www.ghtrout.net Open in urlscan Pro
66.228.48.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.ghtrout.net/
Submission: On September 05 via manual (September 5th 2019, 12:51:19 pm UTC) from US

Summary HTTP 15 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 15 HTTP transactions. The main IP is 66.228.48.105, located in Dallas, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is www.ghtrout.net.

This is the only time www.ghtrout.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	66.228.48.105 66.228.48.105	63949 (LINODE-AP...) (LINODE-AP Linode)
2 4	2606:4700:30:... 2606:4700:30::6812:2f2b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	67.199.248.10 67.199.248.10	395224 (BITLY-AS) (BITLY-AS - Bitly Inc)
2	2606:4700:30:... 2606:4700:30::681b:beda	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
4	158.69.252.241 158.69.252.241	16276 (OVH) (OVH)
15	6

4 66.228.48.105 (Dallas, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li290-105.members.linode.com

www.ghtrout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:30::6812:2f2b (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.counter12.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.199.248.10 (United States) 2 redirects

ASN395224 (BITLY-AS - Bitly Inc, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681b:beda (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

meuip.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 158.69.252.241 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns561403.ip-158-69-252.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	histats.com s10.histats.com s4.histats.com	6 KB
4	counter12.com 2 redirects www.counter12.com	2 KB
4	ghtrout.net www.ghtrout.net	54 KB
2	meuip.page meuip.page
2	bit.ly 2 redirects bit.ly	840 B
2	google-analytics.com www.google-analytics.com	17 KB
15	6

	Domain	Requested by
4	s4.histats.com	s10.histats.com
4	www.counter12.com	2 redirects www.ghtrout.net
4	www.ghtrout.net	www.ghtrout.net
2	meuip.page	www.counter12.com
2	bit.ly	2 redirects
2	www.google-analytics.com	www.ghtrout.net
1	s10.histats.com	www.counter12.com
15	7

This site contains links to these domains. Also see Links.

Domain
pbxbook.com
www.tek-tips.com
avaya.com
youtube.com
fletch.tv
www.telcodata.us
www.georgia-telephone.com
groups.google.com

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh
sni307785.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-01` - `2020-03-09`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-08-13` - `2019-11-11`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2018-10-17` - `2019-10-17`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://www.ghtrout.net/
Frame ID: C654EFD461D1F7AF11FB26B6BF8E0F85
Requests: 11 HTTP requests in this frame

Frame: http://www.ghtrout.net/files/index.html
Frame ID: CFC01EBF738FAD3608A4CABC1239AC2A
Requests: 2 HTTP requests in this frame

Frame: https://meuip.page/ads.html
Frame ID: 4893EC7E03DD056707D27AB2046EA548
Requests: 1 HTTP requests in this frame

Frame: https://meuip.page/ads.html
Frame ID: 928F6072282894BF59892BBF0D5E61C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

15
Requests

40 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

79 kB
Transfer

113 kB
Size

28
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://pbxbook.com/
Title: Mike's PBX Cookbook - One of the Best Nortel "How To" Sites

Search URL Search Domain Scan URL

URL: http://www.tek-tips.com/threadminder.cfm?pid=798
Title: MVP at Tek-Tips CS1000/Meridian Forum

Search URL Search Domain Scan URL

URL: http://avaya.com/Fletcher
Title: Avaya.com/Fletcher

Search URL Search Domain Scan URL

URL: http://youtube.com/Fletch911TV
Title: YouTube.com/Fletch911TV

Search URL Search Domain Scan URL

URL: http://fletch.tv/
Title: http://Fletch.TV

Search URL Search Domain Scan URL

URL: http://www.telcodata.us/
Title: TelcoData.us NPA/NXX Wizard

Search URL Search Domain Scan URL

URL: http://www.georgia-telephone.com/Quick_Reference_Guides.htm
Title: Brian's Quick Reference Guides

Search URL Search Domain Scan URL

URL: http://groups.google.com/group/nortel-list
Title: Nortel-List by TGrace

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://www.counter12.com/img-88AZB1a0WYCCBA06-5.gif HTTP 301
https://www.counter12.com/img-88AZB1a0WYCCBA06-5.gif

