www.aquathin.com Open in urlscan Pro
2620:12a:8000::4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.targetbay.net/c/eJyNUctugzAQ_Bp8A9mG2HDwIWoV9ZKqlar2iBZ7ATcYCJg8_r6mTaoeK_k0O96ZndHgsRmmq4o4h-MCvrV9qcfyeRsAgo...
Effective URL:
https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-...
Submission: On December 06 via manual (December 6th 2022, 6:58:10 pm UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 57 HTTP transactions. The main IP is 2620:12a:8000::4, located in United States and belongs to FASTLY, US. The main domain is www.aquathin.com.
TLS certificate: Issued by R3 on November 20th 2022. Valid for: 3 months.

This is the only time www.aquathin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.86.85.56 34.86.85.56	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
42	2620:12a:8000::4 2620:12a:8000::4	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
5	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
2 6	2600:9000:20e... 2600:9000:20eb:4e00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:6474:e766:da11:808b	16509 (AMAZON-02) (AMAZON-02)
57	8

1 34.86.85.56 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 56.85.86.34.bc.googleusercontent.com

email.targetbay.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2620:12a:8000::4 (United States)

ASN54113 (FASTLY, US)

www.aquathin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:20eb:4e00:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Lake Oswego, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:6474:e766:da11:808b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	aquathin.com www.aquathin.com	610 KB
7	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2732 d.adroll.com — Cisco Umbrella Rank: 1621	22 KB
5	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 402	15 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38	20 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 245	528 B
1	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 3217	5 KB
1	targetbay.net 1 redirects email.targetbay.net	308 B
0	miniclip.com Failed www.miniclip.com Failed
57	8

	Domain	Requested by
42	www.aquathin.com	client www.aquathin.com
6	s.adroll.com	2 redirects www.aquathin.com s.adroll.com
5	js-agent.newrelic.com	www.aquathin.com
2	www.google-analytics.com	www.aquathin.com www.google-analytics.com
1	d.adroll.com	s.adroll.com
1	bam.nr-data.net	js-agent.newrelic.com
1	netdna.bootstrapcdn.com	www.aquathin.com
1	email.targetbay.net	1 redirects
0	www.miniclip.com Failed	www.aquathin.com
57	9

This site contains links to these domains. Also see Links.

Domain
classic.aquathin.com
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
aquathin.com R3	`2022-11-20` - `2023-02-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
Frame ID: 08FA417BDC95D48275E406E3F52A3AD7
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Water Purification Systems | Aquathin Corporation

Page URL History Show full URLs

https://email.targetbay.net/c/eJyNUctugzAQ_Bp8A9mG2HDwIWoV9ZKqlar2iBZ7ATcYCJg8_r6mTaoeK_k0O96ZndHgsRmmq4... HTTP 302
https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-... Page URL

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

drupal\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

95 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

671 kB
Transfer

1023 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://classic.aquathin.com/
Title: Aquathin Classic

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Aquathin/256844846496
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/alfielipshultz/
Title: LinkedIn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.targetbay.net/c/eJyNUctugzAQ_Bp8A9mG2HDwIWoV9ZKqlar2iBZ7ATcYCJg8_r6mTaoeK_k0O96ZndHgsRmmq4o4h-MCvrV9qcfyeRsAgooJSdMs2xQFMQryvK4ZsYpTzhmngolU0CLBSjK6kVLoKmWyqqOMepga9BVckx49aZUwWQaaVQYkFjmtJQgm5UZQSGvIhCQa3Ai26UtrFM8EFaRTrffjHKXByi688_mc3C0menABGqfBLNoHzm7xrpyHZdIYpY-_6hEX68ChsYsLA3Rguxt4VwzwEui9j-_b429a3A6zj4PEyRqc4gn6eXBxC_qA5rbCDwdc_-9P3H1-5K9v-HK5PBzzp6Z5vycnZCD_m_gnhkD_CcJXpQt3driW9Os61DMpD85dk8nq1mJI3WC3XHANh3i1n5s49BNvb1eRzs5-jZdRWdAv_9qj_A HTTP 302
https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://s.adroll.com/j/exp/4FMRQMUAF5DCPPFGNP5LXQ/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 53

https://s.adroll.com/j/pre/4FMRQMUAF5DCPPFGNP5LXQ/RUDHSGNTHFCERD4WKOTYCS/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request products Show response
www.aquathin.com/
Redirect Chain

https://email.targetbay.net/c/eJyNUctugzAQ_Bp8A9mG2HDwIWoV9ZKqlar2iBZ7ATcYCJg8_r6mTaoeK_k0O96ZndHgsRmmq4o4h-MCvrV9qcfyeRsAgooJSdMs2xQFMQryvK4ZsYpTzhmngolU0CLBSjK6kVLoKmWyqqOMepga9BVckx49aZUwWQaaVQY...
https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq...

54 KB
20 KB

1053ms
634ms

Document
text/html

2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e22318b77e063879ee9006a9c20637293a89445dd95b83f13e0d0a9ce8162a4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 06 Dec 2022 18:58:02 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
link: <https://www.aquathin.com/products>; rel="canonical",<https://www.aquathin.com/node/166>; rel="shortlink"
server: nginx
strict-transport-security: max-age=300
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-generator: Drupal 7 (http://drupal.org)
x-pantheon-styx-hostname: styx-fe4-b-56c7c6b6d7-hfpwd
x-served-by: cache-chi-kigq8000162-CHI, cache-maa10232-MAA
x-styx-req-id: e8dfccd4-7597-11ed-aed7-820f6205f6e9
x-timer: S1670353082.465082,VS0,VE456

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-store
content-length: 850
content-type: text/html
date: Tue, 06 Dec 2022 18:58:01 GMT
location: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
x-robots-tag: noindex
x-xss-protection: 1; mode=block

GET
H2 200 system.base.css
www.aquathin.com/modules/system/ 5 KB
2 KB 184ms
178ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/modules/system/system.base.css?rkqmir

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

bf6028e15a460586c16adb0210d268374501f60ecf36f11e554e2ffd089c636b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Fri, 03 Nov 2023 20:35:21 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 2931762
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-848df4b4bb-sqxxq
content-length: 2052
x-served-by: cache-chi-klot8100129-CHI, cache-maa10232-MAA
last-modified: Tue, 01 Nov 2022 08:10:11 GMT
server: nginx
x-timer: S1670353083.163416,VS0,VE1
etag: W/"6360d463-1534"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: ded8e852-5aed-11ed-a77f-360f9a32dc65
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 system.menus.css
www.aquathin.com/modules/system/ 2 KB
964 B 420ms
413ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/modules/system/system.menus.css?rkqmir

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8ddd16e82813d3b21156531806bf2621098f1315544b9dd93386b42fea3b6633

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Thu, 07 Dec 2023 09:50:45 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 32838
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-a-6bbcd4dbd9-p2rpj
content-length: 728
x-served-by: cache-chi-kigq8000094-CHI, cache-maa10232-MAA
last-modified: Mon, 05 Dec 2022 19:02:25 GMT
server: nginx
x-timer: S1670353083.165229,VS0,VE231
etag: W/"638e4041-7f3"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 748db47a-754b-11ed-9ca6-ce15326d127b
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 system.messages.css
www.aquathin.com/modules/system/ 961 B
637 B 187ms
180ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/modules/system/system.messages.css?rkqmir

