URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Submission: On June 13 via manual from CZ

Summary

This website contacted 14 IPs in 5 countries across 11 domains to perform 24 HTTP transactions. The main IP is 104.25.39.29, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.geocities.ws.
This is the only time www.geocities.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.25.39.29 13335 (CLOUDFLAR...)
1 104.25.38.29 13335 (CLOUDFLAR...)
2 2 98.139.206.27 26101 (YAHOO-3)
2 4 98.139.28.144 26101 (YAHOO-3)
2 167.114.92.64 16276 (OVH)
1 2.16.186.48 20940 (AKAMAI-ASN1)
1 2.16.186.96 20940 (AKAMAI-ASN1)
1 77.238.185.34 34010 (YAHOO-IRD)
2 6 172.217.22.14 15169 (GOOGLE)
1 188.72.202.154 35415 (WEBZILLA)
1 1 188.72.202.166 35415 (WEBZILLA)
1 194.187.98.167 35415 (WEBZILLA)
2 173.194.76.154 15169 (GOOGLE)
4 188.72.213.138 35415 (WEBZILLA)
1 188.72.202.155 35415 (WEBZILLA)
24 14
Domain Requested by
6 www.google-analytics.com 2 redirects www.geocities.ws
4 pushwhy.com defpush.com
www.geocities.ws
4 smallbusiness.yahoo.com 2 redirects www.geocities.ws
3 www.geocities.ws www.geocities.ws
2 stats.g.doubleclick.net www.geocities.ws
2 defpush.com www.geocities.ws
2 ad.broadcaststation.net www.geocities.ws
2 www.geocities.com 2 redirects
1 deloton.com www.geocities.ws
1 go.oclaserver.com 1 redirects
1 geo.yahoo.com www.geocities.ws
1 us.js2.yimg.com www.geocities.ws
1 us.i1.yimg.com www.geocities.ws
0 visit.geocities.com Failed www.geocities.ws
24 14

This site contains links to these domains. Also see Links.

Domain
ad.broadcaststation.net
www.geocities.com
Subject Issuer Validity Valid

This page contains 2 frames:

Primary Page: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Frame ID: 826173CB5E24A3E9E745758F734DEC5E
Requests: 24 HTTP requests in this frame

Frame: data://truncated
Frame ID: 1AE62883B151055CE73EC913FA839042
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Page Statistics

