ashlandggil.xyz Open in urlscan Pro
2606:4700:3031::ac43:dbc5 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ashlandggil.xyz/we--transfer/wetransfer
Effective URL:
https://ashlandggil.xyz/we--transfer/wetransfer/
Submission: On March 20 via automatic, source openphish (March 20th 2021, 1:13:45 am UTC)

Summary HTTP 29 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 29 HTTP transactions. The main IP is 2606:4700:3031::ac43:dbc5, located in United States and belongs to CLOUDFLARENET, US. The main domain is ashlandggil.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 15th 2021. Valid for: a year.

This is the only time ashlandggil.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WeTransfer (Online)

Domain & IP information

	IP Address	AS Autonomous System
3 19	2606:4700:303... 2606:4700:3031::ac43:dbc5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:218... 2600:9000:2182:4e00:6:bbf2:440:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
3	13.226.159.19 13.226.159.19	16509 (AMAZON-02) (AMAZON-02)
2	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
4	52.209.54.230 52.209.54.230	16509 (AMAZON-02) (AMAZON-02)
2	54.210.89.192 54.210.89.192	14618 (AMAZON-AES) (AMAZON-AES)
29	7

19 2606:4700:3031::ac43:dbc5 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ashlandggil.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:4e00:6:bbf2:440:21 (United States)

ASN16509 (AMAZON-02, US)

d19ptbnuzhibkh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.226.159.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-19.dus51.r.cloudfront.net

prod-cdn.wetransfer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.209.54.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-54-230.eu-west-1.compute.amazonaws.com

snowplow.wetransfer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.210.89.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-89-192.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	ashlandggil.xyz 3 redirects ashlandggil.xyz	466 KB
4	wetransfer.com snowplow.wetransfer.com	675 B
4	launchdarkly.com app.launchdarkly.com events.launchdarkly.com	684 B
3	wetransfer.net prod-cdn.wetransfer.net	294 KB
1	googletagmanager.com www.googletagmanager.com	44 KB
1	cloudfront.net d19ptbnuzhibkh.cloudfront.net	30 KB
29	6

	Domain	Requested by
19	ashlandggil.xyz	3 redirects ashlandggil.xyz
4	snowplow.wetransfer.com	d19ptbnuzhibkh.cloudfront.net
3	prod-cdn.wetransfer.net	ashlandggil.xyz
2	events.launchdarkly.com	ashlandggil.xyz
2	app.launchdarkly.com	ashlandggil.xyz
1	www.googletagmanager.com	ashlandggil.xyz
1	d19ptbnuzhibkh.cloudfront.net	ashlandggil.xyz
29	7

This site contains links to these domains. Also see Links.

Domain
wetransfer.zendesk.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-15` - `2022-03-14`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
wetransfer.net Amazon	`2020-08-11` - `2021-09-10`	a year	crt.sh
c3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-09` - `2021-04-20`	a month	crt.sh
snowplow.wetransfer.com Amazon	`2020-05-16` - `2021-06-16`	a year	crt.sh
events.launchdarkly.com Amazon	`2020-10-19` - `2021-11-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ashlandggil.xyz/we--transfer/wetransfer/
Frame ID: 7A239532F1F535ECB43B59C84F86D61E
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ashlandggil.xyz/we--transfer/wetransfer HTTP 301
https://ashlandggil.xyz/we--transfer/wetransfer HTTP 301
http://ashlandggil.xyz/we--transfer/wetransfer/ HTTP 301
https://ashlandggil.xyz/we--transfer/wetransfer/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

29
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

832 kB
Transfer

3271 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wetransfer.zendesk.com/
Title: help center

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ashlandggil.xyz/we--transfer/wetransfer HTTP 301
https://ashlandggil.xyz/we--transfer/wetransfer HTTP 301
http://ashlandggil.xyz/we--transfer/wetransfer/ HTTP 301
https://ashlandggil.xyz/we--transfer/wetransfer/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ashlandggil.xyz/we--transfer/wetransfer/
Redirect Chain

http://ashlandggil.xyz/we--transfer/wetransfer
https://ashlandggil.xyz/we--transfer/wetransfer
http://ashlandggil.xyz/we--transfer/wetransfer/
https://ashlandggil.xyz/we--transfer/wetransfer/

