ufabethost.com Open in urlscan Pro
2606:4700:3031::ac43:89c7 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ufabethost.com/-/area_client/-/?entity=7735524
Effective URL:
https://ufabethost.com/-/area_client/-/default.php?id=hCkEzU
Submission: On February 20 via manual (February 20th 2023, 7:35:46 am UTC) from IN — Scanned from DE

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3031::ac43:89c7, located in United States and belongs to CLOUDFLARENET, US. The main domain is ufabethost.com.
TLS certificate: Issued by GTS CA 1P5 on January 5th 2023. Valid for: 3 months.

This is the only time ufabethost.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: National Bank of Greece (Banking)

Domain & IP information

	IP Address	AS Autonomous System
2 19	2606:4700:303... 2606:4700:3031::ac43:89c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	() ()
1	2606:4700::68... 2606:4700::6810:5614	() ()
1	2606:4700::68... 2606:4700::6811:180e	() ()
39	7

19 2606:4700:3031::ac43:89c7 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ufabethost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (None, )

ASN- ()

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (None, )

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (None, )

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	ufabethost.com 2 redirects ufabethost.com	126 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	383 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2	78 KB
1	cloudflare.com cdnjs.cloudflare.com	438 KB
1	jsdelivr.net cdn.jsdelivr.net	23 KB
1	jquery.com code.jquery.com	30 KB
39	6

	Domain	Requested by
19	ufabethost.com	2 redirects ufabethost.com
6	www.google.com	ufabethost.com www.gstatic.com www.google.com
4	www.gstatic.com	www.google.com www.gstatic.com
2	fonts.gstatic.com	www.google.com
1	cdnjs.cloudflare.com	ufabethost.com
1	cdn.jsdelivr.net	ufabethost.com
1	code.jquery.com	ufabethost.com
39	7

This site contains no links.

Subject Issuer	Validity	Valid
*.ufabethost.com GTS CA 1P5	`2023-01-05` - `2023-04-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://ufabethost.com/-/area_client/-/default.php?id=hCkEzU
Frame ID: 0DA44CF406B431D1F7D69320622C5F6E
Requests: 29 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfJE4gkAAAAAHZi_2MfvuLChXvflhklGm5wKXit&co=aHR0cHM6Ly91ZmFiZXRob3N0LmNvbTo0NDM.&hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=3yasrnne5mmg
Frame ID: 0B275AA63CF191724E6A402E2F7AFE62
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ufabethost.com/-/area_client/-/?entity=7735524 HTTP 301
https://ufabethost.com/-/area_client/-/?entity=7735524 Page URL
https://ufabethost.com/-/area_client/-/includes/unlock.php HTTP 302
https://ufabethost.com/-/area_client/-/default.php?id=hCkEzU Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

39
Requests

82 %
HTTPS

100 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1078 kB
Transfer

3201 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ufabethost.com/-/area_client/-/?entity=7735524 HTTP 301
https://ufabethost.com/-/area_client/-/?entity=7735524 Page URL
https://ufabethost.com/-/area_client/-/includes/unlock.php HTTP 302
https://ufabethost.com/-/area_client/-/default.php?id=hCkEzU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ufabethost.com/-/area_client/-/?entity=7735524 HTTP 301
https://ufabethost.com/-/area_client/-/?entity=7735524

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
ufabethost.com/-/area_client/-/
Redirect Chain

http://ufabethost.com/-/area_client/-/?entity=7735524
https://ufabethost.com/-/area_client/-/?entity=7735524

