urlscan.io logo urlscan.io
SecurityTrails logo

onlinesecureuser04b.dynamic-dns.net Open in urlscan Pro
129.151.74.222  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://onlinesecureuser04b.dynamic-dns.net/billing.php
Submission: On July 05 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 31 HTTP transactions. The main IP is 129.151.74.222, located in Cardiff, United Kingdom and belongs to ORACLE-BMC-31898, US. The main domain is onlinesecureuser04b.dynamic-dns.net.
This is the only time onlinesecureuser04b.dynamic-dns.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Navy Federal Credit Union (Government)

Domain & IP information

15    129.151.74.222 (Cardiff, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)
onlinesecureuser04b.dynamic-dns.net
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    216.58.212.134 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f6.1e100.net
9749892.fls.doubleclick.net
1    34.254.108.170 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-108-170.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googleadservices.com
3    104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
ct.pinterest.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
15 onlinesecureuser04b.dynamic-dns.net onlinesecureuser04b.dynamic-dns.net
3 ct.pinterest.com 9749892.fls.doubleclick.net
3 fonts.gstatic.com fonts.googleapis.com
2 www.googleadservices.com 9749892.fls.doubleclick.net
www.googleadservices.com
2 adservice.google.com 1 redirects onlinesecureuser04b.dynamic-dns.net
2 www.googletagmanager.com 1 redirects onlinesecureuser04b.dynamic-dns.net
1 www.google.de 9749892.fls.doubleclick.net
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 insight.adsrvr.org 9749892.fls.doubleclick.net
1 9749892.fls.doubleclick.net adservice.google.com
1 adservice.google.de 1 redirects
1 fonts.googleapis.com onlinesecureuser04b.dynamic-dns.net
31 13

This site contains no links.

Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1O1		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA		 2020-07-16 -
2021-08-04		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://onlinesecureuser04b.dynamic-dns.net/billing.php
Frame ID: 3FFF293053763BB766C3532F41EF95EF
Requests: 21 HTTP requests in this frame

Frame: http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/activityi_002.html
Frame ID: 097BB4CFB7A7F105BCDE5993BDD32BD3
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Frame ID: 03B09E2DE48613CCCDCAE7C00158AFD6
Requests: 1 HTTP requests in this frame

Frame: https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Frame ID: 4C4BC917A80ED1F48664CD3D2AA5292D
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

31
Requests

45 %
HTTPS

67 %
IPv6

10
Domains

13
Subdomains

11
IPs

4
Countries

569 kB
Transfer

655 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • http://www.googletagmanager.com/gtag/js?id=DC-9749892&l=dataLayer&cx=c HTTP 302
  • https://www.googletagmanager.com/gtag/js?id=DC-9749892&l=dataLayer&cx=c
Request Chain 20
  • https://adservice.google.com/ddm/fls/i/src=9749892;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php HTTP 302
  • https://adservice.google.com/ddm/fls/i/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Request Chain 21
  • https://adservice.google.de/ddm/fls/i/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php HTTP 302
  • https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Request Chain 28
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/683427688/?random=1002276544&cv=9&fst=1625490952696&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Bdc_pre%3DCMbRudaBzPECFZyEsgodelME_Q%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D977151884502%3Bgtm%3D2od9u1%3Bauiddc%3D1712041899.1603295711%3B~oref%3Dfile%253A%252F%252F%252FC%253A%252FUsers%252FJay%252FDesktop%252FNavyFederal%252Fbilling.php&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=CAbjYNu2LM_LgQe0r7joDQ&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/683427688/?random=1002276544&cv=9&fst=1625490952696&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Bdc_pre%3DCMbRudaBzPECFZyEsgodelME_Q%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D977151884502%3Bgtm%3D2od9u1%3Bauiddc%3D1712041899.1603295711%3B~oref%3Dfile%253A%252F%252F%252FC%253A%252FUsers%252FJay%252FDesktop%252FNavyFederal%252Fbilling.php&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=CAbjYNu2LM_LgQe0r7joDQ&cid=CAQSKQCNIrLMjSncCO7WvShks8eH614IjFowK0M4Nllt50zSD5U2HFlfAklK&random=16740562&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/683427688/?random=1002276544&cv=9&fst=1625490952696&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Bdc_pre%3DCMbRudaBzPECFZyEsgodelME_Q%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D977151884502%3Bgtm%3D2od9u1%3Bauiddc%3D1712041899.1603295711%3B~oref%3Dfile%253A%252F%252F%252FC%253A%252FUsers%252FJay%252FDesktop%252FNavyFederal%252Fbilling.php&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=CAbjYNu2LM_LgQe0r7joDQ&cid=CAQSKQCNIrLMjSncCO7WvShks8eH614IjFowK0M4Nllt50zSD5U2HFlfAklK&random=16740562&resp=GooglemKTybQhCsO&ipr=y