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d0bbad771a8a5ac5f9446791109693aeca1d676d44ced48f8514857f7d3e6fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Thu, 09 Nov 2023 11:04:31 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 2447611
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-7b88755dbb-dh8rk
content-length: 396
x-served-by: cache-chi-kigq8000094-CHI, cache-maa10232-MAA
last-modified: Tue, 08 Nov 2022 01:29:25 GMT
server: nginx
x-timer: S1670353083.165754,VS0,VE1
etag: W/"6369b0f5-3c1"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 1f450318-5f55-11ed-9d9c-421045c6c106
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 system.theme.css
www.aquathin.com/modules/system/ 4 KB
1 KB 188ms
181ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/modules/system/system.theme.css?rkqmir

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ff7750952a601dbf03688b01a2eced6e5671a8335393eb063201bb732f12c99a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Fri, 03 Nov 2023 20:35:21 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 2931762
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-5f8fd79674-bqx2c
content-length: 1343
x-served-by: cache-chi-kigq8000044-CHI, cache-maa10232-MAA
last-modified: Tue, 01 Nov 2022 08:10:11 GMT
server: nginx
x-timer: S1670353083.165739,VS0,VE1
etag: W/"6360d463-e7f"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: ded9f473-5aed-11ed-b052-9694c03b2582
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 field.css
www.aquathin.com/modules/field/theme/ 550 B
510 B 422ms
415ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/modules/field/theme/field.css?rkqmir

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3ad317a103b4271c6d00cb97957c0d8e0f5bfd6cdc74976d022dd526963ecdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Sat, 02 Dec 2023 09:38:44 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 465558
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-a-6bbcd4dbd9-p2rpj
content-length: 244
x-served-by: cache-chi-klot8100179-CHI, cache-maa10232-MAA
last-modified: Wed, 30 Nov 2022 03:28:10 GMT
server: nginx
x-timer: S1670353083.165730,VS0,VE238
etag: W/"6386cdca-226"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: f2dcdb33-715b-11ed-9f45-ce15326d127b
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 node.css
www.aquathin.com/modules/node/ 144 B
357 B 414ms
408ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/modules/node/node.css?rkqmir

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4569fbfef2a73b2369d1e070a2ce3511f5a8c6a22a7cd6d61baf4982e75a21ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Thu, 16 Nov 2023 12:35:58 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 1837324
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-a-8c44f9469-bkg6k
content-length: 111
x-served-by: cache-chi-kigq8000059-CHI, cache-maa10232-MAA
last-modified: Mon, 14 Nov 2022 18:25:23 GMT
server: nginx
x-timer: S1670353083.165699,VS0,VE225
etag: W/"63728813-90"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 0e8ab7d3-64e2-11ed-9416-e25279760819
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 search.css
www.aquathin.com/modules/search/ 564 B
503 B 419ms
413ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/modules/search/search.css?rkqmir

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

50f8d8e45f6742713a156c9fcf1b20d7c8c2dbddc7c649b76ee377775c6c4b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Thu, 09 Nov 2023 10:06:15 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 2451108
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-b-5fdd6c575d-4vn7s
content-length: 243
x-served-by: cache-chi-kigq8000099-CHI, cache-maa10232-MAA
last-modified: Tue, 08 Nov 2022 01:29:24 GMT
server: nginx
x-timer: S1670353083.165681,VS0,VE231
etag: W/"6369b0f4-234"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: fb2be18f-5f4c-11ed-a25c-2ace5a254fd6
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 user.css
www.aquathin.com/modules/user/ 2 KB
1014 B 416ms
409ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/modules/user/user.css?rkqmir

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

63eeb9baf46a801bccb55ef3c1a60610e820d57f90814480a393a0ec8edb36a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Sat, 02 Dec 2023 11:24:04 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 459239
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-a-6bbcd4dbd9-p2rpj
content-length: 752
x-served-by: cache-chi-kigq8000049-CHI, cache-maa10232-MAA
last-modified: Wed, 30 Nov 2022 03:28:10 GMT
server: nginx
x-timer: S1670353083.165658,VS0,VE230
etag: W/"6386cdca-723"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: a98963a8-716a-11ed-9f45-ce15326d127b
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 youtube.css
www.aquathin.com/sites/all/modules/youtube/css/ 380 B
506 B 428ms
422ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/sites/all/modules/youtube/css/youtube.css?rkqmir

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5d6c6db892cbcd7fdadaa1a92835cab6e3b7f7af4d1a778537872bbbf62e6e90

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Thu, 07 Dec 2023 15:23:23 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 12880
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-b-56c7c6b6d7-b265p
content-length: 257
x-served-by: cache-chi-klot8100087-CHI, cache-maa10232-MAA
last-modified: Mon, 05 Dec 2022 19:02:26 GMT
server: nginx
x-timer: S1670353083.165639,VS0,VE244
etag: W/"638e4042-17c"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: ec61553e-7579-11ed-8cc1-9639341a69b4
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 views.css
www.aquathin.com/sites/all/modules/views/css/ 707 B
579 B 414ms
408ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/sites/all/modules/views/css/views.css?rkqmir

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0dd53ceca07de8b1b2c16d9fee7a1d33dc90bc462a24abd38b2b9da7b8d27bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Wed, 08 Nov 2023 18:59:23 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 2505520
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-b-646948d589-5llsb
content-length: 319
x-served-by: cache-chi-kigq8000045-CHI, cache-maa10232-MAA
last-modified: Thu, 03 Nov 2022 13:37:42 GMT
server: nginx
x-timer: S1670353083.165844,VS0,VE225
etag: W/"6363c426-2c3"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 4b3a85a2-5ece-11ed-b812-7e0ea664d230
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 media_wysiwyg.base.css
www.aquathin.com/sites/all/modules/media/modules/media_wysiwyg/css/ 369 B
465 B 668ms
663ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/sites/all/modules/media/modules/media_wysiwyg/css/media_wysiwyg.base.css?rkqmir

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c0e36784dc21a29c3964c9241c2bc7f435038deee5a803342f29d3a0ba2ceb22

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Thu, 07 Dec 2023 09:50:46 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 32837
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-b-56c7c6b6d7-rd65j
content-length: 200
x-served-by: cache-chi-kigq8000117-CHI, cache-maa10232-MAA
last-modified: Mon, 05 Dec 2022 19:02:25 GMT
server: nginx
x-timer: S1670353083.341196,VS0,VE235
etag: W/"638e4041-171"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 74d1adb7-754b-11ed-87a8-62066fc4604b
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 ctools.css
www.aquathin.com/sites/all/modules/ctools/css/ 509 B
532 B 378ms
372ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/sites/all/modules/ctools/css/ctools.css?rkqmir

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

596cb5efcea1a31463ea879d1830c58058ecb10823d09b03ff6e72722593c6d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Fri, 03 Nov 2023 20:35:21 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 2931763
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-5f8fd79674-fwk79
content-length: 258
x-served-by: cache-chi-klot8100046-CHI, cache-maa10232-MAA
last-modified: Tue, 01 Nov 2022 08:10:11 GMT
server: nginx
x-timer: S1670353083.341174,VS0,VE1
etag: W/"6360d463-1fd"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: dedabf89-5aed-11ed-bf81-9298c2c27254
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 video.css
www.aquathin.com/sites/all/modules/video/css/ 2 KB
968 B 657ms
652ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/sites/all/modules/video/css/video.css?rkqmir

