web8636.web07.bero-webspace.de Open in urlscan Pro
109.71.253.24 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ultrashort.me/Newva
Effective URL:
https://web8636.web07.bero-webspace.de/
Submission: On September 19 via manual (September 19th 2022, 2:39:26 pm UTC) from NL — Scanned from NL

Summary HTTP 30 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 30 HTTP transactions. The main IP is 109.71.253.24, located in Germany and belongs to SYNLINQ synlinq.de, DE. The main domain is web8636.web07.bero-webspace.de.
TLS certificate: Issued by R3 on September 18th 2022. Valid for: 3 months.

This is the only time web8636.web07.bero-webspace.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: International Card Services (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 1	128.199.176.54 128.199.176.54	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	51.15.139.10 51.15.139.10	12876 (Online SAS) (Online SAS)
28	109.71.253.24 109.71.253.24	44486 (SYNLINQ s...) (SYNLINQ synlinq.de)
1	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1	199.101.153.209 199.101.153.209	13713 (ARCOT) (ARCOT)
30	4

1 128.199.176.54 (Singapore, Singapore) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: c07.tmdcloud.asia

ultrashort.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.15.139.10 (France) 1 redirects

ASN12876 (Online SAS, FR)
PTR: 10-139-15-51.instances.scw.cloud

pxlme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 109.71.253.24 (Germany)

ASN44486 (SYNLINQ synlinq.de, DE)
PTR: web07.bero-host.de

web8636.web07.bero-webspace.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.101.153.209 (United States)

ASN13713 (ARCOT, US)

argus.arcot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	bero-webspace.de web8636.web07.bero-webspace.de	3 MB
1	arcot.com argus.arcot.com — Cisco Umbrella Rank: 916804	735 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	114 KB
1	pxlme.me 1 redirects pxlme.me — Cisco Umbrella Rank: 561924	252 B
1	ultrashort.me 1 redirects ultrashort.me	431 B
30	5

	Domain	Requested by
28	web8636.web07.bero-webspace.de	web8636.web07.bero-webspace.de
1	argus.arcot.com
1	www.googletagmanager.com	web8636.web07.bero-webspace.de
1	pxlme.me	1 redirects
1	ultrashort.me	1 redirects
30	5

This site contains links to these domains. Also see Links.

Domain
www.icscards.nl
www.icsbusiness.nl

Subject Issuer	Validity	Valid
web8636.web07.bero-webspace.de R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
argus.arcot.com DigiCert EV RSA CA G2	`2022-02-08` - `2023-02-08`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://web8636.web07.bero-webspace.de/
Frame ID: BD1A48582BC8C5D8F3A508E438467446
Requests: 24 HTTP requests in this frame

Frame: https://web8636.web07.bero-webspace.de/sca/saved_resource.html
Frame ID: 9179AD7CC01F4AD0A288B83949BFE793
Requests: 5 HTTP requests in this frame

Frame: https://web8636.web07.bero-webspace.de/TSPD/?type=21
Frame ID: AD0B780B76694CF4B057881A26CC1E79
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Inloggen - Mijn ICS | International Card Services

Page URL History Show full URLs

https://ultrashort.me/Newva HTTP 301
https://pxlme.me/5_4TFBl4 HTTP 302
https://web8636.web07.bero-webspace.de/ Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

3333 kB
Transfer

4599 kB
Size

5
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.icscards.nl/

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/creditcard-aanvragen
Title: Creditcard aanvragen

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/mijn-card
Title: Mijn Card

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/ics-aanbiedingen
Title: Card-voordeel

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/tips
Title: Tips

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/klantenservice
Title: Klantenservice

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/login
Title: Inloggen Mijn ICS

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/enrollment/identify-user?enrollmentProcessType=ACTIVATION
Title: Nog geen gebruiker? Activeer nu Mijn ICS.

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/enrollment/identify-user?enrollmentProcessType=CHANGEPASSWORD
Title: Inlognaam en/of wachtwoord vergeten?

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/producten/creditcards-vergelijken
Title: Heeft u nog geen Card? Vraag er een aan!

