welthers.com Open in urlscan Pro
2a02:250:0:8::52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://allendostmen.com/lecher.php
Effective URL:
https://welthers.com/
Submission: On September 01 via automatic, source urlhaus (September 1st 2021, 2:28:12 am UTC)

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 21 HTTP transactions. The main IP is 2a02:250:0:8::52, located in Sweden and belongs to LOOPIA, SE. The main domain is welthers.com.
TLS certificate: Issued by R3 on July 26th 2021. Valid for: 3 months.

This is the only time welthers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	23.229.237.224 23.229.237.224	398101 (GO-DADDY-...) (GO-DADDY-COM-LLC)
19	2a02:250:0:8::52 2a02:250:0:8::52	39570 (LOOPIA) (LOOPIA)
21	2

2 23.229.237.224 (United States)

ASN398101 (GO-DADDY-COM-LLC, US)
PTR: ip-23-229-237-224.ip.secureserver.net

allendostmen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:250:0:8::52 (Sweden)

ASN39570 (LOOPIA, SE)

welthers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	welthers.com welthers.com	88 KB
2	allendostmen.com allendostmen.com	1 KB
21	2

	Domain	Requested by
19	welthers.com	welthers.com
2	allendostmen.com	allendostmen.com
21	2

This site contains no links.

Subject Issuer	Validity	Valid
allendostmen.com cPanel, Inc. Certification Authority	`2021-07-10` - `2021-10-08`	3 months	crt.sh
welthers.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://welthers.com/
Frame ID: BB2B0EE193CC2D14B6D44A63EE6669EF
Requests: 3 HTTP requests in this frame

Frame: https://welthers.com/topFrame.htm
Frame ID: 1E2E7A118D75C5B54C509722E1B65FB0
Requests: 12 HTTP requests in this frame

Frame: https://welthers.com/mainFrame.htm
Frame ID: 7F9B5A6FA9871153C4E8B45DC72C3A65
Requests: 4 HTTP requests in this frame

Frame: https://welthers.com/bottomFrame.htm
Frame ID: 8E0868D81DBAA429C18BCAA8E58C372E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welther´s - economic & financial consulting

Page URL History Show full URLs

https://allendostmen.com/lecher.php Page URL
https://allendostmen.com/lecher.php Page URL
https://welthers.com/ Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