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

88307f9b98de9f43afe97d6b3961f3bea4a715e05d9e48b1e0a604d01dcaf786

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Thu, 16 Nov 2023 16:13:30 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 1824273
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-b-7b45b94595-vpvlb
content-length: 706
x-served-by: cache-chi-kigq8000039-CHI, cache-maa10232-MAA
last-modified: Mon, 14 Nov 2022 18:25:24 GMT
server: nginx
x-timer: S1670353083.341167,VS0,VE231
etag: W/"63728814-636"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 71b1eb6f-6500-11ed-8437-9272be8af5d1
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 screen.css
www.aquathin.com/sites/all/themes/aquathin/stylesheets/ 145 KB
26 KB 588ms
583ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/sites/all/themes/aquathin/stylesheets/screen.css?rkqmir

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7b05005d4e5e4e664457c7d6d716abe4508c6637e65a68d310027b7a79538359

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Sat, 02 Dec 2023 13:49:42 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 450501
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-a-6bbcd4dbd9-zzlnq
content-length: 26371
x-served-by: cache-chi-kigq8000173-CHI, cache-maa10232-MAA
last-modified: Wed, 30 Nov 2022 03:28:10 GMT
server: nginx
x-timer: S1670353083.341146,VS0,VE227
etag: W/"6386cdca-2451e"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 01fd7202-717f-11ed-b6f4-62f757b577d4
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 aqua.css
www.aquathin.com/sites/all/themes/aquathin/stylesheets/ 10 KB
3 KB 762ms
757ms Stylesheet
text/css 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/sites/all/themes/aquathin/stylesheets/aqua.css?rkqmir

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d2189bb7f1a9e972440d407178f0664aa5236f5e6371bcf030b11d92fcce71d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Thu, 09 Nov 2023 15:23:15 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 2432088
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-a-7b88755dbb-whzq4
content-length: 2472
x-served-by: cache-chi-kigq8000032-CHI, cache-maa10232-MAA
last-modified: Tue, 08 Nov 2022 01:29:25 GMT
server: nginx
x-timer: S1670353083.341126,VS0,VE236
etag: W/"6369b0f5-28f7"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 44064a32-5f79-11ed-a530-b24d28133ad5
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 3, 0

GET
H2 200 jquery.js Show response
www.aquathin.com/misc/ 77 KB
31 KB 766ms
761ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/misc/jquery.js?v=1.4.4

Requested by

Host: www.aquathin.com
URL: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Thu, 16 Nov 2023 16:49:22 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 1822121
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-b-7b45b94595-6wv2h
content-length: 31341
x-served-by: cache-chi-klot8100111-CHI, cache-maa10232-MAA
last-modified: Mon, 14 Nov 2022 18:25:23 GMT
server: nginx
x-timer: S1670353083.341115,VS0,VE267
etag: W/"63728813-13309"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 74b8ff37-6505-11ed-85b2-52e7032cc434
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 3, 0

GET
H2 200 jquery-extend-3.4.0.js Show response
www.aquathin.com/misc/ 3 KB
2 KB 366ms
362ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/misc/jquery-extend-3.4.0.js?v=1.4.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c54103ba57ee210ca55c052e70415402707548a4e6a68dd6efb3895019bee392

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Thu, 09 Nov 2023 17:23:12 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 2424891
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-5fdd6c575d-bxtzx
content-length: 1416
x-served-by: cache-chi-klot8100109-CHI, cache-maa10232-MAA
last-modified: Tue, 08 Nov 2022 01:29:24 GMT
server: nginx
x-timer: S1670353083.341096,VS0,VE1
etag: W/"6369b0f4-d57"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 058bbae4-5f8a-11ed-8765-aedb6aa0e94f
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 jquery-html-prefilter-3.5.0-backport.js Show response
www.aquathin.com/misc/ 12 KB
5 KB 359ms
355ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/misc/jquery-html-prefilter-3.5.0-backport.js?v=1.4.4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

fad84efa145fb507e5df9b582fa01b1c4e6313de7f72ebdd55726d92fa4dbf06

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Sat, 04 Nov 2023 15:23:25 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 2864077
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-b-848df4b4bb-btrw7
content-length: 4993
x-served-by: cache-chi-kigq8000120-CHI, cache-maa10232-MAA
last-modified: Thu, 03 Nov 2022 13:37:41 GMT
server: nginx
x-timer: S1670353083.341082,VS0,VE1
etag: W/"6363c425-3155"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 760a2d20-5b8b-11ed-b712-56fb883986f5
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 jquery.once.js Show response
www.aquathin.com/misc/ 3 KB
1 KB 764ms
760ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/misc/jquery.once.js?v=1.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Thu, 16 Nov 2023 12:59:53 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 1835890
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-a-8c44f9469-ncdjg
content-length: 1135
x-served-by: cache-chi-klot8100106-CHI, cache-maa10232-MAA
last-modified: Mon, 14 Nov 2022 18:25:23 GMT
server: nginx
x-timer: S1670353083.341069,VS0,VE238
etag: W/"63728813-b9e"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 65823566-64e5-11ed-b21d-de954cebd7d6
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 3, 0

GET
H2 200 drupal.js Show response
www.aquathin.com/misc/ 20 KB
8 KB 635ms
632ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/misc/drupal.js?rkqmir

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2e08dccbd4d8b728a6871562995a4636b89bfe0ed3b8fb0138191c922228b116

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Thu, 16 Nov 2023 15:59:43 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 1825100
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-b-7b45b94595-bvjg2
content-length: 7999
x-served-by: cache-chi-kigq8000084-CHI, cache-maa10232-MAA
last-modified: Mon, 14 Nov 2022 18:25:23 GMT
server: nginx
x-timer: S1670353083.341049,VS0,VE231
etag: W/"63728813-5027"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 850687a6-64fe-11ed-82d6-b2f611555d83
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 video.js Show response
www.aquathin.com/sites/all/modules/video/js/ 3 KB
1 KB 583ms
580ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/sites/all/modules/video/js/video.js?rkqmir

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

290570ec87160eb54659973bbac1ec5329c375ee9ca1e9afbbfe4e9fbbc6726d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Sat, 02 Dec 2023 13:49:44 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 450499
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-a-6bbcd4dbd9-d446l
content-length: 1057
x-served-by: cache-chi-kigq8000162-CHI, cache-maa10232-MAA
last-modified: Wed, 30 Nov 2022 03:28:10 GMT
server: nginx
x-timer: S1670353083.341035,VS0,VE227
etag: W/"6386cdca-b9e"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 0322c7b7-717f-11ed-bc33-362285491ea1
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 custom_search.js Show response
www.aquathin.com/sites/all/modules/custom_search/js/ 5 KB
2 KB 655ms
653ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/sites/all/modules/custom_search/js/custom_search.js?rkqmir

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

722fa030c079086667469df56eeea6f6feeb954afa196f19365391d675968a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Sat, 02 Dec 2023 13:49:46 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 450497
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-a-6bbcd4dbd9-d446l
content-length: 1366
x-served-by: cache-chi-kigq8000122-CHI, cache-maa10232-MAA
last-modified: Wed, 30 Nov 2022 03:28:10 GMT
server: nginx
x-timer: S1670353083.341017,VS0,VE232
etag: W/"6386cdca-122a"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 041aa84a-717f-11ed-bc33-362285491ea1
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 googleanalytics.js Show response
www.aquathin.com/sites/all/modules/google_analytics/ 6 KB
2 KB 659ms
657ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/sites/all/modules/google_analytics/googleanalytics.js?rkqmir

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

635d74c1974cf349501b95289f5197792ce1fc02880c968c3a04bd75c730b2bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Sun, 03 Dec 2023 12:37:16 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 368447
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-b-56c7c6b6d7-tgkmx
content-length: 2054
x-served-by: cache-chi-kigq8000080-CHI, cache-maa10232-MAA
last-modified: Fri, 02 Dec 2022 05:30:49 GMT
server: nginx
x-timer: S1670353083.341005,VS0,VE232
etag: W/"63898d89-1870"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 0df1ccef-723e-11ed-9e00-eeaf001700b9
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 4, 0

