urlscan.io logo urlscan.io
SecurityTrails logo

nginx.nycscantxt.dynu.net Open in urlscan Pro
65.109.110.204  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nginx.nycscantxt.dynu.net/
Effective URL: https://nginx.nycscantxt.dynu.net/
Submission: On June 09 via api from US — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 14 domains to perform 24 HTTP transactions. The main IP is 65.109.110.204, located in Helsinki, Finland and belongs to HETZNER-AS, DE. The main domain is nginx.nycscantxt.dynu.net.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on June 9th 2023. Valid for: 3 months.
This is the only time nginx.nycscantxt.dynu.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 65.109.110.204 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 151.139.128.10 20446 (STACKPATH...)
6 2a00:1450:400... 15169 (GOOGLE)
1 173.233.137.36 7979 (SERVERS-COM)
1 3.125.225.220 16509 (AMAZON-02)
1 4 192.243.61.227 39572 (ADVANCEDH...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 149.56.240.128 16276 (OVH)
1 45.133.44.9 39572 (ADVANCEDH...)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 192.243.59.20 39572 (ADVANCEDH...)
24 15
2    65.109.110.204 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.204.110.109.65.clients.your-server.de
nginx.nycscantxt.dynu.net
2    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3032::ac43:d577 (United States)

ASN13335 (CLOUDFLARENET, US)
images.farmfoodfamily.com
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
images.dmca.com
6    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    173.233.137.36 (United States)

ASN7979 (SERVERS-COM, US)
diningsovereign.com
1    3.125.225.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-225-220.eu-central-1.compute.amazonaws.com
simplewebanalysis.com
4    192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
tricklesmartdiscourage.com
variedpretenceclasped.com
1    2606:4700:10::6814:51d (United States)

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
dash.nextagc.com
1    149.56.240.128 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534296.ip-149-56-240.net
s4.histats.com
1    45.133.44.9 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
cdn.cloudimagesb.com
1    2606:4700:e0::ac40:6518 (United States)

ASN13335 (CLOUDFLARENET, US)
friendshipmale.com
1    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
unseenreport.com
Apex Domain
Subdomains		 Transfer
6 gstatic.com
fonts.gstatic.com
161 KB
3 tricklesmartdiscourage.com
tricklesmartdiscourage.com — Cisco Umbrella Rank: 51604
34 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 12771
s4.histats.com — Cisco Umbrella Rank: 12325
5 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
3 KB
2 dynu.net
nginx.nycscantxt.dynu.net
69 KB
1 unseenreport.com
unseenreport.com — Cisco Umbrella Rank: 21860
425 B
1 variedpretenceclasped.com
variedpretenceclasped.com — Cisco Umbrella Rank: 50792
469 B
1 friendshipmale.com
friendshipmale.com — Cisco Umbrella Rank: 19008
27 KB
1 cloudimagesb.com
cdn.cloudimagesb.com — Cisco Umbrella Rank: 25648
21 KB
1 nextagc.com
dash.nextagc.com
727 B
1 simplewebanalysis.com
simplewebanalysis.com — Cisco Umbrella Rank: 13054
308 B
1 diningsovereign.com
diningsovereign.com — Cisco Umbrella Rank: 785930
10 KB
1 dmca.com
images.dmca.com — Cisco Umbrella Rank: 12975
2 KB
1 farmfoodfamily.com
images.farmfoodfamily.com
farmfoodfamily.com Failed
20 KB
24 14
Domain Requested by
6 fonts.gstatic.com fonts.googleapis.com
3 tricklesmartdiscourage.com 1 redirects diningsovereign.com
nginx.nycscantxt.dynu.net
2 fonts.googleapis.com nginx.nycscantxt.dynu.net
client
2 nginx.nycscantxt.dynu.net 1 redirects
1 unseenreport.com
1 variedpretenceclasped.com nginx.nycscantxt.dynu.net
1 friendshipmale.com tricklesmartdiscourage.com
1 cdn.cloudimagesb.com nginx.nycscantxt.dynu.net
1 s4.histats.com s10.histats.com
1 dash.nextagc.com nginx.nycscantxt.dynu.net
1 s10.histats.com nginx.nycscantxt.dynu.net
1 simplewebanalysis.com diningsovereign.com
1 diningsovereign.com nginx.nycscantxt.dynu.net
1 images.dmca.com nginx.nycscantxt.dynu.net
1 images.farmfoodfamily.com nginx.nycscantxt.dynu.net
0 farmfoodfamily.com Failed nginx.nycscantxt.dynu.net
24 16

This site contains no links.