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/klantenservice/aanvragen/card-activeren-deblokkeren
Title: Card deblokkeren

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/klantenservice/activeren-en-inloggen/account-activeren
Title: Mijn ICS activeren

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/klantenservice/uw-gegevens/pincode-vergeten
Title: Pincode vergeten

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/klantenservice/veiligheid/onterechte-betaling
Title: Onterechte betaling

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/info/wwft
Title: Online identificeren

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/creditcards-vergelijken
Title: Creditcards vergelijken

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/ics-info/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/creditcard-aanvragen/visa-world-card
Title: World Card

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/creditcard-aanvragen/visa-world-card-gold
Title: World Card Gold

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/creditcard-aanvragen/visa-world-card-platinum
Title: World Card Platinum

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/creditcard-aanvragen/gocard
Title: ICS GO Card

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/mijn-card/app
Title: App downloaden

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/abnamro
Title: ABN AMRO portal

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/anwb
Title: ANWB portal

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/gold
Title: Mastercard Gold portal

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/info/over-ics
Title: Over ICS

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/ics-info/pers
Title: Pers

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/info/disclaimer
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/ics-info/algemene-voorwaarden
Title: Algemene Voorwaarden

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/ics-info/privacy-statement
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: http://www.icsbusiness.nl/
Title: Zakelijke Cards

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/info/werken-bij-ics
Title: Werken bij ICS

Search URL Search Domain Scan URL

URL: https://www.icscards.nl/sca-login
Title: onze cookie-instellingen.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ultrashort.me/Newva HTTP 301
https://pxlme.me/5_4TFBl4 HTTP 302
https://web8636.web07.bero-webspace.de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
web8636.web07.bero-webspace.de/
Redirect Chain

https://ultrashort.me/Newva
https://pxlme.me/5_4TFBl4
https://web8636.web07.bero-webspace.de/

52 KB
14 KB

167ms
62ms

Document
text/html

109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PHP/7.4.30 PleskLin
Resource Hash: 9a82be9ca9d2048c1b5afd96731ffb2b8e9c25001b7e8ff8badb2d0d8f8d00f6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 13966
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 14:39:21 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.30 PleskLin

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 62
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Sep 2022 14:39:20 GMT
Expires: 0
Location: https://web8636.web07.bero-webspace.de/
Pragma: no-cache

GET
H2 200 sca-login Show response
web8636.web07.bero-webspace.de/sca/ 31 KB
31 KB 57ms
42ms Script
application/octet-stream 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/sca-login
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: ad7211417c487fff828204d17b260de32dbfecb1f34ec4cefec332174f912aed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
last-modified: Wed, 06 Jul 2022 14:38:22 GMT
server: nginx
x-powered-by: PleskLin
etag: "62c59e5e-7b3e"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 31550

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 410 KB
114 KB 160ms
70ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MHW4QGN&l=global_layer

Requested by

Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9754e2939204ce3c34087950bb2f21bcbddf178d0feca0a72df3ab9ebdb8bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116275
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Sep 2022 14:39:21 GMT

GET
H2 200 saved_resource Show response
web8636.web07.bero-webspace.de/sca/ 8 KB
8 KB 150ms
134ms Script
application/octet-stream 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/saved_resource
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 91dd5858585bcafd085ed3c7dbe9f3eb2329dc380b8a58caf174036c7a204349

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
last-modified: Wed, 06 Jul 2022 14:38:24 GMT
server: nginx
x-powered-by: PleskLin
etag: "62c59e60-1f21"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 7969

GET
H2 200 main-ics.css
web8636.web07.bero-webspace.de/sca/ 255 KB
37 KB 100ms
85ms Stylesheet
text/css 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/main-ics.css
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: b9705684eee0f9617ed62320f4a58eb9c9fa1f4e9a9eca2ba7713dfc4c354e4c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
content-encoding: br
etag: W/"62c5a03e-3fc72"
last-modified: Wed, 06 Jul 2022 14:46:22 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 styles.css
web8636.web07.bero-webspace.de/sca/ 483 KB
39 KB 101ms
86ms Stylesheet
text/css 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/styles.css
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 5322ac528a18aec9e61c48ed190763e9305c7011fa8c416b0889b0ac239ebbdc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
content-encoding: br
etag: W/"62c59e64-78c5d"
last-modified: Wed, 06 Jul 2022 14:38:28 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 plx.check.js Show response
web8636.web07.bero-webspace.de/sca/ 405 B
426 B 103ms
89ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/plx.check.js
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: f9319a3cb3f94b3f15178b435645c53c01ff399253bb87377beae7557b83ad0f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
content-encoding: gzip
etag: "195-5e32b4a590480-gzip"
last-modified: Wed, 06 Jul 2022 23:25:54 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
x-accel-version: 0.01
accept-ranges: bytes
content-length: 209