GET
H2 200 script.js Show response
www.aquathin.com/sites/all/themes/aquathin/js/ 3 KB
1 KB 663ms
662ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/sites/all/themes/aquathin/js/script.js?rkqmir

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6168edbb02a3f9cdf29e64de6a478fef3051d5fbdf4397c5c9dc3d5127474043

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Sat, 02 Dec 2023 11:54:10 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 457433
x-cache: HIT, MISS
x-pantheon-styx-hostname: styx-fe4-a-6bbcd4dbd9-d446l
content-length: 1084
x-served-by: cache-chi-kigq8000154-CHI, cache-maa10232-MAA
last-modified: Wed, 30 Nov 2022 03:28:10 GMT
server: nginx
x-timer: S1670353083.340987,VS0,VE232
etag: W/"6386cdca-ba6"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: dde987e7-716e-11ed-bc33-362285491ea1
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 swfobject.js Show response
www.aquathin.com/sites/all/themes/aquathin/js/ 10 KB
4 KB 368ms
367ms Script
application/x-javascript 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/sites/all/themes/aquathin/js/swfobject.js?rkqmir

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Thu, 09 Nov 2023 11:02:16 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Tue, 06 Dec 2022 18:58:03 GMT
age: 2447747
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe4-a-7b88755dbb-d2mkf
content-length: 4273
x-served-by: cache-chi-klot8100057-CHI, cache-maa10232-MAA
last-modified: Tue, 08 Nov 2022 01:29:25 GMT
server: nginx
x-timer: S1670353083.340968,VS0,VE1
etag: W/"6369b0f5-27ec"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: cec34f66-5f54-11ed-9c3c-9a639b141061
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.0.3/css/ 21 KB
5 KB 62ms
31ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 18:58:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 674, 617, 617
age: 27249348
cdn-cachedat: 2021-04-13 08:26:11
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5df7ea668d94f41379e642b8eba366fd
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 775740315a449207-FRA
cdn-requestpullsuccess: True

GET
H2 200 logo_tmp.png
www.aquathin.com/sites/all/themes/aquathin/images/ 15 KB
15 KB 180ms
180ms Image
image/png 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aquathin.com/sites/all/themes/aquathin/images/logo_tmp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

77483600e47e15c33dde95c3fd00beffb44bcfca12fca69a8f1370de6fc780ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-b-74ddd58b4d-z2nrq
strict-transport-security: max-age=300
date: Tue, 06 Dec 2022 18:58:03 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 02 Nov 2023 19:04:50 GMT
age: 3023593
x-cache: HIT, HIT
content-length: 15508
x-served-by: cache-chi-klot8100148-CHI, cache-maa10232-MAA
last-modified: Tue, 01 Nov 2022 08:10:12 GMT
server: nginx
x-timer: S1670353084.928541,VS0,VE1
etag: "6360d464-3c94"
content-type: image/png
x-styx-req-id: 0fa26b49-5a18-11ed-8e70-1622ede60297
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 POU.jpg
www.aquathin.com/sites/default/files/styles/medium/public/ 10 KB
10 KB 455ms
455ms Image
image/jpeg 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aquathin.com/sites/default/files/styles/medium/public/POU.jpg?itok=jTgllF-z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0d839c2b30f5a49fb1d5feddad6ffe767b4a4e8dee70e675b6d4aaafd638633c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-a-8c44f9469-p4b27
strict-transport-security: max-age=300
date: Tue, 06 Dec 2022 18:58:04 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 16 Nov 2023 16:49:23 GMT
age: 1822121
x-cache: HIT, MISS
content-length: 10158
x-served-by: cache-chi-kigq8000117-CHI, cache-maa10232-MAA
last-modified: Thu, 19 Dec 2019 12:18:48 GMT
server: nginx
x-timer: S1670353084.978399,VS0,VE232
etag: "5dfb6aa8-27ae"
content-type: image/jpeg
x-styx-req-id: 74f810c7-6505-11ed-9a06-bea734680dab
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 Pic%2010.jpg
www.aquathin.com/sites/default/files/styles/large/public/ 35 KB
36 KB 474ms
472ms Image
image/jpeg 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aquathin.com/sites/default/files/styles/large/public/Pic%2010.jpg?itok=2wNkZVAE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a2c74ab04b5d1f64cc9a9f3e71134f18c11474d89f84afa75b4eec48875d781b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-b-5b4bf5c55b-977sh
strict-transport-security: max-age=300
date: Tue, 06 Dec 2022 18:58:04 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 09 Nov 2023 18:59:24 GMT
age: 2419120
x-cache: HIT, MISS
content-length: 36237
x-served-by: cache-chi-kigq8000144-CHI, cache-maa10232-MAA
last-modified: Thu, 19 Dec 2019 12:18:48 GMT
server: nginx
x-timer: S1670353084.992930,VS0,VE234
etag: "5dfb6aa8-8d8d"
content-type: image/jpeg
x-styx-req-id: 75fcc596-5f97-11ed-9c3b-1ee5385ed16e
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 Pic%201.jpg
www.aquathin.com/sites/default/files/styles/large/public/ 33 KB
33 KB 181ms
179ms Image
image/jpeg 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aquathin.com/sites/default/files/styles/large/public/Pic%201.jpg?itok=c95W6Fjt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5971f6be7dd027c9ebffed9ecd236e85d7ffacaf6f7dc2801bbeb1281dea06f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-a-5ff4c7f6c-mdkwt
strict-transport-security: max-age=300
date: Tue, 06 Dec 2022 18:58:03 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 26 Oct 2023 10:05:24 GMT
age: 3660759
x-cache: HIT, HIT
content-length: 33461
x-served-by: cache-chi-klot8100059-CHI, cache-maa10232-MAA
last-modified: Thu, 19 Dec 2019 12:18:48 GMT
server: nginx
x-timer: S1670353084.993052,VS0,VE1
etag: "5dfb6aa8-82b5"
content-type: image/jpeg
x-styx-req-id: 8b36fa08-544c-11ed-97d2-e21ada9cf962
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 commercail%20softening.jpg
www.aquathin.com/sites/default/files/styles/large/public/ 33 KB
33 KB 551ms
549ms Image
image/jpeg 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aquathin.com/sites/default/files/styles/large/public/commercail%20softening.jpg?itok=Ztmax3Xo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b6027cf32b19954963e2c73a373f22aaba4b070acd6d9f7c2632573d10fa34a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-b-56c7c6b6d7-998ts
strict-transport-security: max-age=300
date: Tue, 06 Dec 2022 18:58:04 GMT
via: 1.1 varnish, 1.1 varnish
expires: Sat, 02 Dec 2023 15:56:22 GMT
age: 442902
x-cache: HIT, MISS
content-length: 33703
x-served-by: cache-chi-kigq8000174-CHI, cache-maa10232-MAA
last-modified: Thu, 19 Dec 2019 12:18:48 GMT
server: nginx
x-timer: S1670353084.993486,VS0,VE273
etag: "5dfb6aa8-83a7"
content-type: image/jpeg
x-styx-req-id: b3a1565c-7190-11ed-82b6-a2ed2cab9e7e
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 commercial%20filtration.jpg
www.aquathin.com/sites/default/files/styles/large/public/ 30 KB
30 KB 490ms
488ms Image
image/jpeg 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aquathin.com/sites/default/files/styles/large/public/commercial%20filtration.jpg?itok=funFx6T6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

bd906c18b666e415e82bbfcae126f556904af6e0846cc641c204bdf94bcabb92

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7b45b94595-6wv2h
strict-transport-security: max-age=300
date: Tue, 06 Dec 2022 18:58:04 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 16 Nov 2023 16:13:37 GMT
age: 1824267
x-cache: HIT, MISS
content-length: 30349
x-served-by: cache-chi-klot8100103-CHI, cache-maa10232-MAA
last-modified: Thu, 19 Dec 2019 12:18:48 GMT
server: nginx
x-timer: S1670353084.993467,VS0,VE240
etag: "5dfb6aa8-768d"
content-type: image/jpeg
x-styx-req-id: 75e176d9-6500-11ed-85b2-52e7032cc434
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 and%20more1.jpg
www.aquathin.com/sites/default/files/styles/large/public/ 26 KB
26 KB 485ms
483ms Image
image/jpeg 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aquathin.com/sites/default/files/styles/large/public/and%20more1.jpg?itok=0Uon-bid