Subject Issuer Validity Valid
nginx.nycscantxt.dynu.net
ZeroSSL ECC Domain Secure Site CA		 2023-06-09 -
2023-09-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
farmfoodfamily.com
E1		 2023-05-11 -
2023-08-09		 3 months crt.sh
images.dmca.com
R3		 2023-05-13 -
2023-08-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
diningsovereign.com
R3		 2023-05-15 -
2023-08-13		 3 months crt.sh
simplewebanalysis.com
Amazon RSA 2048 M01		 2023-03-02 -
2024-03-31		 a year crt.sh
tricklesmartdiscourage.com
R3		 2023-05-08 -
2023-08-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-11		 a year crt.sh
nextagc.com
GTS CA 1P5		 2023-05-21 -
2023-08-19		 3 months crt.sh
histats.com
R3		 2023-06-06 -
2023-09-04		 3 months crt.sh
cdn.cloudimagesb.com
R3		 2023-05-29 -
2023-08-27		 3 months crt.sh
variedpretenceclasped.com
R3		 2023-04-28 -
2023-07-27		 3 months crt.sh
*.unseenreport.com
R3		 2023-05-26 -
2023-08-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://nginx.nycscantxt.dynu.net/
Frame ID: 2B936CDD2EAE15AE011EFADB90B0C851
Requests: 24 HTTP requests in this frame

Frame: https://cdn.cloudimagesb.com/bi/37/9e/02/379e020ebae4723959b41c13a914a506/1659524633.jpg
Frame ID: 99CAB76F74D95BF4012F876109599D63
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://nginx.nycscantxt.dynu.net/ HTTP 301
    https://nginx.nycscantxt.dynu.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

24
Requests

88 %
HTTPS

43 %
IPv6

14
Domains

16
Subdomains

15
IPs

4
Countries

353 kB
Transfer

875 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nginx.nycscantxt.dynu.net/ HTTP 301
    https://nginx.nycscantxt.dynu.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://nginx.nycscantxt.dynu.net/wp-content/themes/Newspaper/images/icons/newspaper.woff?16 HTTP 302
  • https://farmfoodfamily.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?16
Request Chain 18
  • https://tricklesmartdiscourage.com/watch.712842571411.js?key=7011774e58c13ec62eb2c3bd86c274f2&kw=%5B%5D&refer=https%3A%2F%2Fnginx.nycscantxt.dynu.net%2F&tz=0&dev=r&res=12.31&uuid=8a8e60c5-a249-49c7-b4ed-761b7d52d613%3A1%3A1 HTTP 307
  • https://tricklesmartdiscourage.com/watch.712842571411.js?key=7011774e58c13ec62eb2c3bd86c274f2&kw=%5B%5D&refer=https%3A%2F%2Fnginx.nycscantxt.dynu.net%2F&tz=0&dev=r&res=12.31&uuid=8a8e60c5-a249-49c7-b4ed-761b7d52d613%3A1%3A1&shu=e51ea59720f39fc73dde8e89398a06281651c97771ab88a51460a15b660aa5d5040538cb5bbe0c11321088fe8546c43c57c63fd08011d04c09312c6ae062787efec1832d5aa63ef75f8e1af47303f32481ba2884&pst=1686327158&rmtc=t
Request Chain 19
  • https://nginx.nycscantxt.dynu.net/wp-content/themes/Newspaper/images/icons/newspaper.ttf?16 HTTP 302
  • https://farmfoodfamily.com/wp-content/themes/Newspaper/images/icons/newspaper.ttf?16

