usenetnl.download Open in urlscan Pro
185.117.74.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hoerbuch.us/dll/?d=Martin%20Suter%20%E2%80%93%20Allmen%20%E2%80%93%20Band%201-6%20(ungek%C3%BCrzt)
Effective URL:
https://usenetnl.download/lp/vAa4e2Bu
Submission: On October 18 via manual (October 18th 2019, 3:46:39 am UTC) from RO

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 13 HTTP transactions. The main IP is 185.117.74.21, located in Netherlands and belongs to HS, AE. The main domain is usenetnl.download.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 18th 2019. Valid for: 3 months.

This is the only time usenetnl.download was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:30:... 2606:4700:30::6812:3fd0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 9	185.117.74.21 185.117.74.21	60117 (HS) (HS)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:10:... 2606:4700:10::6814:52b3	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
13	4

1 2606:4700:30::6812:3fd0 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

hoerbuch.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.117.74.21 (Netherlands) 1 redirects

ASN60117 (HS, AE)
PTR: mail.bullads.net

usenetnl.download	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:52b3 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

de.usenet.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	usenetnl.download 1 redirects usenetnl.download	194 KB
3	gstatic.com fonts.gstatic.com	41 KB
1	usenet.nl de.usenet.nl	4 KB
1	googleapis.com fonts.googleapis.com	729 B
1	hoerbuch.us 1 redirects hoerbuch.us	404 B
13	5

	Domain	Requested by
9	usenetnl.download	1 redirects usenetnl.download
3	fonts.gstatic.com	usenetnl.download
1	de.usenet.nl	usenetnl.download
1	fonts.googleapis.com	usenetnl.download
1	hoerbuch.us	1 redirects
13	5

This site contains no links.

Subject Issuer	Validity	Valid
usenetnl.download Let's Encrypt Authority X3	`2019-09-18` - `2019-12-17`	3 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
usenet.nl GeoTrust TLS RSA CA G1	`2019-07-09` - `2021-08-07`	2 years	crt.sh
*.google.com GTS CA 1O1	`2019-09-17` - `2019-12-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://usenetnl.download/lp/vAa4e2Bu
Frame ID: 1436996BC2FB5F089BD9294B3464321F
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hoerbuch.us/dll/?d=Martin%20Suter%20%E2%80%93%20Allmen%20%E2%80%93%20Band%201-6%20(ungek... HTTP 301
https://usenetnl.download/get/vAa4e2Bu?fs=257060200&fn=Martin+Suter+%E2%80%93+Allmen+%E2%80%93+Band+1-... HTTP 302
https://usenetnl.download/lp/vAa4e2Bu Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

13
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

238 kB
Transfer

436 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hoerbuch.us/dll/?d=Martin%20Suter%20%E2%80%93%20Allmen%20%E2%80%93%20Band%201-6%20(ungek%C3%BCrzt) HTTP 301
https://usenetnl.download/get/vAa4e2Bu?fs=257060200&fn=Martin+Suter+%E2%80%93+Allmen+%E2%80%93+Band+1-6+%28ungek%C3%BCrzt%29 HTTP 302
https://usenetnl.download/lp/vAa4e2Bu Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request vAa4e2Bu Show response
usenetnl.download/lp/
Redirect Chain

https://hoerbuch.us/dll/?d=Martin%20Suter%20%E2%80%93%20Allmen%20%E2%80%93%20Band%201-6%20(ungek%C3%BCrzt)
https://usenetnl.download/get/vAa4e2Bu?fs=257060200&fn=Martin+Suter+%E2%80%93+Allmen+%E2%80%93+Band+1-6+%28ungek%C3%BCrzt%29
https://usenetnl.download/lp/vAa4e2Bu

16 KB
6 KB

171ms
171ms

Document
text/html

185.117.74.21
HS

General

Check archive.org

Show headers Download Go to

Full URL: https://usenetnl.download/lp/vAa4e2Bu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.117.74.21 , Netherlands, ASN60117 (HS, AE),
Reverse DNS: mail.bullads.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ece7418f7c60323a3cea3908b948160b0ce14bf93a6242290c74184ff6c17509

Request headers

Host: usenetnl.download
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Cookie: fn_vAa4e2Bu=Martin%2520Suter%2520%25u2013%2520Allmen%2520%25u2013%2520Band%25201-6%2520%2528ungek%25FCrzt%2529; fs_vAa4e2Bu=257060200; bap_vAa4e2Bu=4c67ac4a03.5a847858e05f58791d9e1ef2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 18 Oct 2019 03:46:23 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"3e88-cW06Vr7boMr2Jt27WtNE5ngaikw"
undefined: undefined undefined
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Encoding: gzip

