urlscan.io logo urlscan.io
SecurityTrails logo

crimestress.wtf Open in urlscan Pro
45.138.200.5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://crimestress.wtf/
Effective URL: http://crimestress.wtf/login.php
Submission: On February 17 via manual from IE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 18 HTTP transactions. The main IP is 45.138.200.5, located in Italy and belongs to ASSERVEREASY, IT. The main domain is crimestress.wtf.
This is the only time crimestress.wtf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    45.138.200.5 (Italy)

ASN60798 (ASSERVEREASY, IT)
crimestress.wtf
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
2    2a00:1450:4001:814::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Domain Requested by
11 crimestress.wtf 2 redirects crimestress.wtf
2 www.google-analytics.com www.googletagmanager.com
crimestress.wtf
2 www.google.com crimestress.wtf
www.gstatic.com
1 www.googletagmanager.com crimestress.wtf
1 www.gstatic.com www.google.com
1 fonts.gstatic.com crimestress.wtf
1 i.imgur.com crimestress.wtf
1 fonts.googleapis.com crimestress.wtf
18 8

This site contains no links.

Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.imgur.com
DigiCert SHA2 Secure Server CA		 2020-01-15 -
2022-03-16		 2 years crt.sh
www.google.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://crimestress.wtf/login.php
Frame ID: 01234E19BA2438E198B5BC6CD9F92EE7
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldbtr8UAAAAAFs8_E5DyhKeNDxsVOfe0NnxYQuk&co=aHR0cDovL2NyaW1lc3RyZXNzLnd0Zjo4MA..&hl=en&v=JZfekeK8w6ZlhLfH_ZyseSLX&size=invisible&cb=7ziozs4veyvk
Frame ID: 158F5814E484506BE9F933C64464C001
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://crimestress.wtf/ Page URL
  2. http://crimestress.wtf/nooder-cgi/recaptcha/verify?a=03AOLTBLSeYkK5fJk4At2P3cwJyIq9EKbT6PeeQjJvhHyx... HTTP 307
    http://crimestress.wtf/ HTTP 302
    http://crimestress.wtf/login.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

18
Requests

50 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

275 kB
Transfer

528 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://crimestress.wtf/ Page URL
  2. http://crimestress.wtf/nooder-cgi/recaptcha/verify?a=03AOLTBLSeYkK5fJk4At2P3cwJyIq9EKbT6PeeQjJvhHyxoZSzFp3fJ0uBI7u2kMgwyaatzQVf_xJNrQrXCn0OgBDYsYdQV_XQtRICI3xZQlGE0aOJSTlWY2aPPHdn4oFz2UIaURRfBWE5CPNOY2J5RGdcFRraPB5yPo8SnImCiqLlwX6FuYQfUcqq7rFkfWMaDvuUHSiFxACpscWVz15uOiBr8b8k1P0qknY5TJwuxQv1kAVA4fqDAI582pI-5QBRcw3cW5LgJy0S6B6_IUc6AeepeknaQEcClXTZy6JA697FgJqYmTWStXhRraOR1k4rTM9ka8a61fhL-T7J3rCTiHPISn7BC99wlnjnLzlrmso2AY3EI0ppT3RKyAohj_EQm_m1V5ahfOEh0x9N6Vl9MhKbngpq9nRa4w HTTP 307
    http://crimestress.wtf/ HTTP 302
    http://crimestress.wtf/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
crimestress.wtf/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://crimestress.wtf/
Protocol
HTTP/1.1
Server
45.138.200.5 , Italy, ASN60798 (ASSERVEREASY, IT),
Reverse DNS
Software
nginx /
Resource Hash
536522af663f818bcf13239bcbaafe554752fea140d659372e51064aa0e7eef7

Request headers

Host
crimestress.wtf
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Mon, 17 Feb 2020 10:08:55 GMT
Content-Type
text/html
Content-Length
3070
Connection
keep-alive
Cache-Control
no-cache max-age=0
css
fonts.googleapis.com/ 		1 KB
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Yantramanav:100
Requested by
Host: crimestress.wtf
URL: http://crimestress.wtf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0b5b19426281d7abb4e88c6590a6a65451f44baa1293f40df9986829f0477a5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 17 Feb 2020 10:05:03 GMT
server
ESF
date
Mon, 17 Feb 2020 10:05:03 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 17 Feb 2020 10:05:03 GMT
3DArUXj.png
i.imgur.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/3DArUXj.png
Requested by
Host: crimestress.wtf
URL: http://crimestress.wtf/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9f1c28b1c0b99876eed9e5de5b40c0ea8a2bd355566b36928a4bca8a24b8240a