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nginx.nycscantxt.dynu.net/
Redirect Chain
  • http://nginx.nycscantxt.dynu.net/
  • https://nginx.nycscantxt.dynu.net/
394 KB
69 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nginx.nycscantxt.dynu.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
65.109.110.204 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.204.110.109.65.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
0d05be68960ba1aefed107b6672c254d9fc59f5d1c8ce12f2827df547fef5fdf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 09 Jun 2023 16:11:37 GMT
Last-Modified
Friday, 09-Jun-2023 16:11:37 GMT
Server
nginx/1.14.2
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
185
Content-Type
text/html
Date
Fri, 09 Jun 2023 16:11:36 GMT
Location
https://nginx.nycscantxt.dynu.net/
Server
nginx/1.14.2
css
fonts.googleapis.com/ 		35 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&display=swap&ver=10
Requested by
Host: nginx.nycscantxt.dynu.net
URL: https://nginx.nycscantxt.dynu.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
21888e98f099fa4ac9317878ae085e6d2d9c8e47deb9a0da459045ae5829904c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://nginx.nycscantxt.dynu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 09 Jun 2023 16:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 09 Jun 2023 16:11:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Jun 2023 16:11:37 GMT
css
fonts.googleapis.com/ 		35 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:400|Open+Sans:300italic,400,400italic,600,600italic,700|Roboto:300,400,400italic,500,500italic,700,900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
21888e98f099fa4ac9317878ae085e6d2d9c8e47deb9a0da459045ae5829904c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://nginx.nycscantxt.dynu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 09 Jun 2023 16:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 09 Jun 2023 16:11:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Jun 2023 16:11:37 GMT
farm_logo.png
images.farmfoodfamily.com/wp-content/uploads/2016/11/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.farmfoodfamily.com/wp-content/uploads/2016/11/farm_logo.png
Requested by
Host: nginx.nycscantxt.dynu.net
URL: https://nginx.nycscantxt.dynu.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:d577 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4c5c8f641a7c24fb8a80834cf28918dac1dc2192c66b5f3ef2703a906273930
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://nginx.nycscantxt.dynu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 16:11:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx00000000000004316ade1-00644755ac-652bc218-nyc3c
alt-svc
h3=":443"; ma=86400
content-length
19675
last-modified
Mon, 24 Apr 2023 22:14:36 GMT
server
cloudflare
etag
"5288b565b86cd779d0a1ca86299aa6d8"
vary
Accept-Encoding
x-hw
1682396587.dop068.sk1.t,1682396587.cds259.sk1.hn,1682396588.cds220.sk1.p
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OXPA672wFDStpiUM3RNpocsnZzEfnf70mFYAtiuwuXG2oGTT411ISc023BDUjHNHofhlSPQP04Dj1%2B3LnavG1OJtitV4Cv3BvirR0hCkJcIfwFhMhzB8A6%2BW5guWBe%2BGlXUHpYxsoZvpA1eTqs3Y7%2FUOLtAVl57"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=604800
x-rgw-object-type
Normal
accept-ranges
bytes
cf-ray
7d4aa6c74d67067b-OSL
dmca_protected_sml_120n.png
images.dmca.com/Badges/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/dmca_protected_sml_120n.png?ID=6cd2b546-639c-4041-8c61-a45827fe9bda
Requested by
Host: nginx.nycscantxt.dynu.net
URL: https://nginx.nycscantxt.dynu.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
45ec09974d948120c9f97cbedd141f4fa8df876bd2206f0c41133ae3a13fdf13

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://nginx.nycscantxt.dynu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 16:11:37 GMT
last-modified
Tue, 04 May 2010 23:19:10 GMT
server
Microsoft-IIS/10.0
etag
"a7af7333e0ebca1:0"
x-powered-by
ASP.NET
x-hw
1686327097.cds013.sk1.hn,1686327097.cds204.sk1.c
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
link
<https://www.dmca.com/Badges/dmca_protected_sml_120n.png>; rel="canonical"
content-length
2060
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
newspaper.woff
farmfoodfamily.com/wp-content/themes/Newspaper/images/icons/
Redirect Chain
  • https://nginx.nycscantxt.dynu.net/wp-content/themes/Newspaper/images/icons/newspaper.woff?16
  • https://farmfoodfamily.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?16
0
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&display=swap&ver=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nginx.nycscantxt.dynu.net
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 05:45:28 GMT
x-content-type-options
nosniff
age
555969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 05:45:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&display=swap&ver=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nginx.nycscantxt.dynu.net
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 22:48:48 GMT
x-content-type-options
nosniff
age
235369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jun 2024 22:48:48 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&display=swap&ver=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nginx.nycscantxt.dynu.net
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 18:48:29 GMT
x-content-type-options
nosniff
age
508988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 18:48:29 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v35/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&display=swap&ver=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nginx.nycscantxt.dynu.net
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 19:05:20 GMT
x-content-type-options
nosniff
age
594377
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50440
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:13:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Jun 2024 19:05:20 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&display=swap&ver=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nginx.nycscantxt.dynu.net
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 16:10:14 GMT
x-content-type-options
nosniff
age
259283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Jun 2024 16:10:14 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed%3A400%7COpen+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&display=swap&ver=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nginx.nycscantxt.dynu.net
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Sat, 03 Jun 2023 17:25:47 GMT
x-content-type-options
nosniff
age
513950
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17368
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Jun 2024 17:25:47 GMT
invoke.js
diningsovereign.com/7011774e58c13ec62eb2c3bd86c274f2/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diningsovereign.com/7011774e58c13ec62eb2c3bd86c274f2/invoke.js
Requested by
Host: nginx.nycscantxt.dynu.net
URL: https://nginx.nycscantxt.dynu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.137.36 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
ee80de6fc7696fd7d120e2989336684d30a292019ac990fd9a89bb2a75a598d1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://nginx.nycscantxt.dynu.net/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 09 Jun 2023 16:11:38 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
2ffc682f99a56c7194e5cad720e014d6
Expires
Thu, 01 Jan 1970 00:00:01 GMT
stats
simplewebanalysis.com/ 		40 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://simplewebanalysis.com/stats
Requested by
Host: diningsovereign.com
URL: https://diningsovereign.com/7011774e58c13ec62eb2c3bd86c274f2/invoke.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.225.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-225-220.eu-central-1.compute.amazonaws.com
Software
fasthttp /
Resource Hash
c4b90a0faa79100839c099657b956e0e12912403858a2c93501b3f9bc5ef5b86

