urlscan.io logo urlscan.io
SecurityTrails logo

recursing-bose.35-228-3-255.plesk.page Open in urlscan Pro
35.228.3.255  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://candaceowensismypresident.com/
Effective URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Submission: On October 05 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 22 HTTP transactions. The main IP is 35.228.3.255, located in Lappeenranta, Finland and belongs to GOOGLE, US. The main domain is recursing-bose.35-228-3-255.plesk.page.
TLS certificate: Issued by R3 on October 3rd 2021. Valid for: 3 months.
This is the only time recursing-bose.35-228-3-255.plesk.page was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Volksbank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 104.218.237.129 39618 (HOSTCRAM)
1 16 35.228.3.255 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 6
1    104.218.237.129 (Dallas, United States)

ASN39618 (HOSTCRAM, US)
candaceowensismypresident.com
16    35.228.3.255 (Lappeenranta, Finland)

ASN15169 (GOOGLE, US)
PTR: 255.3.228.35.bc.googleusercontent.com
recursing-bose.35-228-3-255.plesk.page
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
16 recursing-bose.35-228-3-255.plesk.page 1 redirects recursing-bose.35-228-3-255.plesk.page
2 cdnjs.cloudflare.com recursing-bose.35-228-3-255.plesk.page
2 cdn.jsdelivr.net recursing-bose.35-228-3-255.plesk.page
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com recursing-bose.35-228-3-255.plesk.page
1 code.jquery.com recursing-bose.35-228-3-255.plesk.page
1 candaceowensismypresident.com 1 redirects
22 7

This site contains no links.

Subject Issuer Validity Valid
recursing-bose.35-228-3-255.plesk.page
R3		 2021-10-03 -
2022-01-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Frame ID: 7C66901DBEFA68B27DA7B12228D86C77
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. http://candaceowensismypresident.com/ HTTP 301
    http://recursing-bose.35-228-3-255.plesk.page/sca/?pwd=vrbank HTTP 307
    https://recursing-bose.35-228-3-255.plesk.page/sca/?pwd=vrbank HTTP 302
    https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

22
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

722 kB
Transfer

1800 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://candaceowensismypresident.com/ HTTP 301
    http://recursing-bose.35-228-3-255.plesk.page/sca/?pwd=vrbank HTTP 307
    https://recursing-bose.35-228-3-255.plesk.page/sca/?pwd=vrbank HTTP 302
    https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request xeqZkX.php
recursing-bose.35-228-3-255.plesk.page/sca/clients/
Redirect Chain
  • http://candaceowensismypresident.com/
  • http://recursing-bose.35-228-3-255.plesk.page/sca/?pwd=vrbank
  • https://recursing-bose.35-228-3-255.plesk.page/sca/?pwd=vrbank
  • https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.228.3.255 Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
255.3.228.35.bc.googleusercontent.com
Software
nginx / PHP/7.4.23 PleskLin
Resource Hash
926a55e9a5aa9ae619f462dc740c189917b272d9f0bc7943baedb40c2616dc8d

Request headers

:method
GET
:authority
recursing-bose.35-228-3-255.plesk.page
:scheme
https
:path
/sca/clients/xeqZkX.php?verification
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
cookie
PHPSESSID=28u8te556l6tb1k4oo395uhvnn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 05 Oct 2021 09:19:07 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.23 PleskLin
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-encoding
br

Redirect headers

server
nginx
date
Tue, 05 Oct 2021 09:19:06 GMT
content-type
text/html; charset=UTF-8
content-length
0
x-powered-by
PHP/7.4.23 PleskLin
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
set-cookie
PHPSESSID=28u8te556l6tb1k4oo395uhvnn; path=/
location
clients/xeqZkX.php?verification#_
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2223272
x-jsd-version
4.5.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19138-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6995910aedcd5c20-FRA
style2.css
recursing-bose.35-228-3-255.plesk.page/sca/assets/css/ 		3 KB
985 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://recursing-bose.35-228-3-255.plesk.page/sca/assets/css/style2.css
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.228.3.255 Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
255.3.228.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
5675b2d0285f7d4d409f4dbc88c69cded36857ef2a956e1c30630c9356db5a6c

Request headers

:path
/sca/assets/css/style2.css
pragma
no-cache
cookie
PHPSESSID=28u8te556l6tb1k4oo395uhvnn
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
recursing-bose.35-228-3-255.plesk.page
referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:07 GMT
content-encoding
br
etag
W/"6157943c-d7d"
last-modified
Fri, 01 Oct 2021 23:05:32 GMT
server
nginx
x-powered-by
PleskLin
content-type
text/css
hihi.png
recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/hihi.png
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.228.3.255 Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
255.3.228.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
1d573b97bd2735bb26eddc224002a25af0a281b4dfafb5ff7c7e12f40edd2538