Redirect headers

Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 18 Oct 2019 03:46:23 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 68
Connection: keep-alive
Set-Cookie: fn_vAa4e2Bu=Martin%2520Suter%2520%25u2013%2520Allmen%2520%25u2013%2520Band%25201-6%2520%2528ungek%25FCrzt%2529; Path=/; Expires=Sat, 19 Oct 2019 04:46:23 GMT fs_vAa4e2Bu=257060200; Path=/; Expires=Sat, 19 Oct 2019 04:46:23 GMT stream_vAa4e2Bu=0; Path=/; Expires=Fri, 18 Oct 2019 03:46:23 GMT prn_vAa4e2Bu=0; Path=/; Expires=Fri, 18 Oct 2019 03:46:23 GMT theme_vAa4e2Bu=; Path=/; Expires=Fri, 18 Oct 2019 03:46:23 GMT lp_vAa4e2Bu=; Path=/; Expires=Fri, 18 Oct 2019 03:46:23 GMT bap_vAa4e2Bu=4c67ac4a03.5a847858e05f58791d9e1ef2; Path=/; Expires=Sat, 19 Oct 2019 04:46:23 GMT
Location: /lp/vAa4e2Bu
Vary: Accept
undefined: undefined undefined
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2 200 css
fonts.googleapis.com/ 8 KB
729 B 21ms
20ms Stylesheet
text/css 2a00:1450:4001:81e::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700

Requested by

Host: usenetnl.download
URL: https://usenetnl.download/lp/vAa4e2Bu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

a2300840efca27bdc3a96b96533c3d9eba114f33259f8cefca0747ba4083b98c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://usenetnl.download/lp/vAa4e2Bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 18 Oct 2019 03:46:23 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Fri, 18 Oct 2019 03:46:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Fri, 18 Oct 2019 03:46:23 GMT

GET
H/1.1 200
OK style2.css
usenetnl.download/lp/deliver/5a847858e05f58791d9e1ef2/UtucPR9SAY1aUzAuiEEAvW/8998bd8f/css/ 34 KB
13 KB 18ms
17ms Stylesheet
text/css 185.117.74.21
HS

General

Check archive.org

Show headers Download Go to

Full URL: https://usenetnl.download/lp/deliver/5a847858e05f58791d9e1ef2/UtucPR9SAY1aUzAuiEEAvW/8998bd8f/css/style2.css
Requested by: Host: usenetnl.download
URL: https://usenetnl.download/lp/vAa4e2Bu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.117.74.21 , Netherlands, ASN60117 (HS, AE),
Reverse DNS: mail.bullads.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 033cf226d6a9b9864af2ffdc5bfd20a84c5769aa90099e89494b005d361d80d6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://usenetnl.download/lp/vAa4e2Bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 03:46:23 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"8859-7/ZFxY7qXuU3JsE6dpb/C4KR56E"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/css; charset=utf-8
undefined: undefined, undefined
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 200
OK logo.png
usenetnl.download/lp/deliver/5a847858e05f58791d9e1ef2/UtucPR9SAY1aUzAuiEEAvW/8998bd8f/img/ 1 KB
2 KB 34ms
16ms Image
image/png 185.117.74.21
HS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usenetnl.download/lp/deliver/5a847858e05f58791d9e1ef2/UtucPR9SAY1aUzAuiEEAvW/8998bd8f/img/logo.png
Requested by: Host: usenetnl.download
URL: https://usenetnl.download/lp/vAa4e2Bu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.117.74.21 , Netherlands, ASN60117 (HS, AE),
Reverse DNS: mail.bullads.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: de5921f72669bab69e9d282d93a0be6ec4811411fcf41ce885ec5bfeb5e22b2d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://usenetnl.download/lp/vAa4e2Bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 03:46:23 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"535-1/J0YWC8cwkXIrzJ5sTGnJlBPEw"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/png
undefined: undefined, undefined
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Length: 1333