21
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

89 kB
Transfer

91 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://allendostmen.com/lecher.php Page URL
https://allendostmen.com/lecher.php Page URL
https://welthers.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	lecher.php Show response allendostmen.com/	937 B 565 B	539ms 187ms	Document text/html	23.229.237.224 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Full URL https://allendostmen.com/lecher.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.229.237.224 , United States, ASN398101 (GO-DADDY-COM-LLC, US), Reverse DNS ip-23-229-237-224.ip.secureserver.net Software Apache / PHP/7.3.29 Resource Hash `2f58ac50edbc16d8aa708d2f6b928076c3411a2fdeefa3031013148ec59ad6fe` Request headers :method GET :authority allendostmen.com :scheme https :path /lecher.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 02:27:52 GMT server Apache x-powered-by PHP/7.3.29 vary Accept-Encoding,User-Agent content-encoding gzip content-length 440 content-type text/html; charset=UTF-8
GET H2	200	lecher.php allendostmen.com/	954 B 535 B	705ms 705ms	Document text/html	23.229.237.224 GO-DADDY-COM-LLC
General Check archive.org Show headers Download Go to Full URL https://allendostmen.com/lecher.php Requested by Host: allendostmen.com URL: https://allendostmen.com/lecher.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.229.237.224 , United States, ASN398101 (GO-DADDY-COM-LLC, US), Reverse DNS ip-23-229-237-224.ip.secureserver.net Software Apache / PHP/7.3.29 Resource Hash Request headers :method GET :authority allendostmen.com :scheme https :path /lecher.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest document referer https://allendostmen.com/lecher.php accept-encoding gzip, deflate, br accept-language en-US cookie d=120; n=Europe/Berlin Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://allendostmen.com/lecher.php Response headers date Wed, 01 Sep 2021 02:27:53 GMT server Apache x-powered-by PHP/7.3.29 vary Accept-Encoding,User-Agent content-encoding gzip content-length 481 content-type text/html; charset=UTF-8
GET H2	200	Primary Request / Show response welthers.com/	2 KB 1 KB	206ms 53ms	Document text/html	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Full URL https://welthers.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `068a6c12d050be235441ae38c604eaa0bbe3fea7d6b0d99ce7c4c7f21cce1bf4` Request headers :method GET :authority welthers.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest document referer https://allendostmen.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://allendostmen.com/ Response headers server nginx date Wed, 01 Sep 2021 02:27:54 GMT content-type text/html vary Accept-Encoding last-modified Wed, 31 Jan 2018 15:09:50 GMT etag W/"6ae-56413deed2d6f" x-loopia-node 172.22.223.29 content-encoding br
GET H2	200	topFrame.htm Show response welthers.com/ Frame 1E2E	4 KB 2 KB	46ms 46ms	Document text/html	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Full URL https://welthers.com/topFrame.htm Requested by Host: welthers.com URL: https://welthers.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `e5b0ffe336f8bc7ed0570e2661b790212d6ad9e9c5af8bfc06722f698f9e191b` Request headers :method GET :authority welthers.com :scheme https :path /topFrame.htm pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest frame referer https://welthers.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://welthers.com/ Response headers server nginx date Wed, 01 Sep 2021 02:27:54 GMT content-type text/html vary Accept-Encoding last-modified Wed, 31 Jan 2018 15:09:50 GMT etag W/"fd6-56413dee736a8" x-loopia-node 172.22.223.29 content-encoding br
GET H2	200	mainFrame.htm Show response welthers.com/ Frame 7F9B	2 KB 1 KB	46ms 46ms	Document text/html	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Full URL https://welthers.com/mainFrame.htm Requested by Host: welthers.com URL: https://welthers.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `b9e8c50aea252db77d4cb0ac01d0b4320f84c966480406eddc389b1d3ebca952` Request headers :method GET :authority welthers.com :scheme https :path /mainFrame.htm pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest frame referer https://welthers.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://welthers.com/ Response headers server nginx date Wed, 01 Sep 2021 02:27:54 GMT content-type text/html vary Accept-Encoding last-modified Wed, 31 Jan 2018 15:09:50 GMT etag W/"759-56413dee77098" x-loopia-node 172.22.223.29 content-encoding br
GET H2	200	bottomFrame.htm Show response welthers.com/ Frame 8E08	784 B 682 B	46ms 46ms	Document text/html	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Full URL https://welthers.com/bottomFrame.htm Requested by Host: welthers.com URL: https://welthers.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `fbd87bf936c1efd47ea954db11bde467e2f53b766f4cdfc0ae4d15d708185310` Request headers :method GET :authority welthers.com :scheme https :path /bottomFrame.htm pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest frame referer https://welthers.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://welthers.com/ Response headers server nginx date Wed, 01 Sep 2021 02:27:54 GMT content-type text/html vary Accept-Encoding last-modified Wed, 31 Jan 2018 15:09:50 GMT etag W/"310-56413deed1218" x-loopia-node 172.22.223.29 content-encoding br
GET H2	200	buttonUp_Home.GIF welthers.com/img/ Frame 1E2E	2 KB 3 KB	48ms 47ms	Image image/gif	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://welthers.com/img/buttonUp_Home.GIF Requested by Host: welthers.com URL: https://welthers.com/topFrame.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `ab1336e858e062b1d7e522448e8e0a4022b1f42d1b9f17f6d056b9cb18443665` Request headers :path /img/buttonUp_Home.GIF pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority welthers.com referer https://welthers.com/topFrame.htm :scheme https sec-fetch-site same-origin :method GET Referer https://welthers.com/topFrame.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 02:27:54 GMT last-modified Wed, 31 Jan 2018 15:09:50 GMT server nginx etag "9e0-56413dee8d890" content-type image/gif x-loopia-node 172.22.223.29 accept-ranges bytes content-length 2528