24
Requests

0 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

14
IPs

5
Countries

239 kB
Transfer

477 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://www.geocities.com/axisbio/Haselmayr-Fritz.jpg HTTP 302
  • https://smallbusiness.yahoo.com/geocities HTTP 301
  • https://smallbusiness.yahoo.com/websites
Request Chain 3
  • http://www.geocities.com/pictures/whiteball.gif HTTP 302
  • https://smallbusiness.yahoo.com/geocities HTTP 301
  • https://smallbusiness.yahoo.com/websites
Request Chain 8
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 10
  • http://go.oclaserver.com/apu.php?zoneid=1014680 HTTP 302
  • http://deloton.com/apu.php?zoneid=1014680
Request Chain 11
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1778406406&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Generalleutnant%20Fritz%20(Friedrich)%20Haselmayr&utmhid=2040078229&utmr=-&utmp=%2Forion47.geo%2FWEHRMACHT%2FHEER%2FGeneralleutnant%2FHASELMAYR_FRITZ.html&utmht=1528870078533&utmac=UA-26341965-1&utmcc=__utma%3D91465669.893718938.1528870079.1528870079.1528870079.1%3B%2B__utmz%3D91465669.1528870079.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2100063333&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1778406406&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Generalleutnant%20Fritz%20(Friedrich)%20Haselmayr&utmhid=2040078229&utmr=-&utmp=%2Forion47.geo%2FWEHRMACHT%2FHEER%2FGeneralleutnant%2FHASELMAYR_FRITZ.html&utmht=1528870078533&utmac=UA-26341965-1&utmcc=__utma%3D91465669.893718938.1528870079.1528870079.1528870079.1%3B%2B__utmz%3D91465669.1528870079.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2100063333&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26341965-1&cid=893718938.1528870079&jid=2100063333&_v=5.7.2&z=1778406406
Request Chain 19
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 20
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=236844327&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Generalleutnant%20Fritz%20(Friedrich)%20Haselmayr&utmhid=2040078229&utmr=-&utmp=%2Forion47.geo%2FWEHRMACHT%2FHEER%2FGeneralleutnant%2FHASELMAYR_FRITZ.html&utmht=1528870084096&utmac=UA-26341965-1&utmcc=__utma%3D91465669.2046217985.1528870079.1528870079.1528870079.1%3B%2B__utmz%3D91465669.1528870079.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1563860595&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAgE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=236844327&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Generalleutnant%20Fritz%20(Friedrich)%20Haselmayr&utmhid=2040078229&utmr=-&utmp=%2Forion47.geo%2FWEHRMACHT%2FHEER%2FGeneralleutnant%2FHASELMAYR_FRITZ.html&utmht=1528870084096&utmac=UA-26341965-1&utmcc=__utma%3D91465669.2046217985.1528870079.1528870079.1528870079.1%3B%2B__utmz%3D91465669.1528870079.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1563860595&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAgE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26341965-1&cid=2046217985.1528870079&jid=1563860595&_v=5.7.2&z=236844327
Request Chain 22
  • http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=901326829&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Generalleutnant%20Fritz%20(Friedrich)%20Haselmayr&utmhid=2040078229&utmr=-&utmp=%2Forion47.geo%2FWEHRMACHT%2FHEER%2FGeneralleutnant%2FHASELMAYR_FRITZ.html&utmht=1528870084102&utmac=UA-26341965-1&utmcc=__utma%3D91465669.2046217985.1528870079.1528870079.1528870079.1%3B%2B__utmz%3D91465669.1528870079.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qBAAAAAAAAAAAAAAAAAAAAgE~ HTTP 307
  • https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=901326829&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Generalleutnant%20Fritz%20(Friedrich)%20Haselmayr&utmhid=2040078229&utmr=-&utmp=%2Forion47.geo%2FWEHRMACHT%2FHEER%2FGeneralleutnant%2FHASELMAYR_FRITZ.html&utmht=1528870084102&utmac=UA-26341965-1&utmcc=__utma%3D91465669.2046217985.1528870079.1528870079.1528870079.1%3B%2B__utmz%3D91465669.1528870079.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qBAAAAAAAAAAAAAAAAAAAAgE~
Request Chain 23
  • http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=447820497&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Generalleutnant%20Fritz%20(Friedrich)%20Haselmayr&utmhid=2040078229&utmr=-&utmp=%2Forion47.geo%2FWEHRMACHT%2FHEER%2FGeneralleutnant%2FHASELMAYR_FRITZ.html&utmht=1528870084107&utmac=UA-26341965-1&utmcc=__utma%3D91465669.2046217985.1528870079.1528870079.1528870079.1%3B%2B__utmz%3D91465669.1528870079.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qBAAAAAAAAAAAAAAAAAAAAgE~ HTTP 307
  • https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=447820497&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Generalleutnant%20Fritz%20(Friedrich)%20Haselmayr&utmhid=2040078229&utmr=-&utmp=%2Forion47.geo%2FWEHRMACHT%2FHEER%2FGeneralleutnant%2FHASELMAYR_FRITZ.html&utmht=1528870084107&utmac=UA-26341965-1&utmcc=__utma%3D91465669.2046217985.1528870079.1528870079.1528870079.1%3B%2B__utmz%3D91465669.1528870079.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qBAAAAAAAAAAAAAAAAAAAAgE~

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set HASELMAYR_FRITZ.html
www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/
13 KB
4 KB
Document
General
Full URL
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
HTTP/1.1
Server
104.25.39.29 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geocities.ws/5.1
Resource Hash
597219f0a98514f2215aa6689c8f43567c401858078a55fe098d9337e403b300

Request headers

Host
www.geocities.ws
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
826173CB5E24A3E9E745758F734DEC5E

Response headers

Date
Wed, 13 Jun 2018 06:07:58 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=da4a8d1ec69c2b5efd5c85c1659f66c1a1528870078; expires=Thu, 13-Jun-19 06:07:58 GMT; path=/; domain=.geocities.ws; HttpOnly
Last-Modified
Sat, 02 Apr 2011 17:46:49 GMT
X-Powered-By
Geocities.ws/5.1
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
42a2614655532726-FRA
Content-Encoding
gzip
policy.js
www.geocities.ws/js/
5 KB
2 KB
Script
General
Full URL
http://www.geocities.ws/js/policy.js
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
HTTP/1.1
Server
104.25.39.29 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
44a77de88909aaac7f6a23fa657bc022594ed97995541554d56bc2f41b91d051