2 KB
1 KB

2385ms
2298ms

Document
text/html

2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufabethost.com/-/area_client/-/?entity=7735524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ed4ade9da25c46ce3a33ee6a7397a6e3a0d725032c33a9a22e6059778f602ae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79c591172a788fe2-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 20 Feb 2023 07:35:41 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKOPOce7SZcAgqoL8zfMnFHrs0pstvGBFTlG6GGAv61F1WQ7RAQRLGoEZSOHChaMXU0tS52OBe%2FUGQAHIQF8pxjAopa5kBpU1LQUgzTi%2FHdNeNHUVB4DUbMUXDilVZf6xOKSxz1lc8P1%2BJRmpA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 79c591152e692bc7-FRA
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 20 Feb 2023 07:35:39 GMT
Location: https://ufabethost.com/-/area_client/-/?entity=7735524
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FucqlIIKijX7rMvaQrt6GQg2y82plQKqwdxTulms2JKzcg1YeAkHQ%2BRprzUBiA7od1mDtDKC0PqXW2TqDnh7G4dBhXghw8rRrfvGGGdqYedXj8wB34De%2FmHwprop0Iqj76yt%2B99sQCgDAyuLMA%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 loading.css
ufabethost.com/-/area_client/-/assets/css/ 198 KB
33 KB 222ms
221ms Stylesheet
text/css 2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufabethost.com/-/area_client/-/assets/css/loading.css
Requested by: Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/?entity=7735524
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eee0de974dc453065f99ef24913aad33ed87c19841d8b1269786e27378fcb53b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufabethost.com/-/area_client/-/?entity=7735524
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 22 Aug 2021 15:33:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"31997-5ca27a0734f00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DjmHoHJ3I00VprsNr6QQQ7k0D%2BIsfxhioGaEEJfqJ0p1Vp8ldN524hAwbwirzES9Sk8EuYlVPnnDa9hF2AN1u%2BaPxP2KK79jIxtSmMWLki%2BvIOF%2B4eqMsH4JK%2FVxhKABa7bpM5Q0hNC%2BW0JxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79c59125899c8fe2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
875 B 230ms
92ms Script
text/javascript 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/?entity=7735524

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

df388f138c472e8df27800daf1f88e4cb62f274c732d75aee03929a143917d6b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufabethost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 555
x-xss-protection: 1; mode=block
expires: Mon, 20 Feb 2023 07:35:41 GMT

GET
H3 200 logo.svg
ufabethost.com/-/area_client/-/assets/img/ 14 KB
5 KB 209ms
208ms Image
image/svg+xml 2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufabethost.com/-/area_client/-/assets/img/logo.svg
Requested by: Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/?entity=7735524
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7291d2136d459077949df2e28734f6307acd3b245d20e8958b07dfd81f23951

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufabethost.com/-/area_client/-/?entity=7735524
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 08 Aug 2021 19:37:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"36e0-5c9116504e580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orro6%2BeOnG5MEGCQXs3UTSow%2BZmtSe1wbuzAqxDnkjhdyh7E4rslAo6myMbhvh%2FZq91ROPENcjOaNZQbbp6ilrwBm50EI8RjYEJQ5l3TvaMv20rlTZVcZ4pPMq%2FKcA9Qc63d3zy4c7GHxF0rEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 79c5912709de90f4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 nbg-logo-full-black.svg
ufabethost.com/-/area_client/-/assets/img/ 57 KB
11 KB 208ms
208ms Image
image/svg+xml 2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufabethost.com/-/area_client/-/assets/img/nbg-logo-full-black.svg
Requested by: Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/?entity=7735524
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7583021663983a838e88f47a0721d751a51a302d45c69595780c083cd2e99909

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufabethost.com/-/area_client/-/?entity=7735524
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:42 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 08 Aug 2021 19:37:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e2ac-5c9116504e580"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nIbcIrKa8EnC%2F3SUoMgvUwd73PTv46R4ZSfBRB2HEXk7Hr717QIRz0jG%2F6fQ%2BpLAXuIF1wPzCaIjX1HwxKzYgboT5MI%2B9nFYjsh62asxxmbTQIev00UeKc4bn3iw7z9AUBLgJHkCTi5CfX45Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 79c5912709e190f4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ 408 KB
163 KB 179ms
52ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b28bda3bee08c51cf79bc36c6292f62bdf7f67038d397f1c2616641dba2cf95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ufabethost.com/
Origin: https://ufabethost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 07:04:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166784
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Feb 2024 07:04:46 GMT

