urlscan.io logo urlscan.io
SecurityTrails logo

ps9fed.eu Open in urlscan Pro
2606:4700:30::681f:59b5  Public Scan

Go To Rescan Add Verdict Report
URL: http://ps9fed.eu/
Submission: On February 19 via manual from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 22 HTTP transactions. The main IP is 2606:4700:30::681f:59b5, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is ps9fed.eu.
This is the only time ps9fed.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:30:... 13335 (CLOUDFLAR...)
14 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 5.189.254.202 202023 (LLHOST //...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 88.212.196.72 39134 (UNITEDNET)
22 7
1    2606:4700:30::681f:59b5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ps9fed.eu
14    2606:4700:30::681f:58b5 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ps9fed.eu
1    2a00:1450:4001:80b::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    5.189.254.202 (Russian Federation)

ASN202023 (LLHOST // M247, RO)
bestdateshere2.com
2    2a00:1450:4001:808::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
2    88.212.196.72 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host42.rax.ru
counter.yadro.ru
Apex Domain
Subdomains		 Transfer
15 ps9fed.eu
ps9fed.eu
84 KB
2 yadro.ru
counter.yadro.ru
960 B
2 gstatic.com
fonts.gstatic.com
36 KB
2 bestdateshere2.com
bestdateshere2.com
1 KB
1 googleapis.com
fonts.googleapis.com
442 B
22 5
Domain Requested by
15 ps9fed.eu ps9fed.eu
2 counter.yadro.ru 1 redirects ps9fed.eu
2 fonts.gstatic.com ps9fed.eu
2 bestdateshere2.com 1 redirects ps9fed.eu
1 fonts.googleapis.com ps9fed.eu
22 5

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject Issuer Validity Valid
sni175336.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-02-03 -
2019-08-12		 6 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-01-29 -
2019-04-23		 3 months crt.sh
bestdateshere2.com
Let's Encrypt Authority X3		 2019-01-29 -
2019-04-29		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-01-29 -
2019-04-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://ps9fed.eu/
Frame ID: 38382E7DC8EE5340E897CE8746407B54
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
  • env /^Modernizr$/i
Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

22
Requests

82 %
HTTPS

67 %
IPv6

5
Domains

5
Subdomains

7
IPs

3
Countries

122 kB
Transfer

334 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • http://bestdateshere2.com/js/popunder.js HTTP 301
  • https://bestdateshere2.com/js/popunder.js
Request Chain 20
  • http://counter.yadro.ru/hit;bestocloud?t41.1;r;s1600*1200*24;uhttp%3A//ps9fed.eu/;0.5391032077489537 HTTP 302
  • http://counter.yadro.ru/hit;bestocloud?q;t41.1;r;s1600*1200*24;uhttp%3A//ps9fed.eu/;0.5391032077489537

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
ps9fed.eu/ 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ps9fed.eu/
Protocol
HTTP/1.1
Server
2606:4700:30::681f:59b5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
1922e30e3d1e1094a2ec33a8f5b2c99b324f3e4dac9805d1bccdb10fb752385b

Request headers

Host
ps9fed.eu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 19 Feb 2019 09:56:33 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d168bd26d636c0d0b8b0b517202d951751550570193; expires=Wed, 19-Feb-20 09:56:33 GMT; path=/; domain=.ps9fed.eu; HttpOnly
X-Powered-By
PHP/5.4.16
Cache-Control
no-cache, must-revalidate, max-age=0
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Pragma
no-cache
Server
cloudflare
CF-RAY
4ab7dd3e3e739768-FRA
Content-Encoding
gzip
bootstrap.min.css
ps9fed.eu/wp-content/themes/kerinci-lite/css/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ps9fed.eu/wp-content/themes/kerinci-lite/css/bootstrap.min.css
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58b5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
27b863b36df7f2f1a1128b9300e0581d509a8f113e2fbcace4d38953ed98ad8b