Request Chain 2

http://www.counter12.com/ad.js?id=88AZB1a0WYCCBA06 HTTP 301
https://www.counter12.com/ad.js?id=88AZB1a0WYCCBA06

Request Chain 3

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 5

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1522618302&utmhn=www.ghtrout.net&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=GHTROUT%20-%20AVAYA%20NORTEL%20CS1000%20%2F%20MERIDIAN%20RESOURCES&utmhid=1573744705&utmr=-&utmp=%2F&utmht=1567687861102&utmac=UA-39283930-1&utmcc=__utma%3D183980784.1502649260.1567687861.1567687861.1567687861.1%3B%2B__utmz%3D183980784.1567687861.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1482805160&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1522618302&utmhn=www.ghtrout.net&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=GHTROUT%20-%20AVAYA%20NORTEL%20CS1000%20%2F%20MERIDIAN%20RESOURCES&utmhid=1573744705&utmr=-&utmp=%2F&utmht=1567687861102&utmac=UA-39283930-1&utmcc=__utma%3D183980784.1502649260.1567687861.1567687861.1567687861.1%3B%2B__utmz%3D183980784.1567687861.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1482805160&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Request Chain 7

https://bit.ly/2WXl8ZI HTTP 301
https://meuip.page/ads.html

Request Chain 8

https://bit.ly/2WXl8ZI HTTP 301
https://meuip.page/ads.html

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.ghtrout.net/ 8 KB
8 KB 311ms
268ms Document
text/html 66.228.48.105
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ghtrout.net/
Protocol: HTTP/1.1
Server: 66.228.48.105 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li290-105.members.linode.com
Software: nginx/1.12.2 /
Resource Hash: 9f5e6080a6f3ca1c5469111c810f8118797827103ebda2a4299bd2ea2d51fb55

Request headers

Host: www.ghtrout.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx/1.12.2
Date: Thu, 05 Sep 2019 12:51:01 GMT
Content-Type: text/html
Content-Length: 8019
Last-Modified: Fri, 06 Apr 2018 16:15:07 GMT
Connection: keep-alive
ETag: "5ac79d0b-1f53"
Accept-Ranges: bytes

GET
H/1.1 200
OK logo08.jpg
www.ghtrout.net/images/ 10 KB
10 KB 148ms
147ms Image
image/jpeg 66.228.48.105
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.ghtrout.net/images/logo08.jpg
Requested by: Host: www.ghtrout.net
URL: http://www.ghtrout.net/
Protocol: HTTP/1.1
Security: , ,
Server: 66.228.48.105 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li290-105.members.linode.com
Software: nginx/1.12.2 /
Resource Hash: 879619b19a87b769216889a3a451fddd1d75a656ed72f779a9e4d314cd5240ed

Request headers

Referer: http://www.ghtrout.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Sep 2019 12:51:01 GMT
Last-Modified: Sun, 30 Jul 2017 22:09:55 GMT
Server: nginx/1.12.2
ETag: "597e5933-280b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10251

GET
H2

200

img-88AZB1a0WYCCBA06-5.gif
www.counter12.com/
Redirect Chain

http://www.counter12.com/img-88AZB1a0WYCCBA06-5.gif
https://www.counter12.com/img-88AZB1a0WYCCBA06-5.gif

426 B
724 B

494ms
453ms

Image
image/gif

2606:4700:30::6812:2f2b
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.counter12.com/img-88AZB1a0WYCCBA06-5.gif
Requested by: Host: www.ghtrout.net
URL: http://www.ghtrout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:2f2b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: e642defb0cbb3cdfb3f3e7bc3de1f58c5b2fdd5572bba96ac3234d810f180972

Request headers

Referer: http://www.ghtrout.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Sep 2019 12:51:01 GMT
server: cloudflare
x-powered-by: PHP/5.3.3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
status: 200
cf-ray: 5118550c7b54cbb4-VIE
content-length: 426