GET
H/1.1 200
OK QMhL20p.png
usenetnl.download/lp/deliver/5a847858e05f58791d9e1ef2/UtucPR9SAY1aUzAuiEEAvW/8998bd8f/img/ 16 KB
16 KB 50ms
23ms Image
image/png 185.117.74.21
HS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usenetnl.download/lp/deliver/5a847858e05f58791d9e1ef2/UtucPR9SAY1aUzAuiEEAvW/8998bd8f/img/QMhL20p.png
Requested by: Host: usenetnl.download
URL: https://usenetnl.download/lp/vAa4e2Bu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.117.74.21 , Netherlands, ASN60117 (HS, AE),
Reverse DNS: mail.bullads.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: d17860722bef1cce158a1c0646dc21cfd7b315b02ea0afbc7f434b0cab6af45e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://usenetnl.download/lp/vAa4e2Bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 03:46:23 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"3e3f-A4ztJdD/VluxHy4iM4Gt3dep53I"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/png
undefined: undefined, undefined
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Length: 15935

GET
H/1.1 200
OK vAa4e2Bu.js Show response
usenetnl.download/metrika/ 210 KB
47 KB 79ms
75ms Script
text/javascript 185.117.74.21
HS

General

Check archive.org

Show headers Download Go to

Full URL: https://usenetnl.download/metrika/vAa4e2Bu.js
Requested by: Host: usenetnl.download
URL: https://usenetnl.download/lp/vAa4e2Bu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.117.74.21 , Netherlands, ASN60117 (HS, AE),
Reverse DNS: mail.bullads.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 42cff79000818bd8816875d4c123455afa36241a9fbff981d7a392e98342a40b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://usenetnl.download/lp/vAa4e2Bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 03:46:23 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"3490d-AtGeuyXZ85NxHzvdAq6C9bntUVk"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/javascript; charset=utf-8
undefined: undefined, undefined
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 200
OK oX0ymbh.png
usenetnl.download/lp/deliver/5a847858e05f58791d9e1ef2/UtucPR9SAY1aUzAuiEEAvW/8998bd8f/img/ 107 KB
108 KB 27ms
17ms Image
image/png 185.117.74.21
HS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usenetnl.download/lp/deliver/5a847858e05f58791d9e1ef2/UtucPR9SAY1aUzAuiEEAvW/8998bd8f/img/oX0ymbh.png
Requested by: Host: usenetnl.download
URL: https://usenetnl.download/lp/vAa4e2Bu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.117.74.21 , Netherlands, ASN60117 (HS, AE),
Reverse DNS: mail.bullads.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: b34ee20be9e0e4e1585d4442cf08f6a5e450d25f749029f0ada8891c1bc1a8c7

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://usenetnl.download/lp/deliver/5a847858e05f58791d9e1ef2/UtucPR9SAY1aUzAuiEEAvW/8998bd8f/css/style2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 03:46:23 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"1ad04-vwwS1Y978siGVb5TvtDWj7n7WUA"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/png
undefined: undefined, undefined
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Length: 109828

GET
H2 200 sprite.png
de.usenet.nl/unf/RESOURCE/shop/skin/v3/img/ 3 KB
4 KB 98ms
20ms Image
image/png 2606:4700:10::6814:52b3
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://de.usenet.nl/unf/RESOURCE/shop/skin/v3/img/sprite.png

Requested by

Host: usenetnl.download
URL: https://usenetnl.download/lp/vAa4e2Bu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:52b3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

224f93affe08e4de093599826606bb8510e1c9006faa5e6f080a6746cd2ff279

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://usenetnl.download/lp/deliver/5a847858e05f58791d9e1ef2/UtucPR9SAY1aUzAuiEEAvW/8998bd8f/css/style2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 18 Oct 2019 03:46:23 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4841
x-powered-by: ASP.NET
status: 200
strict-transport-security: max-age=604800; includeSubDomains
content-length: 3572
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 Apr 2019 13:34:10 GMT
server: cloudflare
etag: "dda5b906bfbd41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
accept-ranges: bytes
cf-ray: 527786604f09cbcc-VIE
expires: Fri, 18 Oct 2019 07:46:23 GMT

GET
H2 200 4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v14/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v14/4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2

Requested by

Host: usenetnl.download
URL: https://usenetnl.download/lp/vAa4e2Bu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e25d65f020f2bb10f8aa86568b527bba648a17396d239331e7e45a0139879ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Origin: https://usenetnl.download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 12:39:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:36 GMT
server: sffe
age: 745605
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13848
x-xss-protection: 0
expires: Thu, 08 Oct 2020 12:39:38 GMT

GET
H2 200 4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v14/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v14/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2