Request headers

Referer
http://ps9fed.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Feb 2019 09:56:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2017 09:44:59 GMT
server
cloudflare
etag
W/"81d7-55c47cad5dcc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
4ab7dd3eeb6f2318-FRA
expires
Tue, 19 Feb 2019 13:56:33 GMT
plugin.css
ps9fed.eu/wp-content/themes/kerinci-lite/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ps9fed.eu/wp-content/themes/kerinci-lite/css/plugin.css
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58b5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a25ba0c613c28b85fe1e8df541c2015a215db244dd5c7d2b480add2691f3300

Request headers

Referer
http://ps9fed.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Feb 2019 09:56:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 24 Oct 2017 09:44:59 GMT
server
cloudflare
etag
W/"1bc6-55c47cad5dcc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
4ab7dd3eeb732318-FRA
expires
Tue, 19 Feb 2019 13:56:33 GMT
style.css
ps9fed.eu/wp-content/themes/kerinci-lite/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ps9fed.eu/wp-content/themes/kerinci-lite/style.css?ver=4.5.10
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58b5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
65ee0d40c822a9f75085a6646808c571cf04e0d8d82be058ceafbe8b99ce0a22

Request headers

Referer
http://ps9fed.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Feb 2019 09:56:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 24 Oct 2017 09:44:59 GMT
server
cloudflare
etag
W/"7a44-55c47cad5dcc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
4ab7dd3eeb722318-FRA
expires
Tue, 19 Feb 2019 13:56:33 GMT
font.css
ps9fed.eu/wp-content/themes/kerinci-lite/css/ 		4 KB
720 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ps9fed.eu/wp-content/themes/kerinci-lite/css/font.css
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58b5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbcb01744eedcdfbf5c187da99d9a2b6daa7a81405ba053925e0db9a82142b9e

Request headers

Referer
http://ps9fed.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Feb 2019 09:56:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 24 Oct 2017 09:44:59 GMT
server
cloudflare
etag
W/"e21-55c47cad5dcc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
cf-ray
4ab7dd3eeb712318-FRA
expires
Tue, 19 Feb 2019 13:56:33 GMT
css
fonts.googleapis.com/ 		827 B
442 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Abel%3A400%2C700%2C400italic%7CCarter+One%3A700italic%2C400%2C800%2C600&subset=latin%2Clatin-ext
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
0d4a146cf393c24961a7180891ccd6e4927dce5d7562cfcc4d615e0a1b39c9e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ps9fed.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 19 Feb 2019 09:56:33 GMT
server
ESF
access-control-allow-origin
*
date
Tue, 19 Feb 2019 09:56:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Tue, 19 Feb 2019 09:56:33 GMT
jquery.js
ps9fed.eu/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps9fed.eu/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58b5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

Referer
http://ps9fed.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Feb 2019 09:56:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 24 Oct 2017 09:40:59 GMT
server
cloudflare
etag
W/"17ba0-55c47bc87c0c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4ab7dd3eeb742318-FRA
expires
Tue, 19 Feb 2019 13:56:33 GMT
jquery-migrate.min.js
ps9fed.eu/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps9fed.eu/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58b5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
http://ps9fed.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Feb 2019 09:56:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 24 Oct 2017 09:40:59 GMT
server
cloudflare
etag
W/"2748-55c47bc87c0c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4ab7dd3efb792318-FRA
expires
Tue, 19 Feb 2019 13:56:33 GMT
modernizr.js
ps9fed.eu/wp-content/themes/kerinci-lite/js/ 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps9fed.eu/wp-content/themes/kerinci-lite/js/modernizr.js?ver=4.5.10
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58b5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
deab29eaf12a035e4dc7ff90be76775b0ffcb2d4cca24ade98be079bc34e0e72

