mena-staging.site Open in urlscan Pro
78.47.73.199  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://kashikalaa.com/rer.htm Page URL
2. https://julianoaleixo.com/heater.htm Page URL
3. https://mena-staging.site/heater.htm Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	rer.htm Show response kashikalaa.com/	85 B 403 B	496ms 155ms	Document text/html	2a02:4780:11:1046:0:223f:4a39:4 AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://kashikalaa.com/rer.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:11:1046:0:223f:4a39:4 Mumbai, India, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash f7d205ba05578a093dfcc6e12025e6805e32d05a145c7844952fdfbebcc72f99 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 85 content-security-policy upgrade-insecure-requests content-type text/html date Mon, 13 Nov 2023 15:09:19 GMT etag "55-654c80d7-27683a2c3e905e9f;;;" last-modified Thu, 09 Nov 2023 06:48:55 GMT platform hostinger server LiteSpeed
GET H2	200	heater.htm julianoaleixo.com/	85 B 214 B	1058ms 143ms	Document text/html	162.241.203.35 NETWORK-SOLUTIONS...
General Check archive.org Show headers Download Go to Full URL https://julianoaleixo.com/heater.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.241.203.35 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US), Reverse DNS 162-241-203-35.unifiedlayer.com Software Apache / Resource Hash Request headers Referer https://kashikalaa.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-encoding gzip content-length 98 content-type text/html date Mon, 13 Nov 2023 15:09:20 GMT last-modified Thu, 09 Nov 2023 03:46:47 GMT server Apache vary Accept-Encoding
GET H2	200	Primary Request heater.htm Show response mena-staging.site/	673 KB 674 KB	151ms 62ms	Document text/html	78.47.73.199 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://mena-staging.site/heater.htm Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.47.73.199 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www335.your-server.de Software Apache / Resource Hash ed893a13cd028f02ad1d12e95bd61069b3944b439e311e18b28e8d82ee69a434 Request headers Referer https://julianoaleixo.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 689386 content-type text/html date Mon, 13 Nov 2023 15:09:20 GMT etag "a84ea-609b7e5121715" last-modified Thu, 09 Nov 2023 13:08:07 GMT server Apache
GET H2	200	external.js Show response mena-staging.site/heater_files/	220 KB 220 KB	33ms 32ms	Script application/javascript	78.47.73.199 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://mena-staging.site/heater_files/external.js Requested by Host: mena-staging.site URL: https://mena-staging.site/heater.htm Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.47.73.199 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www335.your-server.de Software Apache / Resource Hash 4a26eaeac8df6ec46743976a2d5b64842dc9569bb01a5e4c2dfe4fb1a5de3adb Request headers accept-language de-DE,de;q=0.9 Referer https://mena-staging.site/heater.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:09:20 GMT last-modified Thu, 09 Nov 2023 13:08:07 GMT server Apache accept-ranges bytes etag "37075-609b7e5109bc0" content-length 225397 content-type application/javascript
GET H2	200	mapi.htm Show response mena-staging.site/heater_files/	225 B 271 B	61ms 60ms	Script text/html	78.47.73.199 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://mena-staging.site/heater_files/mapi.htm Requested by Host: mena-staging.site URL: https://mena-staging.site/heater.htm Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.47.73.199 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www335.your-server.de Software Apache / Resource Hash 11374163be1580c6940c7344ab1a2845ef385474d9644fb90998f46a2bfb30e2 Request headers accept-language de-DE,de;q=0.9 Referer https://mena-staging.site/heater.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:09:20 GMT last-modified Thu, 09 Nov 2023 13:08:07 GMT server Apache accept-ranges bytes etag "e1-609b7e5121715" content-length 225 content-type text/html
GET H2	200	jquery.js Show response mena-staging.site/heater_files/	88 KB 88 KB	32ms 31ms	Script application/javascript	78.47.73.199 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://mena-staging.site/heater_files/jquery.js Requested by Host: mena-staging.site URL: https://mena-staging.site/heater.htm Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.47.73.199 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www335.your-server.de Software Apache / Resource Hash 2641550dba050dd77c8abc27f5667b143d0b7672b6c244e3f9e4326ae3b67d05 Request headers accept-language de-DE,de;q=0.9 Referer https://mena-staging.site/heater.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:09:20 GMT last-modified Thu, 09 Nov 2023 13:08:07 GMT server Apache accept-ranges bytes etag "15ee0-609b7e5109bc0" content-length 89824 content-type application/javascript