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request billing.php
onlinesecureuser04b.dynamic-dns.net/ 		45 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://onlinesecureuser04b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
3af4052d73ba4840884ec866a1e48aa0cb05fec9105d177ecd8257b37a2f2d07

Request headers

Host
onlinesecureuser04b.dynamic-dns.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Jul 2021 13:15:52 GMT
Server
Apache
Keep-Alive
timeout=5, max=97
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
main-3854dce7049a84d55d5e.css
onlinesecureuser04b.dynamic-dns.net/assets/billing_files/ 		156 KB
156 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
582645ed04b9ca40ef2cd6924dd2b41688e03be3d8b075b722ab07c5319ffd86

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
onlinesecureuser04b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Jul 2021 13:15:52 GMT
Last-Modified
Thu, 22 Oct 2020 09:19:52 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
159414
logo_004.js
onlinesecureuser04b.dynamic-dns.net/assets/billing_files/ 		96 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/logo_004.js
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
443c606b8833a1f9a0dec16937658d295e0916e2d5843f9512d1659dba024970

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
onlinesecureuser04b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Jul 2021 13:15:52 GMT
Last-Modified
Thu, 22 Oct 2020 16:16:44 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
96
checkmark.svg
onlinesecureuser04b.dynamic-dns.net/assets/billing_files/ 		288 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/checkmark.svg
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
51a528c1775dd41070e1e551dc9166d635c033d7c7043477a709a68b3494836a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
onlinesecureuser04b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Jul 2021 13:15:52 GMT
Last-Modified
Thu, 22 Oct 2020 14:19:48 GMT
Server
Apache
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
288
a
onlinesecureuser04b.dynamic-dns.net/assets/billing_files/ 		31 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/a
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
2283d95a9ed2b85158a5a0ab158c92bbb43cd78ea4c3aa9f7691f42c3350e88f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
onlinesecureuser04b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Jul 2021 13:15:52 GMT
Last-Modified
Thu, 22 Oct 2020 16:16:44 GMT
Server
Apache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
31
a.txt
onlinesecureuser04b.dynamic-dns.net/assets/billing_files/ 		31 B
272 B 		Script
General
Check archive.org
Download Go to
Full URL
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/a.txt
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
1cdb497b2bc18749396e3981c5b9e613c0aa5cc04ec9491bcd9c02e34cb44193

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
onlinesecureuser04b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Jul 2021 13:15:52 GMT
Last-Modified
Thu, 22 Oct 2020 16:16:44 GMT
Server
Apache
Content-Type
text/plain
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
31
846112901no178e0bd7344fd8913ea6.txt
onlinesecureuser04b.dynamic-dns.net/assets/billing_files/ 		71 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/846112901no178e0bd7344fd8913ea6.txt
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
e7ec9ec6ee8e08591fcae718adc05052e94a55419b47cc3cc1fefdcf3059c19c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
onlinesecureuser04b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Jul 2021 13:15:52 GMT
Last-Modified
Thu, 22 Oct 2020 16:16:44 GMT
Server
Apache
Content-Type
text/plain
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
73185
activity_pixel.gif
onlinesecureuser04b.dynamic-dns.net/assets/billing_files/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/activity_pixel.gif
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
onlinesecureuser04b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Jul 2021 13:15:52 GMT
Last-Modified
Thu, 22 Oct 2020 14:19:48 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
43
js
onlinesecureuser04b.dynamic-dns.net/assets/billing_files/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/js
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
0869fe5cc1f097d1941859058871dfd40fb1099c855d3662520c2463fb620066