Redirect headers

Date: Thu, 05 Sep 2019 12:51:01 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://www.counter12.com/img-88AZB1a0WYCCBA06-5.gif
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5118550c18cecba0-VIE
Expires: Thu, 05 Sep 2019 13:51:01 GMT

GET
H2

200

ad.js Show response
www.counter12.com/
Redirect Chain

http://www.counter12.com/ad.js?id=88AZB1a0WYCCBA06
https://www.counter12.com/ad.js?id=88AZB1a0WYCCBA06

2 KB
762 B

495ms
455ms

Script
text/html

2606:4700:30::6812:2f2b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.counter12.com/ad.js?id=88AZB1a0WYCCBA06
Requested by: Host: www.ghtrout.net
URL: http://www.ghtrout.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:2f2b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / PHP/5.3.3
Resource Hash: f6411ff7b4af8a58f6be06846e3f73e578b3299d67c204d57e04d5cd28363750

Request headers

Referer: http://www.ghtrout.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Sep 2019 12:51:01 GMT
content-encoding: br
server: cloudflare
x-powered-by: PHP/5.3.3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 5118550c7b57cbb4-VIE

Redirect headers

Date: Thu, 05 Sep 2019 12:51:01 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://www.counter12.com/ad.js?id=88AZB1a0WYCCBA06
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5118550c1bb159ac-VIE
Expires: Thu, 05 Sep 2019 13:51:01 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.ghtrout.net
URL: http://www.ghtrout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.ghtrout.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 2417
date: Thu, 05 Sep 2019 12:10:44 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17168
expires: Thu, 05 Sep 2019 14:10:44 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK index.html Show response
www.ghtrout.net/files/ Frame CFC0 27 KB
28 KB 284ms
258ms Document
text/html 66.228.48.105
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ghtrout.net/files/index.html
Requested by: Host: www.ghtrout.net
URL: http://www.ghtrout.net/
Protocol: HTTP/1.1
Server: 66.228.48.105 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li290-105.members.linode.com
Software: nginx/1.12.2 /
Resource Hash: 14a4be5bc4fd948a699ecb4c3777f52b50f313ce582136bd6b9f8e862c36eef9

Request headers

Host: www.ghtrout.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://www.ghtrout.net/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://www.ghtrout.net/

Response headers

Server: nginx/1.12.2
Date: Thu, 05 Sep 2019 12:51:01 GMT
Content-Type: text/html
Content-Length: 28087
Last-Modified: Tue, 02 Jan 2018 14:42:26 GMT
Connection: keep-alive
ETag: "5a4b9a52-6db7"
Accept-Ranges: bytes

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1522618302&utmhn=www.ghtrout.net&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1522618302&utmhn=www.ghtrout.net&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...

35 B
111 B

15ms
15ms

Image
image/gif

2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1522618302&utmhn=www.ghtrout.net&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=GHTROUT%20-%20AVAYA%20NORTEL%20CS1000%20%2F%20MERIDIAN%20RESOURCES&utmhid=1573744705&utmr=-&utmp=%2F&utmht=1567687861102&utmac=UA-39283930-1&utmcc=__utma%3D183980784.1502649260.1567687861.1567687861.1567687861.1%3B%2B__utmz%3D183980784.1567687861.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1482805160&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.ghtrout.net
URL: http://www.ghtrout.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.ghtrout.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Sep 2019 12:51:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1522618302&utmhn=www.ghtrout.net&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=GHTROUT%20-%20AVAYA%20NORTEL%20CS1000%20%2F%20MERIDIAN%20RESOURCES&utmhid=1573744705&utmr=-&utmp=%2F&utmht=1567687861102&utmac=UA-39283930-1&utmcc=__utma%3D183980784.1502649260.1567687861.1567687861.1567687861.1%3B%2B__utmz%3D183980784.1567687861.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1482805160&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK bg_2616.jpg
www.ghtrout.net/images/ Frame CFC0 8 KB
8 KB 140ms
139ms Image
image/jpeg 66.228.48.105
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.ghtrout.net/images/bg_2616.jpg
Requested by: Host: www.ghtrout.net
URL: http://www.ghtrout.net/files/index.html
Protocol: HTTP/1.1
Security: , ,
Server: 66.228.48.105 Dallas, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li290-105.members.linode.com
Software: nginx/1.12.2 /
Resource Hash: a20aabd597d228d968cb8b9182dd420a2d526d20ddf21f81b45e305aa1b0e472