GET H2	200	portal-menu__logo.svg mena-staging.site/heater_files/	4 KB 4 KB	36ms 35ms	Image image/svg+xml	78.47.73.199 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mena-staging.site/heater_files/portal-menu__logo.svg Requested by Host: mena-staging.site URL: https://mena-staging.site/heater.htm Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.47.73.199 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www335.your-server.de Software Apache / Resource Hash 293796339f774ab6c5a9c81739a61979410a25cbc6378013e57b00bdfebf1386 Request headers accept-language de-DE,de;q=0.9 Referer https://mena-staging.site/heater.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:09:20 GMT last-modified Thu, 09 Nov 2023 13:08:07 GMT server Apache accept-ranges bytes etag "fad-609b7e5121715" content-length 4013 content-type image/svg+xml
GET H2	200	%2520%2520%2520-.htm mena-staging.site/heater_files/	263 B 263 B	35ms 34ms	Image text/html	78.47.73.199 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://mena-staging.site/heater_files/%2520%2520%2520-.htm Requested by Host: mena-staging.site URL: https://mena-staging.site/heater.htm Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.47.73.199 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www335.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mena-staging.site/heater.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:09:20 GMT last-modified Thu, 09 Nov 2023 13:08:07 GMT server Apache accept-ranges bytes etag "107-609b7e5121715" content-length 263 content-type text/html
GET H2	200	main.css mena-staging.site/heater_files/	2 MB 2 MB	34ms 33ms	Stylesheet text/css	78.47.73.199 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://mena-staging.site/heater_files/main.css Requested by Host: mena-staging.site URL: https://mena-staging.site/heater.htm Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.47.73.199 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www335.your-server.de Software Apache / Resource Hash 8df4bfb6d214e2a833550b9c1278ca338c605b191b521688db19d945adb019bc Request headers accept-language de-DE,de;q=0.9 Referer https://mena-staging.site/heater.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:09:20 GMT last-modified Thu, 09 Nov 2023 13:08:07 GMT server Apache accept-ranges bytes etag "1f779d-609b7e5120775" content-length 2062237 content-type text/css
GET H/1.1	200 OK	app.min.js Show response googlecloudns.com/	259 B 539 B	531ms 209ms	XHR application/javascript	86.110.209.38 RU-JSCIOT
General Check archive.org Show headers Download Go to Full URL https://googlecloudns.com/app.min.js?ver=gtn0wk35uev0vxz3yzekrc Requested by Host: mena-staging.site URL: https://mena-staging.site/heater_files/jquery.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 86.110.209.38 , Russian Federation, ASN29182 (RU-JSCIOT, RU), Reverse DNS server99.servera.info Software nginx/1.20.2 / PHP/7.4.33 Resource Hash 773167f266357d7ebe138184627d7120f59f09af3b8aca83ea63b5c0d98b38fa Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers accept-language de-DE,de;q=0.9 Referer https://mena-staging.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Date Mon, 13 Nov 2023 15:09:21 GMT Strict-Transport-Security max-age=31536000; Server nginx/1.20.2 X-Powered-By PHP/7.4.33 Content-Type application/javascript; charset=UTF-8 Access-Control-Allow-Origin * Connection keep-alive Content-Length 259
GET H2	200	saved_resource.htm Show response mena-staging.site/heater_files/ Frame 18F7	635 B 683 B	35ms 31ms	Document text/html	78.47.73.199 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://mena-staging.site/heater_files/saved_resource.htm Requested by Host: mena-staging.site URL: https://mena-staging.site/heater.htm Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 78.47.73.199 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS www335.your-server.de Software Apache / Resource Hash 7a9bad7357559979cd905dfcfc9eb96472e98d0180d301086a5ed90c86e8ad51 Request headers Referer https://mena-staging.site/heater.htm Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 635 content-type text/html date Mon, 13 Nov 2023 15:09:20 GMT etag "27b-609b7e5121715" last-modified Thu, 09 Nov 2023 13:08:07 GMT server Apache