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
onlinesecureuser04b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Jul 2021 13:15:52 GMT
Last-Modified
Thu, 22 Oct 2020 16:16:44 GMT
Server
Apache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
96167
js_002
onlinesecureuser04b.dynamic-dns.net/assets/billing_files/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/js_002
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
772485938ce21727b55d5bf3d556531fe8ba68aa88c530183127acd507648d7b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
onlinesecureuser04b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Jul 2021 13:15:52 GMT
Last-Modified
Thu, 22 Oct 2020 16:16:44 GMT
Server
Apache
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
96167
activity_pixel_002.gif
onlinesecureuser04b.dynamic-dns.net/assets/billing_files/ 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/activity_pixel_002.gif
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
onlinesecureuser04b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
Connection
keep-alive
Cache-Control
no-cache
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Jul 2021 13:15:52 GMT
Last-Modified
Thu, 22 Oct 2020 16:16:44 GMT
Server
Apache
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
43
css
fonts.googleapis.com/ 		13 KB
926 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:100,200,300,400,500,600,700,800,900
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
102d69b8233684dd9b9bc94145fc332453aaa8f4fcf6221b1824ecdd042a693b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://onlinesecureuser04b.dynamic-dns.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Jul 2021 11:19:46 GMT
server
ESF
date
Mon, 05 Jul 2021 13:15:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Jul 2021 13:15:52 GMT
nfculogo.png
onlinesecureuser04b.dynamic-dns.net/assets/img/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://onlinesecureuser04b.dynamic-dns.net/assets/img/nfculogo.png
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
onlinesecureuser04b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Jul 2021 13:15:52 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
dropdown_caret.svg
onlinesecureuser04b.dynamic-dns.net/assets/img/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://onlinesecureuser04b.dynamic-dns.net/assets/img/dropdown_caret.svg
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
onlinesecureuser04b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Jul 2021 13:15:52 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=95
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
NCUA_Logo.svg
onlinesecureuser04b.dynamic-dns.net/assets/img/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://onlinesecureuser04b.dynamic-dns.net/assets/img/NCUA_Logo.svg
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
onlinesecureuser04b.dynamic-dns.net
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
Connection
keep-alive
Cache-Control
no-cache
Referer
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/main-3854dce7049a84d55d5e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 05 Jul 2021 13:15:52 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=93
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://onlinesecureuser04b.dynamic-dns.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 11:39:10 GMT
x-content-type-options
nosniff
age
524202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 11:39:10 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://onlinesecureuser04b.dynamic-dns.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 11:39:10 GMT
x-content-type-options
nosniff
age
524202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15948
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:32 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 11:39:10 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:100,200,300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://onlinesecureuser04b.dynamic-dns.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 07:58:17 GMT
x-content-type-options
nosniff
age
451055
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15764
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:17 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 07:58:17 GMT
846112901no178e0bd7344fd8913ea6
onlinesecureuser04b.dynamic-dns.net/public/ 		0
0
activityi_002.html
onlinesecureuser04b.dynamic-dns.net/assets/billing_files/ Frame 097B 		559 B
800 B 		Document
General
Check archive.org
Download Go to
Full URL
http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/activityi_002.html
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/billing.php
Protocol
HTTP/1.1
Server
129.151.74.222 Cardiff, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
Apache /
Resource Hash
26b9f55fcb12043f0166f51b8c38e6804d03c8fe0fb18504835cf49b3f5f2b6a

Request headers

Host
onlinesecureuser04b.dynamic-dns.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://onlinesecureuser04b.dynamic-dns.net/billing.php