Request headers

Referer
http://crimestress.wtf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 17 Feb 2020 10:05:03 GMT
age
2860410
x-cache
HIT, HIT
status
200
content-length
2717
x-served-by
cache-bwi5149-BWI, cache-hhn4034-HHN
last-modified
Wed, 15 May 2019 21:26:58 GMT
server
cat factory 1.0
x-timer
S1581933903.110110,VS0,VE1
etag
"582f2aefc8d8e1905517fcd1b7313a9d"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1, 1
api.js
www.google.com/recaptcha/ 		708 B
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Ldbtr8UAAAAAFs8_E5DyhKeNDxsVOfe0NnxYQuk
Requested by
Host: crimestress.wtf
URL: http://crimestress.wtf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3c1896b6ed2bb7e8e3e284d67460374c5a53fc4d05bf6a5c8ee30e8fb47f503e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://crimestress.wtf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 10:05:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
475
x-xss-protection
1; mode=block
expires
Mon, 17 Feb 2020 10:05:03 GMT
flU-Rqu5zY00QEpyWJYWN5-QbeR5DTw2vZk.woff2
fonts.gstatic.com/s/yantramanav/v5/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/yantramanav/v5/flU-Rqu5zY00QEpyWJYWN5-QbeR5DTw2vZk.woff2
Requested by
Host: crimestress.wtf
URL: http://crimestress.wtf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63eee649ce5ef983463fafde19cfa2121a2e65dabdd07546b285739c72e5a7c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Yantramanav:100
Origin
http://crimestress.wtf
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 10:08:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 03:28:58 GMT
server
sffe
age
2159807
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
10232
x-xss-protection
0
expires
Fri, 22 Jan 2021 10:08:16 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/JZfekeK8w6ZlhLfH_ZyseSLX/ 		259 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/JZfekeK8w6ZlhLfH_ZyseSLX/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Ldbtr8UAAAAAFs8_E5DyhKeNDxsVOfe0NnxYQuk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c32303ef7ad0a14c7c2b4f4af7211c93ab5b1f17b7804027861c1829e727e1ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://crimestress.wtf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 10 Feb 2020 18:21:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 10 Feb 2020 05:05:24 GMT
server
sffe
age
575039
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
95032
x-xss-protection
0
expires
Tue, 09 Feb 2021 18:21:04 GMT
anchor
www.google.com/recaptcha/api2/ Frame 158F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ldbtr8UAAAAAFs8_E5DyhKeNDxsVOfe0NnxYQuk&co=aHR0cDovL2NyaW1lc3RyZXNzLnd0Zjo4MA..&hl=en&v=JZfekeK8w6ZlhLfH_ZyseSLX&size=invisible&cb=7ziozs4veyvk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/JZfekeK8w6ZlhLfH_ZyseSLX/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aqyZ4KICg/732DNBqO71ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Ldbtr8UAAAAAFs8_E5DyhKeNDxsVOfe0NnxYQuk&co=aHR0cDovL2NyaW1lc3RyZXNzLnd0Zjo4MA..&hl=en&v=JZfekeK8w6ZlhLfH_ZyseSLX&size=invisible&cb=7ziozs4veyvk
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://crimestress.wtf/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://crimestress.wtf/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 17 Feb 2020 10:05:03 GMT
content-security-policy
script-src 'report-sample' 'nonce-aqyZ4KICg/732DNBqO71ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9263
server
GSE
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
check.js
crimestress.wtf/nooder-cgi/recaptcha/ 		16 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://crimestress.wtf/nooder-cgi/recaptcha/check.js
Requested by
Host: crimestress.wtf
URL: http://crimestress.wtf/
Protocol
HTTP/1.1
Server
45.138.200.5 , Italy, ASN60798 (ASSERVEREASY, IT),
Reverse DNS
Software
nginx /
Resource Hash
d6fb455d0c62ea2fe8b47a67302423dc7f767591ec6a4430943b186648ecf01b

Request headers

Referer
http://crimestress.wtf/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 10:08:55 GMT
Cache-Control
no-cache, max-age=0
Server
nginx
Connection
keep-alive
Content-Length
16854
Content-Type
application/javascript
Primary Request login.php
crimestress.wtf/
Redirect Chain
  • http://crimestress.wtf/nooder-cgi/recaptcha/verify?a=03AOLTBLSeYkK5fJk4At2P3cwJyIq9EKbT6PeeQjJvhHyxoZSzFp3fJ0uBI7u2kMgwyaatzQVf_xJNrQrXCn0OgBDYsYdQV_XQtRICI3xZQlGE0aOJSTlWY2aPPHdn4oFz2UIaURRfBWE5CP...
  • http://crimestress.wtf/
  • http://crimestress.wtf/login.php
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://crimestress.wtf/login.php
Requested by
Host: crimestress.wtf
URL: http://crimestress.wtf/
Protocol
HTTP/1.1
Server
45.138.200.5 , Italy, ASN60798 (ASSERVEREASY, IT),
Reverse DNS
Software
nginx /
Resource Hash
3790c141e27313410857b2f7c91eab664a5c2a4634a339ff86c6bb2a4a825aac

Request headers

Host
crimestress.wtf
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://crimestress.wtf/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
NOODER_JA=1581934135; NOODER_JU=13157246957816318716; NOODER_JO=16764099489362339914; NOODER_JE=13070135241226866423; PHPSESSID=b406ufchq2e57728lr9q9nlev0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://crimestress.wtf/

Response headers

Server
nginx
Date
Mon, 17 Feb 2020 10:08:56 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1351
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 17 Feb 2020 10:08:56 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Set-Cookie
PHPSESSID=b406ufchq2e57728lr9q9nlev0; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
login.php
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-80283595-2
Requested by
Host: crimestress.wtf
URL: http://crimestress.wtf/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ae65990c3716b417da1005130f991479d3d0739f294c0e60c40cfd86b8d9bd6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://crimestress.wtf/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 17 Feb 2020 10:05:03 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28495
x-xss-protection
0
last-modified
Mon, 17 Feb 2020 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 17 Feb 2020 10:05:03 GMT
style.css
crimestress.wtf/css/ 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://crimestress.wtf/css/style.css
Requested by
Host: crimestress.wtf
URL: http://crimestress.wtf/login.php
Protocol
HTTP/1.1
Server
45.138.200.5 , Italy, ASN60798 (ASSERVEREASY, IT),
Reverse DNS
Software
nginx /
Resource Hash
0122800188cb12c752c5bf1b9e12af04a32cf81bb1a33ef29b1ed1cf1dde6888

Request headers

Referer
http://crimestress.wtf/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 10:08:56 GMT
Content-Encoding
gzip
Last-Modified
Sun, 02 Feb 2020 08:19:19 GMT
Server
nginx
ETag
"3abe-59d9376a1805f-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1722
bg.png
crimestress.wtf/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://crimestress.wtf/images/bg.png
Requested by
Host: crimestress.wtf
URL: http://crimestress.wtf/login.php
Protocol
HTTP/1.1
Server
45.138.200.5 , Italy, ASN60798 (ASSERVEREASY, IT),
Reverse DNS
Software
nginx /
Resource Hash
bb9231916d7d6cbaeea32bbcc04c5721fc22f05afcb4a6000d47a2d785c377ee

Request headers

Referer
http://crimestress.wtf/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 10:08:56 GMT
Last-Modified
Sun, 02 Feb 2020 07:34:45 GMT
Server
nginx
ETag
"2392-59d92d7385f60"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9106
1.png
crimestress.wtf/images/ 		277 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://crimestress.wtf/images/1.png
Requested by
Host: crimestress.wtf
URL: http://crimestress.wtf/login.php
Protocol
HTTP/1.1
Server
45.138.200.5 , Italy, ASN60798 (ASSERVEREASY, IT),
Reverse DNS
Software
nginx /
Resource Hash
298250571e2e670c6ddcc225379354d5b917c80a5f4c201485a6aafa87d49442

Request headers

Referer
http://crimestress.wtf/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 10:08:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
277
Content-Type
text/html; charset=iso-8859-1
Oswald-Regular.ttf
crimestress.wtf/fonts/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://crimestress.wtf/fonts/Oswald-Regular.ttf
Requested by
Host: crimestress.wtf
URL: http://crimestress.wtf/login.php
Protocol
HTTP/1.1
Server
45.138.200.5 , Italy, ASN60798 (ASSERVEREASY, IT),
Reverse DNS
Software
nginx /
Resource Hash
cce43fdf41f6092c71f3c1b14147e3571f3499eb85132aa6a11beb7e7316741e

