zbank1.ga Open in urlscan Pro
2606:4700:30::6818:6df2  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response zbank1.ga/data/	89 KB 44 KB	364ms 338ms	Document text/html	2606:4700:30::6818:6df2 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://zbank1.ga/data/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::6818:6df2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 38bd4be34f1d7d54c49796aaf2efc3e9fc99679ded44162af19394bcdd48f8d1 Request headers :method GET :authority zbank1.ga :scheme https :path /data/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 date Sat, 17 Nov 2018 22:30:30 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d6036601eccf88c53a3a8624e1783735a1542493829; expires=Sun, 17-Nov-19 22:30:29 GMT; path=/; domain=.zbank1.ga; HttpOnly vary Accept-Encoding expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 47b5a46478a763eb-FRA content-encoding gzip
GET H2	200	bootstrap.css zbank1.ga/data/	118 KB 19 KB	16ms 15ms	Stylesheet text/css	2606:4700:30::6818:6df2 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://zbank1.ga/data/bootstrap.css Requested by Host: zbank1.ga URL: https://zbank1.ga/data/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::6818:6df2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 7cefebe9bf9c320bc2d92610c8b1a13be53b413b6bdeefcc209b327a58549fcc Request headers :path /data/bootstrap.css pragma no-cache cookie __cfduid=d6036601eccf88c53a3a8624e1783735a1542493829 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,*/*;q=0.1 cache-control no-cache :authority zbank1.ga referer https://zbank1.ga/data/ :scheme https :method GET Referer https://zbank1.ga/data/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sat, 17 Nov 2018 22:30:30 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 31 Jul 2018 12:21:11 GMT server cloudflare etag W/"1d9c6-5724a9d043bc0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-polished origSize=121286 cf-bgj minify cf-ray 47b5a46699a663eb-FRA expires Sun, 18 Nov 2018 02:30:30 GMT
GET H2	200	style.css zbank1.ga/data/	22 KB 5 KB	12ms 11ms	Stylesheet text/css	2606:4700:30::6818:6df2 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://zbank1.ga/data/style.css Requested by Host: zbank1.ga URL: https://zbank1.ga/data/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::6818:6df2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 542f5082c5849db118faf5a9b2e147a879be20d771b3e23466190bb9dce2ec34 Request headers :path /data/style.css pragma no-cache cookie __cfduid=d6036601eccf88c53a3a8624e1783735a1542493829 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,*/*;q=0.1 cache-control no-cache :authority zbank1.ga referer https://zbank1.ga/data/ :scheme https :method GET Referer https://zbank1.ga/data/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sat, 17 Nov 2018 22:30:30 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 31 Jul 2018 12:21:11 GMT server cloudflare etag W/"5ac0-5724a9d043bc0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-polished origSize=23232 cf-bgj minify cf-ray 47b5a46699a763eb-FRA expires Sun, 18 Nov 2018 02:30:30 GMT
GET H2	200	translator.htm zbank1.ga/data/	360 B 345 B	310ms 308ms	Stylesheet text/html	2606:4700:30::6818:6df2 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://zbank1.ga/data/translator.htm Requested by Host: zbank1.ga URL: https://zbank1.ga/data/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::6818:6df2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e78473deb86a9526a946b1a67340e92c28364570eec733b6b0e5f9074027bcaa Request headers :path /data/translator.htm pragma no-cache cookie __cfduid=d6036601eccf88c53a3a8624e1783735a1542493829 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,*/*;q=0.1 cache-control no-cache :authority zbank1.ga referer https://zbank1.ga/data/ :scheme https :method GET Referer https://zbank1.ga/data/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sat, 17 Nov 2018 22:30:30 GMT content-encoding gzip last-modified Tue, 31 Jul 2018 12:21:11 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html status 200 cf-ray 47b5a46699a863eb-FRA