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://nginx.nycscantxt.dynu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-origin
https://nginx.nycscantxt.dynu.net
date
Fri, 09 Jun 2023 16:11:38 GMT
access-control-allow-credentials
true
server
fasthttp
content-length
40
vary
Origin
content-type
text/html; charset=UTF-8
fa9956a73065903c02ae03028841f123.js
tricklesmartdiscourage.com/fa/99/56/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tricklesmartdiscourage.com/fa/99/56/fa9956a73065903c02ae03028841f123.js
Requested by
Host: diningsovereign.com
URL: https://diningsovereign.com/7011774e58c13ec62eb2c3bd86c274f2/invoke.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
9e9843f2d8e02b811f4a5e6eec76e0178cf68fb096964976ce0f6a035af467a0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://nginx.nycscantxt.dynu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 16:11:38 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Content-Encoding
gzip
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-Request-ID
8256b6ad70809910b49cdda94d2322ba
Expires
Thu, 01 Jan 1970 00:00:01 GMT
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: nginx.nycscantxt.dynu.net
URL: https://nginx.nycscantxt.dynu.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:51d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://nginx.nycscantxt.dynu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 16:11:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
819
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
7d4aa6cd5c43b512-OSL
content-length
4547
process.php
dash.nextagc.com/sync/ 		0
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dash.nextagc.com/sync/process.php
Requested by
Host: nginx.nycscantxt.dynu.net
URL: https://nginx.nycscantxt.dynu.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://nginx.nycscantxt.dynu.net/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 09 Jun 2023 16:11:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
cloudflare
access-control-allow-methods
POST,GET,OPTIONS, GET,POST,OPTIONS,DELETE,PUT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zF97THaI%2B2QGoxqZFy7ae3oMhPmoaq8SIaN%2BBHmKqxQYdnsMlaEEaE9W2w1uDPkoQpiUNqEMeoDx9QUJHCR97tMXoYfoRALWPxeMzUA9ixmuhdS5gfPCu3wvwwFsXBY%2FtP93LBRA2G6ImJk9faiM"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
7d4aa6cd595c0b61-OSL
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Thu, 19 Nov 1981 08:52:00 GMT
0.php
s4.histats.com/stats/ 		51 B
185 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4756004&@f16&@g1&@h1&@i1&@j1686327098509&@k0&@l1&@m&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:23498996&@b3:1686327099&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fnginx.nycscantxt.dynu.net%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534296.ip-149-56-240.net
Software
/
Resource Hash
0ecfab9edde84cc916d5ddba0d6c931c067cf97ba0d2ea691371ce445708f91d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://nginx.nycscantxt.dynu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 16:11:38 GMT
Connection
close
Content-Length
51
Content-Type
text/html;charset=UTF-8
watch.712842571411.js
tricklesmartdiscourage.com/
Redirect Chain
  • https://tricklesmartdiscourage.com/watch.712842571411.js?key=7011774e58c13ec62eb2c3bd86c274f2&kw=%5B%5D&refer=https%3A%2F%2Fnginx.nycscantxt.dynu.net%2F&tz=0&dev=r&res=12.31&uuid=8a8e60c5-a249-49c7...
  • https://tricklesmartdiscourage.com/watch.712842571411.js?key=7011774e58c13ec62eb2c3bd86c274f2&kw=%5B%5D&refer=https%3A%2F%2Fnginx.nycscantxt.dynu.net%2F&tz=0&dev=r&res=12.31&uuid=8a8e60c5-a249-49c7...
3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tricklesmartdiscourage.com/watch.712842571411.js?key=7011774e58c13ec62eb2c3bd86c274f2&kw=%5B%5D&refer=https%3A%2F%2Fnginx.nycscantxt.dynu.net%2F&tz=0&dev=r&res=12.31&uuid=8a8e60c5-a249-49c7-b4ed-761b7d52d613%3A1%3A1&shu=e51ea59720f39fc73dde8e89398a06281651c97771ab88a51460a15b660aa5d5040538cb5bbe0c11321088fe8546c43c57c63fd08011d04c09312c6ae062787efec1832d5aa63ef75f8e1af47303f32481ba2884&pst=1686327158&rmtc=t
Requested by
Host: nginx.nycscantxt.dynu.net
URL: https://nginx.nycscantxt.dynu.net/
Protocol
HTTP/1.1
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
db63e7902a7d978459500e62590911bd2049185e1c5a29e65f033352e4858859
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://nginx.nycscantxt.dynu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 16:11:38 GMT
Custom-Referer
https://nginx.nycscantxt.dynu.net
Content-Encoding
gzip
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://nginx.nycscantxt.dynu.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Request-ID
75e29810d9d96ec3f8eb9cd388c622e8
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Date
Fri, 09 Jun 2023 16:11:38 GMT
Custom-Referer
https://nginx.nycscantxt.dynu.net
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
text/html
Access-Control-Allow-Origin
https://nginx.nycscantxt.dynu.net
Location
https://tricklesmartdiscourage.com/watch.712842571411.js?key=7011774e58c13ec62eb2c3bd86c274f2&kw=%5B%5D&refer=https%3A%2F%2Fnginx.nycscantxt.dynu.net%2F&tz=0&dev=r&res=12.31&uuid=8a8e60c5-a249-49c7-b4ed-761b7d52d613%3A1%3A1&shu=e51ea59720f39fc73dde8e89398a06281651c97771ab88a51460a15b660aa5d5040538cb5bbe0c11321088fe8546c43c57c63fd08011d04c09312c6ae062787efec1832d5aa63ef75f8e1af47303f32481ba2884&pst=1686327158&rmtc=t
Access-Control-Allow-Credentials
true
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
X-Request-ID
66c6b190c51f165154a3e23cff7ee0a3
Expires
Thu, 01 Jan 1970 00:00:01 GMT
newspaper.ttf
farmfoodfamily.com/wp-content/themes/Newspaper/images/icons/
Redirect Chain
  • https://nginx.nycscantxt.dynu.net/wp-content/themes/Newspaper/images/icons/newspaper.ttf?16
  • https://farmfoodfamily.com/wp-content/themes/Newspaper/images/icons/newspaper.ttf?16
0
0
1659524633.jpg
cdn.cloudimagesb.com/bi/37/9e/02/379e020ebae4723959b41c13a914a506/ Frame 99CA 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cloudimagesb.com/bi/37/9e/02/379e020ebae4723959b41c13a914a506/1659524633.jpg
Requested by
Host: nginx.nycscantxt.dynu.net
URL: https://nginx.nycscantxt.dynu.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.9 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
0c797c51a2584979dc87681b44688870f27b040c7dbe10acef419548c517f999