GET
H2 200 arcotfpcollect.js.download Show response
web8636.web07.bero-webspace.de/sca/ 54 KB
16 KB 105ms
91ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/arcotfpcollect.js.download
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 551adb05bca5625965bd33c60190c6afb9f00a5fe13ca6c18283129223a0e6b2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
content-encoding: br
etag: W/"62c59e66-d9fd"
last-modified: Wed, 06 Jul 2022 14:38:30 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 collectddna.js.download Show response
web8636.web07.bero-webspace.de/sca/ 3 KB
1 KB 100ms
87ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/collectddna.js.download
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 608612cd000271d2b9944308d2a696d84d4fb3326a94ad0b89695a7aaf025e23

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
content-encoding: br
etag: W/"62c59e68-d13"
last-modified: Wed, 06 Jul 2022 14:38:32 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 proxyid.js.download Show response
web8636.web07.bero-webspace.de/sca/ 242 B
436 B 102ms
90ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/proxyid.js.download
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 525199a140d9c8ffc27e88b3923ac409187495c89bd22433d7b9a239fd095f0d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
content-encoding: gzip
etag: "f2-5e323ec74ee80-gzip"
last-modified: Wed, 06 Jul 2022 14:38:34 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: application/javascript
x-accel-version: 0.01
accept-ranges: bytes
content-length: 220

GET
H2 200 modernizr.js.download Show response
web8636.web07.bero-webspace.de/sca/ 1 KB
849 B 104ms
92ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/modernizr.js.download
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 076157b465fa93c42e7100a6e904d4bfe90e788f48a12e55419f3aa5ca2bb3e3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
content-encoding: br
etag: W/"62c59e6a-5f1"
last-modified: Wed, 06 Jul 2022 14:38:34 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery.min.js.download Show response
web8636.web07.bero-webspace.de/sca/ 85 KB
29 KB 151ms
140ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/jquery.min.js.download
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
content-encoding: br
etag: W/"62c59e6c-152b5"
last-modified: Wed, 06 Jul 2022 14:38:36 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 main.js.download Show response
web8636.web07.bero-webspace.de/sca/ 189 KB
52 KB 161ms
151ms Script
application/javascript 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/main.js.download
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 010877cc8f51a1623c13763c228ae9168cc4fd9e441348dd66029233834d6d89

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
content-encoding: br
etag: W/"62c59e6e-2f2c6"
last-modified: Wed, 06 Jul 2022 14:38:38 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 404 runtime.j.download
web8636.web07.bero-webspace.de/sca/ 0
0 158ms
149ms Script
text/html 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/runtime.j.download
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
content-encoding: br
last-modified: Sun, 18 Sep 2022 17:31:10 GMT
server: nginx
etag: W/"328-5e8f6f603e636"
content-type: text/html

GET
H2 404 polyfills.j.download
web8636.web07.bero-webspace.de/sca/ 0
0 147ms
138ms Script
text/html 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/polyfills.j.download
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
content-encoding: br
last-modified: Sun, 18 Sep 2022 17:31:10 GMT
server: nginx
etag: W/"328-5e8f6f603e636"
content-type: text/html

GET
H2 200 main.js(1).download Show response
web8636.web07.bero-webspace.de/sca/ 2 MB
2 MB 157ms
152ms Script
application/octet-stream 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/main.js(1).download
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 9b86e530307d396082ae6b004665b4b8a1dc7212f94f41e530c36bcc0cac3d70

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
last-modified: Wed, 06 Jul 2022 14:38:44 GMT
server: nginx
x-powered-by: PleskLin
etag: "62c59e74-253dbd"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 2440637

GET
H2 200 zero.png
web8636.web07.bero-webspace.de/sca/ 68 B
235 B 105ms
104ms Image
image/png 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://web8636.web07.bero-webspace.de/sca/zero.png
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
etag: "44-5e323ed2c0980"
last-modified: Wed, 06 Jul 2022 14:38:46 GMT
server: nginx
x-powered-by: PleskLin
content-type: image/png
x-accel-version: 0.01
accept-ranges: bytes
content-length: 68

