aee955edf0724926eee
pragma: no-cache
last-modified: Sun, 24 Dec 2023 21:41:06 GMT
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame A639 11 KB
5 KB 32ms
31ms Script
text/javascript 2606:4700:10::6814:4f63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: meuip.page
URL: https://meuip.page/ads5.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:4f63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meuip.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 66499
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 83bd237d4b3ebb83-FRA
content-length: 4547

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ Frame A639 53 B
187 B 337ms
112ms Script
text/html 149.56.240.127
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4267674&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mADS&@n0&@ohttps%3A%2F%2Fwww.servicescorp.shop%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:-150562502&@b3:1703633710&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fmeuip.page%2Fads5.php&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.127 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns534295.ip-149-56-240.net
Software: /
Resource Hash: 04e607a46798cea3d91540c5931cafb6b820dfa1ca8463c77fc97acd418dce9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meuip.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 23:35:09 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

GET
H2 200 gid.js Show response
my.rtmark.net/ Frame A639 65 B
541 B 135ms
42ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?userId=4bca8dd9cb35403bad099a05c38f1f46

Requested by

Host: ashoupsu.com
URL: https://ashoupsu.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4095bc900e043bfe7cd6f4c01a04a0ea1336cc2f367ae04daae1007c95caed43

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meuip.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:09 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://meuip.page
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

GET
H2 200 / Show response
ashoupsu.com/ Frame A639 2 KB
3 KB 41ms
41ms Fetch
application/json 139.45.197.238
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ashoupsu.com/?rb=fdRC4bUZWXRNeIA6hjVrtoMCtPjpAr3tHqusqcu-hGJ8meCO05DfyHkbQ4Gd4t-GvJT6ro9xmRt0U6GVfPgM_0jzvkx-rlNlVJvrHFa_I1HM1xPYjtE2FIUkQ3LOFRnR1zc3srg0QfbaEHkLTl6sH2ZiKSYIPCXrzCovN8gYry7Qq9-5VxjIes4y0N9cJ6tHtCO4AdcSDC6OfsQT9euM7yaXsZfbGdhBtTp7QtqVKRclTBVevNLHJDze5zEMaEePrJ9R753BAkT6ks9iQmNfTA%3D%3D&request_ab2=0&zoneid=3398217&js_build=iclick-v1.650.4-auto&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=1&pl=https%3A%2F%2Fmeuip.page%2Fads5.php&drf=https%3A%2F%2Fwww.servicescorp.shop%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&btz=Europe%2FBerlin&bto=-60&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.650.4-auto&bs=78e71cdc-286a-4e49-b342-0be207b2ea90&userId=4bca8dd9cb35403bad099a05c38f1f46&m=link

Requested by

Host: ashoupsu.com
URL: https://ashoupsu.com/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.238 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3a5d8b5d97cf8ae1de70eb7371495949fe2512137aed2492c47b515917acf5e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meuip.page/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 23:35:09 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
x-trace-id: c8ef972a8fbd4b5bd33cf382dc654475
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://meuip.page
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires: Tue, 11 Jan 1994 10:00:00 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.servicescorp.shop/	1970-01-20 17:23:58	Name: showed Value: ok
www.servicescorp.shop/	1970-01-21 01:59:29	Name: HstCfa3908301 Value: 1703633708955
www.servicescorp.shop/	1970-01-21 01:59:29	Name: HstCmu3908301 Value: 1703633708955
www.servicescorp.shop/	1970-01-21 01:59:29	Name: HstCnv3908301 Value: 1
www.servicescorp.shop/	1970-01-21 01:59:29	Name: HstCns3908301 Value: 1
www.servicescorp.shop/	1970-01-21 01:59:29	Name: HstCla3908301 Value: 1703633708956
www.servicescorp.shop/	1970-01-21 01:59:29	Name: HstPn3908301 Value: 2
www.servicescorp.shop/	1970-01-21 01:59:29	Name: HstPt3908301 Value: 2
ashoupsu.com/	1970-01-21 01:59:29	Name: OAID Value: 4bca8dd9cb35403bad099a05c38f1f46
ashoupsu.com/	1970-01-21 01:59:29	Name: oaidts Value: 1703633709
my.rtmark.net/	1970-01-21 01:59:29	Name: ID Value: 4bca8dd9cb35403bad099a05c38f1f46
ashoupsu.com/	1970-01-20 17:23:58	Name: syncedCookie Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ashoupsu.com
bit.ly
cdnjs.cloudflare.com
meuip.page
my.rtmark.net
s10.histats.com
s4.histats.com
www.counter12.com
www.servicescorp.shop
139.45.195.8
139.45.197.238
149.56.240.127
2606:4700:10::6814:4f63
2606:4700:3033::6815:2109
2606:4700:3037::6815:3346
2606:4700::6811:180e
2a06:98c1:3121::3
67.199.248.10
04e607a46798cea3d91540c5931cafb6b820dfa1ca8463c77fc97acd418dce9e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a0a99792246bbcfe50a9f73bf44c3cccd91b16ec37786a36c2b5eb7c5772a18
1a918fad3aa99022694ca63d40c1ef77380fbcbc993af133d8e119432121e3f1
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3a5d8b5d97cf8ae1de70eb7371495949fe2512137aed2492c47b515917acf5e5
4095bc900e043bfe7cd6f4c01a04a0ea1336cc2f367ae04daae1007c95caed43
41ab04138261cba55e7eed54e52384ce10b9cf3af9b03a0901e1d65f8e1187f3
70c6137278dbe524911fc1b16d9acd5d9067619b787100b8189724051088ff4f
730616335e2e424da2b413fad39ed3b76c7599603c4b379da39f9cbccdf8e771
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8407cd60b6b7639e1c09be6ee74a32f3d2f2d6fe9c605e234ba6a713b6b6d6d0
8ac128b45df3966b407c2f7cc8b35f7d3b73f6de46e882c9b140d84a852bc615
941c71d5ca1c53d0291f563568966d9f764f8e8cf5bc0589a23fa445acc04166
a92ad9369b78416b1195224c104097f2df432e1831f6d6e1dc8be344ea991096
aee2ee795182e7c20132b071dd651097d1834565e4ad85f2c4ef51edab5a9890
baedf0d3bd778e9e628c9653af0a1b7d1ad6606adb552df1d8f7d119fb641973
bb3d017273ed487674d9766d8401cf458228596adcc0c3a6024f44ae715090db
c12fcafa5d0fff6fa9f1861ce234b85953d0a47d234e0ef782953c4ae05bde48
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f58ebe90fdc500d7591a0498038f96b2034391d966dd633e556952e943ce32b4

www.servicescorp.shop Open in urlscan Pro 2606:4700:3037::6815:3346 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

56 %IPv6

8 Domains

9 Subdomains

8 IPs

3 Countries

341 kBTransfer

698 kBSize

12 Cookies

0 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

12 Cookies

Indicators

www.servicescorp.shop Open in urlscan Pro
2606:4700:3037::6815:3346 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

341 kB
Transfer

698 kB
Size

12
Cookies

27 HTTP transactions
0 data transactions