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Sun, 11 Jun 2023 16:11:39 GMT
date
Fri, 09 Jun 2023 16:11:39 GMT
last-modified
Wed, 03 Aug 2022 11:04:01 GMT
server
nginx/1.17.6
etag
"62ea5621-544e"
content-type
image/jpeg
cache-control
max-age=172800
accept-ranges
bytes
content-length
21582
x-proxy-cache
HIT
sfp.js
friendshipmale.com/ 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friendshipmale.com/sfp.js
Requested by
Host: tricklesmartdiscourage.com
URL: https://tricklesmartdiscourage.com/fa/99/56/fa9956a73065903c02ae03028841f123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77a3bebee72af7beb49cd94b7f16852a532aac5f3db8f610160440fe75ca4711
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://nginx.nycscantxt.dynu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Fri, 09 Jun 2023 16:11:39 GMT
strict-transport-security
max-age=0; includeSubdomains
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
alt-svc
h3=":443"; ma=86400
x-request-id
804ca3ccbd5972ac8369efd76a6083b9
last-modified
Fri, 09 Jun 2023 16:11:39 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NR6P%2Fn9ic9buZEtVeN9Ht3OeCauWroR4Jddd0tofkSUy%2FNJM%2FbC1ScnouSxPKxx%2FXFeKBCTRb9TNIkQ%2B9qvmbqgegczhd4%2BR%2BbCyVRRE4q4ynsc6eTPfjq%2B9q3v01WmuiPoiiW%2FZaf28qWErKqWrImo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
7d4aa6d2dfacf134-ARN
expires
Thu, 01 Jan 1970 00:00:01 GMT
purst
variedpretenceclasped.com/pixel/ 		0
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://variedpretenceclasped.com/pixel/purst?dl=0&th=0&sc=0&rs=2800.800003051758&rd=2800.800003051758&fd=831.1000022888184&bv=22.10.v.10&tmpl=136
Requested by
Host: nginx.nycscantxt.dynu.net
URL: https://nginx.nycscantxt.dynu.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://nginx.nycscantxt.dynu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 16:11:39 GMT
Server
nginx/1.19.5
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Cache-Control
no-cache
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
pxf.gif
unseenreport.com/ 		1 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unseenreport.com/pxf.gif?uuid=8a8e60c5-a249-49c7-b4ed-761b7d52d613&eb=4516a1571c8f06181766d58cf6e19584&te=07c6f08a5d511151e0659efb307b5abe&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.106%20Safari%2F537.36&dev=r&res=14.31&b_frame=0&pk=fa9956a73065903c02ae03028841f123&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://nginx.nycscantxt.dynu.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date
Fri, 09 Jun 2023 16:11:40 GMT
Strict-Transport-Security
max-age=0; includeSubdomains
Server
nginx/1.19.5
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
1
X-Request-ID
922d7bd73c5c147f9e7baae5bbc6dbc9
Expires
Thu, 01 Jan 1970 00:00:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
farmfoodfamily.com
URL
https://farmfoodfamily.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?16
Domain
farmfoodfamily.com
URL
https://farmfoodfamily.com/wp-content/themes/Newspaper/images/icons/newspaper.ttf?16

