urlscan.io logo urlscan.io
SecurityTrails logo

beliveingreenmind.ga Open in urlscan Pro
178.128.241.54  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://jakobi-berger.de/
Effective URL: https://beliveingreenmind.ga/?p=hbqwczrvmq5gi3bpguytsmy&sub1=ratchel&sub2=ramil.forloc
Submission: On January 12 via manual from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 20 HTTP transactions. The main IP is 178.128.241.54, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is beliveingreenmind.ga.
TLS certificate: Issued by R3 on December 10th 2020. Valid for: 3 months.
This is the only time beliveingreenmind.ga was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 13 2a00:1158:400... 8972 (GD-EMEA-D...)
5 45.9.148.32 49447 (NICEIT)
2 95.181.157.242 207319 (MSKHOST)
1 178.128.241.54 14061 (DIGITALOC...)
20 5
Domain Requested by
13 jakobi-berger.de 5 redirects jakobi-berger.de
5 main.travelfornamewalking.ga jakobi-berger.de
2 volume.travelfornamewalking.ga main.travelfornamewalking.ga
volume.travelfornamewalking.ga
1 beliveingreenmind.ga volume.travelfornamewalking.ga
0 https Failed jakobi-berger.de
20 5

This site contains no links.

Subject Issuer Validity Valid
main.travelfornamewalking.ga
R3		 2021-01-04 -
2021-04-04		 3 months crt.sh
volume.travelfornamewalking.ga
R3		 2021-01-04 -
2021-04-04		 3 months crt.sh
beliveingreenmind.ga
R3		 2020-12-10 -
2021-03-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://beliveingreenmind.ga/?p=hbqwczrvmq5gi3bpguytsmy&sub1=ratchel&sub2=ramil.forloc
Frame ID: 2C049E937D88D6493D3C6DE803C97089
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://jakobi-berger.de/ Page URL
  2. https://volume.travelfornamewalking.ga/goto?ad_campaign_id=95845 Page URL
  3. https://beliveingreenmind.ga/?p=hbqwczrvmq5gi3bpguytsmy&sub1=ratchel&sub2=ramil.forloc Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

20
Requests

40 %
HTTPS

25 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

499 kB
Transfer

507 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://jakobi-berger.de/ Page URL
  2. https://volume.travelfornamewalking.ga/goto?ad_campaign_id=95845 Page URL
  3. https://beliveingreenmind.ga/?p=hbqwczrvmq5gi3bpguytsmy&sub1=ratchel&sub2=ramil.forloc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://jakobi-berger.de/https;//main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/assets/font-awesome/css/font-awesome.min.css HTTP 301
  • http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/assets/font-awesome/css/font-awesome.min.css
Request Chain 6
  • http://jakobi-berger.de/https;//main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/images/logo.png HTTP 301
  • http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/images/logo.png
Request Chain 8
  • http://jakobi-berger.de/https;//main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/images/watermark.png HTTP 301
  • http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/images/watermark.png
Request Chain 10
  • http://jakobi-berger.de/https;//main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-includes/js/wp-emoji-release.min.js?ver=5.3.6 HTTP 301
  • http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-includes/js/wp-emoji-release.min.js?ver=5.3.6
Request Chain 13
  • http://jakobi-berger.de/https;//main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/assets/font-awesome/css/font-awesome.min.css HTTP 301
  • http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/assets/font-awesome/css/font-awesome.min.css

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
jakobi-berger.de/ 		12 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://jakobi-berger.de/
Protocol
HTTP/1.1
Server
2a00:1158:400:407::47d , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache / PHP/7.3.10
Resource Hash
040b41c024939a3be94346af41f59d7b92b77639d7ccd6dcfbcbfa1a2a529877

Request headers

Host
jakobi-berger.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 08:55:24 GMT
Server
Apache
X-Powered-By
PHP/7.3.10
Keep-Alive
timeout=2, max=500
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
det.php
main.travelfornamewalking.ga/ 		1 KB
721 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Fstyle.min.css&ver=5.3.6
Requested by
Host: jakobi-berger.de
URL: http://jakobi-berger.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.9.148.32 , Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
b73c6ce8027a3b446295ee42e9da44637e46a9211e5ac4b4985f41dda16d5e46

Request headers

Referer
http://jakobi-berger.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 08:55:17 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
det.php
main.travelfornamewalking.ga/ 		1 KB
720 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211%2Fwp-content%2Fthemes%2Fkz_tmpl%2Fstyle.css&ver=5.3.6
Requested by
Host: jakobi-berger.de
URL: http://jakobi-berger.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.9.148.32 , Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
b73c6ce8027a3b446295ee42e9da44637e46a9211e5ac4b4985f41dda16d5e46

Request headers

Referer
http://jakobi-berger.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 08:55:17 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
det.php
main.travelfornamewalking.ga/ 		1 KB
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.js&ver=1.12.4-wp
Requested by
Host: jakobi-berger.de
URL: http://jakobi-berger.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.9.148.32 , Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
b73c6ce8027a3b446295ee42e9da44637e46a9211e5ac4b4985f41dda16d5e46

Request headers

Referer
http://jakobi-berger.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 08:55:17 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
det.php
main.travelfornamewalking.ga/ 		1 KB
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211%2Fwp-includes%2Fjs%2Fjquery%2Fjquery-migrate.min.js&ver=1.4.1
Requested by
Host: jakobi-berger.de
URL: http://jakobi-berger.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.9.148.32 , Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
b73c6ce8027a3b446295ee42e9da44637e46a9211e5ac4b4985f41dda16d5e46

Request headers

Referer
http://jakobi-berger.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 08:55:17 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
det.php
jakobi-berger.de/https;/main.travelfornamewalking.ga/
Redirect Chain
  • http://jakobi-berger.de/https;//main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/assets/font-awesome/css/font-awesome.min.css
  • http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/assets/font-awesome/css/font-awesome.min.css
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/assets/font-awesome/css/font-awesome.min.css
Requested by
Host: jakobi-berger.de
URL: http://jakobi-berger.de/
Protocol
HTTP/1.1
Server
2a00:1158:400:407::47d , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache / PHP/7.3.10
Resource Hash

Request headers

Referer
http://jakobi-berger.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 08:55:24 GMT
Server
Apache
X-Powered-By
PHP/7.3.10
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://port.transandfiestas.ga/loc.php?id=34322-35-236-211/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=2, max=499
Expires
Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date
Tue, 12 Jan 2021 08:55:24 GMT
Server
Apache
X-Powered-By
PHP/7.3.10
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/assets/font-awesome/css/font-awesome.min.css
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=499
X-Redirect-By
WordPress
Expires
Wed, 11 Jan 1984 05:00:00 GMT
det.php
jakobi-berger.de/https;/main.travelfornamewalking.ga/
Redirect Chain
  • http://jakobi-berger.de/https;//main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/images/logo.png
  • http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/images/logo.png
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/images/logo.png
Requested by
Host: jakobi-berger.de
URL: http://jakobi-berger.de/
Protocol
HTTP/1.1
Server
2a00:1158:400:407::47d , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache / PHP/7.3.10
Resource Hash
4002c22d5e9161f2840f447f69f926ed5837fa6a889759f591d78451212f7677

Request headers

Referer
http://jakobi-berger.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 08:55:24 GMT
Server
Apache
X-Powered-By
PHP/7.3.10
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://port.transandfiestas.ga/loc.php?id=34322-35-236-211/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=2, max=499
Expires
Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date
Tue, 12 Jan 2021 08:55:24 GMT
Server
Apache
X-Powered-By
PHP/7.3.10
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/images/logo.png
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=500
X-Redirect-By
WordPress
Expires
Wed, 11 Jan 1984 05:00:00 GMT
js.php
https//port.transandfiestas.ga/ 		0
0
det.php
jakobi-berger.de/https;/main.travelfornamewalking.ga/
Redirect Chain
  • http://jakobi-berger.de/https;//main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/images/watermark.png
  • http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/images/watermark.png
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/images/watermark.png
Requested by
Host: jakobi-berger.de
URL: http://jakobi-berger.de/
Protocol
HTTP/1.1
Server
2a00:1158:400:407::47d , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache / PHP/7.3.10
Resource Hash
c1977699bb1c68bae0da89f2ce5d787f884a2d0f568137038d81d184d2f91959

Request headers

Referer
http://jakobi-berger.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 08:55:24 GMT
Server
Apache
X-Powered-By
PHP/7.3.10
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://port.transandfiestas.ga/loc.php?id=34322-35-236-211/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=2, max=500
Expires
Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date
Tue, 12 Jan 2021 08:55:24 GMT
Server
Apache
X-Powered-By
PHP/7.3.10
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/images/watermark.png
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=500
X-Redirect-By
WordPress
Expires
Wed, 11 Jan 1984 05:00:00 GMT
det.php
main.travelfornamewalking.ga/ 		1 KB
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211%2Fwp-includes%2Fjs%2Fwp-embed.min.js&ver=5.3.6
Requested by
Host: jakobi-berger.de
URL: http://jakobi-berger.de/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.9.148.32 , Netherlands, ASN49447 (NICEIT, DM),
Reverse DNS
Software
nginx /
Resource Hash
b73c6ce8027a3b446295ee42e9da44637e46a9211e5ac4b4985f41dda16d5e46

Request headers

Referer
http://jakobi-berger.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 12 Jan 2021 08:55:17 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
det.php
jakobi-berger.de/https;/main.travelfornamewalking.ga/
Redirect Chain
  • http://jakobi-berger.de/https;//main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-includes/js/wp-emoji-release.min.js?ver=5.3.6
  • http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-includes/js/wp-emoji-release.min.js?ver=5.3.6
0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-includes/js/wp-emoji-release.min.js?ver=5.3.6
Requested by
Host: jakobi-berger.de
URL: http://jakobi-berger.de/
Protocol
HTTP/1.1
Server
2a00:1158:400:407::47d , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache / PHP/7.3.10
Resource Hash

Request headers

Referer
http://jakobi-berger.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 08:55:24 GMT
Server
Apache
X-Powered-By
PHP/7.3.10
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://port.transandfiestas.ga/loc.php?id=34322-35-236-211/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=2, max=497
Expires
Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date
Tue, 12 Jan 2021 08:55:24 GMT
Server
Apache
X-Powered-By
PHP/7.3.10
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-includes/js/wp-emoji-release.min.js?ver=5.3.6
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=498
X-Redirect-By
WordPress
Expires
Wed, 11 Jan 1984 05:00:00 GMT
local
volume.travelfornamewalking.ga/ 		321 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://volume.travelfornamewalking.ga/local?se_referrer=&default_keyword=Jakobi%20%E2%80%93%20Berger&&frm5fd632f090722=script5fd632f090723&_cid=0405fd3f-4e1e-1f5a-dd89-b8d5840971a9&1610441724498
Requested by
Host: main.travelfornamewalking.ga
URL: https://main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.js&ver=1.12.4-wp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.181.157.242 , Russian Federation, ASN207319 (MSKHOST, RU),
Reverse DNS
gift.com
Software
nginx /
Resource Hash

Request headers

Referer
http://jakobi-berger.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Jan 2021 08:55:24 GMT
Last-Modified
Tue, 12 Jan 2021 08:55:24 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
321
Expires
0
local
volume.travelfornamewalking.ga/ 		0
0
det.php
jakobi-berger.de/https;/main.travelfornamewalking.ga/
Redirect Chain
  • http://jakobi-berger.de/https;//main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/assets/font-awesome/css/font-awesome.min.css
  • http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/assets/font-awesome/css/font-awesome.min.css
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/assets/font-awesome/css/font-awesome.min.css
Requested by
Host: jakobi-berger.de
URL: http://jakobi-berger.de/
Protocol
HTTP/1.1
Server
2a00:1158:400:407::47d , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache / PHP/7.3.10
Resource Hash

Request headers

Referer
http://jakobi-berger.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 08:55:24 GMT
Server
Apache
X-Powered-By
PHP/7.3.10
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Link
<https://port.transandfiestas.ga/loc.php?id=34322-35-236-211/wp-json/>; rel="https://api.w.org/"
Keep-Alive
timeout=2, max=498
Expires
Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

Date
Tue, 12 Jan 2021 08:55:24 GMT
Server
Apache
X-Powered-By
PHP/7.3.10
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Location
http://jakobi-berger.de/https;/main.travelfornamewalking.ga/det.php?id=pn34322-35-236-211/wp-content/themes/kz_tmpl/assets/font-awesome/css/font-awesome.min.css
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=499
X-Redirect-By
WordPress
Expires
Wed, 11 Jan 1984 05:00:00 GMT
startseite-teaser-2_01.jpg
jakobi-berger.de/wp-content/uploads/2016/10/ 		184 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://jakobi-berger.de/wp-content/uploads/2016/10/startseite-teaser-2_01.jpg
Requested by
Host: jakobi-berger.de
URL: http://jakobi-berger.de/
Protocol
HTTP/1.1
Server
2a00:1158:400:407::47d , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
51a10d154ccb1253cf6b9f70d646cd1fbdfbb57bfc3e46d3fbdcf3cdd2c3ba8a

Request headers

Referer
http://jakobi-berger.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 08:55:24 GMT
Last-Modified
Tue, 12 Jan 2021 08:27:38 GMT
Server
Apache
ETag
"2e030-5b8afcb98fa91"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=497
Content-Length
188464
pile-telephone.jpg
jakobi-berger.de/wp-content/uploads/2016/10/ 		231 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://jakobi-berger.de/wp-content/uploads/2016/10/pile-telephone.jpg
Requested by
Host: jakobi-berger.de
URL: http://jakobi-berger.de/
Protocol
HTTP/1.1
Server
2a00:1158:400:407::47d , Germany, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
Software
Apache /
Resource Hash
40dbb4edb5e6c3bed5890f50159f748d86b5bfa1815f7b78f302ae2f9e56a9eb

Request headers

Referer
http://jakobi-berger.de/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 12 Jan 2021 08:55:24 GMT
Last-Modified
Tue, 12 Jan 2021 08:27:36 GMT
Server
Apache
ETag
"39ccc-5b8afcb8105c3"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=496
Content-Length
236748
local
volume.travelfornamewalking.ga/ 		0
0
goto
volume.travelfornamewalking.ga/ 		0
0
Cookie set goto
volume.travelfornamewalking.ga/ 		785 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://volume.travelfornamewalking.ga/goto?ad_campaign_id=95845
Requested by
Host: volume.travelfornamewalking.ga
URL: https://volume.travelfornamewalking.ga/local?se_referrer=&default_keyword=Jakobi%20%E2%80%93%20Berger&&frm5fd632f090722=script5fd632f090723&_cid=0405fd3f-4e1e-1f5a-dd89-b8d5840971a9&1610441724498
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.181.157.242 , Russian Federation, ASN207319 (MSKHOST, RU),
Reverse DNS
gift.com
Software
nginx /
Resource Hash
e167a14bcb0788abf75f86b8e2609840ad49f6c84dbf0863da0683dbf7d750b1

Request headers

Host
volume.travelfornamewalking.ga
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://jakobi-berger.de/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://jakobi-berger.de/

Response headers

Server
nginx
Date
Tue, 12 Jan 2021 08:55:25 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
785
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires
0
Last-Modified
Tue, 12 Jan 2021 08:55:25 GMT
Pragma
no-cache
Set-Cookie
_subid=1u578ni5ffd63fd41570;Expires=Friday, 12-Feb-2021 08:55:25 GMT;Max-Age=2678400;Path=/ d9701=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNjEwNDQxNzI1LFwiMTJcIjoxNjEwNDQxNzI1LFwiMThcIjoxNjEwNDQxNzI1fSxcImNhbXBhaWduc1wiOntcIjJcIjoxNjEwNDQxNzI1LFwiNlwiOjE2MTA0NDE3MjUsXCI3XCI6MTYxMDQ0MTcyNX0sXCJ0aW1lXCI6MTYxMDQ0MTcyNX0ifQ.gXhx1TU-NfrM4WyQSOAEKL5Qsh4YgqjLofyQxd60AL4;Expires=Friday, 12-Feb-2021 08:55:25 GMT;Max-Age=2678400;Path=/
Vary
Accept-Encoding
Access-Control-Allow-Origin
*
Primary Request /
beliveingreenmind.ga/ 		52 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beliveingreenmind.ga/?p=hbqwczrvmq5gi3bpguytsmy&sub1=ratchel&sub2=ramil.forloc
Requested by
Host: volume.travelfornamewalking.ga
URL: https://volume.travelfornamewalking.ga/goto?ad_campaign_id=95845
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.128.241.54 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
640b6f64b8e9cf600a6ccc5adec76fe8ce9bfd96ef2528a41bb5b375a6f0c8cd
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
beliveingreenmind.ga
:scheme
https
:path
/?p=hbqwczrvmq5gi3bpguytsmy&sub1=ratchel&sub2=ramil.forloc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://volume.travelfornamewalking.ga/goto?ad_campaign_id=95845
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://volume.travelfornamewalking.ga/goto?ad_campaign_id=95845

Response headers

server
nginx
date
Tue, 12 Jan 2021 08:55:25 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
set-cookie
uuid=3c1b3ce6-9317-4ec0-99b3-c3943858ba20; expires=Thu, 11-Feb-2021 08:55:25 GMT; Max-Age=2592000; path=/; domain=beliveingreenmind.ga
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
https
URL
https://https//port.transandfiestas.ga/js.php?s=q
Domain
volume.travelfornamewalking.ga
URL
https://volume.travelfornamewalking.ga/local?se_referrer=&default_keyword=Jakobi%20%E2%80%93%20Berger&&frm5fd632f090722=script5fd632f090723&_cid=0405fd3f-4e1e-1f5a-dd89-b8d5840971a9&1610441724499
Domain
volume.travelfornamewalking.ga
URL
https://volume.travelfornamewalking.ga/local?se_referrer=&default_keyword=Jakobi%20%E2%80%93%20Berger&&frm5fd632f090722=script5fd632f090723&_cid=0405fd3f-4e1e-1f5a-dd89-b8d5840971a9&1610441724573
Domain
volume.travelfornamewalking.ga
URL
https://volume.travelfornamewalking.ga/goto?ad_campaign_id=95845

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| languages undefined| text string| relevanteLang string| lang boolean| guardEnabled boolean| isChrome function| compareVersion function| getLanguage object| rootElement boolean| canStart function| disableHistory function| disableIncognito function| denied function| getWorkerRegistration function| SubS function| CheckS function| urlB64ToUint8Array function| j4ee function| L0zz boolean| j string| title string| holder function| before_redirect_block

1 Cookies

Domain/Path Name / Value
.beliveingreenmind.ga/ Name: uuid
Value: 3c1b3ce6-9317-4ec0-99b3-c3943858ba20