GET
H3 404 PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2
ufabethost.com/-/area_client/-/assets/css/images/ 0
0 293ms
292ms Font
text/html 2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufabethost.com/-/area_client/-/assets/css/images/PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2
Requested by: Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/assets/css/loading.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ufabethost.com/-/area_client/-/assets/css/loading.css
Origin: https://ufabethost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:42 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXNhw9XWLsSoiqVGOsFZd9wEK1HuetP1h5LG2wz31vQz3QsnOLrPUOAQCwROhyP8i1jeXNZQ3DGm57h8maDzw0rUCvl5%2BubJUM%2Blv2HWV0MOlc%2FavN4WNL7tYFXau9b4Ne1VeQLpcbz8UYcC9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 79c5912719f290f4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2
ufabethost.com/-/area_client/-/assets/css/images/ 0
0 286ms
286ms Font
text/html 2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufabethost.com/-/area_client/-/assets/css/images/PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2
Requested by: Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/assets/css/loading.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ufabethost.com/-/area_client/-/assets/css/loading.css
Origin: https://ufabethost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:42 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTe3UJu%2BnTe2pZ6P9C9WHks3hAC6tjBDjKPi0D89AWSyNVg97nQONpH%2B0nF68HEgn%2B%2BaunBKDULEhOqBOpsCMQb0bRWQ1vaLQ6IGfDlVW%2FMCeW21ozSP%2Bja7lw97%2FiH6JCQfEKVoDSWUMjd63Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 79c5912719f490f4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 PFDinDisplayPro-Regular.21be48ba435316c8a4cd39438cd89083.woff
ufabethost.com/-/area_client/-/assets/css/images/ 0
0 739ms
738ms Font
text/html 2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufabethost.com/-/area_client/-/assets/css/images/PFDinDisplayPro-Regular.21be48ba435316c8a4cd39438cd89083.woff
Requested by: Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/assets/css/loading.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ufabethost.com/-/area_client/-/assets/css/loading.css
Origin: https://ufabethost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:42 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbHHjaOaGX%2Bht6prxIHk1g47Qe7ALjTJx3fXXhL6%2BEqdP3qDOv2rFqt0bvV6d%2BBVCcDVzo7HAXojKWGdgIw2hKyB1ekYcU4qfJxUHUKbCpCWpbytjKahhELNAM8Hi%2B2oOvRk008xFf9VlcY0uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 79c59128ebfb90f4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 PFDinDisplayPro-Light.9a5171a196de11651813859c360f195f.woff
ufabethost.com/-/area_client/-/assets/css/images/ 0
0 239ms
238ms Font
text/html 2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufabethost.com/-/area_client/-/assets/css/images/PFDinDisplayPro-Light.9a5171a196de11651813859c360f195f.woff
Requested by: Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/assets/css/loading.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ufabethost.com/-/area_client/-/assets/css/loading.css
Origin: https://ufabethost.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:42 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPQKIH6qr5%2FBt5a5Y1V1v4VviJBvlej12WbdBTnK%2Bvht%2Bs0qOSsMMQR7v3ZH%2BFHrfVBq8Swb2y%2FUMiYCr1K%2Bn%2FfaCSrp%2BFYyWGxs3JgPUL97jYlzzruG4gwETTjWrJ%2FpXZ562%2B%2FPQMfU9HCzZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 79c59128ec0290f4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0B27 42 KB
22 KB 104ms
103ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfJE4gkAAAAAHZi_2MfvuLChXvflhklGm5wKXit&co=aHR0cHM6Ly91ZmFiZXRob3N0LmNvbTo0NDM.&hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=3yasrnne5mmg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