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.geocities.ws
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Cookie
__cfduid=da4a8d1ec69c2b5efd5c85c1659f66c1a1528870078
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 13 Jun 2018 06:07:58 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sat, 25 May 2013 23:21:15 GMT
Server
cloudflare
ETag
W/"151b-4dd932c0070c0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
42a26146955c2726-FRA
Expires
Wed, 13 Jun 2018 10:07:58 GMT
AdBoxDiv.js
www.geocities.ws/js/
2 KB
1 KB
Script
General
Full URL
http://www.geocities.ws/js/AdBoxDiv.js
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
HTTP/1.1
Server
104.25.38.29 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
09019e21df914daf81f439eea8c12f9093aaa83fbf6bfe28d49737b5817c5b18

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.geocities.ws
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Cookie
__cfduid=da4a8d1ec69c2b5efd5c85c1659f66c1a1528870078
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 13 Jun 2018 06:07:58 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Sun, 16 Apr 2017 22:56:26 GMT
Server
cloudflare
ETag
W/"63b-54d50959a3a8d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
42a2614695bb26b4-FRA
Expires
Wed, 13 Jun 2018 10:07:58 GMT
websites
smallbusiness.yahoo.com/
Redirect Chain
  • http://www.geocities.com/axisbio/Haselmayr-Fritz.jpg
  • https://smallbusiness.yahoo.com/geocities
  • https://smallbusiness.yahoo.com/websites
0
11 KB
Image
General
Full URL
https://smallbusiness.yahoo.com/websites
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
HTTP/1.1
Server
98.139.28.144 Sunnyvale, United States, ASN26101 (YAHOO-3 - Yahoo!, US),
Reverse DNS
ats2.sbs.vip.bf1.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8

Redirect headers

Date
Wed, 13 Jun 2018 06:07:59 GMT
X-Content-Type-Options
nosniff
Age
1
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
ATS
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Public-Key-Pins-Report-Only
includeSubDomains; max-age=2592000; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc=";
Location
/websites
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
websites
smallbusiness.yahoo.com/
Redirect Chain
  • http://www.geocities.com/pictures/whiteball.gif
  • https://smallbusiness.yahoo.com/geocities
  • https://smallbusiness.yahoo.com/websites
0
10 KB
Image
General
Full URL
https://smallbusiness.yahoo.com/websites
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
HTTP/1.1
Server
98.139.28.144 Sunnyvale, United States, ASN26101 (YAHOO-3 - Yahoo!, US),
Reverse DNS
ats2.sbs.vip.bf1.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8

Redirect headers

Date
Wed, 13 Jun 2018 06:07:59 GMT
X-Content-Type-Options
nosniff
Age
1
X-DNS-Prefetch-Control
off
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
ATS
X-Frame-Options
SAMEORIGIN
X-Download-Options
noopen
Strict-Transport-Security
max-age=10886400; includeSubDomains; preload
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Public-Key-Pins-Report-Only
includeSubDomains; max-age=2592000; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc=";
Location
/websites
Cache-Control
no-cache, no-store, must-revalidate
Expires
0
show_ad.php
ad.broadcaststation.net/ads/
242 B
424 B
Script
General
Full URL
http://ad.broadcaststation.net/ads/show_ad.php?width=728&height=90
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
HTTP/1.1
Server
167.114.92.64 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
29fdab94f9e1238fe9489d45abc34b204569c299ad4c0f4f22118243caea83c0

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 13 Jun 2018 06:08:04 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
188
mc.js
us.i1.yimg.com/us.yimg.com/i/mc/
407 B
783 B
Script
General
Full URL
http://us.i1.yimg.com/us.yimg.com/i/mc/mc.js
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
HTTP/1.1
Server
2.16.186.48 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-48.deploy.static.akamaitechnologies.com
Software
ATS /
Resource Hash
8022d68654d34a401d4a8d13023a472035b5150f2a628eed724a596b0730ee20

