216.251.105.126 Open in urlscan Pro
216.251.105.126 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://216.251.105.126/
Submission: On August 15 via manual (August 15th 2018, 5:19:43 am UTC) from US

Summary HTTP 18 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 6 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 216.251.105.126, located in Seattle, United States and belongs to ASN-NWNEXUS - Northwest Nexus Inc., US. The main domain is 216.251.105.126.

This is the only time 216.251.105.126 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	216.251.105.126 216.251.105.126		1982 (ASN-NWNEXUS) (ASN-NWNEXUS - Northwest Nexus Inc.)
1	2a00:1450:400... 2a00:1450:4001:81c::2008		15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81f::200a		15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:810::200e		15169 (GOOGLE) (GOOGLE - Google LLC)
5	75.149.175.181 75.149.175.181		7922 (COMCAST-7922) (COMCAST-7922 - Comcast Cable Communications)
18	6

9 216.251.105.126 (Seattle, United States)

ASN1982 (ASN-NWNEXUS - Northwest Nexus Inc., US)
PTR: BIGIP01.QCV.LOCAL

216.251.105.126	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 75.149.175.181 (United States)

ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US)
PTR: 75-149-175-181-Washington.hfc.comcastbusiness.net

75.149.175.181	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	google-analytics.com www.google-analytics.com	14 KB
1	googleapis.com ajax.googleapis.com	83 KB
1	googletagmanager.com www.googletagmanager.com	25 KB
18	3

	Domain	Requested by
2	www.google-analytics.com	www.googletagmanager.com 216.251.105.126
1	ajax.googleapis.com	216.251.105.126
1	www.googletagmanager.com	216.251.105.126
18	3

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-08-07` - `2018-10-16`	2 months	crt.sh

This page contains 1 frames:

Primary Page: http://216.251.105.126/
Frame ID: 8F141F986BAB1BEBBEFEA92ED25D11B5
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

18
Requests

22 %
HTTPS

60 %
IPv6

3
Domains

3
Subdomains

6
IPs

2
Countries

562 kB
Transfer

2937 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
216.251.105.126/ 11 KB
4 KB 330ms
168ms Document
text/html 216.251.105.126
Northwest Nexus Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://216.251.105.126/
Protocol: HTTP/1.1
Server: 216.251.105.126 Seattle, United States, ASN1982 (ASN-NWNEXUS - Northwest Nexus Inc., US),
Reverse DNS: BIGIP01.QCV.LOCAL
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 880f6d5d553bbf6571523f2d036b9cbf0bcffe9a15fcbe9826adf11e2c0de9cc

Request headers

Host: 216.251.105.126
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 8F141F986BAB1BEBBEFEA92ED25D11B5

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 19 Jun 2018 20:26:15 GMT
Accept-Ranges: bytes
ETag: "804d65c5b8d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Wed, 15 Aug 2018 05:18:40 GMT
Content-Length: 3683
Set-Cookie: BIGipServerCatch-All=1936325592.0.0000; path=/

GET
S 200 js Show response
www.googletagmanager.com/gtag/ 72 KB
25 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:81c::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-118050165-1

Requested by

Host: 216.251.105.126
URL: http://216.251.105.126/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

576bd100891d999c060b2cbc2849316f3bb019f53efbc9e12b5f748b565680e1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://216.251.105.126/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 15 Aug 2018 05:19:31 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 25691
x-xss-protection: 1; mode=block
expires: Wed, 15 Aug 2018 05:19:31 GMT

GET
S 200 jquery.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 276 KB
83 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js

Requested by

Host: 216.251.105.126
URL: http://216.251.105.126/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://216.251.105.126/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 09 Jul 2018 19:48:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3144677
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 84371
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Jul 2019 19:48:13 GMT