26df93af62479327f6cd9121a2921554329cfa69984844a437737fbb70e6eeea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8f-sI3h16D7N4HolkVQqFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ufabethost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22549
content-security-policy: script-src 'report-sample' 'nonce-8f-sI3h16D7N4HolkVQqFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 07:35:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame 0B27 55 KB
24 KB 161ms
54ms Stylesheet
text/css 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfJE4gkAAAAAHZi_2MfvuLChXvflhklGm5wKXit&co=aHR0cHM6Ly91ZmFiZXRob3N0LmNvbTo0NDM.&hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=3yasrnne5mmg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 08:30:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 08:30:56 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/ Frame 0B27 408 KB
163 KB 158ms
52ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b28bda3bee08c51cf79bc36c6292f62bdf7f67038d397f1c2616641dba2cf95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 07:04:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166784
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 05:01:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Feb 2024 07:04:46 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0B27 2 KB
2 KB 52ms
52ms Image
image/png 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 01:14:34 GMT
x-content-type-options: nosniff
age: 368468
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 23 Feb 2023 01:14:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0B27 15 KB
15 KB 69ms
55ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 20:22:37 GMT
x-content-type-options: nosniff
age: 299585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 20:22:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0B27 15 KB
16 KB 65ms
52ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 08:57:56 GMT
x-content-type-options: nosniff
age: 340666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 08:57:56 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0B27 102 B
134 B 75ms
74ms Other
text/javascript 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c2789481eb03ebaaac567af091a3f7a9032d8387bab5062279694821d7c1aacc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfJE4gkAAAAAHZi_2MfvuLChXvflhklGm5wKXit&co=aHR0cHM6Ly91ZmFiZXRob3N0LmNvbTo0NDM.&hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=3yasrnne5mmg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 20 Feb 2023 07:35:42 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 0B27 32 KB
18 KB 123ms
123ms XHR
application/json 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfJE4gkAAAAAHZi_2MfvuLChXvflhklGm5wKXit

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3095bf6892f004892c8ea7f952a8e503668f14e7a0ebf07c0c78380059704ccd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfJE4gkAAAAAHZi_2MfvuLChXvflhklGm5wKXit&co=aHR0cHM6Ly91ZmFiZXRob3N0LmNvbTo0NDM.&hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=3yasrnne5mmg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 20 Feb 2023 07:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18685
x-xss-protection: 1; mode=block
expires: Mon, 20 Feb 2023 07:35:44 GMT

POST unlock.php
ufabethost.com/-/area_client/-/includes/ 0
0

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 0B27 32 KB
18 KB 119ms
119ms XHR
application/json 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfJE4gkAAAAAHZi_2MfvuLChXvflhklGm5wKXit

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9e55ef37b71daa298218b31bb5f11c00d35ad9d09805372a675c9ebcb1520b95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfJE4gkAAAAAHZi_2MfvuLChXvflhklGm5wKXit&co=aHR0cHM6Ly91ZmFiZXRob3N0LmNvbTo0NDM.&hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=3yasrnne5mmg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 20 Feb 2023 07:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18725
x-xss-protection: 1; mode=block
expires: Mon, 20 Feb 2023 07:35:44 GMT

POST unlock.php
ufabethost.com/-/area_client/-/includes/ 0
0

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 0B27 32 KB
18 KB 117ms
117ms XHR
application/json 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfJE4gkAAAAAHZi_2MfvuLChXvflhklGm5wKXit

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/O4xzMiFqEvA4YhWjk5t8Xuas/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

78ea49810d51f4f015fa897e1608c2e32960040f2e93c951caf65c511fa6d387

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfJE4gkAAAAAHZi_2MfvuLChXvflhklGm5wKXit&co=aHR0cHM6Ly91ZmFiZXRob3N0LmNvbTo0NDM.&hl=de&v=O4xzMiFqEvA4YhWjk5t8Xuas&size=invisible&cb=3yasrnne5mmg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 20 Feb 2023 07:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18799
x-xss-protection: 1; mode=block
expires: Mon, 20 Feb 2023 07:35:44 GMT