Request headers

:path
/sca/assets/imgs/hihi.png
pragma
no-cache
cookie
PHPSESSID=28u8te556l6tb1k4oo395uhvnn
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
recursing-bose.35-228-3-255.plesk.page
referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:08 GMT
last-modified
Fri, 01 Oct 2021 21:26:06 GMT
server
nginx
x-powered-by
PleskLin
etag
"61577cee-2a91"
content-type
image/png
accept-ranges
bytes
content-length
10897
imggg.jpg
recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/ 		230 KB
230 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/imggg.jpg
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.228.3.255 Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
255.3.228.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
a2f44de0c8e9379d4836d26953655d28c346683be98758f1d66849be347d7158

Request headers

:path
/sca/assets/imgs/imggg.jpg
pragma
no-cache
cookie
PHPSESSID=28u8te556l6tb1k4oo395uhvnn
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
recursing-bose.35-228-3-255.plesk.page
referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:08 GMT
last-modified
Fri, 01 Oct 2021 20:54:00 GMT
server
nginx
x-powered-by
PleskLin
etag
"61577568-397db"
content-type
image/jpeg
accept-ranges
bytes
content-length
235483
hihi2.png
recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/hihi2.png
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.228.3.255 Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
255.3.228.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
4aae948ab9c1d7636d75522574fb1688f23189e826e81db134d71c064bfb9c8c

Request headers

:path
/sca/assets/imgs/hihi2.png
pragma
no-cache
cookie
PHPSESSID=28u8te556l6tb1k4oo395uhvnn
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
recursing-bose.35-228-3-255.plesk.page
referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:08 GMT
last-modified
Fri, 01 Oct 2021 20:58:22 GMT
server
nginx
x-powered-by
PleskLin
etag
"6157766e-2174"
content-type
image/png
accept-ranges
bytes
content-length
8564
aa.png
recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/ 		199 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/aa.png
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.228.3.255 Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
255.3.228.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
6655089d8a9b068a7a25bd28af37b4b12a725c25edd8a95af5530a6540cc4b41

Request headers

:path
/sca/assets/imgs/aa.png
pragma
no-cache
cookie
PHPSESSID=28u8te556l6tb1k4oo395uhvnn
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
recursing-bose.35-228-3-255.plesk.page
referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:08 GMT
etag
"c7-5cd5209bdcf80"
last-modified
Fri, 01 Oct 2021 22:25:18 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
x-accel-version
0.01
accept-ranges
bytes
content-length
199
ll2.png
recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/ll2.png
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.228.3.255 Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
255.3.228.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
63c83fd41eddc699dca109b396232bc1f649273842d5a7cb73eaa5ddbcda5b56

Request headers

:path
/sca/assets/imgs/ll2.png
pragma
no-cache
cookie
PHPSESSID=28u8te556l6tb1k4oo395uhvnn
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
recursing-bose.35-228-3-255.plesk.page
referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:08 GMT
last-modified
Fri, 01 Oct 2021 22:24:22 GMT
server
nginx
x-powered-by
PleskLin
etag
"61578a96-89c"
content-type
image/png
accept-ranges
bytes
content-length
2204
bb.png
recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/bb.png
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.228.3.255 Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
255.3.228.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
2bca22a1028bb6fa8f110b462539c950f84f436124967db714b9a5652f79c37c

Request headers

:path
/sca/assets/imgs/bb.png
pragma
no-cache
cookie
PHPSESSID=28u8te556l6tb1k4oo395uhvnn
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
recursing-bose.35-228-3-255.plesk.page
referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:08 GMT
last-modified
Fri, 01 Oct 2021 22:24:56 GMT
server
nginx
x-powered-by
PleskLin
etag
"61578ab8-4e5"
content-type
image/png
accept-ranges
bytes
content-length
1253
ss.png
recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/ 		271 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/ss.png
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.228.3.255 Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
255.3.228.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
ff46d4e9e7f4b7e201eaf4a6fded88d845b6b9f6219f92ec74de7dcda28e94da

Request headers

:path
/sca/assets/imgs/ss.png
pragma
no-cache
cookie
PHPSESSID=28u8te556l6tb1k4oo395uhvnn
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
recursing-bose.35-228-3-255.plesk.page
referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:08 GMT
etag
"10f-5cd52156c8880"
last-modified
Fri, 01 Oct 2021 22:28:34 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
x-accel-version
0.01
accept-ranges
bytes
content-length
271
send.png
recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/ 		283 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/send.png
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.228.3.255 Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
255.3.228.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
a410f97754bf2b2249b26eac11d46f6559d7be1bf7679ebb6ad068cc8a61c9c2