Request headers

Referer: http://www.ghtrout.net/files/index.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Sep 2019 12:51:01 GMT
Last-Modified: Sun, 30 Jul 2017 22:10:21 GMT
Server: nginx/1.12.2
ETag: "597e594d-2042"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8258

GET
H2

200

ads.html
meuip.page/ Frame 4893
Redirect Chain

https://bit.ly/2WXl8ZI
https://meuip.page/ads.html

0
0

404ms
234ms

Document
text/html

2606:4700:30::681b:beda
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://meuip.page/ads.html
Requested by: Host: www.counter12.com
URL: https://www.counter12.com/ad.js?id=88AZB1a0WYCCBA06
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:beda , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: meuip.page
:scheme: https
:path: /ads.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://www.ghtrout.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.ghtrout.net/

Response headers

status: 200
date: Thu, 05 Sep 2019 12:51:02 GMT
content-type: text/html
set-cookie: __cfduid=d69d0fc4c31d8f57fa2a247c8fd82a4321567687862; expires=Fri, 04-Sep-20 12:51:02 GMT; path=/; domain=.meuip.page; HttpOnly; Secure
last-modified: Wed, 29 May 2019 18:19:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 511855128b705a0c-VIE
content-encoding: br

Redirect headers

Server: nginx
Date: Thu, 05 Sep 2019 12:51:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 114
Connection: keep-alive
Cache-Control: private, max-age=90
Content-Security-Policy: referrer always;
Location: https://meuip.page/ads.html
Referrer-Policy: unsafe-url
Set-Cookie: _bit=j85cP1-470288e1a690423e2d-00D; Domain=bit.ly; Expires=Tue, 03 Mar 2020 12:51:01 GMT

GET
H2

200

ads.html
meuip.page/ Frame 928F
Redirect Chain

https://bit.ly/2WXl8ZI
https://meuip.page/ads.html

0
0

406ms
236ms

Document
text/html

2606:4700:30::681b:beda
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://meuip.page/ads.html
Requested by: Host: www.counter12.com
URL: https://www.counter12.com/ad.js?id=88AZB1a0WYCCBA06
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681b:beda , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: meuip.page
:scheme: https
:path: /ads.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://www.ghtrout.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://www.ghtrout.net/

Response headers

status: 200
date: Thu, 05 Sep 2019 12:51:02 GMT
content-type: text/html
set-cookie: __cfduid=d69d0fc4c31d8f57fa2a247c8fd82a4321567687862; expires=Fri, 04-Sep-20 12:51:02 GMT; path=/; domain=.meuip.page; HttpOnly; Secure
last-modified: Wed, 29 May 2019 18:19:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 511855128b715a0c-VIE
content-encoding: br

Redirect headers

Server: nginx
Date: Thu, 05 Sep 2019 12:51:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 114
Connection: keep-alive
Cache-Control: private, max-age=90
Content-Security-Policy: referrer always;
Location: https://meuip.page/ads.html
Referrer-Policy: unsafe-url
Set-Cookie: _bit=j85cP1-b02c6f7aaaed479f82-00z; Domain=bit.ly; Expires=Tue, 03 Mar 2020 12:51:01 GMT

GET
H/1.1 200
OK js15_as.js Show response
s10.histats.com/ 11 KB
5 KB 54ms
33ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s10.histats.com/js15_as.js
Requested by: Host: www.counter12.com
URL: https://www.counter12.com/ad.js?id=88AZB1a0WYCCBA06
Protocol: HTTP/1.1
Security: , ,
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer: http://www.ghtrout.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Sep 2019 12:45:43 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Dec 2018 14:12:12 GMT
X-CDN-Pop-IP: 51.254.41.128/26
ETag: "-139234964"
X-Cacheable: Matched cache
Vary: Accept-Encoding
X-IPLB-Instance: 17363
Content-Type: text/javascript
X-CDN-Pop: rbx1
Accept-Ranges: bytes
Content-Length: 4525
X-Request-ID: 1024421299

