urlscan.io logo urlscan.io
SecurityTrails logo

ectasy.wtf. Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://ectasy.wtf./
Submission Tags: @phish_report
Submission: On August 22 via api from FI — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 18 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ectasy.wtf..
TLS certificate: Issued by GTS CA 1P5 on July 3rd 2023. Valid for: 3 months.
This is the only time ectasy.wtf. was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ectasy.wtf.
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2606:4700::6812:1cf3 (United States)

ASN13335 (CLOUDFLARENET, US)
unicons.iconscout.com
1    2606:4700::6812:92 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.sellix.io
1    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2606:4700:20::681a:e3e (United States)

ASN13335 (CLOUDFLARENET, US)
fonts.cdnfonts.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4014:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
Apex Domain
Subdomains		 Transfer
4 cdnfonts.com
fonts.cdnfonts.com — Cisco Umbrella Rank: 12390
45 KB
4 iconscout.com
unicons.iconscout.com — Cisco Umbrella Rank: 75381
52 KB
4 wtf.
ectasy.wtf.
4 KB
1 google.nl
www.google.nl — Cisco Umbrella Rank: 8506
455 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
455 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
72 KB
1 sellix.io
cdn.sellix.io
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
838 B
18 9
Domain Requested by
4 fonts.cdnfonts.com ectasy.wtf.
fonts.cdnfonts.com
4 unicons.iconscout.com ectasy.wtf.
unicons.iconscout.com
4 ectasy.wtf. ectasy.wtf.
1 www.google.nl ectasy.wtf.
1 www.google.com ectasy.wtf.
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com ectasy.wtf.
1 cdn.sellix.io ectasy.wtf.
1 fonts.googleapis.com ectasy.wtf.
18 9

This site contains no links.

Subject Issuer Validity Valid
ectasy.wtf
GTS CA 1P5		 2023-07-03 -
2023-10-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-16 -
2024-04-15		 a year crt.sh
cdn.sellix.io
E1		 2023-07-29 -
2023-10-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
cdnfonts.com
GTS CA 1P5		 2023-08-04 -
2023-11-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ectasy.wtf./
Frame ID: C4C59DB74A502305E3204B9657D82249
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ectasy

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.sellix\.io/static/js/embed\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

18
Requests

100 %
HTTPS

100 %
IPv6

9
Domains

9
Subdomains

9
IPs

3
Countries

179 kB
Transfer

362 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ectasy.wtf./ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ectasy.wtf./
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23752fa556d6f227eb7db1cba7ef7a5ade87b4f25ea37e313c1c9cd4da4d581e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
No-Cache
cf-cache-status
DYNAMIC
cf-ray
7faa0e037e220df3-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 22 Aug 2023 09:23:02 GMT
last-modified
Tue, 04 Jul 2023 18:44:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nW4j6hSyFCxqeR%2F7c%2Fdr2bHYsVnwWMG%2FZH13DeVUpVVSn2Zf3DmOAuOgee8vnLAeGovjz6zP1afsCxJRtPbWGMBoscYAd1GT6cXFph3w2uhqjJCimWrzGxGaMPIgW2pNYGf4OOdED6fQRw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css
fonts.googleapis.com/ 		1 KB
838 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins
Requested by
Host: ectasy.wtf.
URL: https://ectasy.wtf./
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e120707b7a0de913a32da3e779b975bd342672ca68c9aa373029f38c90cfb56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ectasy.wtf./
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 22 Aug 2023 09:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 08:40:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Aug 2023 09:23:02 GMT
base.css
ectasy.wtf./assets/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ectasy.wtf./assets/css/base.css
Requested by
Host: ectasy.wtf.
URL: https://ectasy.wtf./
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddee130040411867fb5ea993459b1d636db6f4cddc492f485c6e9571112df46a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ectasy.wtf./
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:23:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 04 Jul 2023 18:44:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"9a8-1892238322c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E1k%2Fwmu9JVeqdlProoRJb43nu9KAoDYQxTHNiU272Eyf500gmXV18vx4b8fKolv6ilOFKG9EqlkTCPpNGbcGenwc1Jx7Rxv9NOdCC7fnozNPLn5J7V6Bmqx%2BNZ5Rht3vDZvxtU1rZZsPwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
cf-ray
7faa0e0558390df3-AMS
alt-svc
h3=":443"; ma=86400
index.css
ectasy.wtf./assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ectasy.wtf./assets/css/index.css
Requested by
Host: ectasy.wtf.
URL: https://ectasy.wtf./
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd4d12ef4f085cf7fa431442c84ced58b27d99ce8cf2093e46b19ac0a9f86565