GET H2	200	buttonUp_about.GIF welthers.com/img/ Frame 1E2E	4 KB 4 KB	50ms 49ms	Image image/gif	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://welthers.com/img/buttonUp_about.GIF Requested by Host: welthers.com URL: https://welthers.com/topFrame.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `deadd64547c5402a94c764a5e60376b2f0ce7e089b73875d626abe66c0675295` Request headers :path /img/buttonUp_about.GIF pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority welthers.com referer https://welthers.com/topFrame.htm :scheme https sec-fetch-site same-origin :method GET Referer https://welthers.com/topFrame.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 02:27:54 GMT last-modified Wed, 31 Jan 2018 15:09:50 GMT server nginx etag "e20-56413dee828bd" content-type image/gif x-loopia-node 172.22.223.29 accept-ranges bytes content-length 3616
GET H2	200	buttonUp_Partners.GIF welthers.com/img/ Frame 1E2E	3 KB 3 KB	50ms 49ms	Image image/gif	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://welthers.com/img/buttonUp_Partners.GIF Requested by Host: welthers.com URL: https://welthers.com/topFrame.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `e76de27f7f792b7227c5f01b0280ba92371b8736f0bdd0bd0cc69a91c54d2d96` Request headers :path /img/buttonUp_Partners.GIF pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority welthers.com referer https://welthers.com/topFrame.htm :scheme https sec-fetch-site same-origin :method GET Referer https://welthers.com/topFrame.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 02:27:54 GMT last-modified Wed, 31 Jan 2018 15:09:50 GMT server nginx etag "ace-56413dee7e1f2" content-type image/gif x-loopia-node 172.22.223.29 accept-ranges bytes content-length 2766
GET H2	200	buttonUp_Tjanster.gif welthers.com/img/ Frame 1E2E	3 KB 3 KB	48ms 48ms	Image image/gif	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://welthers.com/img/buttonUp_Tjanster.gif Requested by Host: welthers.com URL: https://welthers.com/topFrame.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `0a6cd469250f3721d888f88d1106423efeb8dc0ed38cfa102913a9a49e0a6618` Request headers :path /img/buttonUp_Tjanster.gif pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority welthers.com referer https://welthers.com/topFrame.htm :scheme https sec-fetch-site same-origin :method GET Referer https://welthers.com/topFrame.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 02:27:54 GMT last-modified Wed, 31 Jan 2018 15:09:50 GMT server nginx etag "acf-56413dee8b15c" content-type image/gif x-loopia-node 172.22.223.29 accept-ranges bytes content-length 2767
GET H2	200	buttonUp_Visit.GIF welthers.com/img/ Frame 1E2E	3 KB 3 KB	48ms 48ms	Image image/gif	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://welthers.com/img/buttonUp_Visit.GIF Requested by Host: welthers.com URL: https://welthers.com/topFrame.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `dd6c3f12f3212bdee092f8f420f98e1c1f6b71ee94a2a7d6c9934ef924d10765` Request headers :path /img/buttonUp_Visit.GIF pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority welthers.com referer https://welthers.com/topFrame.htm :scheme https sec-fetch-site same-origin :method GET Referer https://welthers.com/topFrame.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 02:27:54 GMT last-modified Wed, 31 Jan 2018 15:09:50 GMT server nginx etag "abd-56413dee805a7" content-type image/gif x-loopia-node 172.22.223.29 accept-ranges bytes content-length 2749
GET H2	200	welcomePic.jpg welthers.com/img/ Frame 7F9B	15 KB 15 KB	47ms 46ms	Image image/jpeg	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://welthers.com/img/welcomePic.jpg Requested by Host: welthers.com URL: https://welthers.com/mainFrame.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `c75693f1cc9de8628bacd2536fb24a9d0ac1540d85fa7abde63d653e4b4493a7` Request headers :path /img/welcomePic.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority welthers.com referer https://welthers.com/mainFrame.htm :scheme https sec-fetch-site same-origin :method GET Referer https://welthers.com/mainFrame.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 02:27:54 GMT last-modified Wed, 31 Jan 2018 15:09:50 GMT server nginx etag "3ce8-56413dee87ade" content-type image/jpeg x-loopia-node 172.22.223.29 accept-ranges bytes content-length 15592
GET H2	200	welcomeHeader.GIF welthers.com/img/ Frame 7F9B	5 KB 5 KB	83ms 83ms	Image image/gif	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://welthers.com/img/welcomeHeader.GIF Requested by Host: welthers.com URL: https://welthers.com/mainFrame.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `7c1c01063c2410907c480162aa1e9fc2b7cee695a122bb1febd9d671b97e0e85` Request headers :path /img/welcomeHeader.GIF pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority welthers.com referer https://welthers.com/mainFrame.htm :scheme https sec-fetch-site same-origin :method GET Referer https://welthers.com/mainFrame.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 02:27:54 GMT last-modified Wed, 31 Jan 2018 15:09:50 GMT server nginx etag "1482-56413dee7d9e5" content-type image/gif x-loopia-node 172.22.223.29 accept-ranges bytes content-length 5250
GET H2	200	upTwo.GIF welthers.com/img/ Frame 1E2E	26 KB 27 KB	84ms 84ms	Image image/gif	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://welthers.com/img/upTwo.GIF Requested by Host: welthers.com URL: https://welthers.com/topFrame.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `34e26c247493bbd2394c4567116ac4123085ba6ed1bc17b713606490e2f4af8a` Request headers :path /img/upTwo.GIF pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority welthers.com referer https://welthers.com/topFrame.htm :scheme https sec-fetch-site same-origin :method GET Referer https://welthers.com/topFrame.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 02:27:54 GMT last-modified Wed, 31 Jan 2018 15:09:50 GMT server nginx etag "693d-56413dee8448b" content-type image/gif x-loopia-node 172.22.223.29 accept-ranges bytes content-length 26941