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 53 B
324 B 221ms
201ms Script
text/html 158.69.252.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s4.histats.com/stats/0.php?3908301&@f16&@g1&@h1&@i1&@j1567687861698&@k0&@l1&@mGHTROUT%20-%20AVAYA%20NORTEL%20CS1000%20%2F%20MERIDIAN%20RESOURCES&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:1662819&@b3:1567687862&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fwww.ghtrout.net%2F&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: , ,
Server: 158.69.252.241 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561403.ip-158-69-252.net
Software: /
Resource Hash: d5b68ce2872e6baa77522d2ebeaa9748f6cb9ed62679349349645275991f023e

Request headers

Referer: http://www.ghtrout.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Sep 2019 12:51:01 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 53 B
324 B 221ms
200ms Script
text/html 158.69.252.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s4.histats.com/stats/0.php?2998001&@f16&@g1&@h1&@i1&@j1567687861698&@k0&@l1&@mGHTROUT%20-%20AVAYA%20NORTEL%20CS1000%20%2F%20MERIDIAN%20RESOURCES&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-96446691&@b3:1567687862&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fwww.ghtrout.net%2F&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: , ,
Server: 158.69.252.241 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561403.ip-158-69-252.net
Software: /
Resource Hash: 8a3f6645dd938c7fb1faecb76a593e25fd946529b1201aab7bd844ee28055b0f

Request headers

Referer: http://www.ghtrout.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Sep 2019 12:51:01 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 53 B
324 B 220ms
201ms Script
text/html 158.69.252.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s4.histats.com/stats/0.php?3908301&@f16&@g0&@h2&@i1&@j1567687861702&@k4&@l2&@mGHTROUT%20-%20AVAYA%20NORTEL%20CS1000%20%2F%20MERIDIAN%20RESOURCES&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-24077670&@b3:1567687862&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fwww.ghtrout.net%2F&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: , ,
Server: 158.69.252.241 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561403.ip-158-69-252.net
Software: /
Resource Hash: d5b68ce2872e6baa77522d2ebeaa9748f6cb9ed62679349349645275991f023e

Request headers

Referer: http://www.ghtrout.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Sep 2019 12:51:01 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 53 B
324 B 220ms
201ms Script
text/html 158.69.252.241
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://s4.histats.com/stats/0.php?2998001&@f16&@g0&@h2&@i1&@j1567687861702&@k4&@l2&@mGHTROUT%20-%20AVAYA%20NORTEL%20CS1000%20%2F%20MERIDIAN%20RESOURCES&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:127780390&@b3:1567687862&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fwww.ghtrout.net%2F&@w
Requested by: Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: , ,
Server: 158.69.252.241 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns561403.ip-158-69-252.net
Software: /
Resource Hash: 8a3f6645dd938c7fb1faecb76a593e25fd946529b1201aab7bd844ee28055b0f