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ectasy.wtf./
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:23:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 31 Jan 2023 17:06:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"a83-18608caee51"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SsP1y0A7VkvweZvNfRXZuMtW2ZxXHGrAU36Nl8V%2BuBxW%2BVW30AWzEjBtrcM%2BITbBBmhZSfkXZOgFb3vIl4EruYxxO0DgU%2B50gKdGWanXbcVNBH6dBlRJAQg9nrOHqtDhDq%2B%2BqEQhKR7N6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
cf-ray
7faa0e05583b0df3-AMS
alt-svc
h3=":443"; ma=86400
line.css
unicons.iconscout.com/release/v4.0.0/css/ 		57 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unicons.iconscout.com/release/v4.0.0/css/line.css
Requested by
Host: ectasy.wtf.
URL: https://ectasy.wtf./
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61b7b24020789a0b18782eb7a9236d863777dacdbdc5960555b7cfe17768e370

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ectasy.wtf./
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:23:02 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
8JXSMM5XX59TGTYV
age
1223414
cf-polished
origSize=66419
alt-svc
h3=":443"; ma=86400
x-amz-id-2
/oUfHE2em4lRtfp6h6W6M6JZid61676Nbrmz3zjxEcgfLzp5QhmdrRu+GAK70AcJSxEVSSe/lUzAJ2RSvCFg5Q==
cf-bgj
minify
last-modified
Thu, 20 May 2021 04:30:22 GMT
server
cloudflare
etag
W/"accdbde3b79ab05345137cafe7201b9d"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
7faa0e05cde81ca2-AMS
expires
Wed, 21 Aug 2024 09:23:02 GMT
index.js
ectasy.wtf./assets/js/ 		520 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ectasy.wtf./assets/js/index.js
Requested by
Host: ectasy.wtf.
URL: https://ectasy.wtf./
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55264894b550a37426e20283f64ee59db9ae86509210c980fe6958f3afa18898