GET
H/1.1 200
OK pe-icon-7-stroke.css
216.251.105.126/fonts/pe-icon-7-stroke/css/ 10 KB
10 KB 170ms
169ms Stylesheet
text/css 216.251.105.126
Northwest Nexus Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://216.251.105.126/fonts/pe-icon-7-stroke/css/pe-icon-7-stroke.css
Requested by: Host: 216.251.105.126
URL: http://216.251.105.126/
Protocol: HTTP/1.1
Server: 216.251.105.126 Seattle, United States, ASN1982 (ASN-NWNEXUS - Northwest Nexus Inc., US),
Reverse DNS: BIGIP01.QCV.LOCAL
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2121cf9366471712b8e93a1556848845b41507038288a68a667858d7a6a1178d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 216.251.105.126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://216.251.105.126/
Cookie: BIGipServerCatch-All=1936325592.0.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://216.251.105.126/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 05:18:40 GMT
Last-Modified: Wed, 13 Jun 2018 22:35:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "95fc8ed5663d41:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 10374

GET
H/1.1 200
OK font-awesome.css
216.251.105.126/fonts/font-awesome/css/ 41 KB
41 KB 338ms
179ms Stylesheet
text/css 216.251.105.126
Northwest Nexus Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://216.251.105.126/fonts/font-awesome/css/font-awesome.css
Requested by: Host: 216.251.105.126
URL: http://216.251.105.126/
Protocol: HTTP/1.1
Server: 216.251.105.126 Seattle, United States, ASN1982 (ASN-NWNEXUS - Northwest Nexus Inc., US),
Reverse DNS: BIGIP01.QCV.LOCAL
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 664f74461d2f91dc9d973f6cb896e40be20e8a1322b11fa0131a7571e316f26b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 216.251.105.126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://216.251.105.126/
Cookie: BIGipServerCatch-All=1936325592.0.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://216.251.105.126/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 05:18:40 GMT
Last-Modified: Wed, 13 Jun 2018 22:35:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "68fc79d5663d41:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 41552

GET
H/1.1 200
OK settings.css
216.251.105.126/css/ 39 KB
39 KB 335ms
176ms Stylesheet
text/css 216.251.105.126
Northwest Nexus Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://216.251.105.126/css/settings.css
Requested by: Host: 216.251.105.126
URL: http://216.251.105.126/
Protocol: HTTP/1.1
Server: 216.251.105.126 Seattle, United States, ASN1982 (ASN-NWNEXUS - Northwest Nexus Inc., US),
Reverse DNS: BIGIP01.QCV.LOCAL
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d32e90e67625a7fd39a1d85256ce180f27de7a2b5e1d4c96ab156a3dcafa2100

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 216.251.105.126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://216.251.105.126/
Cookie: BIGipServerCatch-All=1936325592.0.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://216.251.105.126/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 05:18:40 GMT
Last-Modified: Wed, 13 Jun 2018 23:01:07 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "37464696a3d41:0"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 39895

GET
H/1.1 200
OK jquery.themepunch.tools.min.js Show response
216.251.105.126/js/ 108 KB
108 KB 343ms
184ms Script
application/javascript 216.251.105.126
Northwest Nexus Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://216.251.105.126/js/jquery.themepunch.tools.min.js
Requested by: Host: 216.251.105.126
URL: http://216.251.105.126/
Protocol: HTTP/1.1
Server: 216.251.105.126 Seattle, United States, ASN1982 (ASN-NWNEXUS - Northwest Nexus Inc., US),
Reverse DNS: BIGIP01.QCV.LOCAL
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 216.251.105.126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://216.251.105.126/
Cookie: BIGipServerCatch-All=1936325592.0.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://216.251.105.126/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 05:18:40 GMT
Last-Modified: Wed, 13 Jun 2018 22:37:08 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "2a44d6f673d41:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 110564

GET
H/1.1 200
OK jquery.themepunch.revolution.min.js Show response
216.251.105.126/js/ 63 KB
64 KB 345ms
186ms Script
application/javascript 216.251.105.126
Northwest Nexus Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://216.251.105.126/js/jquery.themepunch.revolution.min.js
Requested by: Host: 216.251.105.126
URL: http://216.251.105.126/
Protocol: HTTP/1.1
Server: 216.251.105.126 Seattle, United States, ASN1982 (ASN-NWNEXUS - Northwest Nexus Inc., US),
Reverse DNS: BIGIP01.QCV.LOCAL
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8c0089569c5ceaf1e1dcfc22c2285ca01a05599563b72035bc84a2357f8ca965

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 216.251.105.126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://216.251.105.126/
Cookie: BIGipServerCatch-All=1936325592.0.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://216.251.105.126/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 05:18:40 GMT
Last-Modified: Wed, 13 Jun 2018 22:37:08 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "241d0f673d41:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 64971

GET
H/1.1 200
OK transparent.png
216.251.105.126/assets/ 71 B
316 B 161ms
161ms Image
image/png 216.251.105.126
Northwest Nexus Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://216.251.105.126/assets/transparent.png
Requested by: Host: 216.251.105.126
URL: http://216.251.105.126/
Protocol: HTTP/1.1
Server: 216.251.105.126 Seattle, United States, ASN1982 (ASN-NWNEXUS - Northwest Nexus Inc., US),
Reverse DNS: BIGIP01.QCV.LOCAL
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8ea078292393a14a8e44be139a7fa6ed09d9c650e210eccca587045239b71cab

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 216.251.105.126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://216.251.105.126/
Cookie: BIGipServerCatch-All=1936325592.0.0000
Connection: keep-alive
Cache-Control: no-cache
Referer: http://216.251.105.126/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 05:18:40 GMT
Last-Modified: Wed, 13 Jun 2018 22:33:34 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "2f38a690663d41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 71

GET
S 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118050165-1

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:810::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://216.251.105.126/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 1242
date: Wed, 15 Aug 2018 04:58:49 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 14386
expires: Wed, 15 Aug 2018 06:58:49 GMT

GET
H/1.1 200
OK revolution.extension.video.min.js Show response
75.149.175.181/revslider/public/assets/js/extensions/ 25 KB
26 KB 373ms
187ms Script
application/javascript 75.149.175.181
Comcast Cable Com...

General

Check archive.org

Show headers Download Go to

Full URL: http://75.149.175.181:81/revslider/public/assets/js/extensions/revolution.extension.video.min.js?version=5.4.7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js
Protocol: HTTP/1.1
Server: 75.149.175.181 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS: 75-149-175-181-Washington.hfc.comcastbusiness.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 4205a5b2385ab5ff14f9620dbfb9363c88a71758c5a792b14e02b61fdd1d8718

Request headers

Referer: http://216.251.105.126/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 05:19:31 GMT
Last-Modified: Sun, 27 May 2018 16:59:25 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "f8111611dcf5d31:0"
Content-Length: 25920
Content-Type: application/javascript

GET
H/1.1 200
OK revolution.extension.slideanims.min.js Show response
75.149.175.181/revslider/public/assets/js/extensions/ 29 KB
29 KB 386ms
193ms Script
application/javascript 75.149.175.181
Comcast Cable Com...

General

Check archive.org

Show headers Download Go to

Full URL: http://75.149.175.181:81/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js
Protocol: HTTP/1.1
Server: 75.149.175.181 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS: 75-149-175-181-Washington.hfc.comcastbusiness.net
Software: Microsoft-IIS/10.0 /
Resource Hash: f755d1b33621f2a2d5d9889dffa5f3e379651763b74c0070339ddc04969dc6e7

Request headers

Referer: http://216.251.105.126/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 05:19:31 GMT
Last-Modified: Sun, 27 May 2018 16:59:25 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "4cc91311dcf5d31:0"
Content-Length: 29403
Content-Type: application/javascript

GET
H/1.1 200
OK revolution.extension.layeranimation.min.js Show response
75.149.175.181/revslider/public/assets/js/extensions/ 55 KB
55 KB 384ms
192ms Script
application/javascript 75.149.175.181
Comcast Cable Com...