Request headers

Referer: http://www.ghtrout.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 05 Sep 2019 12:51:01 GMT
Connection: close
Content-Length: 53
Content-Type: text/html;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.plant-for-the-planet.org/	1970-01-19 03:29:34	Name: _gid Value: GA1.2.1771304894.1567687864
.plant-for-the-planet.org/	1970-01-19 20:59:19	Name: _ga Value: GA1.2.76896989.1567687864
meuip.page/	1970-01-19 12:13:43	Name: c_ref_4267674 Value: http%3A%2F%2Fwww.ghtrout.net%2F
meuip.page/	1970-01-19 12:13:43	Name: HstPn4267674 Value: 2
.plant-for-the-planet.org/	1970-01-19 03:28:07	Name: _gat_gtag_UA_54955369_5 Value: 1
www.ghtrout.net/	1970-01-19 12:13:43	Name: HstCns3908301 Value: 1
meuip.page/	1970-01-19 12:13:43	Name: HstCns4267674 Value: 1
.meuip.page/	1970-01-19 12:52:36	Name: __qca Value: P0-1887799572-1567687862549
.ghtrout.net/	1970-01-19 20:59:19	Name: __utma Value: 183980784.1502649260.1567687861.1567687861.1567687861.1
meuip.page/	1970-01-19 12:13:43	Name: HstCla4267674 Value: 1567687862635
www.ghtrout.net/	1970-01-19 12:13:43	Name: HstPn3908301 Value: 2
www.ghtrout.net/	1970-01-19 12:13:43	Name: HstCnv3908301 Value: 1
meuip.page/	1970-01-19 12:13:43	Name: HstCfa4267674 Value: 1567687862631
meuip.page/	1970-01-19 12:13:43	Name: _pubcid Value: 7d11ebcc-117a-47ba-8905-9899d80c88e8
www.ghtrout.net/	1970-01-19 12:13:43	Name: HstCla3908301 Value: 1567687861702
meuip.page/	1970-01-19 12:13:43	Name: HstPt4267674 Value: 2
meuip.page/	1970-01-19 12:13:43	Name: HstCmu4267674 Value: 1567687862631
www.ghtrout.net/	1970-01-19 12:13:43	Name: HstCmu3908301 Value: 1567687861698
www.ghtrout.net/	1970-01-19 12:13:43	Name: HstCfa3908301 Value: 1567687861698
meuip.page/	1970-01-19 12:13:43	Name: HstCnv4267674 Value: 1
.ghtrout.net/	1970-01-19 03:28:09	Name: __utmb Value: 183980784.1.10.1567687861
.meuip.page/	1970-01-19 12:13:43	Name: __cfduid Value: d69d0fc4c31d8f57fa2a247c8fd82a4321567687862
.ghtrout.net/	1970-01-19 07:50:55	Name: __utmz Value: 183980784.1567687861.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
www.ghtrout.net/	1970-01-19 12:13:43	Name: HstPt3908301 Value: 2
.ghtrout.net/	1969-12-31 23:59:59	Name: __utmc Value: 183980784
.plant-for-the-planet.org/	1970-01-19 12:13:43	Name: __cfduid Value: d9ae2f97422cf95312ff37eb264e594391567687863
.doubleclick.net/	1970-01-19 12:49:43	Name: IDE Value: AHWqTUk-Bx31KkXADtkBml4QThW5NHvy_QFZNVyXU7ha4m5QfwklGB4wBWZDUv2O
.ghtrout.net/	1970-01-19 03:28:08	Name: __utmt Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
meuip.page
s10.histats.com
s4.histats.com
www.counter12.com
www.ghtrout.net
www.google-analytics.com
158.69.252.241
2606:4700:30::6812:2f2b
2606:4700:30::681b:beda
2a00:1450:4001:819::200e
46.105.201.240
66.228.48.105
67.199.248.10
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14a4be5bc4fd948a699ecb4c3777f52b50f313ce582136bd6b9f8e862c36eef9
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
879619b19a87b769216889a3a451fddd1d75a656ed72f779a9e4d314cd5240ed
8a3f6645dd938c7fb1faecb76a593e25fd946529b1201aab7bd844ee28055b0f
9f5e6080a6f3ca1c5469111c810f8118797827103ebda2a4299bd2ea2d51fb55
a20aabd597d228d968cb8b9182dd420a2d526d20ddf21f81b45e305aa1b0e472
d5b68ce2872e6baa77522d2ebeaa9748f6cb9ed62679349349645275991f023e
e642defb0cbb3cdfb3f3e7bc3de1f58c5b2fdd5572bba96ac3234d810f180972
f6411ff7b4af8a58f6be06846e3f73e578b3299d67c204d57e04d5cd28363750

www.ghtrout.net Open in urlscan Pro 66.228.48.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

40 %HTTPS

43 %IPv6

6 Domains

7 Subdomains

6 IPs

4 Countries

79 kBTransfer

113 kBSize

28 Cookies

8 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

28 Cookies

Indicators

www.ghtrout.net Open in urlscan Pro
66.228.48.105 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

40 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

6
IPs

4
Countries

79 kB
Transfer

113 kB
Size

28
Cookies

15 HTTP transactions
0 data transactions