Request headers

Referer
http://ps9fed.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Feb 2019 09:56:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 24 Oct 2017 09:44:59 GMT
server
cloudflare
etag
W/"77c4-55c47cad5dcc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4ab7dd3eeb762318-FRA
expires
Tue, 19 Feb 2019 13:56:33 GMT
respond.js
ps9fed.eu/wp-content/themes/kerinci-lite/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps9fed.eu/wp-content/themes/kerinci-lite/js/respond.js?ver=4.5.10
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58b5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48900c2baf8b513125b8f97cbc155766697ea62cffac5f97b3d9ec5f48d6f8e2

Request headers

Referer
http://ps9fed.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Feb 2019 09:56:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 24 Oct 2017 09:44:59 GMT
server
cloudflare
etag
W/"2d13-55c47cad5dcc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4ab7dd3efb772318-FRA
expires
Tue, 19 Feb 2019 13:56:33 GMT
smartmenus.js
ps9fed.eu/wp-content/themes/kerinci-lite/js/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps9fed.eu/wp-content/themes/kerinci-lite/js/smartmenus.js?ver=4.5.10
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58b5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
239ed015671c46f7ec0825fdbdb4c6ce82b3a37e00132c14ac260695b218c8dd

Request headers

Referer
http://ps9fed.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Feb 2019 09:56:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 24 Oct 2017 09:44:59 GMT
server
cloudflare
etag
W/"a075-55c47cad5dcc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4ab7dd3efb782318-FRA
expires
Tue, 19 Feb 2019 13:56:33 GMT
popunder.js
bestdateshere2.com/js/
Redirect Chain
  • http://bestdateshere2.com/js/popunder.js
  • https://bestdateshere2.com/js/popunder.js
739 B
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bestdateshere2.com/js/popunder.js
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
5.189.254.202 , Russian Federation, ASN202023 (LLHOST // M247, RO),
Reverse DNS
Software
nginx/1.12.0 / ASP.NET
Resource Hash
dddedf3dea924135f450b331d0fc6f776e166ff6bad8d3a8357dd52e70ac4998

Request headers

Referer
http://ps9fed.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 19 Feb 2019 09:56:33 GMT
Last-Modified
Fri, 03 Feb 2017 09:48:43 GMT
Server
nginx/1.12.0
X-Powered-By
ASP.NET
ETag
"808f78b427ed21:0"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
739

Redirect headers

Location
https://bestdateshere2.com/js/popunder.js
Date
Tue, 19 Feb 2019 09:56:33 GMT
Server
nginx/1.12.0
Connection
keep-alive
Content-Length
185
Content-Type
text/html
fitVids.js
ps9fed.eu/wp-content/themes/kerinci-lite/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps9fed.eu/wp-content/themes/kerinci-lite/js/fitVids.js?ver=4.5.10
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58b5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c9dc1f7b4b7802fc32ed0e9ac41116a81f34656011ff295cdd82f6ecfc5ed0f

Request headers

Referer
http://ps9fed.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Feb 2019 09:56:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 24 Oct 2017 09:44:59 GMT
server
cloudflare
etag
W/"a3f-55c47cad5dcc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4ab7dd3efb7a2318-FRA
expires
Tue, 19 Feb 2019 13:56:33 GMT
main.js
ps9fed.eu/wp-content/themes/kerinci-lite/js/ 		330 B
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ps9fed.eu/wp-content/themes/kerinci-lite/js/main.js?ver=4.5.10
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58b5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccf8a9a2558b314e2e606ba20986793a78f9985bf57a23e08633c90bdf2621c

Request headers

Referer
http://ps9fed.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Feb 2019 09:56:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 24 Oct 2017 09:44:59 GMT
server
cloudflare
etag
W/"14a-55c47cad5dcc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4ab7dd3eeb752318-FRA
expires
Tue, 19 Feb 2019 13:56:33 GMT
wp-embed.min.js
ps9fed.eu/wp-includes/js/ 		1 KB
767 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ps9fed.eu/wp-includes/js/wp-embed.min.js?ver=4.5.10
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58b5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
892ecb8e84801900fbec1f9f340f9dd7d53a6444079d82dda76d41581c501891