General

Check archive.org

Show headers Download Go to

Full URL: http://75.149.175.181:81/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js
Protocol: HTTP/1.1
Server: 75.149.175.181 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS: 75-149-175-181-Washington.hfc.comcastbusiness.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 8f013dbf5a9f40a0a5b75875c23b8de624a98bd969188c525630177fada5d9c0

Request headers

Referer: http://216.251.105.126/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 05:19:31 GMT
Last-Modified: Sun, 27 May 2018 16:59:25 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "b9f5a11dcf5d31:0"
Content-Length: 55881
Content-Type: application/javascript

GET
H/1.1 200
OK revolution.extension.navigation.min.js Show response
75.149.175.181/revslider/public/assets/js/extensions/ 25 KB
26 KB 393ms
201ms Script
application/javascript 75.149.175.181
Comcast Cable Com...

General

Check archive.org

Show headers Download Go to

Full URL: http://75.149.175.181:81/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js
Protocol: HTTP/1.1
Server: 75.149.175.181 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS: 75-149-175-181-Washington.hfc.comcastbusiness.net
Software: Microsoft-IIS/10.0 /
Resource Hash: 13c08ceceebb3494453dcf5ce86d7b6dc5ec38caa74ebd4abd162ab4764d8172

Request headers

Referer: http://216.251.105.126/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 05:19:31 GMT
Last-Modified: Sun, 27 May 2018 16:59:25 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "20481011dcf5d31:0"
Content-Length: 26105
Content-Type: application/javascript

GET
H/1.1 200
OK revolution.extension.parallax.min.js Show response
75.149.175.181/revslider/public/assets/js/extensions/ 11 KB
11 KB 394ms
202ms Script
application/javascript 75.149.175.181
Comcast Cable Com...

General

Check archive.org

Show headers Download Go to

Full URL: http://75.149.175.181:81/revslider/public/assets/js/extensions/revolution.extension.parallax.min.js?version=5.4.7
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js
Protocol: HTTP/1.1
Server: 75.149.175.181 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS: 75-149-175-181-Washington.hfc.comcastbusiness.net
Software: Microsoft-IIS/10.0 /
Resource Hash: aebdbd244c4c723e6edd8f066613073522cfe98af3309937659f19e2216c6ddb

Request headers

Referer: http://216.251.105.126/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 05:19:31 GMT
Last-Modified: Sun, 27 May 2018 16:59:25 GMT
Server: Microsoft-IIS/10.0
Accept-Ranges: bytes
ETag: "c3f51111dcf5d31:0"
Content-Length: 10933
Content-Type: application/javascript

GET
S 200 collect
www.google-analytics.com/r/ 35 B
101 B 13ms
13ms Image
image/gif 2a00:1450:4001:810::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=2009276396&t=pageview&_s=1&dl=http%3A%2F%2F216.251.105.126%2F&ul=en-us&de=UTF-8&dt=Quilceda%20Creek%20Winery%20-%20Dedicated%20to%20world-class%20Washington%20State%20Cabernet%20Sauvignon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1175417177&gjid=1329373436&cid=2038678312.1534310372&tid=UA-118050165-1&_gid=1769930681.1534310372&_r=1&gtm=u86&z=1349111599

Requested by

Host: 216.251.105.126
URL: http://216.251.105.126/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:810::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://216.251.105.126/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Aug 2018 05:19:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK b3c7c-gray-page.jpg
216.251.105.126/assets/ 27 KB
27 KB 172ms
172ms Image
image/jpeg 216.251.105.126
Northwest Nexus Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://216.251.105.126/assets/b3c7c-gray-page.jpg
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.js
Protocol: HTTP/1.1
Server: 216.251.105.126 Seattle, United States, ASN1982 (ASN-NWNEXUS - Northwest Nexus Inc., US),
Reverse DNS: BIGIP01.QCV.LOCAL
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1c02eaf73fe99b216a346b9521ad2bb99be55c7e6ef4a5b32e1fb5f1864af3ec

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 216.251.105.126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://216.251.105.126/
Cookie: BIGipServerCatch-All=1936325592.0.0000; _ga=GA1.1.2038678312.1534310372; _gid=GA1.1.1769930681.1534310372; _gat_gtag_UA_118050165_1=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://216.251.105.126/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 15 Aug 2018 05:18:42 GMT
Last-Modified: Wed, 13 Jun 2018 22:33:34 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "d9d39890663d41:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 27540