GET
H2 200 SunOT-Light.ttf
web8636.web07.bero-webspace.de/sca/ 84 KB
85 KB 90ms
89ms Font
font/ttf 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/SunOT-Light.ttf
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/sca/styles.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 75af6860450b2595cd18ebad00dbf3927d9e494dfdbd12ceefcec15b2c03d84e

Request headers

Referer: https://web8636.web07.bero-webspace.de/sca/styles.css
Origin: https://web8636.web07.bero-webspace.de
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
last-modified: Wed, 06 Jul 2022 14:39:58 GMT
server: nginx
x-powered-by: PleskLin
etag: "62c59ebe-151e4"
content-type: font/ttf
accept-ranges: bytes
content-length: 86500

GET
H2 200 SunOT-Regular.ttf
web8636.web07.bero-webspace.de/sca/ 84 KB
85 KB 87ms
87ms Font
font/ttf 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/SunOT-Regular.ttf
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/sca/styles.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 69e81e13ae217c9a436756a0f91d43af57f3adb823ea36f94d33f03cb4694981

Request headers

Referer: https://web8636.web07.bero-webspace.de/sca/styles.css
Origin: https://web8636.web07.bero-webspace.de
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
last-modified: Wed, 06 Jul 2022 14:39:52 GMT
server: nginx
x-powered-by: PleskLin
etag: "62c59eb8-15120"
content-type: font/ttf
accept-ranges: bytes
content-length: 86304

GET
H2 200 icons.woff2
web8636.web07.bero-webspace.de/sca/ 10 KB
10 KB 87ms
86ms Font
font/woff2 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/icons.woff2
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/sca/main-ics.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: aee0070713b543535d52633e18e27589267fafe5d40479afc8aa301092ba04be

Request headers

Referer: https://web8636.web07.bero-webspace.de/sca/main-ics.css
Origin: https://web8636.web07.bero-webspace.de
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
last-modified: Wed, 06 Jul 2022 14:40:06 GMT
server: nginx
x-powered-by: PleskLin
etag: "62c59ec6-2670"
content-type: font/woff2
accept-ranges: bytes
content-length: 9840

GET
H2 200 SunOT-SemiBold.ttf
web8636.web07.bero-webspace.de/sca/ 84 KB
84 KB 119ms
118ms Font
font/ttf 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/SunOT-SemiBold.ttf
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/sca/styles.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 21caab764c78b5bef10d7d4d83c1a52c42aed38151c7ba791aad08c2bb416600

Request headers

Referer: https://web8636.web07.bero-webspace.de/sca/styles.css
Origin: https://web8636.web07.bero-webspace.de
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
last-modified: Wed, 06 Jul 2022 14:40:40 GMT
server: nginx
x-powered-by: PleskLin
etag: "62c59ee8-15110"
content-type: font/ttf
accept-ranges: bytes
content-length: 86288

GET
H2 200 ics-icons.woff2
web8636.web07.bero-webspace.de/sca/ 6 KB
7 KB 119ms
119ms Font
font/woff2 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/ics-icons.woff2?mrp4y8
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/sca/styles.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 26e6a7b3caf0b044980820a1a26cd56a16efad9108fd14e7416bae2a2b76320b

Request headers

Referer: https://web8636.web07.bero-webspace.de/sca/styles.css
Origin: https://web8636.web07.bero-webspace.de
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
last-modified: Wed, 06 Jul 2022 14:41:18 GMT
server: nginx
x-powered-by: PleskLin
etag: "62c59f0e-19f0"
content-type: font/woff2
accept-ranges: bytes
content-length: 6640

GET
H2 404 jquery.min.js
web8636.web07.bero-webspace.de/webfiles/1656567843470/media/theme/ics-nl/js/3rdparty/ 0
0 107ms
106ms Script
text/html 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/webfiles/1656567843470/media/theme/ics-nl/js/3rdparty/jquery.min.js
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
content-encoding: br
last-modified: Sun, 18 Sep 2022 17:31:10 GMT
server: nginx
etag: W/"328-5e8f6f603e636"
content-type: text/html

GET
H2 200 saved_resource.html Show response
web8636.web07.bero-webspace.de/sca/ Frame 9179 6 KB
3 KB 45ms
44ms Document
text/html 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/saved_resource.html
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 5361e5d69a8cc45191113bb60dd851391c58c85b9197cda2c156834a21c69893