Request headers

Referer
http://ps9fed.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Feb 2019 09:56:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 24 Oct 2017 09:40:59 GMT
server
cloudflare
etag
W/"57b-55c47bc87c0c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4ab7dd3efb7b2318-FRA
expires
Tue, 19 Feb 2019 13:56:33 GMT
wp-emoji-release.min.js
ps9fed.eu/wp-includes/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps9fed.eu/wp-includes/js/wp-emoji-release.min.js?ver=4.5.10
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58b5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2251d47113cc221f907cb6c141dc4ecb3ee6ee747b90eb8f58f0f77b13ddb4e7

Request headers

Referer
http://ps9fed.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Feb 2019 09:56:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2017 09:40:59 GMT
server
cloudflare
etag
W/"264a-55c47bc87c0c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4ab7dd3f1b852318-FRA
expires
Tue, 19 Feb 2019 13:56:33 GMT
MwQ5bhbm2POE2V9BPbh5uGM.woff2
fonts.gstatic.com/s/abel/v8/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/abel/v8/MwQ5bhbm2POE2V9BPbh5uGM.woff2
Requested by
Host: ps9fed.eu
URL: https://ps9fed.eu/wp-content/themes/kerinci-lite/js/modernizr.js?ver=4.5.10
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
034af79fe6686e5fbd1bbb1f8593ddca8792349cf1110730a7a97f22df4428ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Abel%3A400%2C700%2C400italic%7CCarter+One%3A700italic%2C400%2C800%2C600&subset=latin%2Clatin-ext
Origin
http://ps9fed.eu

Response headers

date
Tue, 12 Feb 2019 11:41:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 10 Oct 2017 23:11:45 GMT
server
sffe
age
598486
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9496
x-xss-protection
1; mode=block
expires
Wed, 12 Feb 2020 11:41:47 GMT
search.png
ps9fed.eu/wp-content/themes/kerinci-lite/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps9fed.eu/wp-content/themes/kerinci-lite/img/search.png
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:58b5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d80755838e46fb3a64143494b97718f3649998ff7ba859d56cc4ed43290d399c

Request headers

Referer
https://ps9fed.eu/wp-content/themes/kerinci-lite/style.css?ver=4.5.10
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 19 Feb 2019 09:56:33 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Oct 2017 09:44:59 GMT
server
cloudflare
etag
"bce-55c47cad5dcc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
4ab7dd3fdc1b2318-FRA
content-length
3022
expires
Tue, 19 Feb 2019 13:56:33 GMT
q5uCsoe5IOB2-pXv9UcNExN8hK5SAMo.woff2
fonts.gstatic.com/s/carterone/v10/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/carterone/v10/q5uCsoe5IOB2-pXv9UcNExN8hK5SAMo.woff2
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:808::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7a79db39a0ff64dcfa3bb89adc9a9e2cff6524fd02b5635e4f1ef3fd838a9fff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Abel%3A400%2C700%2C400italic%7CCarter+One%3A700italic%2C400%2C800%2C600&subset=latin%2Clatin-ext
Origin
http://ps9fed.eu

Response headers

date
Fri, 08 Feb 2019 15:38:09 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Jan 2019 19:43:22 GMT
server
sffe
age
929904
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
27104
x-xss-protection
1; mode=block
expires
Sat, 08 Feb 2020 15:38:09 GMT
maca-theme.woff
ps9fed.eu/wp-content/themes/kerinci-lite/css/fonts/ 		0
0
maca-theme.ttf
ps9fed.eu/wp-content/themes/kerinci-lite/css/fonts/ 		0
0
hit;bestocloud
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit;bestocloud?t41.1;r;s1600*1200*24;uhttp%3A//ps9fed.eu/;0.5391032077489537
  • http://counter.yadro.ru/hit;bestocloud?q;t41.1;r;s1600*1200*24;uhttp%3A//ps9fed.eu/;0.5391032077489537
112 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://counter.yadro.ru/hit;bestocloud?q;t41.1;r;s1600*1200*24;uhttp%3A//ps9fed.eu/;0.5391032077489537
Requested by
Host: ps9fed.eu
URL: http://ps9fed.eu/
Protocol
HTTP/1.1
Server
88.212.196.72 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host42.rax.ru
Software
0W/0.8c /
Resource Hash
d0c553b694786af4b7907d09bce417ca2c29ee990ac848ece4904da8e1b5b506