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 13 Jun 2018 06:07:58 GMT
Content-Encoding
gzip
x-ysws-request-id
781ac3b1-057d-4bc7-a361-cb9251d5d5b5
Server
ATS
ETag
"YM:1:2fad834a-7fea-413e-9b28-1117eedfc01e0004ce766f8936c1-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=301552257
Last-Modified
Wed, 14 Nov 2012 15:46:19 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
242
x-ysws-visited-replicas
gops.use44.mobstor.vip.bf1.yahoo.com
Expires
Sun, 02 Jan 2028 10:38:55 GMT
geov2_001.js
us.js2.yimg.com/us.js.yimg.com/lib/smb/js/hosting/cp/js_source/
662 B
915 B
Script
General
Full URL
http://us.js2.yimg.com/us.js.yimg.com/lib/smb/js/hosting/cp/js_source/geov2_001.js
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
HTTP/1.1
Server
2.16.186.96 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-96.deploy.static.akamaitechnologies.com
Software
ATS /
Resource Hash
64f47331ad7caca4dfba34c15bb08a7a7b049e8b10c6fc87ce607c2407660fac

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 13 Jun 2018 06:07:58 GMT
Content-Encoding
gzip
x-ysws-request-id
22598e46-0543-45cd-b551-182036c431aa
Server
ATS
ETag
"YM:1:d10eb7ff-c067-4f93-8ce1-225247fdf8aa0004ce6f6df7f39a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=293062091
Last-Modified
Wed, 14 Nov 2012 07:24:48 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
374
x-ysws-visited-replicas
gops.use44.mobstor.vip.bf1.yahoo.com
Expires
Sun, 26 Sep 2027 04:16:09 GMT
serv
geo.yahoo.com/
43 B
753 B
Image
General
Full URL
http://geo.yahoo.com/serv?s=76001544&t=1255889762&f=us-w2
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
HTTP/1.1
Server
77.238.185.34 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
media-router-brb1.prod.media.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jun 2018 06:07:58 GMT
Via
http/1.1 media-router-omega32.prod.media.ir2.yahoo.com (ApacheTrafficServer [cMsSf ]), http/1.1 media-router-brb15.prod.media.ir2.yahoo.com (ApacheTrafficServer [cMsSf ])
Server
ATS
Age
0
P3P
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
Cache-Control
no-cache, no-store, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
SPDY
Server
172.217.22.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
3928
date
Wed, 13 Jun 2018 05:02:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
17168
expires
Wed, 13 Jun 2018 07:02:30 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
ntfc.php
defpush.com/
154 KB
63 KB
Script
General
Full URL
http://defpush.com/ntfc.php?p=1560422
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
HTTP/1.1
Server
188.72.202.154 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
5adbc28fff0ad4bb1ad01ffe1ddab59c4ad5105a7eae85e0ba663a096378ea37

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jun 2018 06:07:56 GMT
Content-Encoding
gzip
Server
nginx
Timing-Allow-Origin
*, *
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Type
application/javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT
apu.php
deloton.com/
Redirect Chain
  • http://go.oclaserver.com/apu.php?zoneid=1014680
  • http://deloton.com/apu.php?zoneid=1014680
1 KB
2 KB
Script
General
Full URL
http://deloton.com/apu.php?zoneid=1014680
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
HTTP/1.1
Server
194.187.98.167 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
194.187.98.167.webazilla.com
Software
nginx /
Resource Hash
187315db6ba2bab1857b3ca42e6490bb5a57e9a4a307ac3d5d54c42f24c1b576
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jun 2018 06:07:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Timing-Allow-Origin
*, *
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Strict-Transport-Security
max-age=1
Content-Type
application/x-javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 13 Jun 2018 06:07:58 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
text/html
Location
http://deloton.com/apu.php?zoneid=1014680
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
154
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1778406406&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1778406406&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&ut...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26341965-1&cid=893718938.1528870079&jid=2100063333&_v=5.7.2&z=1778406406
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26341965-1&cid=893718938.1528870079&jid=2100063333&_v=5.7.2&z=1778406406
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
SPDY
Server
173.194.76.154 Portage, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ws-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 13 Jun 2018 06:07:58 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Jun 2018 06:07:58 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26341965-1&cid=893718938.1528870079&jid=2100063333&_v=5.7.2&z=1778406406
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
370
expires
Fri, 01 Jan 1990 00:00:00 GMT
custom
pushwhy.com/
0
346 B
XHR
General
Full URL
https://pushwhy.com/custom
Requested by
Host: defpush.com
URL: http://defpush.com/ntfc.php?p=1560422
Protocol
HTTP/1.1
Server
188.72.213.138 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
http://www.geocities.ws
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Wed, 13 Jun 2018 06:07:56 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Origin
http://www.geocities.ws
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
custom
pushwhy.com/
38 B
443 B
XHR
General
Full URL
https://pushwhy.com/custom
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
HTTP/1.1
Server
188.72.213.138 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
304fbd687c9b643bc952d93966b7afd853255ee039f8333da2752b226ed0709c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Origin
http://www.geocities.ws
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/json