Request headers

Referer: https://web8636.web07.bero-webspace.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Mon, 19 Sep 2022 14:39:21 GMT
etag: W/"62c59e7a-19a0"
last-modified: Wed, 06 Jul 2022 14:38:50 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 404 / Show response
web8636.web07.bero-webspace.de/TSPD/ Frame AD0B 808 B
501 B 40ms
39ms Document
text/html 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/TSPD/?type=21
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/sca/saved_resource
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

Referer: https://web8636.web07.bero-webspace.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Mon, 19 Sep 2022 14:39:21 GMT
etag: W/"328-5e8f6f603e636"
last-modified: Sun, 18 Sep 2022 17:31:10 GMT
server: nginx

GET
H2 200 082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb Show response
web8636.web07.bero-webspace.de/sca/ Frame 9179 276 KB
277 KB 42ms
42ms Script
application/octet-stream 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/sca/saved_resource.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 49646c016f4d29b0499b92cb483ceb98a3170c3aba81ae563acc2961bdc65484

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/sca/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
last-modified: Wed, 06 Jul 2022 14:38:48 GMT
server: nginx
x-powered-by: PleskLin
etag: "62c59e78-450ca"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 282826

GET
H2 200 082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(1) Show response
web8636.web07.bero-webspace.de/sca/ Frame 9179 52 KB
52 KB 75ms
75ms Script
application/octet-stream 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(1)
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/sca/saved_resource.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 552f179b8856e5355d6d5865abf56d10af6a0e698c3a8ea2b5610c459fbe37a3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/sca/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
last-modified: Wed, 06 Jul 2022 14:38:50 GMT
server: nginx
x-powered-by: PleskLin
etag: "62c59e7a-cf49"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 53065

GET
H2 200 styles.css
web8636.web07.bero-webspace.de/error_docs/ Frame AD0B 3 KB
1 KB 69ms
69ms Stylesheet
text/css 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/error_docs/styles.css
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/TSPD/?type=21
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx / PleskLin
Resource Hash: 21caff9a36c2bc2c373c02d54cd9eb81c038aa16ec5f8a9f508fed87dfa1d59b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/TSPD/?type=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:21 GMT
content-encoding: gzip
etag: "a9e-5e8f6f603e636-gzip"
last-modified: Sun, 18 Sep 2022 17:31:10 GMT
server: nginx
x-powered-by: PleskLin
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 948

GET
H/1.1 200
OK zero.png
argus.arcot.com/img/ 68 B
735 B 993ms
199ms Image
image/png 199.101.153.209
ARCOT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://argus.arcot.com/img/zero.png?did_proxy=1:zEUeQFVqXRrb1FthfkZ64J1LHpob1ksgZd7jHNpUxXxlq0gz2-i7oZP9U70asvhwgYSKXzVQArfJATAYu8N_bw&ddna_arcot=%257B%2522VERSION%2522%253A%25222.1%2522%252C%2522MFP%2522%253A%257B%2522Browser%2522%253A%257B%2522UserAgent%2522%253A%2522Mozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F105.0.5195.125%2520Safari%252F537.36%2522%252C%2522Vendor%2522%253A%2522Google%2520Inc.%2522%252C%2522VendorSubID%2522%253A%2522%2522%252C%2522BuildID%2522%253A%252220030107%2522%252C%2522CookieEnabled%2522%253Atrue%257D%252C%2522IEPlugins%2522%253A%257B%257D%252C%2522NetscapePlugins%2522%253A%257B%2522Chrome%2520PDF%2520Plugin%2522%253A%2522%2522%252C%2522Chrome%2520PDF%2520Viewer%2522%253A%2522%2522%252C%2522Native%2520Client%2522%253A%2522%2522%257D%252C%2522Screen%2522%253A%257B%2522FullHeight%2522%253A1200%252C%2522AvlHeight%2522%253A1200%252C%2522FullWidth%2522%253A1600%252C%2522AvlWidth%2522%253A1600%252C%2522ColorDepth%2522%253A24%252C%2522PixelDepth%2522%253A24%257D%252C%2522System%2522%253A%257B%2522Platform%2522%253A%2522Win32%2522%252C%2522systemLanguage%2522%253A%2522en-US%2522%252C%2522Timezone%2522%253A0%257D%257D%252C%2522ExternalIP%2522%253A%2522%2522%257D&ddna_arcot_time=%7B%22browser%22:0,%22clientcaps%22:0,%22plugin%22:0,%22screen%22:1,%22system%22:0,%22boundingbox%22:0,%22timetaken%22:1%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.101.153.209 , United States, ASN13713 (ARCOT, US),