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

22fb6cfd3a5a66a58c73b55d1acd8d1120d652d93ad625d28c6cc762992aa0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-a-8c44f9469-chzph
strict-transport-security: max-age=300
date: Tue, 06 Dec 2022 18:58:04 GMT
via: 1.1 varnish, 1.1 varnish
expires: Fri, 17 Nov 2023 14:17:49 GMT
age: 1744814
x-cache: HIT, MISS
content-length: 26508
x-served-by: cache-chi-kigq8000050-CHI, cache-maa10232-MAA
last-modified: Thu, 19 Dec 2019 12:18:48 GMT
server: nginx
x-timer: S1670353084.993445,VS0,VE236
etag: "5dfb6aa8-678c"
content-type: image/jpeg
x-styx-req-id: 734d36b6-65b9-11ed-ac04-0e3c54d95dfd
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 sweetwater-logo-banner.gif
www.aquathin.com/sites/default/files/ 23 KB
23 KB 537ms
535ms Image
image/gif 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aquathin.com/sites/default/files/sweetwater-logo-banner.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

dd3e6626ae1bb80e6dfb8a95dc8388b5d0c1d8fe31d8ef64e86949e75ffb49a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-b-7b45b94595-zzqzz
strict-transport-security: max-age=300
date: Tue, 06 Dec 2022 18:58:04 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 16 Nov 2023 16:49:23 GMT
age: 1822121
x-cache: HIT, MISS
content-length: 23555
x-served-by: cache-chi-klot8100035-CHI, cache-maa10232-MAA
last-modified: Thu, 19 Dec 2019 12:18:48 GMT
server: nginx
x-timer: S1670353084.993428,VS0,VE249
etag: "5dfb6aa8-5c03"
content-type: image/gif
x-styx-req-id: 750b7d7b-6505-11ed-a4d3-2ad81c2087ac
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 40%20year%20logo_0.jpg
www.aquathin.com/sites/default/files/ 21 KB
21 KB 207ms
206ms Image
image/jpeg 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aquathin.com/sites/default/files/40%20year%20logo_0.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cc57a8b0331889f084a5084de4d4e756fa77c62e6cea3ab1f95e8b4f05e04866

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-b-5785676d59-pd9kw
strict-transport-security: max-age=300
date: Tue, 06 Dec 2022 18:58:03 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 02 Nov 2023 07:43:52 GMT
age: 3064451
x-cache: HIT, HIT
content-length: 21450
x-served-by: cache-chi-klot8100032-CHI, cache-maa10232-MAA
last-modified: Thu, 19 Dec 2019 12:18:48 GMT
server: nginx
x-timer: S1670353084.993408,VS0,VE1
etag: "5dfb6aa8-53ca"
content-type: image/jpeg
x-styx-req-id: ee85f36a-59b8-11ed-a88e-42872c2dc936
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 AQUATHIN-ISO-Medalion.jpg
www.aquathin.com/sites/default/files/ 194 KB
195 KB 223ms
222ms Image
image/jpeg 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aquathin.com/sites/default/files/AQUATHIN-ISO-Medalion.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

bc15a8e8ff9e625329821c3fc68fde6916e9a6caf33e5273a622442dc87864f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-a-585b659d7c-jxg72
strict-transport-security: max-age=300
date: Tue, 06 Dec 2022 18:58:03 GMT
via: 1.1 varnish, 1.1 varnish
expires: Fri, 20 Oct 2023 09:27:02 GMT
age: 4181462
x-cache: HIT, HIT
content-length: 199106
x-served-by: cache-chi-klot8100057-CHI, cache-maa10232-MAA
last-modified: Thu, 19 Dec 2019 12:18:48 GMT
server: nginx
x-timer: S1670353084.993401,VS0,VE2
etag: "5dfb6aa8-309c2"
content-type: image/jpeg
x-styx-req-id: 30228050-4f90-11ed-ab7b-6240818093c3
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Dec 2022 17:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6137
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 06 Dec 2022 19:15:46 GMT

GET game-embed.js
www.miniclip.com/js/ 0
0

GET
H2 200 wavecut.png
www.aquathin.com/sites/all/themes/aquathin/images/ 4 KB
4 KB 422ms
422ms Image
image/png 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aquathin.com/sites/all/themes/aquathin/images/wavecut.png

Requested by

Host: www.aquathin.com
URL: https://www.aquathin.com/sites/all/themes/aquathin/stylesheets/screen.css?rkqmir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

64d13e30d73f44f2f9159153ee36278be20c5dae1ba44d605a7460c15739270f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/sites/all/themes/aquathin/stylesheets/screen.css?rkqmir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-a-789cbcb496-2dx9l
strict-transport-security: max-age=300
date: Tue, 06 Dec 2022 18:58:04 GMT
via: 1.1 varnish, 1.1 varnish
expires: Thu, 02 Nov 2023 21:18:31 GMT
age: 3015573
x-cache: HIT, HIT
content-length: 3813
x-served-by: cache-chi-kigq8000092-CHI, cache-maa10232-MAA
last-modified: Tue, 01 Nov 2022 08:10:12 GMT
server: nginx
x-timer: S1670353084.106827,VS0,VE1
etag: "6360d464-ee5"
content-type: image/png
x-styx-req-id: bc34827d-5a2a-11ed-80a6-e2439d22641e
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 sourcesanspro-regular-webfont.woff
www.aquathin.com/sites/all/themes/aquathin/stylesheets/fonts/ 29 KB
29 KB 563ms
563ms Font
font/woff 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/sites/all/themes/aquathin/stylesheets/fonts/sourcesanspro-regular-webfont.woff

Requested by

Host: www.aquathin.com
URL: https://www.aquathin.com/sites/all/themes/aquathin/stylesheets/screen.css?rkqmir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e0bd65fce58cc59e079db23dd44c28d415b3c364b8f0cb6012bbcb4d7cce8775