GET
H3

200

Primary Request default.php Show response
ufabethost.com/-/area_client/-/
Redirect Chain

https://ufabethost.com/-/area_client/-/includes/unlock.php
https://ufabethost.com/-/area_client/-/default.php?id=hCkEzU

12 KB
3 KB

230ms
228ms

Document
text/html

2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufabethost.com/-/area_client/-/default.php?id=hCkEzU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47d9fa63be365662a3b1ba978c004791f260dff22054a1653f7b63004bcbf723

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ufabethost.com
Referer: https://ufabethost.com/-/area_client/-/?entity=7735524
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79c5913d8a2b90f4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 20 Feb 2023 07:35:45 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sf2mxbQC0a4QcXPpIb7m17dqlbFt5NiH8sTRZqKs4B2Ka%2Fvbr%2BYyXWeZTCfSp5pNrZFcSxDnr8PYhF1AYPSP6f8pxvlj9zonqW6Ls3UeGAdTzSp0Po4T1W2154WryfzrCgN%2FVipZkDF0PsU1zA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79c59137bc0e90f4-FRA
content-type: text/html; charset=UTF-8
date: Mon, 20 Feb 2023 07:35:45 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: ../default.php?id=hCkEzU
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=clKBTHIWgYLFaL1lDrKZMXYc2qMU5m%2F06wctwkAq4EvDZ%2FbHipU%2BmNb9yUpw0Bhiso6uUimmpSwaM4eejsKSdTYBs%2BbGUZqFJbsxT%2BIzGbj2qug44Qpb8k8libuHqEE1EN9IlWkDPcSJEsUIDw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 style.css
ufabethost.com/-/area_client/-/assets/css/ 238 KB
36 KB 295ms
294ms Stylesheet
text/css 2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ufabethost.com/-/area_client/-/assets/css/style.css
Requested by: Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/default.php?id=hCkEzU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3afd03b9002ac810e2184558d71ff59c4888a68eb5e6efaa69bf2781b17d5ab0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufabethost.com/-/area_client/-/default.php?id=hCkEzU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 16 May 2022 06:40:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3b808-5df1b4e47e980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtJJtym4hZOSclSNAHdNhLkbRnfjfN2xZ6YgctoSoxYOUfV2kQol1nxAIoMiHDBTK2Yth53bD4WU3eQoqA9Sd1Bob5SCCT4plafCYxaA3SonIYitH5tv6hplneNaDbJLDCPakDf%2FL5J3Gr4L%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 79c5913f0ba490f4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 150ms
46ms Script
application/javascript 2001:4de0:ac18::1:a:1a

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/default.php?id=hCkEzU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufabethost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:45 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-15d84"
vary: Accept-Encoding
x-hw: 1676878545.dop223.fr8.t,1676878545.cds341.fr8.hn,1676878545.cds327.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 82 KB
23 KB 141ms
49ms Script
application/javascript 2606:4700::6810:5614

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/default.php?id=hCkEzU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufabethost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5093770
x-jsd-version: 4.5.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19163-FRA, cache-yyz4522-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkCc1rPR5u8kOieysX4Xqm1A3w54EBoMJLwRmZEBqJ63ZZstkNtLlSL8O4LCeMZ0Kvs2NHDsKL1c8AnVZfZ9WuCWvQeXsY3TO7fc%2BB7k7k%2B8WFyLFaXkaCwp4RJiNMif9O0QZN7ACTMywoP5fWI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 79c5913f8aac2bfc-FRA

GET
H2 200 all.min.js Show response
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/js/ 1 MB
438 KB 151ms
48ms Script
application/javascript 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0/js/all.min.js

Requested by

Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/default.php?id=hCkEzU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