GET H2	200	wBg.GIF welthers.com/img/ Frame 7F9B	6 KB 7 KB	117ms 117ms	Image image/gif	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://welthers.com/img/wBg.GIF Requested by Host: welthers.com URL: https://welthers.com/mainFrame.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `d6e67b9ee13091b2bcb6328f2bfddfe4a7a8fee1ac9992baf0c2af12042f5eef` Request headers :path /img/wBg.GIF pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority welthers.com referer https://welthers.com/mainFrame.htm :scheme https sec-fetch-site same-origin :method GET Referer https://welthers.com/mainFrame.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 02:27:54 GMT last-modified Wed, 31 Jan 2018 15:09:50 GMT server nginx etag "19da-56413dee85b19" content-type image/gif x-loopia-node 172.22.223.29 accept-ranges bytes content-length 6618
GET H2	200	down.GIF welthers.com/img/ Frame 8E08	318 B 474 B	103ms 102ms	Image image/gif	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://welthers.com/img/down.GIF Requested by Host: welthers.com URL: https://welthers.com/bottomFrame.htm Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `03cbc26bb497e7dc1411269b2e02f178907c8a88dd9674e1f734d8735a488468` Request headers :path /img/down.GIF pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority welthers.com referer https://welthers.com/bottomFrame.htm :scheme https sec-fetch-site same-origin :method GET Referer https://welthers.com/bottomFrame.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 02:27:54 GMT last-modified Wed, 31 Jan 2018 15:09:50 GMT server nginx etag "13e-56413dee7ea0a" content-type image/gif x-loopia-node 172.22.223.29 accept-ranges bytes content-length 318
GET H2	200	buttonDown_Home.GIF welthers.com/img/ Frame 1E2E	2 KB 2 KB	49ms 48ms	Image image/gif	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://welthers.com/img/buttonDown_Home.GIF Requested by Host: welthers.com URL: https://welthers.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `84aa7faf51fc87a2dae38eb2b4baeac225a9f5728fcb7a687ec2835ff066ad10` Request headers :path /img/buttonDown_Home.GIF pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority welthers.com referer https://welthers.com/topFrame.htm :scheme https sec-fetch-site same-origin :method GET Referer https://welthers.com/topFrame.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 02:27:54 GMT last-modified Wed, 31 Jan 2018 15:09:50 GMT server nginx etag "803-56413dee7f220" content-type image/gif x-loopia-node 172.22.223.29 accept-ranges bytes content-length 2051
GET H2	200	buttonDown_about.GIF welthers.com/img/ Frame 1E2E	3 KB 4 KB	49ms 48ms	Image image/gif	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://welthers.com/img/buttonDown_about.GIF Requested by Host: welthers.com URL: https://welthers.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `9e1acac768d9abdbf2fd714b9c58075893ef207266fcaf48a2df364d23eb4e46` Request headers :path /img/buttonDown_about.GIF pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority welthers.com referer https://welthers.com/topFrame.htm :scheme https sec-fetch-site same-origin :method GET Referer https://welthers.com/topFrame.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 02:27:54 GMT last-modified Wed, 31 Jan 2018 15:09:50 GMT server nginx etag "da6-56413dee818cd" content-type image/gif x-loopia-node 172.22.223.29 accept-ranges bytes content-length 3494
GET H2	200	buttonDown_Partners.GIF welthers.com/img/ Frame 1E2E	3 KB 3 KB	50ms 49ms	Image image/gif	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://welthers.com/img/buttonDown_Partners.GIF Requested by Host: welthers.com URL: https://welthers.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `9cf856d2d69bdf43b61a7ae487302a5515ac8b8e509ed1b68021905fefc26082` Request headers :path /img/buttonDown_Partners.GIF pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority welthers.com referer https://welthers.com/topFrame.htm :scheme https sec-fetch-site same-origin :method GET Referer https://welthers.com/topFrame.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 02:27:54 GMT last-modified Wed, 31 Jan 2018 15:09:50 GMT server nginx etag "a8d-56413dee86e8a" content-type image/gif x-loopia-node 172.22.223.29 accept-ranges bytes content-length 2701
GET H2	200	buttonDown_Tjanster.gif welthers.com/img/ Frame 1E2E	3 KB 3 KB	49ms 49ms	Image image/gif	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://welthers.com/img/buttonDown_Tjanster.gif Requested by Host: welthers.com URL: https://welthers.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `a936b790b01c04fb139f1545a1ca20e7f181d3956dd2c17e734e35eb5c215ac5` Request headers :path /img/buttonDown_Tjanster.gif pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority welthers.com referer https://welthers.com/topFrame.htm :scheme https sec-fetch-site same-origin :method GET Referer https://welthers.com/topFrame.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 02:27:54 GMT last-modified Wed, 31 Jan 2018 15:09:50 GMT server nginx etag "af1-56413dee7c38a" content-type image/gif x-loopia-node 172.22.223.29 accept-ranges bytes content-length 2801
GET H2	200	buttonDown_Visit.GIF welthers.com/img/ Frame 1E2E	3 KB 3 KB	48ms 48ms	Image image/gif	2a02:250:0:8::52 LOOPIA
General Check archive.org Show headers Download Go to Show image Full URL https://welthers.com/img/buttonDown_Visit.GIF Requested by Host: welthers.com URL: https://welthers.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:250:0:8::52 , Sweden, ASN39570 (LOOPIA, SE), Reverse DNS Software nginx / Resource Hash `66fd3ac9ea1a90c7b45164497b4741db9a408ddf5910588e75cd966814bf39bb` Request headers :path /img/buttonDown_Visit.GIF pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority welthers.com referer https://welthers.com/topFrame.htm :scheme https sec-fetch-site same-origin :method GET Referer https://welthers.com/topFrame.htm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 02:27:54 GMT last-modified Wed, 31 Jan 2018 15:09:50 GMT server nginx etag "add-56413dee8674f" content-type image/gif x-loopia-node 172.22.223.29 accept-ranges bytes content-length 2781