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.aquathin.com/sites/all/themes/aquathin/stylesheets/screen.css?rkqmir
Origin: https://www.aquathin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Thu, 09 Nov 2023 15:23:15 GMT
strict-transport-security: max-age=300
date: Tue, 06 Dec 2022 18:58:04 GMT
via: 1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-b-5fdd6c575d-bxtzx
age: 2432088
x-cache: HIT, MISS
content-length: 29744
x-served-by: cache-chi-kigq8000177-CHI, cache-maa10232-MAA
last-modified: Tue, 08 Nov 2022 01:29:25 GMT
server: nginx
x-timer: S1670353084.106806,VS0,VE253
etag: "6369b0f5-7430"
content-type: font/woff
access-control-allow-origin: *
x-styx-req-id: 4442c805-5f79-11ed-8765-aedb6aa0e94f
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 sourceserifpro-bold-webfont.woff
www.aquathin.com/sites/all/themes/aquathin/stylesheets/fonts/ 35 KB
35 KB 422ms
421ms Font
font/woff 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.aquathin.com/sites/all/themes/aquathin/stylesheets/fonts/sourceserifpro-bold-webfont.woff

Requested by

Host: www.aquathin.com
URL: https://www.aquathin.com/sites/all/themes/aquathin/stylesheets/screen.css?rkqmir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0a462da61533cc75f77e6f2510ee7c34f9912153e16cfff1860982d41b76304a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.aquathin.com/sites/all/themes/aquathin/stylesheets/screen.css?rkqmir
Origin: https://www.aquathin.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

expires: Thu, 16 Nov 2023 15:07:12 GMT
strict-transport-security: max-age=300
date: Tue, 06 Dec 2022 18:58:04 GMT
via: 1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname: styx-fe4-a-8c44f9469-24pd2
age: 1828251
x-cache: HIT, HIT
content-length: 35588
x-served-by: cache-chi-kigq8000162-CHI, cache-maa10232-MAA
last-modified: Mon, 14 Nov 2022 18:25:24 GMT
server: nginx
x-timer: S1670353084.106783,VS0,VE1
etag: "63728814-8b04"
content-type: font/woff
access-control-allow-origin: *
x-styx-req-id: 2f237775-64f7-11ed-aa66-82b73006e969
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 body-bg-bar.png
www.aquathin.com/sites/all/themes/aquathin/images/ 534 B
716 B 545ms
545ms Image
image/png 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aquathin.com/sites/all/themes/aquathin/images/body-bg-bar.png

Requested by

Host: www.aquathin.com
URL: https://www.aquathin.com/sites/all/themes/aquathin/stylesheets/screen.css?rkqmir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8b5786c6b84b1f023686e9cf007d922540cd566c3de11f5a18c48fc6ca1c919d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/sites/all/themes/aquathin/stylesheets/screen.css?rkqmir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-b-56c7c6b6d7-998ts
strict-transport-security: max-age=300
date: Tue, 06 Dec 2022 18:58:04 GMT
via: 1.1 varnish, 1.1 varnish
expires: Sat, 02 Dec 2023 12:00:11 GMT
age: 457073
x-cache: HIT, MISS
content-length: 534
x-served-by: cache-chi-kigq8000079-CHI, cache-maa10232-MAA
last-modified: Wed, 30 Nov 2022 03:28:10 GMT
server: nginx
x-timer: S1670353084.106757,VS0,VE239
etag: "6386cdca-216"
content-type: image/png
x-styx-req-id: b509fd95-716f-11ed-82b6-a2ed2cab9e7e
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 fb.png
www.aquathin.com/sites/all/themes/aquathin/images/ 545 B
789 B 544ms
543ms Image
image/png 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aquathin.com/sites/all/themes/aquathin/images/fb.png

Requested by

Host: www.aquathin.com
URL: https://www.aquathin.com/sites/all/themes/aquathin/stylesheets/screen.css?rkqmir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

af1b0af8ac5ab8b4fc633e4280b82647cc15add88d49bec4d9060e9c4d2c3e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/sites/all/themes/aquathin/stylesheets/screen.css?rkqmir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-b-56c7c6b6d7-998ts
strict-transport-security: max-age=300
date: Tue, 06 Dec 2022 18:58:04 GMT
via: 1.1 varnish, 1.1 varnish
expires: Sat, 02 Dec 2023 09:38:45 GMT
age: 465559
x-cache: HIT, MISS
content-length: 545
x-served-by: cache-chi-kigq8000080-CHI, cache-maa10232-MAA
last-modified: Wed, 30 Nov 2022 03:28:10 GMT
server: nginx
x-timer: S1670353084.106736,VS0,VE225
etag: "6386cdca-221"
content-type: image/png
x-styx-req-id: f2fdc5f7-715b-11ed-82b6-a2ed2cab9e7e
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 3, 0

GET
H2 200 linkedin.png
www.aquathin.com/sites/all/themes/aquathin/images/ 978 B
1 KB 545ms
545ms Image
image/png 2620:12a:8000::4
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.aquathin.com/sites/all/themes/aquathin/images/linkedin.png

Requested by

Host: www.aquathin.com
URL: https://www.aquathin.com/sites/all/themes/aquathin/stylesheets/aqua.css?rkqmir

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::4 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e4e7fb26e020762fa002738564c804f02118ee98e8a4b2ee6a5694be112f929a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/sites/all/themes/aquathin/stylesheets/aqua.css?rkqmir
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe4-a-6bbcd4dbd9-p2rpj
strict-transport-security: max-age=300
date: Tue, 06 Dec 2022 18:58:04 GMT
via: 1.1 varnish, 1.1 varnish
expires: Sat, 02 Dec 2023 16:49:57 GMT
age: 439687
x-cache: HIT, MISS
content-length: 978
x-served-by: cache-chi-klot8100090-CHI, cache-maa10232-MAA
last-modified: Wed, 30 Nov 2022 03:28:10 GMT
server: nginx
x-timer: S1670353084.106715,VS0,VE244
etag: "6386cdca-3d2"
content-type: image/png
x-styx-req-id: 30022af7-7198-11ed-9f45-ce15326d127b
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 4, 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=2027385878&t=pageview&_s=1&dl=https%3A%2F%2Fwww.aquathin.com%2Fproducts%3Futm_source%3Dtargetbay%26utm_medium%3Demail%26utm_campaign%3Durgent-aquathin-email-host-provider-ransom-hacked%26utm_token%3DMv2mjW8QTePxxCq8HggV1670344567%26token%3DMv2mjW8QTePxxCq8HggV1670344567%26campaign_id%3D24606&ul=en-us&de=UTF-8&dt=Water%20Purification%20Systems%20%7C%20Aquathin%20Corporation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=690737710&gjid=1516310295&cid=826452719.1670353084&tid=UA-84990082-1&_gid=1122590198.1670353084&_r=1&_slc=1&z=673321110

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.aquathin.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 18:58:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.aquathin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 552.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 21 KB
6 KB 35ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Requested by: Host: www.aquathin.com
URL: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-encoding: gzip
via: 1.1 varnish
date: Tue, 06 Dec 2022 18:58:04 GMT
x-amz-request-id: 80MRM9SBYF943QY2
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5890
x-amz-id-2: IYtTVD9w1h5zbbn8Xa0sJZtgMoEsL+KAO+uwSQQzIDSMcQRlRWrBuHtEzf/bN/7AP4XdZNz/y6k=
x-served-by: cache-hhn4050-HHN
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
server: AmazonS3
x-timer: S1670353084.492937,VS0,VE0
etag: "777ac0df4dba632ad1b2955c88dd51ac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3692

GET
H2 200 290.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 8ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/290.2d6a2503-1220.js
Requested by: Host: www.aquathin.com
URL: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-encoding: gzip
via: 1.1 varnish
date: Tue, 06 Dec 2022 18:58:04 GMT
x-amz-request-id: T20564Y7D3RA6SSK
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3424
x-amz-id-2: JzmBc+0KrG8L4JNepsScIdQpVw/SnwbGUhqK924PY0fgDjyU8FP0NscI8CkmOujD74bqIO9TckY=
x-served-by: cache-hhn4050-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670353085.505134,VS0,VE0
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7158