Response headers

Date
Wed, 13 Jun 2018 06:07:56 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://www.geocities.ws
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
38
custom
pushwhy.com/
0
346 B
XHR
General
Full URL
https://pushwhy.com/custom
Requested by
Host: defpush.com
URL: http://defpush.com/ntfc.php?p=1560422
Protocol
HTTP/1.1
Server
188.72.213.138 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
http://www.geocities.ws
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Wed, 13 Jun 2018 06:07:57 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Access-Control-Allow-Origin
http://www.geocities.ws
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
truncated
/ Frame 1AE6
9 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9563fdc19456cd77d4a8726af68cd4909cc4031208bc2eecda0a75942deec403

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
truncated
/ Frame 1AE6
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
custom
pushwhy.com/
38 B
443 B
XHR
General
Full URL
https://pushwhy.com/custom
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
HTTP/1.1
Server
188.72.213.138 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
304fbd687c9b643bc952d93966b7afd853255ee039f8333da2752b226ed0709c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Origin
http://www.geocities.ws
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/json

Response headers

Date
Wed, 13 Jun 2018 06:07:57 GMT
X-Content-Type-Options
nosniff
Server
nginx
Strict-Transport-Security
max-age=1
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://www.geocities.ws
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
38
728x90_web2.png
ad.broadcaststation.net/ads/images/
45 KB
45 KB
Image
General
Full URL
http://ad.broadcaststation.net/ads/images/728x90_web2.png
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
HTTP/1.1
Server
167.114.92.64 Montréal, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
6d3726362b5e013ee6ae5cdb622e02ebb02cc7306ab6e9dc82f9fbea32d6ffad

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Wed, 13 Jun 2018 06:08:04 GMT
Last-Modified
Sat, 19 Dec 2015 00:23:03 GMT
Server
Apache
ETag
"b394-52735425267c0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
45972
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
SPDY
Server
172.217.22.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
3934
date
Wed, 13 Jun 2018 05:02:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
17168
expires
Wed, 13 Jun 2018 07:02:30 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=236844327&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=236844327&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26341965-1&cid=2046217985.1528870079&jid=1563860595&_v=5.7.2&z=236844327
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26341965-1&cid=2046217985.1528870079&jid=1563860595&_v=5.7.2&z=236844327
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
SPDY
Server
173.194.76.154 Portage, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
ws-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 13 Jun 2018 06:08:04 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 13 Jun 2018 06:08:04 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-26341965-1&cid=2046217985.1528870079&jid=1563860595&_v=5.7.2&z=236844327
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
370
expires
Fri, 01 Jan 1990 00:00:00 GMT
ntfc.php
defpush.com/
154 KB
63 KB
Script
General
Full URL
http://defpush.com/ntfc.php?p=1560422
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
HTTP/1.1
Server
188.72.202.155 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
12b7fdbd4865c70ca1cd46c5e6570e32c85568d670583eea91d6b010d1096e44