110 KB
30 KB

222ms
222ms

Document
text/html

2606:4700:3031::ac43:dbc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ashlandggil.xyz/we--transfer/wetransfer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dbc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c0fa42bc743a6f9fe4a1a39e0560ec4bb41855c75527236724d86d0c3f7154

Request headers

:method: GET
:authority: ashlandggil.xyz
:scheme: https
:path: /we--transfer/wetransfer/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dba629cada48d787cda902041034fe9921616202808
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:28 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
cf-request-id: 08eecad5460000d6b5c8a6e000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=33izauZwYuigSitqrrBImJy4osbmbqcYS9Vc1IJZQUBZSON0xMl6TjiblqGxGRK5AsH7BHeKuWxvnJZTbl%2Bh8KPnrkBMoDqPCU2ssgGoR7TkS%2BVxkx3TMFxd0cY%3D"}],"max_age":604800,"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 632b14020eb2d6b5-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Sat, 20 Mar 2021 01:13:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 20 Mar 2021 02:13:28 GMT
Location: https://ashlandggil.xyz/we--transfer/wetransfer/
cf-request-id: 08eecad53b00000eb77dacb000000001
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F1UcNLc%2FTo1cNtgNrmZ5aI4ewkqgBLiXc8SCMDGz7C88zf2gawhMy8d2aPAuGiy5oVuuEPU%2Bi3c0HEoc%2BkBWUMqfTPrKamVZOT3As%2B2TDgaScLDf5s2eW0dyxbE%3D"}]}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 632b1401f88c0eb7-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-1.11.1.min.js Show response
ashlandggil.xyz/we--transfer/wetransfer/js/ 94 KB
32 KB 18ms
17ms Script
application/javascript 2606:4700:3031::ac43:dbc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ashlandggil.xyz/we--transfer/wetransfer/js/jquery-1.11.1.min.js
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dbc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 Aug 2017 19:10:12 GMT
server: cloudflare
age: 3384
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=L%2BCndnu04u31bDE%2FVxW7GkehmWxDYX4My8sQSXfSWyCKIZZUfhaUNOfJJxITBI8ZqPIwgJC38nv88Gex4JUpKzn9QfY3jtXsMNUJDf%2B1eHrqz2I3PxdlUMZIn68%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 632b14037f5ad6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eecad6280000d6b5b48ad000000001

GET
H2 200 application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css
ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/ 412 KB
47 KB 22ms
22ms Stylesheet
text/css 2606:4700:3031::ac43:dbc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dbc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f41beb763cb6090a1a03af51eb06254ab8d1b23d5f755f96d984f8ee26b0fbd

Request headers

Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 22:30:20 GMT
server: cloudflare
age: 3384
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C4msfGPOU%2FQD%2B2FX64qEppa8anXBOpX6OkdUZgcw%2FhLIn5RNU0K%2FogslDJqL9dGYvMay96U4Cahs1Q5MdIl9qwdubTia2Fb4BMZRMrp7s9z5E%2FzHT%2Far0qlZF2Y%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/css
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 632b14037f5bd6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eecad6280000d6b595a14000000001

GET
H2 200 gtm.js Show response
ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/ 100 KB
28 KB 16ms
16ms Script
application/javascript 2606:4700:3031::ac43:dbc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/gtm.js
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dbc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7042f8eaa0e9207327b2debbc576798fa59c226eee3e7b4f4e33b1dbde965fb

Request headers

Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 22:30:20 GMT
server: cloudflare
age: 3384
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XiEzm7f2s9MjTpYTo2WlYUXiJy3a%2FaBTQ4%2BiKvdVD7VL0UtClfHCXlqkME%2Fp2XxKYGRViZaefF8%2BAVoxbKTFdGnWp%2BJ%2FCCxpVegYb4WxI1Hufkx1x8EWAwLdFKQ%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 632b14039f67d6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eecad6400000d6b59090d000000001