GET
H2 200 368.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 8ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/368.2d6a2503-1220.js
Requested by: Host: www.aquathin.com
URL: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-encoding: gzip
via: 1.1 varnish
date: Tue, 06 Dec 2022 18:58:04 GMT
x-amz-request-id: 406FPK2MG5WNY27G
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1443
x-amz-id-2: OdooMZK/bKAJUxKdLYwQ45xMUmnE4aqlvcToKxd49M9xVwa079Mk9FEMcqPyXHB5E0RzJ6Vf0DA=
x-served-by: cache-hhn4050-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670353085.505596,VS0,VE0
etag: "16b4f3676c3859e1378a2ccdebbad675"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10555

GET
H2 200 768.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 9ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/768.2d6a2503-1220.js
Requested by: Host: www.aquathin.com
URL: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: 0CJw6LdyBdZcjhOiVrtC0pLcOFtA3d5G
content-encoding: gzip
via: 1.1 varnish
date: Tue, 06 Dec 2022 18:58:04 GMT
x-amz-request-id: AYJXXD7KXYRGNAVT
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2225
x-amz-id-2: ahIEbi0XH6HCbCITRyboc1UHnx0nbhD+IXlwgUt1W77gaebga6F+8+Y+Vd2xHlJEsyImyjOvVCY=
x-served-by: cache-hhn4050-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670353085.505584,VS0,VE0
etag: "d6cc8b42eda6fd7734014b03b87b5787"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9539

GET
H2 200 775.2d6a2503-1220.js Show response
js-agent.newrelic.com/ 1 KB
1013 B 9ms
9ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/775.2d6a2503-1220.js
Requested by: Host: www.aquathin.com
URL: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-encoding: gzip
via: 1.1 varnish
date: Tue, 06 Dec 2022 18:58:04 GMT
x-amz-request-id: A1P4RQGCEEZH3JZH
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 632
x-amz-id-2: 0iOmcF5Yc4P55/EwlWBrb4yQ3pQhLftlXmttWYvtaiYCF0JmDE3SWomS/HALXnOoPQTxXpF01kU=
x-served-by: cache-hhn4050-HHN
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
server: AmazonS3
x-timer: S1670353085.505857,VS0,VE0
etag: "1dfdb74c0491489bf04c6deadb56add2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 8148

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 54 KB
18 KB 56ms
11ms Script
text/javascript 2600:9000:20eb:4e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.aquathin.com
URL: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c9004ae83e2295bdd8bd45aa3c2114a69e8ebece2d0c9f2bfa834974bd1c1ee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

X-Amz-Version-Id: 9xobUm0MAvJh1LhW_hNgjVEGwDCPHXvN
Content-Encoding: gzip
Via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
Date: Tue, 06 Dec 2022 18:50:46 GMT
Age: 446
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 15:45:06 GMT
Server: AmazonS3
Etag: W/"b1aa61e95e42ee6f3c520b6a2fc39cfa"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: elM8XLIAoVrv-DRk0RxBvKm_MJ11esSUXBNXVQf2vZ6K6uL0h6caQQ==

GET
H/1.1 200
OK f602299662 Show response
bam.nr-data.net/1/ 49 B
528 B 280ms
255ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/f602299662?a=24487519&v=1220.PROD&to=M1FaMUZSXxcAAERdWAobeQZAWl4KTg1fUFI7RFkCUWxHDQQU&rst=2924&ck=0&s=13671af754773360&ref=https://www.aquathin.com/products&ap=206&be=1460&fe=1409&dc=850&perf=%7B%22timing%22:%7B%22of%22:1670353081594,%22n%22:0,%22f%22:352,%22dn%22:353,%22dne%22:407,%22c%22:407,%22s%22:585,%22ce%22:772,%22rq%22:772,%22rp%22:1406,%22rpe%22:1475,%22dl%22:1409,%22di%22:2310,%22ds%22:2310,%22de%22:2327,%22dc%22:2869,%22l%22:2869,%22le%22:2871%7D,%22navigation%22:%7B%7D%7D&fp=2312&fcp=2312&at=HxZZRw5ITBk%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/552.2d6a2503-1220.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Lake Oswego, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 18:58:04 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 7757403a6ad59bef-FRA

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/4FMRQMUAF5DCPPFGNP5LXQ/index.js
https://s.adroll.com/j/exp/index.js

28 B
784 B

14ms
9ms

Script
application/javascript

2600:9000:20eb:4e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Server: 2600:9000:20eb:4e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

X-Amz-Version-Id: 3TnMO1iw0qw17MhnYw4sprJhuU7ahGp7
Date: Tue, 06 Dec 2022 14:45:46 GMT
Via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
Age: 15178
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Fri, 14 Oct 2022 18:57:24 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: uVl_acmfOi9D9ORrBHONfpu4mZQ6v5rv59Y-m59frcf0ptW26VVS_w==

Redirect headers

Date: Mon, 05 Dec 2022 20:14:28 GMT
Via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
Age: 81816
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: UwNJJlmtPTHsD_OdgMiarWjGkdT1NH-fYvMiO_JpNQtGL9Gq8z-H7A==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/4FMRQMUAF5DCPPFGNP5LXQ/RUDHSGNTHFCERD4WKOTYCS/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
755 B

10ms
10ms

Script
application/javascript

2600:9000:20eb:4e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:20eb:4e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Tue, 06 Dec 2022 08:30:48 GMT
Via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
Age: 37649
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: NjOUORfb7i3PAYKXjPR0pBs7vYk8i_cz9J8Jlx-I5oCzTyAYu-zx6A==

Redirect headers

Date: Mon, 05 Dec 2022 20:14:28 GMT
Via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
Age: 81815
X-Amz-Cf-Pop: FRA2-C1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: jecf3UPy4QQOs5AWy9UyNGEo79aRo8vDdZTgK4NECE7k1MkpfXGqpA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/4FMRQMUAF5DCPPFGNP5LXQ/RUDHSGNTHFCERD4WKOTYCS/ 0
775 B 619ms
602ms Script
text/javascript 2600:9000:20eb:4e00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/4FMRQMUAF5DCPPFGNP5LXQ/RUDHSGNTHFCERD4WKOTYCS/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4e00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Tue, 06 Dec 2022 18:58:06 GMT
X-Amz-Version-Id: d0phSv6aQwjnrAPnmxoSCuBYpfFdlAVQ
Via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Tue, 06 Dec 2022 01:18:54 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: pnQaBkbj1jKfahT-QXox7MYbmYXxYl_MKQUz3FgQAlr9TBSX8Vxgng==

GET
H2 200 4FMRQMUAF5DCPPFGNP5LXQ Show response
d.adroll.com/consent/check/ 463 B
556 B 122ms
31ms Script
application/javascript 2a05:d018:cc3:fe05:6474:e766:da11:808b
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/4FMRQMUAF5DCPPFGNP5LXQ?pv=30434798552.615482&arrfrr=https%3A%2F%2Fwww.aquathin.com%2Fproducts%3Futm_source%3Dtargetbay%26utm_medium%3Demail%26utm_campaign%3Durgent-aquathin-email-host-provider-ransom-hacked%26utm_token%3DMv2mjW8QTePxxCq8HggV1670344567%26token%3DMv2mjW8QTePxxCq8HggV1670344567%26campaign_id%3D24606&_s=1039348d14e3244e1fa6f9b61cf415c0&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:6474:e766:da11:808b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: 9381bee5bcb8693e9e50b2f4e17ee85b1f7e3fb9f418b06c7c93aa5db9ee04ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.aquathin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 18:58:04 GMT
server: nginx/1.22.0
content-length: 463
content-type: application/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.miniclip.com
URL: http://www.miniclip.com/js/game-embed.js