Request headers

:path
/sca/assets/imgs/send.png
pragma
no-cache
cookie
PHPSESSID=28u8te556l6tb1k4oo395uhvnn
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
recursing-bose.35-228-3-255.plesk.page
referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:08 GMT
etag
"11b-5cd5239c86500"
last-modified
Fri, 01 Oct 2021 22:38:44 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
x-accel-version
0.01
accept-ranges
bytes
content-length
283
aa2.png
recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/ 		236 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/aa2.png
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.228.3.255 Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
255.3.228.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
47d55a3214909e7935e548abaaf644a71f1e98b2673a1219d2bcc8d2f065a1b1

Request headers

:path
/sca/assets/imgs/aa2.png
pragma
no-cache
cookie
PHPSESSID=28u8te556l6tb1k4oo395uhvnn
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
recursing-bose.35-228-3-255.plesk.page
referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:08 GMT
etag
"ec-5cd520dace400"
last-modified
Fri, 01 Oct 2021 22:26:24 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
x-accel-version
0.01
accept-ranges
bytes
content-length
236
rr.png
recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/ 		807 B
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/rr.png
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.228.3.255 Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
255.3.228.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
aab10431356c347c0d866af7650e0118a82d465f48ce4bbb778d727803e14e8c

Request headers

:path
/sca/assets/imgs/rr.png
pragma
no-cache
cookie
PHPSESSID=28u8te556l6tb1k4oo395uhvnn
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
recursing-bose.35-228-3-255.plesk.page
referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:08 GMT
etag
"327-5cd520c202980"
last-modified
Fri, 01 Oct 2021 22:25:58 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
x-accel-version
0.01
accept-ranges
bytes
content-length
807
aa3.png
recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/ 		245 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/aa3.png
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.228.3.255 Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
255.3.228.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
d4c292b0b1a6f0d1032a219e7947d4e9b09c1d9b272c5a7395a72e7c73193c31

Request headers

:path
/sca/assets/imgs/aa3.png
pragma
no-cache
cookie
PHPSESSID=28u8te556l6tb1k4oo395uhvnn
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
recursing-bose.35-228-3-255.plesk.page
referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:08 GMT
etag
"f5-5cd5256a1a600"
last-modified
Fri, 01 Oct 2021 22:46:48 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
x-accel-version
0.01
accept-ranges
bytes
content-length
245
jquery-3.5.1.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:07 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
etag
W/"5eb09f0f-15d84"
vary
Accept-Encoding
x-hw
1633425547.dop139.fr8.t,1633425547.cds231.fr8.hn,1633425547.cds142.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2223272
x-jsd-version
4.5.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19180-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6995910aedd65c20-FRA
all.min.js
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/ 		1 MB
355 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/all.min.js
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20a3ef6979bbe5e4de1afaecc703e1d34cbc5e3ceab36d378539506327692d72
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1925933
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
362308
timing-allow-origin
*
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-123bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnWKOvFax1jaROcrYIas%2BbaT5BJZzyWO51HbEXw4FbePwutmb2%2B42uvvTtCram57olT6%2FDc4FIV9wGPBqTv0qG8ciDpsWmBulG9%2BndNyV88UDrgvK3s2ptk0PaBM1l%2BIyKE%2F8STJO4pWq9EW3sUfNOYZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6995910ae9c25c02-FRA
expires
Sun, 25 Sep 2022 09:19:08 GMT
jquery.payment.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.payment/3.0.0/jquery.payment.min.js
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3502756
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-210b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mavz3GWpCZa7JkL9z%2BKZVv6ZPrhy6AV0NtITqxYh4%2FfIEJOejHKP8YeDzOn2FFcizG0bGLbIrtWyaKb4o6FdhKRPtBcoap2%2BTlZ%2BYJvDHAXhDrH5i9cv4Es2aLu%2F7%2Fr5d%2Fzbx8sZBr1WC%2FPAVmlz7376"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6995910ae9c45c02-FRA
expires
Sun, 25 Sep 2022 09:19:08 GMT
script.js
recursing-bose.35-228-3-255.plesk.page/sca/assets/js/ 		154 B
262 B 		Script
General
Check archive.org
Download Go to
Full URL
https://recursing-bose.35-228-3-255.plesk.page/sca/assets/js/script.js
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.228.3.255 Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
255.3.228.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
01066344ed84a8cfc6518af2398dead9ce515b86e710c4ad301049541722ddd9