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ectasy.wtf./
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:23:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 31 Jan 2023 17:06:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"208-18608caee51"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPaRpLWGUo1WbXKlCEeS%2B%2Bx%2BxLWIZCA6kaNWmxsemGgbN%2Fhs9eeDZTBVbLri7rSZgzmSnjlykui5zxklBg6QQxIQ%2BQWxP%2F%2FEtKiXjqEMde11iayOnplxk4QDATRQHGeWepyxPq56oTG%2F1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
cf-ray
7faa0e06b941b906-AMS
alt-svc
h3=":443"; ma=86400
embed.js
cdn.sellix.io/static/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sellix.io/static/js/embed.js
Requested by
Host: ectasy.wtf.
URL: https://ectasy.wtf./
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afb01f88cc65aa6fe5aeeb666eb0c34d90f6dec8ea3079fcca36863f83fa1b79
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ectasy.wtf./
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:23:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
age
10191144
cf-polished
origSize=4736
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 26 Apr 2023 10:23:42 GMT
server
cloudflare
etag
W/"6448fbae-1280"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7faa0e05f9a70b7b-AMS
expires
Wed, 21 Aug 2024 09:23:02 GMT
js
www.googletagmanager.com/gtag/ 		198 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11177211661
Requested by
Host: ectasy.wtf.
URL: https://ectasy.wtf./
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4d2c50eaaaf943ccdc8a26ba7b6afbd7207e6d879ed7feb53d7750a8585a41f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ectasy.wtf./
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:23:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73302
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Aug 2023 09:23:03 GMT
segoe-ui-4
fonts.cdnfonts.com/css/ 		660 B
500 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.cdnfonts.com/css/segoe-ui-4
Requested by
Host: ectasy.wtf.
URL: https://ectasy.wtf./assets/css/base.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c11b532786e7156fb3f37199021cb9176a438caf83ba6838cdb67b3c6dc67d8f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ectasy.wtf./
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:23:02 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 30 Mar 2023 08:30:29 GMT
server
cloudflare
age
12531153
cf-polished
origSize=786
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVxn0bN%2FcEu3PJ%2BKTDP7C%2F0m4xaxs%2B1M8orONNvoTI%2BVGjSt0pJeENDk2q%2B1HaUTrlaEQh3BX86gHn%2Fznx6b6Kmi6XxPgI%2BnI4g25jzKDgzVA4%2BxSY%2FL4afcIq4LFWpAH7wvftHUHAXT0HIYM3nHYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
7faa0e067c011b03-AMS
arial
fonts.cdnfonts.com/css/ 		3 KB
885 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.cdnfonts.com/css/arial
Requested by
Host: ectasy.wtf.
URL: https://ectasy.wtf./assets/css/base.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8d16d7e35892275d270164135aa9d48e0ceae8243da5956e9455660ac83a5ed

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ectasy.wtf./
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:23:02 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 30 Mar 2023 08:46:26 GMT
server
cloudflare
age
12530196
cf-polished
origSize=4154
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSF8b11novs8K9nEbo8j%2BNr4QoUcqq3Gnj3XdlJhmbRoLzBvse%2B%2Fha1EcCpaRlc81fDOm8puOlSfTpH2oY%2B81xrFIBB%2FMPWhNGNdhSAAkSg6InxJ7qUwdNQKDvwMCBSZtgXhlg2Y4L2Al4schQLdWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2678400
cf-ray
7faa0e067c041b03-AMS
Segoe%20UI.woff
fonts.cdnfonts.com/s/15051/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.cdnfonts.com/s/15051/Segoe%20UI.woff
Requested by
Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/segoe-ui-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f424915a692bc5a458d6e7d9c99e4fe0cf5cb8883bd3516b01d4fef5da8d3663

Request headers

Referer
https://fonts.cdnfonts.com/css/segoe-ui-4
Origin
https://ectasy.wtf.
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:23:03 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Feb 2022 02:00:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4dc0-5d73bbbd3e296"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dhNzes74lCY5LJIKPnZsJBY1UXGP66znO7UQIXTtIA1RUuZjhnoMBfasyfnr1nw9f70xa13qzQis%2FioIRruQdHgE1EGPuFkrW5WuuG%2FWF9xxl7DRPnwmfcrv8ATtvRsZIRT6RDtn1B11rObrIMQqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7faa0e07bc9c0bce-AMS
content-length
19904
unicons-13.woff2
unicons.iconscout.com/release/v4.0.0/fonts/line/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unicons.iconscout.com/release/v4.0.0/fonts/line/unicons-13.woff2
Requested by
Host: unicons.iconscout.com
URL: https://unicons.iconscout.com/release/v4.0.0/css/line.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2719562bcee95fb812c81aadfda5a35f02c218a961f99449d43b7e7ef55b471