GET H2	200	alert.css zbank1.ga/data/	3 KB 933 B	11ms 11ms	Stylesheet text/css	2606:4700:30::6818:6df2 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://zbank1.ga/data/alert.css Requested by Host: zbank1.ga URL: https://zbank1.ga/data/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::6818:6df2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash e4113c5c9a786841db2b70edc02f02da379b2a37605580dafbabd0f8036c33e9 Request headers :path /data/alert.css pragma no-cache cookie __cfduid=d6036601eccf88c53a3a8624e1783735a1542493829 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/css,*/*;q=0.1 cache-control no-cache :authority zbank1.ga referer https://zbank1.ga/data/ :scheme https :method GET Referer https://zbank1.ga/data/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sat, 17 Nov 2018 22:30:30 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 31 Jul 2018 12:21:11 GMT server cloudflare etag W/"bfe-5724a9d043bc0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control public, max-age=14400 cf-polished status=cannot_optimize cf-bgj minify cf-ray 47b5a46699a963eb-FRA expires Sun, 18 Nov 2018 02:30:30 GMT
GET S	200	rocket-loader.min.js Show response ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/	11 KB 4 KB	31ms 8ms	Script application/javascript	2606:4700::6813:c797 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js Requested by Host: zbank1.ga URL: https://zbank1.ga/data/ Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 3493abbdef3202f502f59b11be045f3b4df6d94f047d882da751dc36087a31b0 Security Headers Name Value Strict-Transport-Security max-age=15780000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers Referer https://zbank1.ga/data/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sat, 17 Nov 2018 22:30:30 GMT content-encoding gzip vary Accept-Encoding last-modified Thu, 15 Nov 2018 18:24:37 GMT server cloudflare etag W/"5bedb9e5-2ba8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN content-type application/javascript status 200 cache-control max-age=172800, public strict-transport-security max-age=15780000; includeSubDomains cf-ray 47b5a466c90e96b8-FRA expires Mon, 19 Nov 2018 22:30:30 GMT
GET H2	200	windows.png zbank1.ga/data/	2 KB 3 KB	11ms 11ms	Image image/png	2606:4700:30::6818:6df2 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://zbank1.ga/data/windows.png Requested by Host: zbank1.ga URL: https://zbank1.ga/data/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::6818:6df2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 9e590c1c5e7601413a44e2c7b8611dab5fb2ee6d6287d3c88bf137465279ef54 Request headers :path /data/windows.png pragma no-cache cookie __cfduid=d6036601eccf88c53a3a8624e1783735a1542493829 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept image/webp,image/apng,image/*,*/*;q=0.8 cache-control no-cache :authority zbank1.ga referer https://zbank1.ga/data/ :scheme https :method GET Referer https://zbank1.ga/data/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sat, 17 Nov 2018 22:30:30 GMT cf-cache-status HIT last-modified Tue, 31 Jul 2018 12:21:11 GMT server cloudflare etag "9d3-5724a9d043bc0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control public, max-age=14400 accept-ranges bytes cf-ray 47b5a4679a3763eb-FRA content-length 2515 expires Sun, 18 Nov 2018 02:30:30 GMT
GET S	200	js Show response www.googletagmanager.com/gtag/	87 KB 32 KB	49ms 48ms	Script application/javascript	2a00:1450:4001:80b::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-123185418-1 Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:80b::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager (scaffolding) / Resource Hash e2cefd2a3e15d0a0a1a8eaa799b43a6a724369860598287de4c8001290132fb7 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer https://zbank1.ga/data/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sat, 17 Nov 2018 22:30:30 GMT content-encoding gzip server Google Tag Manager (scaffolding) access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 32167 x-xss-protection 1; mode=block expires Sat, 17 Nov 2018 22:30:30 GMT