75ca5d1ab7947e7c19b4914a8ebaf31f5ef8547fee7fe3c4b49125fa9159fee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufabethost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 367026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 447131
last-modified: Mon, 07 Feb 2022 21:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "620188b3-6d29b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KkRxtax5I7IbLeG9uC%2BuzAq0%2BNGHlzHcuHxPhB7fgHJH8ZH%2BGAhBwE7g69gQYW5UBeWLviR5kYP5h5Z6LC%2FdF6GVmZLFq6uvCAwnBIdsoPh6N5bf9KFyi7HGRjWi%2Fjh29lwH6UV2ILztftxvw6Tqozfz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79c5913faf529b3f-FRA
expires: Sat, 10 Feb 2024 07:35:45 GMT

GET
H3 200 login-logo.el.png
ufabethost.com/-/area_client/-/assets/img/ 26 KB
27 KB 262ms
261ms Image
image/png 2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufabethost.com/-/area_client/-/assets/img/login-logo.el.png
Requested by: Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/default.php?id=hCkEzU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 909457e7d2ab71d52c2fa3386917fee5031be62e179b01804940a6cc9f5d61ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufabethost.com/-/area_client/-/default.php?id=hCkEzU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:46 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 14 Jul 2021 19:28:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "691b-5c71a5aeb4b00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJMUZoLu9s%2FaEIJ3IB5TKvV9kPN9EXcPD7U2qfGBwEcrKl3fzGYyP1uN3rLcPSZnM80lEnJlC80c81%2FzOxD1gRMC7Ac0wmIups12LGdEVTaIrP6nVS5jT6v%2FdGZHY5cbp4NT6kMzz0U6kO0G0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 79c59140ed9790f4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26907

GET login-retail.4b5338cdd40e01d7a961e2e0f5429f77.jpg
ufabethost.com/-/area_client/-/assets/css/fonts/ 0
0

GET
H3 200 help-faq.svg
ufabethost.com/-/area_client/-/assets/icons/ 2 KB
2 KB 529ms
529ms Image
image/svg+xml 2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufabethost.com/-/area_client/-/assets/icons/help-faq.svg
Requested by: Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/assets/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 161761d367e7686d40033c1a0daeb88006e9e90b676c3e1368362748a2791fda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufabethost.com/-/area_client/-/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 08 Aug 2021 20:23:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9dd-5c9120bac7880"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qPZma%2B8xKBaoioD8HSl%2FMDYMv9aOxw8%2FOFrsnRIbs%2F3Stz9ot%2B5kDgltcfA4WOv2u1heLCbeWT5wNko2BcZIjuKaNZKLn5hj2dMHFPEqwW5o94hO1AFgQ3%2FNtBhm1494kilD9TZ7ObyzIjALQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 79c591416e1d90f4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fb.svg
ufabethost.com/-/area_client/-/assets/icons/ 1 KB
1 KB 487ms
486ms Image
image/svg+xml 2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufabethost.com/-/area_client/-/assets/icons/fb.svg
Requested by: Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/assets/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab9872644e58c312c6c45df79fd68e005b03423385801e0689d96cadbd0620bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufabethost.com/-/area_client/-/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 14 Jul 2021 20:14:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"41d-5c71b00bd3e80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvyVyteXX0qnSI9nDclVYxu1AmOLkMyEKXTfPcz1M3vaJz2%2FgNKMxJn3gzf7gV95Vfahs2gD44o%2BrRGQyJdzu4iZX5ZHmvD%2Fu378%2F17jqoztpMkWkUOEIq0vLx9eFaai9xhspmom7zWb%2B7%2FPqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 79c591416e2090f4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 twitter.svg
ufabethost.com/-/area_client/-/assets/icons/ 2 KB
1 KB 551ms
548ms Image
image/svg+xml 2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufabethost.com/-/area_client/-/assets/icons/twitter.svg
Requested by: Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/assets/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2f2447ea2c696232412fb46b12c8344dc93740b712a8689d324031e0428beb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufabethost.com/-/area_client/-/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 14 Jul 2021 20:14:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"84d-5c71b0155d500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPldQkqqltdPlYQyK5c3CRF1hwbNzyKiWo6YmSt%2Byo8ComfdZkhtEeoOOQGhFTbQb5T4F6jLqe712lsG5tcj%2BjE6hTzilBWBWDXeEx6iwm5QJ3k57pmibHxFNu8JtSp0WfksOJPrM79RVOcKlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 79c591416e2390f4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 youtube.svg
ufabethost.com/-/area_client/-/assets/icons/ 3 KB
2 KB 555ms
552ms Image
image/svg+xml 2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufabethost.com/-/area_client/-/assets/icons/youtube.svg
Requested by: Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/assets/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91dc715405d0bb25103890b512621749faeacf1fb13299fbda4eac81f15e7cab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufabethost.com/-/area_client/-/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 14 Jul 2021 20:14:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"bda-5c71b01ee6b80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2VKDLFYbmDQWlmSsIodNL2by2FWSXr2FRqCPEHR8N5i7YNdi%2FEAo3pVhsrYznzCrMYzmUNwlg13fivkC5u5pEb8WVC9FqiFDXSE81Lhsu1TUNtL33vKpxfvkg%2FG4aa8wdAjrCra%2Fp0brU%2B9Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 79c591416e2490f4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 linkedin.svg
ufabethost.com/-/area_client/-/assets/icons/ 2 KB
1 KB 556ms
553ms Image
image/svg+xml 2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufabethost.com/-/area_client/-/assets/icons/linkedin.svg
Requested by: Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/assets/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 724be1d544d3f4044e97e8e515f23c0f33f08e96e421021c6729947e62f10642