Response headers

Date
Mon, 05 Jul 2021 13:15:52 GMT
Server
Apache
Last-Modified
Thu, 22 Oct 2020 16:16:44 GMT
Accept-Ranges
bytes
Content-Length
559
Keep-Alive
timeout=5, max=94
Connection
Keep-Alive
Content-Type
text/html
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=DC-9749892&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=DC-9749892&l=dataLayer&cx=c
85 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-9749892&l=dataLayer&cx=c
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/billing.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c9f4cb3e3b16ff1cd9bcc179ca7748a2973d16807b25825511c87c716177833
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://onlinesecureuser04b.dynamic-dns.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Jul 2021 13:15:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34924
x-xss-protection
0
last-modified
Mon, 05 Jul 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 05 Jul 2021 13:15:52 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=DC-9749892&l=dataLayer&cx=c
Date
Mon, 05 Jul 2021 13:15:52 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
Google Tag Manager
Content-Length
276
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fb...
adservice.google.com/ddm/fls/i/ Frame 03B0
Redirect Chain
  • https://adservice.google.com/ddm/fls/i/src=9749892;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFedera...
  • https://adservice.google.com/ddm/fls/i/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2F...
521 B
432 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Requested by
Host: onlinesecureuser04b.dynamic-dns.net
URL: http://onlinesecureuser04b.dynamic-dns.net/assets/billing_files/activityi_002.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a9031e59058d912ce059e7d37f59e36a0e5cd3fa0d50b98e08a59ebc38ed363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://onlinesecureuser04b.dynamic-dns.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://onlinesecureuser04b.dynamic-dns.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 05 Jul 2021 13:15:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
409
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 05 Jul 2021 13:15:52 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
location
https://adservice.google.com/ddm/fls/i/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fb...
9749892.fls.doubleclick.net/ddm/fls/r/ Frame 4C4B
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FU...
  • https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2F...
1 KB
819 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.134 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f6.1e100.net
Software
cafe /
Resource Hash
546429158fe9c0a0fae24090f30045822d04eb63cacd8783d9cf7f0a1065b976
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9749892.fls.doubleclick.net
:scheme
https
:path
/ddm/fls/r/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 05 Jul 2021 13:15:52 GMT
expires
Mon, 05 Jul 2021 13:15:52 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
628
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 05-Jul-2021 13:30:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 05 Jul 2021 13:15:52 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
/
insight.adsrvr.org/track/pxl/ Frame 4C4B 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=pcl8biy&ct=0:1psqepk&fmt=3
Requested by
Host: 9749892.fls.doubleclick.net
URL: https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.108.170 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-108-170.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://9749892.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Jul 2021 13:15:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
conversion.js
www.googleadservices.com/pagead/ Frame 4C4B 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 9749892.fls.doubleclick.net
URL: https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
0f506a0bf099d96a1f34c7c23cb74929b8fa381d4114509f9aef2273f2c852b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9749892.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Jul 2021 13:15:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17349
x-xss-protection
0
server
cafe
etag
3780840205288251298
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 05 Jul 2021 13:15:52 GMT
/
ct.pinterest.com/v3/ Frame 4C4B 		35 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2617254381486&noscript=1
Requested by
Host: 9749892.fls.doubleclick.net
URL: https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://9749892.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Jul 2021 13:15:52 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.976656b8.1625490952.f0a1455
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
1147453240290599
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ Frame 4C4B 		35 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?event=PageView&tid=2617254381486&noscript=1
Requested by
Host: 9749892.fls.doubleclick.net
URL: https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://9749892.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Jul 2021 13:15:52 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.976656b8.1625490952.f0a145b
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
content-length
35
x-pinterest-rid
1642653182774638
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ Frame 4C4B 		35 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?event=ViewCategory&tid=2617254381486&noscript=1
Requested by
Host: 9749892.fls.doubleclick.net
URL: https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://9749892.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Jul 2021 13:15:52 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.976656b8.1625490952.f0a1461
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
1369411565016647
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/683427688/ Frame 4C4B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/683427688/?random=1625490952696&cv=9&fst=1625490952696&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Bdc_pre%3DCMbRudaBzPECFZyEsgodelME_Q%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D977151884502%3Bgtm%3D2od9u1%3Bauiddc%3D1712041899.1603295711%3B~oref%3Dfile%253A%252F%252F%252FC%253A%252FUsers%252FJay%252FDesktop%252FNavyFederal%252Fbilling.php&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1540ce5d159235bf667285cb4df70c880a13f3b936f033217c24833fde32744e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9749892.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Jul 2021 13:15:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1270
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/683427688/ Frame 4C4B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/683427688/?random=1002276544&cv=9&fst=1625490952696&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059...
  • https://www.google.com/pagead/1p-conversion/683427688/?random=1002276544&cv=9&fst=1625490952696&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600...
  • https://www.google.de/pagead/1p-conversion/683427688/?random=1002276544&cv=9&fst=1625490952696&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/683427688/?random=1002276544&cv=9&fst=1625490952696&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Bdc_pre%3DCMbRudaBzPECFZyEsgodelME_Q%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D977151884502%3Bgtm%3D2od9u1%3Bauiddc%3D1712041899.1603295711%3B~oref%3Dfile%253A%252F%252F%252FC%253A%252FUsers%252FJay%252FDesktop%252FNavyFederal%252Fbilling.php&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=CAbjYNu2LM_LgQe0r7joDQ&cid=CAQSKQCNIrLMjSncCO7WvShks8eH614IjFowK0M4Nllt50zSD5U2HFlfAklK&random=16740562&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 9749892.fls.doubleclick.net
URL: https://9749892.fls.doubleclick.net/ddm/fls/r/src=9749892;dc_pre=CMbRudaBzPECFZyEsgodelME_Q;type=membersh;cat=nfcu_00;ord=977151884502;gtm=2od9u1;auiddc=1712041899.1603295711;~oref=file%3A%2F%2F%2FC%3A%2FUsers%2FJay%2FDesktop%2FNavyFederal%2Fbilling.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9749892.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Jul 2021 13:15:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 05 Jul 2021 13:15:52 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/683427688/?random=1002276544&cv=9&fst=1625490952696&num=1&npa=1&label=ZF0BCPDe2LkBEOiO8cUC&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F9749892.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fsrc%3D9749892%3Bdc_pre%3DCMbRudaBzPECFZyEsgodelME_Q%3Btype%3Dmembersh%3Bcat%3Dnfcu_00%3Bord%3D977151884502%3Bgtm%3D2od9u1%3Bauiddc%3D1712041899.1603295711%3B~oref%3Dfile%253A%252F%252F%252FC%253A%252FUsers%252FJay%252FDesktop%252FNavyFederal%252Fbilling.php&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=CAbjYNu2LM_LgQe0r7joDQ&cid=CAQSKQCNIrLMjSncCO7WvShks8eH614IjFowK0M4Nllt50zSD5U2HFlfAklK&random=16740562&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
846112901no178e0bd7344fd8913ea6
onlinesecureuser04b.dynamic-dns.net/public/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
onlinesecureuser04b.dynamic-dns.net
URL
https://onlinesecureuser04b.dynamic-dns.net/public/846112901no178e0bd7344fd8913ea6
Domain
onlinesecureuser04b.dynamic-dns.net
URL
https://onlinesecureuser04b.dynamic-dns.net/public/846112901no178e0bd7344fd8913ea6