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.aquathin.com/	1969-12-31 23:59:59	Name: has_js Value: 1
.aquathin.com/	1970-01-20 17:35:13	Name: _ga Value: GA1.2.826452719.1670353084
.aquathin.com/	1970-01-20 08:00:39	Name: _gid Value: GA1.2.1122590198.1670353084
.aquathin.com/	1970-01-20 07:59:13	Name: _gat Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606 Message: Mixed Content: The page at 'https://www.aquathin.com/products?utm_source=targetbay&utm_medium=email&utm_campaign=urgent-aquathin-email-host-provider-ransom-hacked&utm_token=Mv2mjW8QTePxxCq8HggV1670344567&token=Mv2mjW8QTePxxCq8HggV1670344567&campaign_id=24606' was loaded over HTTPS, but requested an insecure script 'http://www.miniclip.com/js/game-embed.js'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
d.adroll.com
email.targetbay.net
js-agent.newrelic.com
netdna.bootstrapcdn.com
s.adroll.com
www.aquathin.com
www.google-analytics.com
www.miniclip.com
www.miniclip.com
151.101.194.137
162.247.241.14
2600:9000:20eb:4e00:6:9280:1080:93a1
2606:4700::6812:bcf
2620:12a:8000::4
2a00:1450:4001:82b::200e
2a05:d018:cc3:fe05:6474:e766:da11:808b
34.86.85.56
0a462da61533cc75f77e6f2510ee7c34f9912153e16cfff1860982d41b76304a
0d839c2b30f5a49fb1d5feddad6ffe767b4a4e8dee70e675b6d4aaafd638633c
0dd53ceca07de8b1b2c16d9fee7a1d33dc90bc462a24abd38b2b9da7b8d27bc2
1430f42c0d760ba8e05bb3762480502e541f654fec5739ee40625ab22dc38c4f
22fb6cfd3a5a66a58c73b55d1acd8d1120d652d93ad625d28c6cc762992aa0db
290570ec87160eb54659973bbac1ec5329c375ee9ca1e9afbbfe4e9fbbc6726d
2b2f88606e0e67ca512cb458ab89f1c48a1ea9109e28c7be9f925b59e478bafc
2e0409a5c07795fdd2e472e5fc8a723cf7076de849d5050966b5e2cc58741df5
2e08dccbd4d8b728a6871562995a4636b89bfe0ed3b8fb0138191c922228b116
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
321caf3b5deae5f4be6261374b509b793eacc09762074aa1ae7471f7ad6369a3
4569fbfef2a73b2369d1e070a2ce3511f5a8c6a22a7cd6d61baf4982e75a21ee
50f8d8e45f6742713a156c9fcf1b20d7c8c2dbddc7c649b76ee377775c6c4b83
517364f2d45162fb5037437b5b6cb953d00d9b2b3b79ba87d9fe57ea6ee6070c
596cb5efcea1a31463ea879d1830c58058ecb10823d09b03ff6e72722593c6d1
5971f6be7dd027c9ebffed9ecd236e85d7ffacaf6f7dc2801bbeb1281dea06f2
5d6c6db892cbcd7fdadaa1a92835cab6e3b7f7af4d1a778537872bbbf62e6e90
6168edbb02a3f9cdf29e64de6a478fef3051d5fbdf4397c5c9dc3d5127474043
635d74c1974cf349501b95289f5197792ce1fc02880c968c3a04bd75c730b2bf
63eeb9baf46a801bccb55ef3c1a60610e820d57f90814480a393a0ec8edb36a3
64d13e30d73f44f2f9159153ee36278be20c5dae1ba44d605a7460c15739270f
722fa030c079086667469df56eeea6f6feeb954afa196f19365391d675968a46
77483600e47e15c33dde95c3fd00beffb44bcfca12fca69a8f1370de6fc780ad
7b05005d4e5e4e664457c7d6d716abe4508c6637e65a68d310027b7a79538359
8677971b119ccdb82af697ff0e08f218490d15116f221d44301f1cc8797e67d4
88307f9b98de9f43afe97d6b3961f3bea4a715e05d9e48b1e0a604d01dcaf786
8b5786c6b84b1f023686e9cf007d922540cd566c3de11f5a18c48fc6ca1c919d
8ddd16e82813d3b21156531806bf2621098f1315544b9dd93386b42fea3b6633
9381bee5bcb8693e9e50b2f4e17ee85b1f7e3fb9f418b06c7c93aa5db9ee04ed
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a2c74ab04b5d1f64cc9a9f3e71134f18c11474d89f84afa75b4eec48875d781b
af1b0af8ac5ab8b4fc633e4280b82647cc15add88d49bec4d9060e9c4d2c3e92
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6027cf32b19954963e2c73a373f22aaba4b070acd6d9f7c2632573d10fa34a3
b82a7e3de0f28545976b6ea127ed6d815e1e675322e869f21532184a7244fc56
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bc15a8e8ff9e625329821c3fc68fde6916e9a6caf33e5273a622442dc87864f8
bd906c18b666e415e82bbfcae126f556904af6e0846cc641c204bdf94bcabb92
bf6028e15a460586c16adb0210d268374501f60ecf36f11e554e2ffd089c636b
c0e36784dc21a29c3964c9241c2bc7f435038deee5a803342f29d3a0ba2ceb22
c54103ba57ee210ca55c052e70415402707548a4e6a68dd6efb3895019bee392
c9004ae83e2295bdd8bd45aa3c2114a69e8ebece2d0c9f2bfa834974bd1c1ee5
cc57a8b0331889f084a5084de4d4e756fa77c62e6cea3ab1f95e8b4f05e04866
d0bbad771a8a5ac5f9446791109693aeca1d676d44ced48f8514857f7d3e6fd0
d2189bb7f1a9e972440d407178f0664aa5236f5e6371bcf030b11d92fcce71d6
dd3e6626ae1bb80e6dfb8a95dc8388b5d0c1d8fe31d8ef64e86949e75ffb49a1
e0a26a1ea9be40cca40ba8fa9085fc9114e14171022777b7e9010638cbde935b
e0bd65fce58cc59e079db23dd44c28d415b3c364b8f0cb6012bbcb4d7cce8775
e22318b77e063879ee9006a9c20637293a89445dd95b83f13e0d0a9ce8162a4c
e3ad317a103b4271c6d00cb97957c0d8e0f5bfd6cdc74976d022dd526963ecdf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e7fb26e020762fa002738564c804f02118ee98e8a4b2ee6a5694be112f929a
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fad84efa145fb507e5df9b582fa01b1c4e6313de7f72ebdd55726d92fa4dbf06
ff7750952a601dbf03688b01a2eced6e5671a8335393eb063201bb732f12c99a

www.aquathin.com Open in urlscan Pro 2620:12a:8000::4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

95 %HTTPS

63 %IPv6

8 Domains

9 Subdomains

8 IPs

3 Countries

671 kBTransfer

1023 kBSize

4 Cookies

3 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.aquathin.com Open in urlscan Pro
2620:12a:8000::4 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

95 %
HTTPS

63 %
IPv6

8
Domains

9
Subdomains

8
IPs

3
Countries

671 kB
Transfer

1023 kB
Size

4
Cookies

57 HTTP transactions
0 data transactions