GET H2	200	js15_as.htm Show response zbank1.ga/data/	353 B 335 B	335ms 335ms	Script text/html	2606:4700:30::6818:6df2 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://zbank1.ga/data/js15_as.htm Requested by Host: ajax.cloudflare.com URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::6818:6df2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 1a710939cdd55b29cf0d747d7ed6d3600882e4835dc2b38bc3ced8024d80e80b Request headers :path /data/js15_as.htm pragma no-cache cookie __cfduid=d6036601eccf88c53a3a8624e1783735a1542493829 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority zbank1.ga referer https://zbank1.ga/data/ :scheme https :method GET Referer https://zbank1.ga/data/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sat, 17 Nov 2018 22:30:30 GMT content-encoding gzip last-modified Tue, 31 Jul 2018 12:21:11 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html status 200 cf-ray 47b5a4689ac263eb-FRA
GET H2	200	a.htm Show response zbank1.ga/data/ Frame 4AAE	425 B 368 B	328ms 328ms	Document text/html	2606:4700:30::6818:6df2 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://zbank1.ga/data/a.htm Requested by Host: zbank1.ga URL: https://zbank1.ga/data/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::6818:6df2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash b5c4092fcc19018d4f66321d4b5f1088dbda4fb6dc3c83799319c6764bd7c20b Request headers :method GET :authority zbank1.ga :scheme https :path /data/a.htm pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 referer https://zbank1.ga/data/ accept-encoding gzip, deflate cookie __cfduid=d6036601eccf88c53a3a8624e1783735a1542493829 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://zbank1.ga/data/ Response headers status 200 date Sat, 17 Nov 2018 22:30:30 GMT content-type text/html vary Accept-Encoding last-modified Tue, 31 Jul 2018 12:21:11 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 47b5a468aac563eb-FRA content-encoding gzip
GET DATA	200 OK	truncated /	239 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bd08b9849632e73574f62ca80572a17f9bbd9bb1010fe8c6380e641460abd96c Request headers Response headers Access-Control-Allow-Origin * Content-Type image/png
GET H2	404	glyphicons-halflings-regular.woff2 zbank1.ga/fonts/	0 0	327ms 326ms	Font text/html	2606:4700:30::6818:6df2 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://zbank1.ga/fonts/glyphicons-halflings-regular.woff2 Requested by Host: zbank1.ga URL: https://zbank1.ga/data/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::6818:6df2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /fonts/glyphicons-halflings-regular.woff2 pragma no-cache cookie __cfduid=d6036601eccf88c53a3a8624e1783735a1542493829 origin https://zbank1.ga accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority zbank1.ga referer https://zbank1.ga/data/bootstrap.css :scheme https :method GET User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://zbank1.ga/data/bootstrap.css Origin https://zbank1.ga Response headers date Sat, 17 Nov 2018 22:30:30 GMT content-encoding gzip cf-cache-status EXPIRED server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control public, max-age=14400 cf-ray 47b5a468bad263eb-FRA expires Sun, 18 Nov 2018 02:30:30 GMT
GET H2	206	fr.mp3 zbank1.ga/data/	100 KB 0	336ms 336ms	Media audio/mpeg	2606:4700:30::6818:6df2 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://zbank1.ga/data/fr.mp3 Requested by Host: zbank1.ga URL: https://zbank1.ga/data/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::6818:6df2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /data/fr.mp3 pragma no-cache cookie __cfduid=d6036601eccf88c53a3a8624e1783735a1542493829 accept-encoding identity;q=1, *;q=0 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 chrome-proxy frfr accept */* cache-control no-cache :authority zbank1.ga referer https://zbank1.ga/data/ :scheme https range bytes=0- :method GET Referer https://zbank1.ga/data/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Range bytes=0- chrome-proxy frfr Response headers date Sat, 17 Nov 2018 22:30:30 GMT last-modified Tue, 31 Jul 2018 12:21:11 GMT server cloudflare etag "8c3ca-5724a9d043bc0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 206 content-type audio/mpeg Content-Range bytes 0-574409/574410 accept-ranges bytes cf-ray 47b5a468eae863eb-FRA Content-Length 574410