Reverse DNS

Software

Apache /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' .ca.com .arcot.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' .ca.com .arcot.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' .ca.com .arcot.com 'unsafe-inline'; img-src 'self' .ca.com .arcot.com data: blob: 'unsafe-inline';frame-src 'self' .ca.com .arcot.com; style-src 'self' .ca.com .arcot.com 'unsafe-inline';

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Sep 2022 14:39:22 GMT
Server: Apache
filename: zero.png
Content-Type: image/png
Cache-Control: no-cache,no-store,must-revalidate,max-age=0
Content-Security-Policy: default-src 'self' *.ca.com *.arcot.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' *.ca.com *.arcot.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.ca.com *.arcot.com 'unsafe-inline'; img-src 'self' *.ca.com *.arcot.com data: blob: 'unsafe-inline';frame-src 'self' *.ca.com *.arcot.com; style-src 'self' *.ca.com *.arcot.com 'unsafe-inline';
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
Content-Length: 68
Expires: 0

GET
DATA 200
OK truncated
/ Frame 9179 35 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 483d244f19d7105fd875ee8d01223fb50c32409a0a33e6998b0ab644bbdc4a62

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H2 404 082953afa5ab2800c33c7cc8e6b3bc13c29c767ddc8eba538cca95beb0c5dc2dd3058e25bdb43216f2cdcfcbda577ce3 Show response
web8636.web07.bero-webspace.de/TSPD/ Frame 9179 808 B
501 B 44ms
43ms XHR
text/html 109.71.253.24
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://web8636.web07.bero-webspace.de/TSPD/082953afa5ab2800c33c7cc8e6b3bc13c29c767ddc8eba538cca95beb0c5dc2dd3058e25bdb43216f2cdcfcbda577ce3?type=13
Requested by: Host: web8636.web07.bero-webspace.de
URL: https://web8636.web07.bero-webspace.de/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 109.71.253.24 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: web07.bero-host.de
Software: nginx /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://web8636.web07.bero-webspace.de/sca/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 14:39:22 GMT
content-encoding: br
last-modified: Sun, 18 Sep 2022 17:31:10 GMT
server: nginx
etag: W/"328-5e8f6f603e636"
content-type: text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: International Card Services (Financial)

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ultrashort.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0dd0ef9921b59aa3c6f029b0d6b6b04c
ultrashort.me/	1970-01-20 06:06:39	Name: short_35037 Value: 1
web8636.web07.bero-webspace.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: e0oqskvjlgs1138u0dsuqjflnq
web8636.web07.bero-webspace.de/	1970-01-20 06:06:40	Name: did_proxy Value: 1:zEUeQFVqXRrb1FthfkZ64J1LHpob1ksgZd7jHNpUxXxlq0gz2-i7oZP9U70asvhwgYSKXzVQArfJATAYu8N_bw
web8636.web07.bero-webspace.de/	1969-12-31 23:59:59	Name: BBN00000000102 Value: 082953afa5ab2800c33c7cc8e6b3bc13c29c767ddc8eba538cca95beb0c5dc2dd3058e25bdb43216f2cdcfcbda577ce30855cbc20f09d000e0fc3efda4c16f997efff101171578a816157133b4074ad79720b3e0441b3ac6cb2f60408310dc8ff7a3581290e37b6268c78bc0204dc59c90a6258bb54e3e3cc06fd22809faea9fff6d502f2e8164e00e63c6e663ef80275aedd0a8be0c3e10553a690544fd8b2b999f6e7edacf36c3f7f7646e265b3529f29ae7b7cda1406b933bf7de12ed97cdf4cb4a5550f0551500fb52d635039dceefcbc61219b03b27085091bf6e70f0b18387a1abab045f9dfb3ecdced9919581a05be1ea729440f3550869e93f37b5609c4a678645b60fdc