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

allendostmen.com
welthers.com
23.229.237.224
2a02:250:0:8::52
03cbc26bb497e7dc1411269b2e02f178907c8a88dd9674e1f734d8735a488468
068a6c12d050be235441ae38c604eaa0bbe3fea7d6b0d99ce7c4c7f21cce1bf4
0a6cd469250f3721d888f88d1106423efeb8dc0ed38cfa102913a9a49e0a6618
2f58ac50edbc16d8aa708d2f6b928076c3411a2fdeefa3031013148ec59ad6fe
34e26c247493bbd2394c4567116ac4123085ba6ed1bc17b713606490e2f4af8a
66fd3ac9ea1a90c7b45164497b4741db9a408ddf5910588e75cd966814bf39bb
7c1c01063c2410907c480162aa1e9fc2b7cee695a122bb1febd9d671b97e0e85
84aa7faf51fc87a2dae38eb2b4baeac225a9f5728fcb7a687ec2835ff066ad10
9cf856d2d69bdf43b61a7ae487302a5515ac8b8e509ed1b68021905fefc26082
9e1acac768d9abdbf2fd714b9c58075893ef207266fcaf48a2df364d23eb4e46
a936b790b01c04fb139f1545a1ca20e7f181d3956dd2c17e734e35eb5c215ac5
ab1336e858e062b1d7e522448e8e0a4022b1f42d1b9f17f6d056b9cb18443665
b9e8c50aea252db77d4cb0ac01d0b4320f84c966480406eddc389b1d3ebca952
c75693f1cc9de8628bacd2536fb24a9d0ac1540d85fa7abde63d653e4b4493a7
d6e67b9ee13091b2bcb6328f2bfddfe4a7a8fee1ac9992baf0c2af12042f5eef
dd6c3f12f3212bdee092f8f420f98e1c1f6b71ee94a2a7d6c9934ef924d10765
deadd64547c5402a94c764a5e60376b2f0ce7e089b73875d626abe66c0675295
e5b0ffe336f8bc7ed0570e2661b790212d6ad9e9c5af8bfc06722f698f9e191b
e76de27f7f792b7227c5f01b0280ba92371b8736f0bdd0bd0cc69a91c54d2d96
fbd87bf936c1efd47ea954db11bde467e2f53b766f4cdfc0ae4d15d708185310

welthers.com Open in urlscan Pro 2a02:250:0:8::52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

89 kBTransfer

91 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

0 Cookies

Indicators

welthers.com Open in urlscan Pro
2a02:250:0:8::52 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

89 kB
Transfer

91 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions