dib.govse.xyz Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dib.govse.xyz/
Submission: On March 27 via manual (March 27th 2022, 10:07:54 am UTC) from AE — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is dib.govse.xyz.
TLS certificate: Issued by E1 on February 10th 2022. Valid for: 3 months.

This is the only time dib.govse.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700:303... 2606:4700:3030::ac43:d6ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	5

5 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

dib.govse.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads2.govse.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::11 (United States)

ASN13335 (CLOUDFLARENET, US)

antibot2.xvideosindonesia.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:d6ea (United States)

ASN13335 (CLOUDFLARENET, US)

lp.isauctions.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	govse.xyz dib.govse.xyz ads2.govse.xyz	8 KB
4	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 620	62 KB
2	isauctions.site lp.isauctions.site	2 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	164 KB
1	xvideosindonesia.site antibot2.xvideosindonesia.site	785 B
14	5

	Domain	Requested by
4	maxcdn.bootstrapcdn.com	dib.govse.xyz
3	dib.govse.xyz	dib.govse.xyz
2	lp.isauctions.site	ads2.govse.xyz
2	code.jquery.com	dib.govse.xyz
2	ads2.govse.xyz	dib.govse.xyz
1	antibot2.xvideosindonesia.site	dib.govse.xyz
14	6

This site contains no links.

Subject Issuer	Validity	Valid
*.govse.xyz E1	`2022-02-10` - `2022-05-11`	3 months	crt.sh
*.xvideosindonesia.site E1	`2022-01-31` - `2022-05-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.isauctions.site E1	`2022-03-04` - `2022-06-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://dib.govse.xyz/
Frame ID: D673D2CB6E22652AFC7F40FB547ECF29
Requests: 8 HTTP requests in this frame

Frame: https://dib.govse.xyz/
Frame ID: D047871BE31503AFD1367396FD0FF4C8
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Accept Cookies and Privacy Policy

Page URL History Show full URLs

https://dib.govse.xyz/ Page URL
https://dib.govse.xyz/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

237 kB
Transfer

874 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dib.govse.xyz/ Page URL
https://dib.govse.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
dib.govse.xyz/ 6 KB
3 KB 176ms
126ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dib.govse.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a77f90496e9d01172d62572cfacff0165cf9c169cffc2ecf7d0daabf9c75a555

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 27 Mar 2022 10:07:50 GMT
content-type: text/html; charset=UTF-8
x-robots-tag: noindex
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate
link: <https://cloud.antibot.cloud/>; rel=dns-prefetch
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPpiN3lbm3UfFfMlg%2FlGqDAAygEmm80xvQnDR%2F7Tgm6umEd%2BpDj88odP1Mw2abjx4fSZvlAy3TwLKEaCYv68PE6%2FVzKsVgNPt208YCBmhL3IV0euODOgqKM5B%2BzChP%2FVrLoWMe%2BArhX3qCmt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f2752428cdd5a0d-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 ab.php
antibot2.xvideosindonesia.site/ 72 B
785 B 166ms
100ms XHR
text/html 2a06:98c1:3120::11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://antibot2.xvideosindonesia.site/ab.php
Requested by: Host: dib.govse.xyz
URL: https://dib.govse.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://dib.govse.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded;

Response headers

date: Sun, 27 Mar 2022 10:07:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f275243e80683ae-MXP
x-powered-cms: AntiBot.Cloud (See: https://antibot.cloud/)
access-control-allow-methods: POST
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FiE9Tqm1bsz8zfN8l1hOcwT%2BuAopehqS3LRr8dqex0q0yjlmf8CGLITYGTlsZNxEB1LO9J5HAEcrDDZims%2B132v2uSa2xi9hn%2Fuik%2FgXAozfF9YSRfr3xSixk0YEvlM0Yz%2Fv85BpCsl7CLqsV3UwsuXOtLMW9PfPXxFOAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
x-robots-tag: noindex
access-control-allow-headers: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 Primary Request / Show response
dib.govse.xyz/ 2 KB
2 KB 89ms
88ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dib.govse.xyz/
Requested by: Host: dib.govse.xyz
URL: https://dib.govse.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f1151ae1d59b8482e9d3ce50f0e0d99000fca54d731e5c1ef3b79d34c82a44f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dib.govse.xyz/