Requested by

Host: usenetnl.download
URL: https://usenetnl.download/lp/vAa4e2Bu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Origin: https://usenetnl.download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 17 Oct 2019 13:24:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:45 GMT
server: sffe
age: 51702
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 13720
x-xss-protection: 0
expires: Fri, 16 Oct 2020 13:24:41 GMT

GET
H2 200 4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v14/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v14/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2

Requested by

Host: usenetnl.download
URL: https://usenetnl.download/lp/vAa4e2Bu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Ubuntu:300,400,500,700
Origin: https://usenetnl.download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 09:57:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:17:48 GMT
server: sffe
age: 582552
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14096
x-xss-protection: 0
expires: Sat, 10 Oct 2020 09:57:11 GMT

GET
H/1.1 200
OK advert.gif
usenetnl.download/ 35 B
504 B 16ms
16ms Image
image/gif 185.117.74.21
HS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usenetnl.download/advert.gif
Requested by: Host: usenetnl.download
URL: https://usenetnl.download/lp/vAa4e2Bu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.117.74.21 , Netherlands, ASN60117 (HS, AE),
Reverse DNS: mail.bullads.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://usenetnl.download/lp/vAa4e2Bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 03:46:23 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: image/gif
undefined: undefined, undefined
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1 200
OK vAa4e2Bu.png
usenetnl.download/metrika/ 43 B
550 B 87ms
84ms Image
application/octet-stream 185.117.74.21
HS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usenetnl.download/metrika/vAa4e2Bu.png?x=1&ident=lp%3Adl2&bt=true&l=https%253A//usenetnl.download/lp/vAa4e2Bu&d=usenetnl.download&ce=true&dd=1600x1200&bd=1200x1600&ls=false&dnt=null&ifr=false&f=262ccf6225688483122693af31289f68&adblock=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.117.74.21 , Netherlands, ASN60117 (HS, AE),
Reverse DNS: mail.bullads.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://usenetnl.download/lp/vAa4e2Bu
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 18 Oct 2019 03:46:23 GMT
Server: nginx/1.10.3 (Ubuntu)
ETag: W/"2b-6n31g5gxM7YnErXnO/+81FzFNzY"
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: application/octet-stream
undefined: undefined, undefined
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Content-Length: 43

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
usenetnl.download/	1970-01-19 04:31:00	Name: bap_vAa4e2Bu Value: 4c67ac4a03.5a847858e05f58791d9e1ef2
usenetnl.download/	1970-01-19 04:31:00	Name: fs_vAa4e2Bu Value: 257060200
usenetnl.download/	1970-01-19 04:31:00	Name: fn_vAa4e2Bu Value: Martin%2520Suter%2520%25u2013%2520Allmen%2520%25u2013%2520Band%25201-6%2520%2528ungek%25FCrzt%2529

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

de.usenet.nl
fonts.googleapis.com
fonts.gstatic.com
hoerbuch.us
usenetnl.download
185.117.74.21
2606:4700:10::6814:52b3
2606:4700:30::6812:3fd0
2a00:1450:4001:80b::2003
2a00:1450:4001:81e::200a
033cf226d6a9b9864af2ffdc5bfd20a84c5769aa90099e89494b005d361d80d6
224f93affe08e4de093599826606bb8510e1c9006faa5e6f080a6746cd2ff279
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
42cff79000818bd8816875d4c123455afa36241a9fbff981d7a392e98342a40b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
a2300840efca27bdc3a96b96533c3d9eba114f33259f8cefca0747ba4083b98c
b34ee20be9e0e4e1585d4442cf08f6a5e450d25f749029f0ada8891c1bc1a8c7
d17860722bef1cce158a1c0646dc21cfd7b315b02ea0afbc7f434b0cab6af45e
de5921f72669bab69e9d282d93a0be6ec4811411fcf41ce885ec5bfeb5e22b2d
e25d65f020f2bb10f8aa86568b527bba648a17396d239331e7e45a0139879ecc
ece7418f7c60323a3cea3908b948160b0ce14bf93a6242290c74184ff6c17509

usenetnl.download Open in urlscan Pro 185.117.74.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

4 IPs

3 Countries

238 kBTransfer

436 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

3 Cookies

Indicators

usenetnl.download Open in urlscan Pro
185.117.74.21 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

238 kB
Transfer

436 kB
Size

3
Cookies

13 HTTP transactions
0 data transactions