Request headers

Referer
https://unicons.iconscout.com/release/v4.0.0/css/line.css
Origin
https://ectasy.wtf.
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:23:03 GMT
x-amz-version-id
null
cf-cache-status
MISS
x-amz-request-id
06NYH94CMJS178FT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
12384
x-amz-id-2
YwGemhPkVUjN7gjpMKOL37LDFJz3S2m4W5z6kSRU30uKW3GDLbDnPLv9PABPVm1zZVk0sBcloOg=
last-modified
Thu, 20 May 2021 04:30:23 GMT
server
cloudflare
etag
"7da281828c21c89f5254c8f041a81c23"
access-control-max-age
36000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7faa0e088a44b773-AMS
expires
Wed, 21 Aug 2024 09:23:03 GMT
unicons-7.woff2
unicons.iconscout.com/release/v4.0.0/fonts/line/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unicons.iconscout.com/release/v4.0.0/fonts/line/unicons-7.woff2
Requested by
Host: unicons.iconscout.com
URL: https://unicons.iconscout.com/release/v4.0.0/css/line.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14db73faf0ed5a88b93723b11861552837e3ee2c691f62b0b8e42b94d0169771

Request headers

Referer
https://unicons.iconscout.com/release/v4.0.0/css/line.css
Origin
https://ectasy.wtf.
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:23:03 GMT
x-amz-version-id
null
cf-cache-status
MISS
x-amz-request-id
06NJ5JJ5QD44XMQT
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
12816
x-amz-id-2
g6dgdh5lqfG/upeIFtCt+japozuC/sPaD4QMJg5yzx89vbEI3MU9Z/Y2Wqvk20o/iYrM6C9JMtU=
last-modified
Thu, 20 May 2021 04:30:25 GMT
server
cloudflare
etag
"62097a7a299df4395555d265b5cc3eef"
access-control-max-age
36000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7faa0e088a46b773-AMS
expires
Wed, 21 Aug 2024 09:23:03 GMT
Segoe%20UI%20Italic.woff
fonts.cdnfonts.com/s/15051/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.cdnfonts.com/s/15051/Segoe%20UI%20Italic.woff
Requested by
Host: fonts.cdnfonts.com
URL: https://fonts.cdnfonts.com/css/segoe-ui-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1eee2469b586cf158d0e12ba91bfdf9849a5626e6336dfdab2a48d0b9288b36

Request headers

Referer
https://fonts.cdnfonts.com/css/segoe-ui-4
Origin
https://ectasy.wtf.
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:23:03 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Feb 2022 02:00:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5e44-5d73bbbd3e296"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHBNRD6nT8K8%2BUz3XxkgZTCYIrYBJ8gkI74n5AYNKskV0bhLZeMZ1kcn%2FoBDFDd6DWhHPYCGgj8TfqQYWOS2fCnZres%2BHoZNzuw38ewAkiVUw9%2FWvBbsXBoVGDYeVvB9lOrH6%2BH%2FyR5WlaMn5koe1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7faa0e07bc9e0bce-AMS
content-length
24132
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11177211661/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11177211661/?random=1692696183246&cv=11&fst=1692696183246&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fectasy.wtf.%2F&hn=www.googleadservices.com&frm=0&tiba=Ectasy&auid=1051297420.1692696183&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11177211661
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35d470fa309a0599c4b597c172af191c40694d2260689d2853fd488e31d73553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ectasy.wtf./
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:23:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unicons-7.woff
unicons.iconscout.com/release/v4.0.0/fonts/line/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unicons.iconscout.com/release/v4.0.0/fonts/line/unicons-7.woff
Requested by
Host: unicons.iconscout.com
URL: https://unicons.iconscout.com/release/v4.0.0/css/line.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7f7a3f8c591c969ee164311bc1a8a559fdffc17346287abae88346d5002d81d

Request headers

Referer
https://unicons.iconscout.com/release/v4.0.0/css/line.css
Origin
https://ectasy.wtf.
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 09:23:03 GMT
x-amz-version-id
null
cf-cache-status
MISS
x-amz-request-id
06NNS01HJW7F13YN
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
15584
x-amz-id-2
W//aBGVEeX829PV6IENDXcmwgYj+gMsZGZCgsdvbvwDflUCATx6azI44tDzprhHFNT5YXuB+Xy0=
last-modified
Thu, 20 May 2021 04:30:25 GMT
server
cloudflare
etag
"010b26e6c8f96c4ab75a072e1a9f5627"
access-control-max-age
36000
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7faa0e0aabf1b773-AMS
expires
Wed, 21 Aug 2024 09:23:03 GMT
/
www.google.com/pagead/1p-user-list/11177211661/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11177211661/?random=1692696183246&cv=11&fst=1692694800000&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fectasy.wtf.%2F&frm=0&tiba=Ectasy&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=449465513&rmt_tld=0&ipr=y
Requested by
Host: ectasy.wtf.
URL: https://ectasy.wtf./
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ectasy.wtf./
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:23:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.nl/pagead/1p-user-list/11177211661/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/pagead/1p-user-list/11177211661/?random=1692696183246&cv=11&fst=1692694800000&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fectasy.wtf.%2F&frm=0&tiba=Ectasy&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=449465513&rmt_tld=1&ipr=y
Requested by
Host: ectasy.wtf.
URL: https://ectasy.wtf./
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ectasy.wtf./
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 09:23:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| GooglebQhCsO

3 Cookies

Domain/Path Name / Value
.sellix.io/ Name: __cf_bm
Value: 4_OZMkw4IpAmhBWTZaDvg0p4tfp_vXAYXpEaWNLbFwo-1692696182-0-AXqp/8Z/AfaZnzSQ/EuY73WsxnT789kzI+M6kyZWNY+IAVw//8E2RHzmHYhKjFftRPYjHeBjn/V7q9Cy2Uax9FY=
.ectasy.wtf./ Name: _gcl_au
Value: 1.1.1051297420.1692696183
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

2 Console Messages

Source Level URL
Text
other warning URL: https://ectasy.wtf./
Message:
Failed to decode downloaded font: https://unicons.iconscout.com/release/v4.0.0/fonts/line/unicons-7.woff2
other warning URL: https://ectasy.wtf./
Message:
OTS parsing error: invalid sfntVersion: 1616468313

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.sellix.io
ectasy.wtf.
fonts.cdnfonts.com
fonts.googleapis.com
googleads.g.doubleclick.net
unicons.iconscout.com
www.google.com
www.google.nl
www.googletagmanager.com
2606:4700:20::681a:e3e
2606:4700::6812:1cf3
2606:4700::6812:92
2a00:1450:4001:803::2008
2a00:1450:4001:808::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2003
2a00:1450:4014:80a::2004
2a06:98c1:3120::3
14db73faf0ed5a88b93723b11861552837e3ee2c691f62b0b8e42b94d0169771
23752fa556d6f227eb7db1cba7ef7a5ade87b4f25ea37e313c1c9cd4da4d581e
2e120707b7a0de913a32da3e779b975bd342672ca68c9aa373029f38c90cfb56
35d470fa309a0599c4b597c172af191c40694d2260689d2853fd488e31d73553
4d2c50eaaaf943ccdc8a26ba7b6afbd7207e6d879ed7feb53d7750a8585a41f7
55264894b550a37426e20283f64ee59db9ae86509210c980fe6958f3afa18898
61b7b24020789a0b18782eb7a9236d863777dacdbdc5960555b7cfe17768e370
a1eee2469b586cf158d0e12ba91bfdf9849a5626e6336dfdab2a48d0b9288b36
a2719562bcee95fb812c81aadfda5a35f02c218a961f99449d43b7e7ef55b471
a8d16d7e35892275d270164135aa9d48e0ceae8243da5956e9455660ac83a5ed
afb01f88cc65aa6fe5aeeb666eb0c34d90f6dec8ea3079fcca36863f83fa1b79
c11b532786e7156fb3f37199021cb9176a438caf83ba6838cdb67b3c6dc67d8f
cd4d12ef4f085cf7fa431442c84ced58b27d99ce8cf2093e46b19ac0a9f86565
d7f7a3f8c591c969ee164311bc1a8a559fdffc17346287abae88346d5002d81d
ddee130040411867fb5ea993459b1d636db6f4cddc492f485c6e9571112df46a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f424915a692bc5a458d6e7d9c99e4fe0cf5cb8883bd3516b01d4fef5da8d3663