Request headers

Origin
http://crimestress.wtf
Referer
http://crimestress.wtf/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 10:08:56 GMT
Last-Modified
Sun, 02 Feb 2020 07:34:44 GMT
Server
nginx
ETag
"c700-59d92d7320a47"
Content-Type
application/font-sfnt
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50944
2.png
crimestress.wtf/images/ 		277 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://crimestress.wtf/images/2.png
Requested by
Host: crimestress.wtf
URL: http://crimestress.wtf/login.php
Protocol
HTTP/1.1
Server
45.138.200.5 , Italy, ASN60798 (ASSERVEREASY, IT),
Reverse DNS
Software
nginx /
Resource Hash
298250571e2e670c6ddcc225379354d5b917c80a5f4c201485a6aafa87d49442

Request headers

Referer
http://crimestress.wtf/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 10:08:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
277
Content-Type
text/html; charset=iso-8859-1
Bangers.ttf
crimestress.wtf/fonts/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://crimestress.wtf/fonts/Bangers.ttf
Requested by
Host: crimestress.wtf
URL: http://crimestress.wtf/login.php
Protocol
HTTP/1.1
Server
45.138.200.5 , Italy, ASN60798 (ASSERVEREASY, IT),
Reverse DNS
Software
nginx /
Resource Hash
321ffd247939d12810b05472fb87e2bdac3fb8fcb430d1817b934b3ad55caf40

Request headers

Origin
http://crimestress.wtf
Referer
http://crimestress.wtf/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 17 Feb 2020 10:08:56 GMT
Last-Modified
Sun, 02 Feb 2020 07:34:44 GMT
Server
nginx
ETag
"9afc-59d92d7353e97"
Content-Type
application/font-sfnt
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39676
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-80283595-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://crimestress.wtf/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
5491
date
Mon, 17 Feb 2020 08:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Mon, 17 Feb 2020 10:33:32 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=2000987438&t=pageview&_s=1&dl=http%3A%2F%2Fcrimestress.wtf%2Flogin.php&ul=en-us&de=UTF-8&dt=CrimeStress.WTF%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1470588684&gjid=843122981&cid=1281780855.1581933904&tid=UA-80283595-2&_gid=746641527.1581933904&_r=1&gtm=2ou250&z=1714891458
Requested by
Host: crimestress.wtf
URL: http://crimestress.wtf/login.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://crimestress.wtf/login.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 17 Feb 2020 10:05:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer function| hideURLbar object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

8 Cookies

Domain/Path Name / Value
.crimestress.wtf/ Name: _gid
Value: GA1.2.746641527.1581933904
.crimestress.wtf/ Name: _ga
Value: GA1.2.1281780855.1581933904
.crimestress.wtf/ Name: NOODER_JE
Value: 13070135241226866423
crimestress.wtf/ Name: PHPSESSID
Value: b406ufchq2e57728lr9q9nlev0
.crimestress.wtf/ Name: NOODER_JO
Value: 16764099489362339914
.crimestress.wtf/ Name: NOODER_JU
Value: 13157246957816318716
.crimestress.wtf/ Name: _gat_gtag_UA_80283595_2
Value: 1
.crimestress.wtf/ Name: NOODER_JA
Value: 1581934135

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

crimestress.wtf
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
151.101.112.193
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::200a
2a00:1450:4001:814::2004
2a00:1450:4001:819::2003
45.138.200.5
0122800188cb12c752c5bf1b9e12af04a32cf81bb1a33ef29b1ed1cf1dde6888
0b5b19426281d7abb4e88c6590a6a65451f44baa1293f40df9986829f0477a5a
298250571e2e670c6ddcc225379354d5b917c80a5f4c201485a6aafa87d49442
321ffd247939d12810b05472fb87e2bdac3fb8fcb430d1817b934b3ad55caf40
3790c141e27313410857b2f7c91eab664a5c2a4634a339ff86c6bb2a4a825aac
3c1896b6ed2bb7e8e3e284d67460374c5a53fc4d05bf6a5c8ee30e8fb47f503e
536522af663f818bcf13239bcbaafe554752fea140d659372e51064aa0e7eef7
63eee649ce5ef983463fafde19cfa2121a2e65dabdd07546b285739c72e5a7c3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9f1c28b1c0b99876eed9e5de5b40c0ea8a2bd355566b36928a4bca8a24b8240a
ae65990c3716b417da1005130f991479d3d0739f294c0e60c40cfd86b8d9bd6d
bb9231916d7d6cbaeea32bbcc04c5721fc22f05afcb4a6000d47a2d785c377ee
c32303ef7ad0a14c7c2b4f4af7211c93ab5b1f17b7804027861c1829e727e1ad
cce43fdf41f6092c71f3c1b14147e3571f3499eb85132aa6a11beb7e7316741e
d6fb455d0c62ea2fe8b47a67302423dc7f767591ec6a4430943b186648ecf01b
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d