GET
H2 200 sp.js Show response
ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/ 96 KB
28 KB 16ms
16ms Script
application/javascript 2606:4700:3031::ac43:dbc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/sp.js
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dbc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c

Request headers

Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 22:30:18 GMT
server: cloudflare
age: 3384
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eJsWFrUSJ1tKIwj1W8LkWKq%2FiHiwKo7O6iq7Fdexv33n5vU1GoVbJuXtr2H05cSd6iG7OvuUa%2FM71hiu32c2Cw1BCgOfqrxX1o3M0bLEWjCnEXXBzG9%2FnDl3VIo%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 632b1403af6dd6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eecad64e0000d6b57ba83000000001

GET
H2 404 FaktProWeb-Normal-8468a6ca1e0907b839ebc6e8899b4dd39b386b7cfa33743da1ffb30a68c924f6.woff
ashlandggil.xyz/assets/faktpro/ 0
0 218ms
217ms Font
text/html 2606:4700:3031::ac43:dbc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ashlandggil.xyz/assets/faktpro/FaktProWeb-Normal-8468a6ca1e0907b839ebc6e8899b4dd39b386b7cfa33743da1ffb30a68c924f6.woff
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dbc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://ashlandggil.xyz
Referer: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:29 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UMbzazfuHO2x%2FB62PMh1YaZQWKE4LjfUTQTaHR8kv0hqPCu7FHi%2FyLD7w2Bvyp4138AXNizSl0WMHJVGyXTZbLcJMmeuSGNBaY1igmFazt4hdt6huK4XecpseNc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 632b1403ef85d6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eecad6700000d6b5ac8b0000000001

GET
H2 404 FaktProWeb-Medium-fd3bbe8c665638bbd898d20dbf232f1bac9d2b11c31eefc006370f43ee8f1994.woff
ashlandggil.xyz/assets/faktpro/ 0
0 207ms
207ms Font
text/html 2606:4700:3031::ac43:dbc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ashlandggil.xyz/assets/faktpro/FaktProWeb-Medium-fd3bbe8c665638bbd898d20dbf232f1bac9d2b11c31eefc006370f43ee8f1994.woff
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dbc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://ashlandggil.xyz
Referer: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:29 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sx%2FMWpLtFvTTq1atltIbAmtNftErpEbaGzMGZEm1kxYrREoj2JE3XZNK662N6Dz4UqOcXSUNJZiB45bU9iOZRM67Sf6hY9Bs8HbQapH6OurLpwueEM6QC6Vyovs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 632b1403ef86d6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eecad6700000d6b5ba35f000000001

GET
H2 404 FreightSans-Pro-Medium-688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad.woff
ashlandggil.xyz/assets/freightsans/ 0
0 254ms
254ms Font
text/html 2606:4700:3031::ac43:dbc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ashlandggil.xyz/assets/freightsans/FreightSans-Pro-Medium-688ccadb090cbe2e1fabae9933cd09d9fd9d0613099b04c8dda35afdae6f51ad.woff
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dbc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://ashlandggil.xyz
Referer: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:29 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DRjELqbzvyVqfO%2FCGx3tWjuegVh3HiT8owH%2BUvShQ3OVn4KRX%2BxKJ%2FNmxC91s%2Ft0w7HWEfB9aazrXIhyyZ7ubXUhVKmGoO%2BAMP%2FO51RBqs90P%2FMMkSTY2Robi1w%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 632b1403ef87d6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eecad6710000d6b5e49ac000000001

GET
H2 200 en-2313565c426a00e15f6743258e5edf14414421a2319b7d8b5c77edd819.js Show response
ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/ 126 KB
30 KB 17ms
17ms Script
application/javascript 2606:4700:3031::ac43:dbc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/en-2313565c426a00e15f6743258e5edf14414421a2319b7d8b5c77edd819.js
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dbc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2313565c426a00e15f6743258e5edf14414421a2319b7d8b5c77edd81918a1e7