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufabethost.com/-/area_client/-/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 14 Jul 2021 20:15:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"794-5c71b02870200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8elbVtFTe2z4NhKN0Uo6oRvrZquUdhpumgaXiL43e4uOmaj1MQDQuPcN%2FWjnrCBi7MbGsAsCkRNl48qCrz38SLKkypTE54MawULegzOjlG1Xwk%2FvWdKHeXaEpIh10PNhCWN0kme4kK8j5wwwcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 79c591416e2690f4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 email.svg
ufabethost.com/-/area_client/-/assets/icons/ 1 KB
1 KB 570ms
568ms Image
image/svg+xml 2606:4700:3031::ac43:89c7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ufabethost.com/-/area_client/-/assets/icons/email.svg
Requested by: Host: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/assets/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:89c7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6497465709e16d6be1151fc014554b415f7b355024cec20e6a450bf6ab2cbd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ufabethost.com/-/area_client/-/assets/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:35:46 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 22 Aug 2021 15:34:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4e5-5ca27a2f42d80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiL3UYA8%2FIf5cEYdBR0RpRN5a%2BLuLhNemRPF%2FQUFVZ%2Bth1e%2F1L4qyXhSmcapyFG7IOIOaoOaFxKcg%2FMxQrb81751SBkHU03X3CW9zQ%2BUzlBTyn8WGPFecoHEOmusfzaS6f5y5o9dPMyuiSx8kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 79c591416e2790f4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2
ufabethost.com/-/area_client/-/assets/css/fonts/ 0
0

GET PFDinDisplayPro-Medium.61e7fd90675f0eb31beed62b660edde2.woff2
ufabethost.com/-/area_client/-/assets/css/fonts/ 0
0

GET ibredesign.f0ceac6f3471ca7186d40de1d3e2f374.woff
ufabethost.com/-/area_client/-/assets/css/fonts/ 0
0

GET PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2
ufabethost.com/-/area_client/-/assets/css/fonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/includes/unlock.php

Domain: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/includes/unlock.php

Domain: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/assets/css/fonts/login-retail.4b5338cdd40e01d7a961e2e0f5429f77.jpg

Domain: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/assets/css/fonts/PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2

Domain: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/assets/css/fonts/PFDinDisplayPro-Medium.61e7fd90675f0eb31beed62b660edde2.woff2