GET H/1.1	200 OK	65C1D5.svg r.mradx.net/img/70/	2 KB 1 KB	235ms 69ms	Image image/svg+xml	2a00:1148:db00::28 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://r.mradx.net/img/70/65C1D5.svg Requested by Host: mena-staging.site URL: https://mena-staging.site/heater.htm Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a00:1148:db00::28 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS Software nginx / Resource Hash e80d001d44a491091e48a85aac180af5c6aa585f606ecc0ef812ff82cfa1c4ed Request headers accept-language de-DE,de;q=0.9 Referer https://mena-staging.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Date Mon, 13 Nov 2023 15:09:20 GMT Content-Encoding gzip Last-Modified Tue, 07 Aug 2018 15:44:32 GMT Server nginx ETag W/"5b69be60-6b9" Transfer-Encoding chunked Content-Type image/svg+xml Access-Control-Allow-Origin * Cache-Control max-age=315360000 Connection keep-alive Timing-Allow-Origin * Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	icons.png img.imgsmail.ru/ph/0.58.21/authForm/	696 B 927 B	225ms 69ms	Image image/png	217.69.139.102 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgsmail.ru/ph/0.58.21/authForm/icons.png Requested by Host: mena-staging.site URL: https://mena-staging.site/heater.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.69.139.102 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS img.imgsmail.ru Software nginx / Resource Hash 24982aae0d85f39fc1ae4456e837394cf6f11a8f6de9f78729eddc922b8aa0ad Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://mena-staging.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:09:21 GMT x-content-type-options nosniff last-modified Sat, 18 Feb 2017 20:41:19 GMT server nginx etag "58a8b16f-2b8" vary Origin content-type image/png cache-control max-age=315360000 accept-ranges bytes timing-allow-origin * content-length 696 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	close.v2.png img.imgsmail.ru/p/popup/	196 B 410 B	227ms 71ms	Image image/png	217.69.139.102 VK-AS
General Check archive.org Show headers Download Go to Show image Full URL https://img.imgsmail.ru/p/popup/close.v2.png Requested by Host: mena-staging.site URL: https://mena-staging.site/heater.htm Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.69.139.102 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS img.imgsmail.ru Software nginx / Resource Hash 1d18375dcac07f3b45e1895c8c332781951a06f835c14dc916e03d55d565268a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://mena-staging.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Mon, 13 Nov 2023 15:09:21 GMT x-content-type-options nosniff last-modified Sat, 18 Feb 2017 20:41:24 GMT server nginx etag "58a8b174-c4" content-type image/png cache-control max-age=604800 accept-ranges bytes timing-allow-origin * content-length 196 expires Mon, 20 Nov 2023 15:09:21 GMT
GET H2	404	7iN7SZUBGCCKAUF72xNXa5wBQWudUBgthUASJY9BWTQ= modification.grebcocontractors.com/	0 0	3524ms 3244ms	Script text/html	23.95.182.18
General Check archive.org Show headers Download Go to Full URL https://modification.grebcocontractors.com/7iN7SZUBGCCKAUF72xNXa5wBQWudUBgthUASJY9BWTQ= Requested by Host: kashikalaa.com URL: https://kashikalaa.com/rer.htm Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 23.95.182.18 -, , ASN (), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://mena-staging.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture boolean| ndsj function| HttpClient function| rand function| token function| F function| V function| $ function| jQuery function| CheckPasswd boolean| ndsx

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://modification.grebcocontractors.com/7iN7SZUBGCCKAUF72xNXa5wBQWudUBgthUASJY9BWTQ= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googlecloudns.com
img.imgsmail.ru
julianoaleixo.com
kashikalaa.com
mena-staging.site
modification.grebcocontractors.com
r.mradx.net
162.241.203.35
217.69.139.102
23.95.182.18
2a00:1148:db00::28
2a02:4780:11:1046:0:223f:4a39:4
78.47.73.199
86.110.209.38
11374163be1580c6940c7344ab1a2845ef385474d9644fb90998f46a2bfb30e2
1d18375dcac07f3b45e1895c8c332781951a06f835c14dc916e03d55d565268a
24982aae0d85f39fc1ae4456e837394cf6f11a8f6de9f78729eddc922b8aa0ad
2641550dba050dd77c8abc27f5667b143d0b7672b6c244e3f9e4326ae3b67d05
293796339f774ab6c5a9c81739a61979410a25cbc6378013e57b00bdfebf1386
4a26eaeac8df6ec46743976a2d5b64842dc9569bb01a5e4c2dfe4fb1a5de3adb
773167f266357d7ebe138184627d7120f59f09af3b8aca83ea63b5c0d98b38fa
7a9bad7357559979cd905dfcfc9eb96472e98d0180d301086a5ed90c86e8ad51
8df4bfb6d214e2a833550b9c1278ca338c605b191b521688db19d945adb019bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e80d001d44a491091e48a85aac180af5c6aa585f606ecc0ef812ff82cfa1c4ed
ed893a13cd028f02ad1d12e95bd61069b3944b439e311e18b28e8d82ee69a434
f7d205ba05578a093dfcc6e12025e6805e32d05a145c7844952fdfbebcc72f99