GET H2	206	fr.mp3 zbank1.ga/data/	14 KB 0	309ms 309ms	Media audio/mpeg	2606:4700:30::6818:6df2 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://zbank1.ga/data/fr.mp3 Requested by Host: zbank1.ga URL: https://zbank1.ga/data/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::6818:6df2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /data/fr.mp3 pragma no-cache cookie __cfduid=d6036601eccf88c53a3a8624e1783735a1542493829 accept-encoding identity;q=1, *;q=0 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 chrome-proxy frfr accept */* cache-control no-cache :authority zbank1.ga referer https://zbank1.ga/data/ :scheme https range bytes=0- :method GET Referer https://zbank1.ga/data/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Range bytes=0- chrome-proxy frfr Response headers date Sat, 17 Nov 2018 22:30:30 GMT last-modified Tue, 31 Jul 2018 12:21:11 GMT server cloudflare etag "8c3ca-5724a9d043bc0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" status 206 content-type audio/mpeg Content-Range bytes 0-574409/574410 accept-ranges bytes cf-ray 47b5a468eae963eb-FRA Content-Length 574410
GET S	200	analytics.js Show response www.google-analytics.com/	43 KB 17 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80b::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-123185418-1 Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:80b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://zbank1.ga/data/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Mon, 05 Nov 2018 21:10:09 GMT server Golfe2 age 5036 date Sat, 17 Nov 2018 21:06:34 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 17404 expires Sat, 17 Nov 2018 23:06:34 GMT
GET S	200	collect www.google-analytics.com/r/	35 B 111 B	15ms 14ms	Image image/gif	2a00:1450:4001:80b::200e Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j72&a=1429805152&t=pageview&_s=1&dl=https%3A%2F%2Fzbank1.ga%2Fdata%2F&ul=en-us&de=UTF-8&dt=Information&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1461678992&gjid=992294763&cid=1233918340.1542493831&tid=UA-123185418-1&_gid=1108985931.1542493831&_r=1&gtm=2oubc0&z=279583549 Requested by Host: zbank1.ga URL: https://zbank1.ga/data/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:80b::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://zbank1.ga/data/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Sat, 17 Nov 2018 22:30:30 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	404	glyphicons-halflings-regular.woff zbank1.ga/fonts/	0 0	345ms 344ms	Font text/html	2606:4700:30::6818:6df2 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://zbank1.ga/fonts/glyphicons-halflings-regular.woff Requested by Host: zbank1.ga URL: https://zbank1.ga/data/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::6818:6df2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /fonts/glyphicons-halflings-regular.woff pragma no-cache cookie __cfduid=d6036601eccf88c53a3a8624e1783735a1542493829; _ga=GA1.2.1233918340.1542493831; _gid=GA1.2.1108985931.1542493831; _gat_gtag_UA_123185418_1=1 origin https://zbank1.ga accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority zbank1.ga referer https://zbank1.ga/data/bootstrap.css :scheme https :method GET User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://zbank1.ga/data/bootstrap.css Origin https://zbank1.ga Response headers date Sat, 17 Nov 2018 22:30:31 GMT content-encoding gzip cf-cache-status EXPIRED server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control public, max-age=14400 cf-ray 47b5a46acbfe63eb-FRA expires Sun, 18 Nov 2018 02:30:31 GMT