Request headers

:path
/sca/assets/js/script.js
pragma
no-cache
cookie
PHPSESSID=28u8te556l6tb1k4oo395uhvnn
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
recursing-bose.35-228-3-255.plesk.page
referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/sca/clients/xeqZkX.php?verification
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:08 GMT
content-encoding
br
last-modified
Thu, 16 Sep 2021 05:39:04 GMT
x-accel-version
0.01
x-powered-by
PleskLin
etag
W/"9a-5cc163b8d0e00"
content-type
application/javascript
server
nginx
css2
fonts.googleapis.com/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/assets/css/style2.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b40dc7015b19e80a9d1efe26f673355619a8e6b81a6eb7102b7335a64dee1706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 07:56:12 GMT
server
ESF
date
Tue, 05 Oct 2021 09:19:08 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 05 Oct 2021 09:19:08 GMT
pos.png
recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recursing-bose.35-228-3-255.plesk.page/sca/assets/imgs/pos.png
Requested by
Host: recursing-bose.35-228-3-255.plesk.page
URL: https://recursing-bose.35-228-3-255.plesk.page/sca/assets/css/style2.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.228.3.255 Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
255.3.228.35.bc.googleusercontent.com
Software
nginx / PleskLin
Resource Hash
7756d0be44faaee0f33b13ee55b948039216ec88dca9a5619cbddc9c250014e2

Request headers

:path
/sca/assets/imgs/pos.png
pragma
no-cache
cookie
PHPSESSID=28u8te556l6tb1k4oo395uhvnn
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
recursing-bose.35-228-3-255.plesk.page
referer
https://recursing-bose.35-228-3-255.plesk.page/sca/assets/css/style2.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://recursing-bose.35-228-3-255.plesk.page/sca/assets/css/style2.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:19:08 GMT
last-modified
Fri, 01 Oct 2021 20:59:32 GMT
server
nginx
x-powered-by
PleskLin
etag
"615776b4-2997"
content-type
image/png
accept-ranges
bytes
content-length
10647
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://recursing-bose.35-228-3-255.plesk.page
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 17:27:37 GMT
x-content-type-options
nosniff
age
57091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 04 Oct 2022 17:27:37 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Volksbank (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| bootstrap object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome

1 Cookies

Domain/Path Name / Value
recursing-bose.35-228-3-255.plesk.page/ Name: PHPSESSID
Value: 28u8te556l6tb1k4oo395uhvnn

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

candaceowensismypresident.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
recursing-bose.35-228-3-255.plesk.page
104.218.237.129
2001:4de0:ac18::1:a:3a
2606:4700::6810:125e
2606:4700::6810:5714
2a00:1450:4001:801::200a
2a00:1450:4001:811::2003
35.228.3.255
01066344ed84a8cfc6518af2398dead9ce515b86e710c4ad301049541722ddd9
1d573b97bd2735bb26eddc224002a25af0a281b4dfafb5ff7c7e12f40edd2538
20a3ef6979bbe5e4de1afaecc703e1d34cbc5e3ceab36d378539506327692d72
2bca22a1028bb6fa8f110b462539c950f84f436124967db714b9a5652f79c37c
47d55a3214909e7935e548abaaf644a71f1e98b2673a1219d2bcc8d2f065a1b1
4aae948ab9c1d7636d75522574fb1688f23189e826e81db134d71c064bfb9c8c
5675b2d0285f7d4d409f4dbc88c69cded36857ef2a956e1c30630c9356db5a6c
63c83fd41eddc699dca109b396232bc1f649273842d5a7cb73eaa5ddbcda5b56
6655089d8a9b068a7a25bd28af37b4b12a725c25edd8a95af5530a6540cc4b41
6c4ba1c662b440b3aefe5e5147ea2df72f80e510e4979c65485a7b0fff894e37
7756d0be44faaee0f33b13ee55b948039216ec88dca9a5619cbddc9c250014e2
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
926a55e9a5aa9ae619f462dc740c189917b272d9f0bc7943baedb40c2616dc8d
a2f44de0c8e9379d4836d26953655d28c346683be98758f1d66849be347d7158
a410f97754bf2b2249b26eac11d46f6559d7be1bf7679ebb6ad068cc8a61c9c2
aab10431356c347c0d866af7650e0118a82d465f48ce4bbb778d727803e14e8c
b40dc7015b19e80a9d1efe26f673355619a8e6b81a6eb7102b7335a64dee1706
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d4c292b0b1a6f0d1032a219e7947d4e9b09c1d9b272c5a7395a72e7c73193c31
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff46d4e9e7f4b7e201eaf4a6fded88d845b6b9f6219f92ec74de7dcda28e94da