Request headers

Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 22:30:20 GMT
server: cloudflare
age: 3385
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fPKxnKf8riL4xOkn5b9t9ZsAlnLcjaiboJch7HTJ7NnhpndrMF4I6VoM%2BfwlqUtko7agOHdG2j75XV%2FCkCcw14G7KGlMjSvD5bJ4%2FR87FaaqimbGzYHcLhYCHyg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 632b1405b8a4d6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eecad7920000d6b5dba4c000000001

GET
H2 404 FaktCyrWeb-Normal-0038c5aa5c3243bb2995139e9aeb9519f62f098d0e0f7fab6c8b655a292d857d.woff
ashlandggil.xyz/assets/faktpro/ 0
0 207ms
207ms Font
text/html 2606:4700:3031::ac43:dbc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ashlandggil.xyz/assets/faktpro/FaktCyrWeb-Normal-0038c5aa5c3243bb2995139e9aeb9519f62f098d0e0f7fab6c8b655a292d857d.woff
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dbc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://ashlandggil.xyz
Referer: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:29 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KrCNRBUFV%2BMQBxSnA7I5UQCYUE4Pil093svdElhhWlVkXqWDVx4dpenBXx47ZYqx0V2VaWQcGV2ArLh0amaRFDZwX8Jwz%2BJz2bGp%2FS7AYI3iHR7rIDnMF7VCulI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 632b1405e8c2d6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eecad7ac0000d6b5ac8b9000000001

GET
H2 200 advertising-af72fc2e53268ff36ec4fb73e4dd756c514c393eaf213d8c2.js Show response
ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/ 346 B
510 B 17ms
16ms Script
application/javascript 2606:4700:3031::ac43:dbc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/advertising-af72fc2e53268ff36ec4fb73e4dd756c514c393eaf213d8c2.js
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dbc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af72fc2e53268ff36ec4fb73e4dd756c514c393eaf213d8c2dbe527c72494405

Request headers

Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 22:30:20 GMT
server: cloudflare
age: 3385
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YMz37Gb%2B1OckhARtJbvZfbU33W%2FGj2V1DjKqqCzYwO60MzA3wu9UPb1qqb7j%2B4k08xOywYSoFoUsZczZHbjRmM40UinGX1ne1DXC8ybSj8tsVfjpTaOaNXjnMyk%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 632b140618ead6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eecad7ce0000d6b58a185000000001

GET
H2 200 runtime.js Show response
ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/ 6 KB
3 KB 16ms
15ms Script
application/javascript 2606:4700:3031::ac43:dbc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/runtime.js
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dbc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faca76279db9a9c8ce14e8038b244f518ab12c4fa9dc1618cb7e4f4eb81be925

Request headers

Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 22:30:20 GMT
server: cloudflare
age: 3385
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yAI%2Ff7%2BIuCj7ojVldRUBMTk62P36WablHslg3JTtfuT3FRWlr%2F9eMrHRWPP7YyhXYtfZcjeayMpe5DYW0DR%2Bc54EgY%2FQsoz%2B7yhznoWnfYARSsf2DBVOh2GO9u0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 632b140618ebd6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eecad7cf0000d6b59fb8b000000001

GET
H2 200 vendor.js Show response
ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/ 431 KB
126 KB 35ms
34ms Script
application/javascript 2606:4700:3031::ac43:dbc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/vendor.js
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dbc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4db429a101e237635a1724010425d3883c599bc8b6a0f9cd250cbac4fa044698

Request headers

Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 22:30:20 GMT
server: cloudflare
age: 3385
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aWlczQ0L4zElZZcWdYMaAD5eerzXfzQL%2FI5L8vQZLkyPv0nFEZntH1WOObJvP7AGg8Ebrg7aLvUdC33zQ5FoHAEtq7FZ0TFb8GNNjqQXicQuavmhLYq6munEsso%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 632b140618ecd6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eecad7cf0000d6b595a1f000000001

GET
H2 200 application.js Show response
ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/ 590 KB
139 KB 39ms
39ms Script
application/javascript 2606:4700:3031::ac43:dbc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/application.js
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dbc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80d7739c0431b682bc199a173389da24543ab017afdea3a1ad6e0103ef4cb3e0