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Navy Federal Credit Union (Government)

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated boolean| io_install_flash boolean| io_install_stm number| io_exclude_stm boolean| io_enable_rip object| _cf object| _ac object| bmak string| _sd_trace function| op function| gtag object| dataLayer object| VisualIqPairs object| pages object| pixelValues undefined| pn undefined| currentPage undefined| currentPx undefined| img object| doubleClickMultipleValues undefined| currentType undefined| currentCat object| google_tag_manager object| google_tag_data

2 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnP5jU0M70YJXmoKK3JuycmUnqiO2nvWBMj3bbvPxlm55gexe_zoZfNMKyT
.dynamic-dns.net/ Name: _gcl_au
Value: 1.1.432627831.1625490952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9749892.fls.doubleclick.net
adservice.google.com
adservice.google.de
ct.pinterest.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
onlinesecureuser04b.dynamic-dns.net
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
onlinesecureuser04b.dynamic-dns.net
104.75.88.209
129.151.74.222
142.250.184.226
216.58.212.134
2a00:1450:4001:808::2002
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
34.254.108.170
0869fe5cc1f097d1941859058871dfd40fb1099c855d3662520c2463fb620066
0f506a0bf099d96a1f34c7c23cb74929b8fa381d4114509f9aef2273f2c852b3
102d69b8233684dd9b9bc94145fc332453aaa8f4fcf6221b1824ecdd042a693b
1540ce5d159235bf667285cb4df70c880a13f3b936f033217c24833fde32744e
1cdb497b2bc18749396e3981c5b9e613c0aa5cc04ec9491bcd9c02e34cb44193
2283d95a9ed2b85158a5a0ab158c92bbb43cd78ea4c3aa9f7691f42c3350e88f
24f7e397faec79e62c37ff2f00b170f6dc1557fb46ac169f9f1897a9d641dd03
26b9f55fcb12043f0166f51b8c38e6804d03c8fe0fb18504835cf49b3f5f2b6a
2a9031e59058d912ce059e7d37f59e36a0e5cd3fa0d50b98e08a59ebc38ed363
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3af4052d73ba4840884ec866a1e48aa0cb05fec9105d177ecd8257b37a2f2d07
443c606b8833a1f9a0dec16937658d295e0916e2d5843f9512d1659dba024970
4c9f4cb3e3b16ff1cd9bcc179ca7748a2973d16807b25825511c87c716177833
51a528c1775dd41070e1e551dc9166d635c033d7c7043477a709a68b3494836a
546429158fe9c0a0fae24090f30045822d04eb63cacd8783d9cf7f0a1065b976
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
582645ed04b9ca40ef2cd6924dd2b41688e03be3d8b075b722ab07c5319ffd86
772485938ce21727b55d5bf3d556531fe8ba68aa88c530183127acd507648d7b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
e7ec9ec6ee8e08591fcae718adc05052e94a55419b47cc3cc1fefdcf3059c19c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309