GET H2	404	glyphicons-halflings-regular.ttf zbank1.ga/fonts/	0 0	329ms 329ms	Font text/html	2606:4700:30::6818:6df2 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://zbank1.ga/fonts/glyphicons-halflings-regular.ttf Requested by Host: zbank1.ga URL: https://zbank1.ga/data/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::6818:6df2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /fonts/glyphicons-halflings-regular.ttf pragma no-cache cookie __cfduid=d6036601eccf88c53a3a8624e1783735a1542493829; _ga=GA1.2.1233918340.1542493831; _gid=GA1.2.1108985931.1542493831; _gat_gtag_UA_123185418_1=1 origin https://zbank1.ga accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority zbank1.ga referer https://zbank1.ga/data/bootstrap.css :scheme https :method GET User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer https://zbank1.ga/data/bootstrap.css Origin https://zbank1.ga Response headers date Sat, 17 Nov 2018 22:30:31 GMT content-encoding gzip cf-cache-status EXPIRED server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control public, max-age=14400 cf-ray 47b5a46cfd7d63eb-FRA expires Sun, 18 Nov 2018 02:30:31 GMT
GET H2	404	js15_as.js zbank1.ga/s10.histats.com/	0 0	329ms 329ms	Script text/html	2606:4700:30::6818:6df2 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://zbank1.ga/s10.histats.com/js15_as.js Requested by Host: zbank1.ga URL: https://zbank1.ga/data/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700:30::6818:6df2 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash Request headers :path /s10.histats.com/js15_as.js pragma no-cache cookie __cfduid=d6036601eccf88c53a3a8624e1783735a1542493829; _ga=GA1.2.1233918340.1542493831; _gid=GA1.2.1108985931.1542493831; _gat_gtag_UA_123185418_1=1 accept-encoding gzip, deflate user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept */* cache-control no-cache :authority zbank1.ga referer https://zbank1.ga/data/ :scheme https :method GET Referer https://zbank1.ga/data/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Sat, 17 Nov 2018 22:30:31 GMT content-encoding gzip cf-cache-status EXPIRED server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=iso-8859-1 status 404 cache-control public, max-age=14400 cf-ray 47b5a46f0ed763eb-FRA expires Sun, 18 Nov 2018 02:30:31 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft Defender (Consumer) Generic (Online) Tech Support Scam (Consumer)

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer undefined| isChromium string| vendorName boolean| isOpera boolean| isIEedge function| getURLParameter string| error object| __cfQR object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| stroka function| toggleFullScreen string| subid string| clickid string| postback boolean| cl boolean| isFullScreen function| kzogExQSrDChY4Iq function| setCookie function| hTRnKeAy1lgYB4La function| gpAkSJDl9ENT5gLQ function| eKxJS2GzrfWPEjgm function| hCPNapvlhFicLoDm function| hxvw7JrbMUZBqVhN function| f5WOxk2dF74GMRLf function| dsfsf function| addEvent function| removeEvent string| nomer string| red object| _Hasync

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.zbank1.ga/	1970-01-18 20:28:13	Name: _gat_gtag_UA_123185418_1 Value: 1
			.zbank1.ga/	1970-01-19 13:59:25	Name: _ga Value: GA1.2.1233918340.1542493831
			.zbank1.ga/	1970-01-18 20:29:40	Name: _gid Value: GA1.2.1108985931.1542493831
			.zbank1.ga/	1970-01-19 05:13:49	Name: __cfduid Value: d6036601eccf88c53a3a8624e1783735a1542493829

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
www.google-analytics.com
www.googletagmanager.com
zbank1.ga
2606:4700:30::6818:6df2
2606:4700::6813:c797
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
1a710939cdd55b29cf0d747d7ed6d3600882e4835dc2b38bc3ced8024d80e80b
3493abbdef3202f502f59b11be045f3b4df6d94f047d882da751dc36087a31b0
38bd4be34f1d7d54c49796aaf2efc3e9fc99679ded44162af19394bcdd48f8d1
542f5082c5849db118faf5a9b2e147a879be20d771b3e23466190bb9dce2ec34
7cefebe9bf9c320bc2d92610c8b1a13be53b413b6bdeefcc209b327a58549fcc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9e590c1c5e7601413a44e2c7b8611dab5fb2ee6d6287d3c88bf137465279ef54
b5c4092fcc19018d4f66321d4b5f1088dbda4fb6dc3c83799319c6764bd7c20b
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
bd08b9849632e73574f62ca80572a17f9bbd9bb1010fe8c6380e641460abd96c
e2cefd2a3e15d0a0a1a8eaa799b43a6a724369860598287de4c8001290132fb7
e4113c5c9a786841db2b70edc02f02da379b2a37605580dafbabd0f8036c33e9
e78473deb86a9526a946b1a67340e92c28364570eec733b6b0e5f9074027bcaa