Request headers

Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Apr 2020 22:30:20 GMT
server: cloudflare
age: 3385
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tz%2B8j9C7JIewgAcasvBmSk1bKg0NcoflkY%2FQXNPS0LlX8ort0swj6%2FncDsKGXf6jmcmdM2iy3VknOALx0Y6XxGGTSb2JyzjqOUHQjXtO7PhMyyUbQCTKREejuZU%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 632b140618eed6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eecad7cf0000d6b5ba369000000001

GET
H2 200 sp.js Show response
d19ptbnuzhibkh.cloudfront.net/2.10.2/ 96 KB
30 KB 57ms
26ms Script
application/javascript 2600:9000:2182:4e00:6:bbf2:440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:4e00:6:bbf2:440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c

Request headers

Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 01:42:41 GMT
content-encoding: gzip
last-modified: Tue, 30 Apr 2019 15:14:08 GMT
server: AmazonS3
age: 3799849
etag: "c7b65b3f4e8761897af9a3ca5d76682e"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 29895
x-amz-cf-id: AvokNhaor8OGdsx6R4M6gOd2SuD-r_24AZlePQB1bMPjoyV3FAi7Ag==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 186 KB
44 KB 31ms
28ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9N5GP

Requested by

Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5866aa143a3b956f3bf0d6a342769ca096f270644d7fc19a3ae3a8fe96a4463d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44953
x-xss-protection: 0
last-modified: Sat, 20 Mar 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 20 Mar 2021 01:13:29 GMT

GET
H2 200 runtime.es6-ac59e53254ef675b7b3a.js Show response
prod-cdn.wetransfer.net/assets/ 6 KB
3 KB 172ms
62ms Script
application/javascript 13.226.159.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/assets/runtime.es6-ac59e53254ef675b7b3a.js
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: faca76279db9a9c8ce14e8038b244f518ab12c4fa9dc1618cb7e4f4eb81be925

Request headers

Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:16:43 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 15:18:31 GMT
server: AmazonS3
age: 2537807
etag: W/"1a97ae072343df373051311fb148f209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: AMq7x3S5CdsnDyYHpCJKHzTpwxNTVyYIvcdqq387XWt_k5Jlkfs6lA==

OPTIONS
H2 200 5b82f23280914154b163996e
app.launchdarkly.com/sdk/goals/ 0
0 183ms
50ms Preflight 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/goals/5b82f23280914154b163996e
Protocol: H2
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-launchdarkly-user-agent
Origin: https://ashlandggil.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 300
allow: GET, OPTIONS, HEAD
content-encoding: gzip
ld-region: us-east-1
accept-ranges: bytes
date: Sat, 20 Mar 2021 01:13:29 GMT
via: 1.1 varnish
x-served-by: cache-hhn4082-HHN
x-cache: HIT
x-cache-hits: 45
x-timer: S1616202810.586924,VS0,VE0
vary: Accept-Encoding
age: 0
content-length: 23

GET
H2 200 5b82f23280914154b163996e Show response
app.launchdarkly.com/sdk/goals/ 2 B
175 B 42ms
41ms XHR
application/json 151.101.114.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/goals/5b82f23280914154b163996e
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/vendor.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

X-LaunchDarkly-User-Agent: JSClient/2.9.7
Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:29 GMT
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
access-control-max-age: 300
content-length: 26
x-served-by: cache-hhn4082-HHN
access-control-allow-origin: *
ld-region: us-east-1
x-timer: S1616202810.638506,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
via: 1.1 varnish
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version
x-cache-hits: 66

OPTIONS
H2 200 tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 0
0 207ms
62ms Preflight 52.209.54.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Server: 52.209.54.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-54-230.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ashlandggil.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 20 Mar 2021 01:13:29 GMT
content-length: 0
access-control-allow-origin: https://ashlandggil.xyz
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

POST
H2 200 tp2 Show response
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 2 B
338 B 195ms
64ms XHR
text/plain 52.209.54.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d19ptbnuzhibkh.cloudfront.net
URL: https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.54.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-54-230.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://ashlandggil.xyz
date: Sat, 20 Mar 2021 01:13:29 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