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jun 2018 06:07:58 GMT
Content-Encoding
gzip
Server
nginx
Timing-Allow-Origin
*, *
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Type
application/javascript
Expires
Mon, 26 Jul 1997 05:00:00 GMT
__utm.gif
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=901326829&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
  • https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=901326829&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
35 B
109 B
Image
General
Full URL
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=901326829&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Generalleutnant%20Fritz%20(Friedrich)%20Haselmayr&utmhid=2040078229&utmr=-&utmp=%2Forion47.geo%2FWEHRMACHT%2FHEER%2FGeneralleutnant%2FHASELMAYR_FRITZ.html&utmht=1528870084102&utmac=UA-26341965-1&utmcc=__utma%3D91465669.2046217985.1528870079.1528870079.1528870079.1%3B%2B__utmz%3D91465669.1528870079.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qBAAAAAAAAAAAAAAAAAAAAgE~
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
SPDY
Server
172.217.22.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 May 2018 18:37:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1769451
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=901326829&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Generalleutnant%20Fritz%20(Friedrich)%20Haselmayr&utmhid=2040078229&utmr=-&utmp=%2Forion47.geo%2FWEHRMACHT%2FHEER%2FGeneralleutnant%2FHASELMAYR_FRITZ.html&utmht=1528870084102&utmac=UA-26341965-1&utmcc=__utma%3D91465669.2046217985.1528870079.1528870079.1528870079.1%3B%2B__utmz%3D91465669.1528870079.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qBAAAAAAAAAAAAAAAAAAAAgE~
Non-Authoritative-Reason
HSTS
__utm.gif
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=447820497&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
  • https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=447820497&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
35 B
103 B
Image
General
Full URL
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=447820497&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Generalleutnant%20Fritz%20(Friedrich)%20Haselmayr&utmhid=2040078229&utmr=-&utmp=%2Forion47.geo%2FWEHRMACHT%2FHEER%2FGeneralleutnant%2FHASELMAYR_FRITZ.html&utmht=1528870084107&utmac=UA-26341965-1&utmcc=__utma%3D91465669.2046217985.1528870079.1528870079.1528870079.1%3B%2B__utmz%3D91465669.1528870079.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qBAAAAAAAAAAAAAAAAAAAAgE~
Requested by
Host: www.geocities.ws
URL: http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
Protocol
SPDY
Server
172.217.22.14 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s14-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.geocities.ws/orion47.geo/WEHRMACHT/HEER/Generalleutnant/HASELMAYR_FRITZ.html
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 23 May 2018 18:37:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1769451
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=447820497&utmhn=www.geocities.ws&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Generalleutnant%20Fritz%20(Friedrich)%20Haselmayr&utmhid=2040078229&utmr=-&utmp=%2Forion47.geo%2FWEHRMACHT%2FHEER%2FGeneralleutnant%2FHASELMAYR_FRITZ.html&utmht=1528870084107&utmac=UA-26341965-1&utmcc=__utma%3D91465669.2046217985.1528870079.1528870079.1528870079.1%3B%2B__utmz%3D91465669.1528870079.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qBAAAAAAAAAAAAAAAAAAAAgE~
Non-Authoritative-Reason
HSTS
visit.gif
visit.geocities.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
visit.geocities.com
URL
http://visit.geocities.com/visit.gif?&r=&b=Netscape%205.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20HeadlessChrome/66.0.3359.139%20Safari/537.36&s=1600x1200&o=Linux%20x86_64&c=24&j=false&v=1.2

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| nocontextmenu function| norightclick number| displayif function| checkPolicy string| adstring function| adserver object| H5jewqpdjh6y string| t38193jfrdsswdsq number| H5jewqpdjh6yfound number| e734jKUUkhds number| jhd83jU5d boolean| ejh733j2kh4s object| _gaq object| H4jewqpdjh6y string| t48193jfrdsswdsq number| H4jewqpdjh6yfound object| _gat object| gaGlobal boolean| installOnFly boolean| zfgloadedpush boolean| º… ó ó ó ó ó ó ó ó ó ó ó ó óp string| ap string| v number| ycsdone function| geovisit number| w