Domain: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/assets/css/fonts/ibredesign.f0ceac6f3471ca7186d40de1d3e2f374.woff

Domain: ufabethost.com
URL: https://ufabethost.com/-/area_client/-/assets/css/fonts/PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: National Bank of Greece (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-20 14:07:10	Name: _GRECAPTCHA Value: 09AJBLKW2qjXheQQ2qHgoiVuAQUKkGvspIBDBBSdUJix3vVQJJeXIeBlOjzAr4UglVM_H-XxXKpmd3VmFR4O8dtao
			ufabethost.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 742a3a501a67c38543afc2ad1de2cd16

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ufabethost.com/-/area_client/-/assets/css/images/PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ufabethost.com/-/area_client/-/assets/css/images/PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ufabethost.com/-/area_client/-/assets/css/images/PFDinDisplayPro-Light.9a5171a196de11651813859c360f195f.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ufabethost.com/-/area_client/-/assets/css/images/PFDinDisplayPro-Regular.21be48ba435316c8a4cd39438cd89083.woff Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.gstatic.com
ufabethost.com
www.google.com
www.gstatic.com
ufabethost.com
2001:4de0:ac18::1:a:1a
2606:4700:3031::ac43:89c7
2606:4700::6810:5614
2606:4700::6811:180e
2a00:1450:400d:80a::2003
2a00:1450:400d:80d::2004
161761d367e7686d40033c1a0daeb88006e9e90b676c3e1368362748a2791fda
1b28bda3bee08c51cf79bc36c6292f62bdf7f67038d397f1c2616641dba2cf95
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ed4ade9da25c46ce3a33ee6a7397a6e3a0d725032c33a9a22e6059778f602ae
26df93af62479327f6cd9121a2921554329cfa69984844a437737fbb70e6eeea
3095bf6892f004892c8ea7f952a8e503668f14e7a0ebf07c0c78380059704ccd
3afd03b9002ac810e2184558d71ff59c4888a68eb5e6efaa69bf2781b17d5ab0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
47d9fa63be365662a3b1ba978c004791f260dff22054a1653f7b63004bcbf723
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
724be1d544d3f4044e97e8e515f23c0f33f08e96e421021c6729947e62f10642
7583021663983a838e88f47a0721d751a51a302d45c69595780c083cd2e99909
75ca5d1ab7947e7c19b4914a8ebaf31f5ef8547fee7fe3c4b49125fa9159fee4
78ea49810d51f4f015fa897e1608c2e32960040f2e93c951caf65c511fa6d387
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
909457e7d2ab71d52c2fa3386917fee5031be62e179b01804940a6cc9f5d61ac
91dc715405d0bb25103890b512621749faeacf1fb13299fbda4eac81f15e7cab
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9e55ef37b71daa298218b31bb5f11c00d35ad9d09805372a675c9ebcb1520b95
a2f2447ea2c696232412fb46b12c8344dc93740b712a8689d324031e0428beb2
a7291d2136d459077949df2e28734f6307acd3b245d20e8958b07dfd81f23951
ab9872644e58c312c6c45df79fd68e005b03423385801e0689d96cadbd0620bb
c2789481eb03ebaaac567af091a3f7a9032d8387bab5062279694821d7c1aacc
d6497465709e16d6be1151fc014554b415f7b355024cec20e6a450bf6ab2cbd2
df388f138c472e8df27800daf1f88e4cb62f274c732d75aee03929a143917d6b
eee0de974dc453065f99ef24913aad33ed87c19841d8b1269786e27378fcb53b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

ufabethost.com Open in urlscan Pro 2606:4700:3031::ac43:89c7 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

82 %HTTPS

100 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

1078 kBTransfer

3201 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ufabethost.com Open in urlscan Pro
2606:4700:3031::ac43:89c7 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

82 %
HTTPS

100 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

1078 kB
Transfer

3201 kB
Size

2
Cookies

39 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!