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend object| _0x173b function| _0x2697 object| LieDetector object| atAsyncContainers string| domain string| path object| _Hasync object| Histats_variables function| checkReferrer string| fullpart object| request string| url string| data function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues object| _0x8d72 function| _0x2db5 function| _0x3ac48f object| mm object| AaDetector function| _0x39b4 function| _0x61bf

17 Cookies

Domain/Path Name / Value
nginx.nycscantxt.dynu.net/ Name: HstCfa4756004
Value: 1686327098509
nginx.nycscantxt.dynu.net/ Name: HstCla4756004
Value: 1686327098509
nginx.nycscantxt.dynu.net/ Name: HstCmu4756004
Value: 1686327098509
nginx.nycscantxt.dynu.net/ Name: HstPn4756004
Value: 1
nginx.nycscantxt.dynu.net/ Name: HstPt4756004
Value: 1
nginx.nycscantxt.dynu.net/ Name: HstCnv4756004
Value: 1
nginx.nycscantxt.dynu.net/ Name: HstCns4756004
Value: 1
simplewebanalysis.com/ Name: uid_id2
Value: 8a8e60c5-a249-49c7-b4ed-761b7d52d613:1:1
nginx.nycscantxt.dynu.net/ Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c
Value: 8a8e60c5-a249-49c7-b4ed-761b7d52d613%3A1%3A1
tricklesmartdiscourage.com/ Name: u_pl
Value: 16588132
tricklesmartdiscourage.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjU4ODEzMiwiayI6IjcwMTE3NzRlNThjMTNlYzYyZWIyYzNiZDg2YzI3NGYyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjU3MTk0LCJwaWQiOjI0MzgyMiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozNCwiYWlkIjo1LCJwdCI6NCwicGsiOiJjcDdxYXhxa216IiwiY3BrcyI6eyAiMjgiOiJmYTk5NTZhNzMwNjU5MDNjMDJhZTAzMDI4ODQxZjEyMyJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTg5MDI4ODYwLCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTI1Mjc5LCJibiI6IkNocm9tZSIsImJ2IjoiMTE0Iiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6NzAsImMiOiJGSSIsIm4iOiJGaW5sYW5kIn0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL25naW54Lm55Y3NjYW50eHQuZHludS5uZXQvIn19.RRxT5FiFWFUNZhHWewxR59I5gcFTlZL4ctFZ644YNGs
tricklesmartdiscourage.com/ Name: uid_id2
Value: 8a8e60c5-a249-49c7-b4ed-761b7d52d613:1:1
tricklesmartdiscourage.com/ Name: pdhtkv
Value: true
tricklesmartdiscourage.com/ Name: uncs
Value: 1
tricklesmartdiscourage.com/ Name: pdhtkv5
Value: true
tricklesmartdiscourage.com/ Name: uncs5
Value: 1
nginx.nycscantxt.dynu.net/ Name: ppu_main_fa9956a73065903c02ae03028841f123
Value: 1