Response headers

date: Sun, 27 Mar 2022 10:07:50 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCWOWk5o2A2Z0zrjPQjZOVcW%2BMa25NImmD8QQpxZSU2de9L4pVHoxh%2B9uIh9GoKAM7lPNJZQHGBunKrSJtlnyNUKfXRRdKtqIIx1LVQUI%2BClQc81KENB48HQ12KzEmmkc0NL0PK17GUPrTEf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f2752449bc95a0d-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 56ms
21ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: dib.govse.xyz
URL: https://dib.govse.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dib.govse.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 10:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 28877200
cdn-cachedat: 2021-04-27 06:22:36
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 50092fe4c797ad922274e3acdbbeb3e4
cf-ray: 6f2752456a280219-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 adsense Show response
ads2.govse.xyz/ 210 B
543 B 459ms
448ms Script
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads2.govse.xyz/adsense
Requested by: Host: dib.govse.xyz
URL: https://dib.govse.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c139038c8fd5c15cb04fc753380c708b7cf1f4f805bc6fb4629fb069648ac5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dib.govse.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 10:07:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NehsxxPxcgE8yQGCcHwfBTXOhLIzuSau8y1XNTRaMy0IlciEDdKzQ7%2FhZ9yuvpVfGIAWi%2Bk8cliCM9AJ7Aun0UYM9RL2Vk%2F5R%2BmMqLI%2BCG6m16N9Quw209Bu%2F%2B1n%2F4Me2XAC2nOaY8N6P%2FWw3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 6f2752454d8b5a0d-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.js Show response
code.jquery.com/ 276 KB
82 KB 53ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery.js
Requested by: Host: dib.govse.xyz
URL: https://dib.govse.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dib.govse.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 10:07:50 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-4508e"
vary: Accept-Encoding
x-hw: 1648375670.dop141.fr8.t,1648375670.cds221.fr8.hn,1648375670.cds051.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 83875

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 36 KB
10 KB 59ms
25ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: dib.govse.xyz
URL: https://dib.govse.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dib.govse.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 10:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617, 617
age: 29242477
cdn-cachedat: 2021-04-23 01:03:34
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b2ed5088cf881a5bfc8320a836ee1790
cf-ray: 6f2752456a290219-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H2 200 popunder.js Show response
lp.isauctions.site/js/ 812 B
1 KB 87ms
30ms Script
application/javascript 2606:4700:3030::ac43:d6ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.isauctions.site/js/popunder.js
Requested by: Host: ads2.govse.xyz
URL: https://ads2.govse.xyz/adsense
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d6ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa

Request headers

Referer: https://dib.govse.xyz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 27 Mar 2022 10:07:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 May 2021 12:38:48 GMT
server: cloudflare
age: 717
etag: W/"60a506d8-32c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXAkrtyKowXdng3C3K8s699wQdTvkTOT4em2AcJBXKz0fXnuAJwUAmyLXhrDv8C3QKILIOnUG6H03FHnMCJ0zWatC7%2BKnRifKbqYQ05F1WlMYUz3RlCME1nYGhUiOCOBIVrqiVsqE0Y1YqPbPIuTwuA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f2752487dad3745-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 / Show response
dib.govse.xyz/ Frame D047 2 KB
2 KB 101ms
101ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dib.govse.xyz/
Requested by: Host: dib.govse.xyz
URL: https://dib.govse.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f1151ae1d59b8482e9d3ce50f0e0d99000fca54d731e5c1ef3b79d34c82a44f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dib.govse.xyz/

Response headers

date: Sun, 27 Mar 2022 10:07:51 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoGzruHkfwRfuxfQoptaiHH7N0qvGSvxhA%2F%2FrDKeKcmGPqzgNgPfZIrba50N7TmBTJiqZN9nH%2FNYHhfkh3srfl948mw7O%2F%2FQGkUXiK0IGkEueUcElvb9nyK%2FllSraQaLdzkizIaLny3XiI6x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f275248ab8b0dfe-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ Frame D047 118 KB
20 KB 51ms
27ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: dib.govse.xyz
URL: https://dib.govse.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dib.govse.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 10:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 28877201
cdn-cachedat: 2021-04-27 06:22:36
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 50092fe4c797ad922274e3acdbbeb3e4
cf-ray: 6f2752499bca2397-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H3 200 adsense Show response
ads2.govse.xyz/ Frame D047 310 B
805 B 658ms
656ms Script
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads2.govse.xyz/adsense
Requested by: Host: dib.govse.xyz
URL: https://dib.govse.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85be417b3365a01962be15a3a20392f8bbae2a02c0a697be9dcf3fe1938d82ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dib.govse.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 10:07:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FxIPhct2rCn6fEPmnJMEwe8%2Bnai8%2FMKABfszzqrYR7xX1NfkRNrL9lqCu4kSkT9mBClOEKwbMgIpXATHrRTKdgU6cfTxCIiclrkjgW%2FvTS%2BnMIB%2BHLFmzsigEsaUdwERHTQTX1pko8gLD%2BKadQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 6f2752497d0b0dfe-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.js Show response
code.jquery.com/ Frame D047 276 KB
82 KB 12ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery.js
Requested by: Host: dib.govse.xyz
URL: https://dib.govse.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dib.govse.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 10:07:51 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-4508e"
vary: Accept-Encoding
x-hw: 1648375671.dop141.fr8.t,1648375671.cds221.fr8.hn,1648375671.cds051.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 83875