GET
H2 404 FaktGrkWeb-Normal-9e5daf8f10b7da71bbd3309ebb7c95657cf2e585986d1512700d1c1bec005507.woff
ashlandggil.xyz/assets/faktpro/ 0
0 211ms
210ms Font
text/html 2606:4700:3031::ac43:dbc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ashlandggil.xyz/assets/faktpro/FaktGrkWeb-Normal-9e5daf8f10b7da71bbd3309ebb7c95657cf2e585986d1512700d1c1bec005507.woff
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dbc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://ashlandggil.xyz
Referer: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:29 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bAjL7n1wY0HYMp%2FuYGvxHXqcB1JdviWNRpST9nkIFd6nMOfsgGOCKWLvw8lszXFlpA0TKVwiGSUXVXl%2BTj5eaLKRv5BJN6xZsccZtoeXaYtvdsFUDKHuty%2Fl4Gc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 632b1407d9d9d6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eecad8e90000d6b58689e000000001

GET
H2 404 FaktGrkWeb-Medium-8eb863415ca103c7f90b369e54e6be4786c90c30a06ce32f3dca803206bf74dd.woff
ashlandggil.xyz/assets/faktpro/ 0
0 217ms
217ms Font
text/html 2606:4700:3031::ac43:dbc5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ashlandggil.xyz/assets/faktpro/FaktGrkWeb-Medium-8eb863415ca103c7f90b369e54e6be4786c90c30a06ce32f3dca803206bf74dd.woff
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:dbc5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Origin: https://ashlandggil.xyz
Referer: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/application-ffd6efb7b2530beeece94217dfa5dc1a623d01ada25cb785.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 01:13:29 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a270%2F5GXWXsM2qGwDJ%2Bd9B%2FFLxWhFLsgWQZlLeKUf3az1FJ4no%2BbXolRIRXdNECL4Sm8WPzerBFF3%2FuoLoe5AdhkHYlJMxjJjL55uVmlGBb%2F4tPPRe2tK6G%2F7nE%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 632b1407e9e2d6b5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08eecad8f20000d6b5ec953000000001

GET
H2 200 vendor.es6-585a00bcc230b087ea19.js Show response
prod-cdn.wetransfer.net/assets/ 431 KB
135 KB 69ms
68ms Script
application/javascript 13.226.159.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/assets/vendor.es6-585a00bcc230b087ea19.js
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4db429a101e237635a1724010425d3883c599bc8b6a0f9cd250cbac4fa044698

Request headers

Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:16:43 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 15:18:32 GMT
server: AmazonS3
age: 2537807
etag: W/"1076d11bbda0b49d3f90c198dad91ee6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: x3KMnYika-TNjvqGsupc0sg35co4Ow-R7O3vp2L0GsTtn3NjGiszBg==

GET
H2 200 application.es6-b7e72666d3b85babd76f.js Show response
prod-cdn.wetransfer.net/assets/ 590 KB
155 KB 64ms
63ms Script
application/javascript 13.226.159.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-cdn.wetransfer.net/assets/application.es6-b7e72666d3b85babd76f.js
Requested by: Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-19.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80d7739c0431b682bc199a173389da24543ab017afdea3a1ad6e0103ef4cb3e0

Request headers

Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:16:43 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 15:18:28 GMT
server: AmazonS3
age: 2537807
etag: W/"4c927286358cd81860c936931d242a6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Nkmw1PnKFWW72DhX_mj6CX-ZFjaG0WYZchfxpQkRrXScX1tTa1h52Q==

OPTIONS
H2 200 tp2
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 0
0 63ms
62ms Preflight 52.209.54.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Server: 52.209.54.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-54-230.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://ashlandggil.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 20 Mar 2021 01:13:29 GMT
content-length: 0
access-control-allow-origin: https://ashlandggil.xyz
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.1.12

POST
H2 200 tp2 Show response
snowplow.wetransfer.com/com.snowplowanalytics.snowplow/ 2 B
337 B 65ms
65ms XHR
text/plain 52.209.54.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://snowplow.wetransfer.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: d19ptbnuzhibkh.cloudfront.net
URL: https://d19ptbnuzhibkh.cloudfront.net/2.10.2/sp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.54.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-54-230.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.12 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://ashlandggil.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://ashlandggil.xyz
date: Sat, 20 Mar 2021 01:13:30 GMT
access-control-allow-credentials: true
server: akka-http/10.1.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 2
content-type: text/plain; charset=UTF-8