GET
H/1.1 206
Partial Content 2b2de-Quilceda_Creek_Web_Intro_TwoLines-3.mp4
216.251.105.126/assets/ 2 MB
0 169ms
169ms Media
video/mp4 216.251.105.126
Northwest Nexus Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://216.251.105.126/assets/2b2de-Quilceda_Creek_Web_Intro_TwoLines-3.mp4
Protocol: HTTP/1.1
Server: 216.251.105.126 Seattle, United States, ASN1982 (ASN-NWNEXUS - Northwest Nexus Inc., US),
Reverse DNS: BIGIP01.QCV.LOCAL
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: identity;q=1, *;q=0
Host: 216.251.105.126
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
chrome-proxy: frfr
Accept: */*
Cache-Control: no-cache
Referer: http://216.251.105.126/
Cookie: BIGipServerCatch-All=1936325592.0.0000; _ga=GA1.1.2038678312.1534310372; _gid=GA1.1.1769930681.1534310372; _gat_gtag_UA_118050165_1=1
Connection: keep-alive
Range: bytes=0-
Referer: http://216.251.105.126/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range: bytes=0-
chrome-proxy: frfr

Response headers

Date: Wed, 15 Aug 2018 05:18:42 GMT
Last-Modified: Wed, 13 Jun 2018 22:33:34 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "e7a68590663d41:0"
Content-Type: video/mp4
Content-Range: bytes 0-5289478/5289479
Accept-Ranges: bytes
Content-Length: 5289479

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer function| $ function| jQuery object| google_tag_manager string| GoogleAnalyticsObject function| ga undefined| oldgs object| punchgs object| _gsScope undefined| oldgs_queue undefined| GreenSockGlobals undefined| _gsQueue function| setREVStartSize object| revapi4 function| tpj object| gaplugins object| gaGlobal object| gaData object| jQuery1111041821497277093167

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			216.251.105.126/	1970-01-18 18:13:16	Name: _gid Value: GA1.1.1769930681.1534310372
			216.251.105.126/	1970-01-19 11:43:02	Name: _ga Value: GA1.1.2038678312.1534310372
			216.251.105.126/	1970-01-18 18:11:50	Name: _gat_gtag_UA_118050165_1 Value: 1
			216.251.105.126/	1969-12-31 23:59:59	Name: BIGipServerCatch-All Value: 1936325592.0.0000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
www.google-analytics.com
www.googletagmanager.com
216.251.105.126
2a00:1450:4001:810::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:81f::200a
75.149.175.181
13c08ceceebb3494453dcf5ce86d7b6dc5ec38caa74ebd4abd162ab4764d8172
1c02eaf73fe99b216a346b9521ad2bb99be55c7e6ef4a5b32e1fb5f1864af3ec
2121cf9366471712b8e93a1556848845b41507038288a68a667858d7a6a1178d
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
4205a5b2385ab5ff14f9620dbfb9363c88a71758c5a792b14e02b61fdd1d8718
576bd100891d999c060b2cbc2849316f3bb019f53efbc9e12b5f748b565680e1
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
664f74461d2f91dc9d973f6cb896e40be20e8a1322b11fa0131a7571e316f26b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
880f6d5d553bbf6571523f2d036b9cbf0bcffe9a15fcbe9826adf11e2c0de9cc
8c0089569c5ceaf1e1dcfc22c2285ca01a05599563b72035bc84a2357f8ca965
8ea078292393a14a8e44be139a7fa6ed09d9c650e210eccca587045239b71cab
8f013dbf5a9f40a0a5b75875c23b8de624a98bd969188c525630177fada5d9c0
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8
aebdbd244c4c723e6edd8f066613073522cfe98af3309937659f19e2216c6ddb
d32e90e67625a7fd39a1d85256ce180f27de7a2b5e1d4c96ab156a3dcafa2100
f755d1b33621f2a2d5d9889dffa5f3e379651763b74c0070339ddc04969dc6e7