0 Cookies

7 Console Messages

Source Level URL
Text
console-api error URL: http://defpush.com/ntfc.php?p=1560422(Line 2)
Message:
TypeError: Cannot read property '__PSR_SESSION_1_1560422_false' of null at http://defpush.com/ntfc.php?p=1560422:2:114969 at t.(anonymous function) (http://defpush.com/ntfc.php?p=1560422:2:31209) at c (http://defpush.com/ntfc.php?p=1560422:2:114951) at t.(anonymous function) (http://defpush.com/ntfc.php?p=1560422:2:116892) at t.(anonymous function) (http://defpush.com/ntfc.php?p=1560422:2:112485) at http://defpush.com/ntfc.php?p=1560422:2:22542 at t.(anonymous function) (http://defpush.com/ntfc.php?p=1560422:2:28565) at t.(anonymous function) (http://defpush.com/ntfc.php?p=1560422:2:22104) at http://defpush.com/ntfc.php?p=1560422:2:20616 at Object.<anonymous> (http://defpush.com/ntfc.php?p=1560422:2:20628)
console-api error URL: http://defpush.com/ntfc.php?p=1560422(Line 2)
Message:
TypeError: Cannot set property '__PSR_SESSION_1_1560422_false' of null at http://defpush.com/ntfc.php?p=1560422:2:72635 at t.(anonymous function) (http://defpush.com/ntfc.php?p=1560422:2:31209) at u (http://defpush.com/ntfc.php?p=1560422:2:72616) at t.(anonymous function) (http://defpush.com/ntfc.php?p=1560422:2:74310) at t.(anonymous function) (http://defpush.com/ntfc.php?p=1560422:2:112615) at http://defpush.com/ntfc.php?p=1560422:2:22542 at t.(anonymous function) (http://defpush.com/ntfc.php?p=1560422:2:28565) at t.(anonymous function) (http://defpush.com/ntfc.php?p=1560422:2:22104) at http://defpush.com/ntfc.php?p=1560422:2:20616 at Object.<anonymous> (http://defpush.com/ntfc.php?p=1560422:2:20628)
console-api log URL: http://deloton.com/apu.php?zoneid=1014680(Line 1)
Message:
70000
console-api error URL: http://defpush.com/ntfc.php?p=1560422(Line 2)
Message:
TypeError: Cannot set property '__PSR_SESSION_1_1560422_false' of null at http://defpush.com/ntfc.php?p=1560422:2:72635 at t.(anonymous function) (http://defpush.com/ntfc.php?p=1560422:2:31209) at u (http://defpush.com/ntfc.php?p=1560422:2:72616) at t.(anonymous function) (http://defpush.com/ntfc.php?p=1560422:2:74310) at t.(anonymous function) (http://defpush.com/ntfc.php?p=1560422:2:113716) at http://defpush.com/ntfc.php?p=1560422:2:23363 at t.(anonymous function) (http://defpush.com/ntfc.php?p=1560422:2:51835) at http://defpush.com/ntfc.php?p=1560422:2:22932
console-api log URL: http://deloton.com/apu.php?zoneid=1014680(Line 1)
Message:
70000
console-api log URL: http://deloton.com/apu.php?zoneid=1014680(Line 1)
Message:
70000
console-api log URL: http://deloton.com/apu.php?zoneid=1014680(Line 1)
Message:
70000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.broadcaststation.net
defpush.com
deloton.com
geo.yahoo.com
go.oclaserver.com
pushwhy.com
smallbusiness.yahoo.com
stats.g.doubleclick.net
us.i1.yimg.com
us.js2.yimg.com
visit.geocities.com
www.geocities.com
www.geocities.ws
www.google-analytics.com
visit.geocities.com
104.25.38.29
104.25.39.29
167.114.92.64
172.217.22.14
173.194.76.154
188.72.202.154
188.72.202.155
188.72.202.166
188.72.213.138
194.187.98.167
2.16.186.48
2.16.186.96
77.238.185.34
98.139.206.27
98.139.28.144
09019e21df914daf81f439eea8c12f9093aaa83fbf6bfe28d49737b5817c5b18
0ad770f7303d5654daf4d143d7b1b3bb746700bc1333497c9744f4f03ce42b91
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12b7fdbd4865c70ca1cd46c5e6570e32c85568d670583eea91d6b010d1096e44
187315db6ba2bab1857b3ca42e6490bb5a57e9a4a307ac3d5d54c42f24c1b576
29fdab94f9e1238fe9489d45abc34b204569c299ad4c0f4f22118243caea83c0
304fbd687c9b643bc952d93966b7afd853255ee039f8333da2752b226ed0709c
44a77de88909aaac7f6a23fa657bc022594ed97995541554d56bc2f41b91d051
597219f0a98514f2215aa6689c8f43567c401858078a55fe098d9337e403b300
5adbc28fff0ad4bb1ad01ffe1ddab59c4ad5105a7eae85e0ba663a096378ea37
64f47331ad7caca4dfba34c15bb08a7a7b049e8b10c6fc87ce607c2407660fac
6d3726362b5e013ee6ae5cdb622e02ebb02cc7306ab6e9dc82f9fbea32d6ffad
8022d68654d34a401d4a8d13023a472035b5150f2a628eed724a596b0730ee20
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9563fdc19456cd77d4a8726af68cd4909cc4031208bc2eecda0a75942deec403
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855