OPTIONS
H/1.1 204
No Content 5b82f23280914154b163996e
events.launchdarkly.com/events/bulk/ 0
0 406ms
135ms Preflight
application/json 54.210.89.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5b82f23280914154b163996e

Protocol

HTTP/1.1

Server

54.210.89.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-210-89-192.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-user-agent
Origin: https://ashlandggil.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 20 Mar 2021 01:13:32 GMT
Content-Type: application/json
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date
Access-Control-Max-Age: 300
Strict-Transport-Security: max-age=31536000

POST
H/1.1 202
Accepted 5b82f23280914154b163996e Show response
events.launchdarkly.com/events/bulk/ 0
509 B 294ms
294ms XHR
application/json 54.210.89.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5b82f23280914154b163996e

Requested by

Host: ashlandggil.xyz
URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/vendor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.210.89.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-210-89-192.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ashlandggil.xyz/
X-LaunchDarkly-Event-Schema: 3
X-LaunchDarkly-User-Agent: JSClient/2.9.7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 20 Mar 2021 01:13:32 GMT
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper
Content-Length: 0
Access-Control-Expose-Headers: Date

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WeTransfer (Online)

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ashlandggil.xyz/	1970-01-19 16:56:44	Name: _wt_snowplowses.c987 Value: *
.ashlandggil.xyz/	1970-01-20 10:27:54	Name: _wt_snowplowid.c987 Value: 833d0926-87d8-4218-b2dd-60d1e40c6579.1616202809.1.1616202810.1616202809.4380e8a1-375c-4b57-8fac-122964308279
.ashlandggil.xyz/	1970-01-19 17:39:54	Name: __cfduid Value: dba629cada48d787cda902041034fe9921616202808

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://ashlandggil.xyz/we--transfer/wetransfer/WeTransfer2_files/vendor.js(Line 11) Message: TrackJS: agent must be installed

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
ashlandggil.xyz
d19ptbnuzhibkh.cloudfront.net
events.launchdarkly.com
prod-cdn.wetransfer.net
snowplow.wetransfer.com
www.googletagmanager.com
13.226.159.19
151.101.114.217
2600:9000:2182:4e00:6:bbf2:440:21
2606:4700:3031::ac43:dbc5
2a00:1450:4001:827::2008
52.209.54.230
54.210.89.192
2313565c426a00e15f6743258e5edf14414421a2319b7d8b5c77edd81918a1e7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
4db429a101e237635a1724010425d3883c599bc8b6a0f9cd250cbac4fa044698
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5866aa143a3b956f3bf0d6a342769ca096f270644d7fc19a3ae3a8fe96a4463d
61c0fa42bc743a6f9fe4a1a39e0560ec4bb41855c75527236724d86d0c3f7154
6f41beb763cb6090a1a03af51eb06254ab8d1b23d5f755f96d984f8ee26b0fbd
80d7739c0431b682bc199a173389da24543ab017afdea3a1ad6e0103ef4cb3e0
af72fc2e53268ff36ec4fb73e4dd756c514c393eaf213d8c2dbe527c72494405
d7042f8eaa0e9207327b2debbc576798fa59c226eee3e7b4f4e33b1dbde965fb
d9a9b2a15666ace13ce304e0a34baaa8a82ce5bc9d01480872869c9871dc552c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
faca76279db9a9c8ce14e8038b244f518ab12c4fa9dc1618cb7e4f4eb81be925

ashlandggil.xyz Open in urlscan Pro 2606:4700:3031::ac43:dbc5 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

100 %HTTPS

43 %IPv6

6 Domains

7 Subdomains

7 IPs

3 Countries

832 kBTransfer

3271 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ashlandggil.xyz Open in urlscan Pro
2606:4700:3031::ac43:dbc5 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

832 kB
Transfer

3271 kB
Size

3
Cookies

29 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!