Request headers

Referer
http://ps9fed.eu/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Feb 2019 09:56:34 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
Close
Content-Type
image/gif
Content-Length
112
Expires
Sun, 18 Feb 2018 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 19 Feb 2019 09:56:34 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
http://counter.yadro.ru/hit;bestocloud?q;t41.1;r;s1600*1200*24;uhttp%3A//ps9fed.eu/;0.5391032077489537
Cache-control
no-cache
Content-Type
text/html
Content-Length
32
Expires
Sun, 18 Feb 2018 21:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ps9fed.eu
URL
https://ps9fed.eu/wp-content/themes/kerinci-lite/css/fonts/maca-theme.woff
Domain
ps9fed.eu
URL
https://ps9fed.eu/wp-content/themes/kerinci-lite/css/fonts/maca-theme.ttf

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| _wpemojiSettings object| twemoji object| wp undefined| $ function| jQuery object| html5 object| Modernizr function| yepnope object| respond object| popunder object| jQuery112407907749534583768

1 Cookies

Domain/Path Name / Value
.ps9fed.eu/ Name: __cfduid
Value: d168bd26d636c0d0b8b0b517202d951751550570193

1 Console Messages

Source Level URL
Text
console-api log URL: https://ps9fed.eu/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bestdateshere2.com
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
ps9fed.eu
ps9fed.eu
2606:4700:30::681f:58b5
2606:4700:30::681f:59b5
2a00:1450:4001:808::2003
2a00:1450:4001:80b::200a
5.189.254.202
88.212.196.72
034af79fe6686e5fbd1bbb1f8593ddca8792349cf1110730a7a97f22df4428ee
0a25ba0c613c28b85fe1e8df541c2015a215db244dd5c7d2b480add2691f3300
0d4a146cf393c24961a7180891ccd6e4927dce5d7562cfcc4d615e0a1b39c9e4
1922e30e3d1e1094a2ec33a8f5b2c99b324f3e4dac9805d1bccdb10fb752385b
2251d47113cc221f907cb6c141dc4ecb3ee6ee747b90eb8f58f0f77b13ddb4e7
239ed015671c46f7ec0825fdbdb4c6ce82b3a37e00132c14ac260695b218c8dd
27b863b36df7f2f1a1128b9300e0581d509a8f113e2fbcace4d38953ed98ad8b
48900c2baf8b513125b8f97cbc155766697ea62cffac5f97b3d9ec5f48d6f8e2
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
65ee0d40c822a9f75085a6646808c571cf04e0d8d82be058ceafbe8b99ce0a22
7a79db39a0ff64dcfa3bb89adc9a9e2cff6524fd02b5635e4f1ef3fd838a9fff
892ecb8e84801900fbec1f9f340f9dd7d53a6444079d82dda76d41581c501891
8c9dc1f7b4b7802fc32ed0e9ac41116a81f34656011ff295cdd82f6ecfc5ed0f
cccf8a9a2558b314e2e606ba20986793a78f9985bf57a23e08633c90bdf2621c
d0c553b694786af4b7907d09bce417ca2c29ee990ac848ece4904da8e1b5b506
d80755838e46fb3a64143494b97718f3649998ff7ba859d56cc4ed43290d399c
dbcb01744eedcdfbf5c187da99d9a2b6daa7a81405ba053925e0db9a82142b9e
dddedf3dea924135f450b331d0fc6f776e166ff6bad8d3a8357dd52e70ac4998
deab29eaf12a035e4dc7ff90be76775b0ffcb2d4cca24ade98be079bc34e0e72
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e