6 Console Messages

Source Level URL
Text
javascript warning URL: https://nginx.nycscantxt.dynu.net/(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://diningsovereign.com/7011774e58c13ec62eb2c3bd86c274f2/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://nginx.nycscantxt.dynu.net/(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://diningsovereign.com/7011774e58c13ec62eb2c3bd86c274f2/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://nginx.nycscantxt.dynu.net/
Message:
Access to font at 'https://farmfoodfamily.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?16' (redirected from 'https://nginx.nycscantxt.dynu.net/wp-content/themes/Newspaper/images/icons/newspaper.woff?16') from origin 'https://nginx.nycscantxt.dynu.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://farmfoodfamily.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?16
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://nginx.nycscantxt.dynu.net/
Message:
Access to font at 'https://farmfoodfamily.com/wp-content/themes/Newspaper/images/icons/newspaper.ttf?16' (redirected from 'https://nginx.nycscantxt.dynu.net/wp-content/themes/Newspaper/images/icons/newspaper.ttf?16') from origin 'https://nginx.nycscantxt.dynu.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://farmfoodfamily.com/wp-content/themes/Newspaper/images/icons/newspaper.ttf?16
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cloudimagesb.com
dash.nextagc.com
diningsovereign.com
farmfoodfamily.com
fonts.googleapis.com
fonts.gstatic.com
friendshipmale.com
images.dmca.com
images.farmfoodfamily.com
nginx.nycscantxt.dynu.net
s10.histats.com
s4.histats.com
simplewebanalysis.com
tricklesmartdiscourage.com
unseenreport.com
variedpretenceclasped.com
farmfoodfamily.com
149.56.240.128
151.139.128.10
173.233.137.36
192.243.59.20
192.243.61.227
2606:4700:10::6814:51d
2606:4700:3032::ac43:d577
2606:4700:e0::ac40:6518
2a00:1450:4001:806::200a
2a00:1450:4001:82b::2003
2a06:98c1:3121::3
3.125.225.220
45.133.44.9
65.109.110.204
0c797c51a2584979dc87681b44688870f27b040c7dbe10acef419548c517f999
0d05be68960ba1aefed107b6672c254d9fc59f5d1c8ce12f2827df547fef5fdf
0ecfab9edde84cc916d5ddba0d6c931c067cf97ba0d2ea691371ce445708f91d
21888e98f099fa4ac9317878ae085e6d2d9c8e47deb9a0da459045ae5829904c
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
45ec09974d948120c9f97cbedd141f4fa8df876bd2206f0c41133ae3a13fdf13
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
77a3bebee72af7beb49cd94b7f16852a532aac5f3db8f610160440fe75ca4711
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
9e9843f2d8e02b811f4a5e6eec76e0178cf68fb096964976ce0f6a035af467a0
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
a4c5c8f641a7c24fb8a80834cf28918dac1dc2192c66b5f3ef2703a906273930
c4b90a0faa79100839c099657b956e0e12912403858a2c93501b3f9bc5ef5b86
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db63e7902a7d978459500e62590911bd2049185e1c5a29e65f033352e4858859
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee80de6fc7696fd7d120e2989336684d30a292019ac990fd9a89bb2a75a598d1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615