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame D047 36 KB
11 KB 64ms
42ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: dib.govse.xyz
URL: https://dib.govse.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dib.govse.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 10:07:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617, 617
age: 29242478
cdn-cachedat: 2021-04-23 01:03:34
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b2ed5088cf881a5bfc8320a836ee1790
cf-ray: 6f2752499bcb2397-ZRH
cdn-requestcountrycode: CH
cdn-requestpullsuccess: True

GET
H3 200 popunder.js Show response
lp.isauctions.site/js/ Frame D047 812 B
1 KB 66ms
26ms Script
application/javascript 2606:4700:3030::ac43:d6ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.isauctions.site/js/popunder.js
Requested by: Host: ads2.govse.xyz
URL: https://ads2.govse.xyz/adsense
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:d6ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dib.govse.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 10:07:51 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 May 2021 12:38:48 GMT
server: cloudflare
age: 717
etag: W/"60a506d8-32c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rB1TuMR96Lbd8RIw7o5ixxPP%2BrM4KbAFKePLgiHILObuBEk9gB9U%2F%2F1utQfTFiNT0y2dpJ6FJbtVsA%2F45L3UEcPxq8yDxF3Pro8%2BShDBHPe11WSbbKcQXsnydDBZpF06Gug%2FbKd0rVarwEc19WBvzXU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400, no-transform
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f27524dcd5f3757-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dib.govse.xyz/	1970-01-20 10:38:31	Name: antibot_uid Value: 336dc7b767dbcd5d427e0bfb367d8b20
dib.govse.xyz/	1970-01-20 02:07:19	Name: antibot_country Value: DE
dib.govse.xyz/	1970-01-20 02:07:19	Name: antibot_lang Value: de
dib.govse.xyz/	1970-01-20 02:07:19	Name: antibot_ptr Value: 2001%3A0ac8%3A0020%3A0303%3A0000%3A0000%3A0000%3A203e
dib.govse.xyz/	1970-01-20 02:07:19	Name: antibot_99113083af6aa8eaaf1713110d002b17 Value: e3ff9c42e1126ec1d1bf291be41fd090
dib.govse.xyz/	1970-01-20 01:54:22	Name: antibot_referer Value: https%3A%2F%2Fdib.govse.xyz%2F
dib.govse.xyz/	1970-01-20 01:54:22	Name: antibot_unique_20220327 Value: 1
dib.govse.xyz/	1970-01-20 01:54:22	Name: antibot_hits Value: 3
ads2.govse.xyz/	1970-01-20 01:54:22	Name: qwerty_adsense Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ads2.govse.xyz/adsense Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lp.isauctions.site/js/popunder.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads2.govse.xyz/adsense Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://lp.isauctions.site/js/popunder.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads2.govse.xyz
antibot2.xvideosindonesia.site
code.jquery.com
dib.govse.xyz
lp.isauctions.site
maxcdn.bootstrapcdn.com
2001:4de0:ac18::1:a:1b
2606:4700:3030::ac43:d6ea
2606:4700::6812:acf
2a06:98c1:3120::11
2a06:98c1:3120::7
1f1151ae1d59b8482e9d3ce50f0e0d99000fca54d731e5c1ef3b79d34c82a44f
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
7c139038c8fd5c15cb04fc753380c708b7cf1f4f805bc6fb4629fb069648ac5f
85be417b3365a01962be15a3a20392f8bbae2a02c0a697be9dcf3fe1938d82ec
a77f90496e9d01172d62572cfacff0165cf9c169cffc2ecf7d0daabf9c75a555
e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

dib.govse.xyz Open in urlscan Pro 2a06:98c1:3120::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

100 %IPv6

5 Domains

6 Subdomains

5 IPs

2 Countries

237 kBTransfer

874 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

9 Cookies

2 Console Messages

Indicators

dib.govse.xyz Open in urlscan Pro
2a06:98c1:3120::7 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

237 kB
Transfer

874 kB
Size

9
Cookies

14 HTTP transactions
0 data transactions