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://web8636.web07.bero-webspace.de/sca/polyfills.j.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://web8636.web07.bero-webspace.de/sca/runtime.j.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://web8636.web07.bero-webspace.de/webfiles/1656567843470/media/theme/ics-nl/js/3rdparty/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://web8636.web07.bero-webspace.de/TSPD/?type=21 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://web8636.web07.bero-webspace.de/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(Line 447) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
deprecation	warning	URL: https://web8636.web07.bero-webspace.de/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(Line 448) Message: The ScriptProcessorNode is deprecated. Use AudioWorkletNode instead. (https://bit.ly/audio-worklet)
other	warning	URL: https://web8636.web07.bero-webspace.de/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(Line 451) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://web8636.web07.bero-webspace.de/sca/082953afa5ab20006f75777cb90662b0ffb28e45a9f164326f7fce4f47eafb4914e54c5ed2b326cb(Line 452) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network	error	URL: https://web8636.web07.bero-webspace.de/TSPD/082953afa5ab2800c33c7cc8e6b3bc13c29c767ddc8eba538cca95beb0c5dc2dd3058e25bdb43216f2cdcfcbda577ce3?type=13 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

argus.arcot.com
pxlme.me
ultrashort.me
web8636.web07.bero-webspace.de
www.googletagmanager.com
109.71.253.24
128.199.176.54
199.101.153.209
2a00:1450:4001:800::2008
51.15.139.10
010877cc8f51a1623c13763c228ae9168cc4fd9e441348dd66029233834d6d89
076157b465fa93c42e7100a6e904d4bfe90e788f48a12e55419f3aa5ca2bb3e3
21caab764c78b5bef10d7d4d83c1a52c42aed38151c7ba791aad08c2bb416600
21caff9a36c2bc2c373c02d54cd9eb81c038aa16ec5f8a9f508fed87dfa1d59b
26e6a7b3caf0b044980820a1a26cd56a16efad9108fd14e7416bae2a2b76320b
483d244f19d7105fd875ee8d01223fb50c32409a0a33e6998b0ab644bbdc4a62
49646c016f4d29b0499b92cb483ceb98a3170c3aba81ae563acc2961bdc65484
525199a140d9c8ffc27e88b3923ac409187495c89bd22433d7b9a239fd095f0d
5322ac528a18aec9e61c48ed190763e9305c7011fa8c416b0889b0ac239ebbdc
5361e5d69a8cc45191113bb60dd851391c58c85b9197cda2c156834a21c69893
551adb05bca5625965bd33c60190c6afb9f00a5fe13ca6c18283129223a0e6b2
552f179b8856e5355d6d5865abf56d10af6a0e698c3a8ea2b5610c459fbe37a3
608612cd000271d2b9944308d2a696d84d4fb3326a94ad0b89695a7aaf025e23
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
69e81e13ae217c9a436756a0f91d43af57f3adb823ea36f94d33f03cb4694981
75af6860450b2595cd18ebad00dbf3927d9e494dfdbd12ceefcec15b2c03d84e
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
91dd5858585bcafd085ed3c7dbe9f3eb2329dc380b8a58caf174036c7a204349
9a82be9ca9d2048c1b5afd96731ffb2b8e9c25001b7e8ff8badb2d0d8f8d00f6
9b86e530307d396082ae6b004665b4b8a1dc7212f94f41e530c36bcc0cac3d70
ad7211417c487fff828204d17b260de32dbfecb1f34ec4cefec332174f912aed
aee0070713b543535d52633e18e27589267fafe5d40479afc8aa301092ba04be
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
b9705684eee0f9617ed62320f4a58eb9c9fa1f4e9a9eca2ba7713dfc4c354e4c
c9754e2939204ce3c34087950bb2f21bcbddf178d0feca0a72df3ab9ebdb8bb4
f9319a3cb3f94b3f15178b435645c53c01ff399253bb87377beae7557b83ad0f

web8636.web07.bero-webspace.de Open in urlscan Pro 109.71.253.24 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

20 %IPv6

5 Domains

5 Subdomains

4 IPs

4 Countries

3333 kBTransfer

4599 kBSize

5 Cookies

34 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

web8636.web07.bero-webspace.de Open in urlscan Pro
109.71.253.24 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

3333 kB
Transfer

4599 kB
Size

5
Cookies

30 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!