face.pressibdotugiback.tk

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3034::6815:3ffe, located in United States and belongs to CLOUDFLARENET, US. The main domain is face.pressibdotugiback.tk.

This is the only time face.pressibdotugiback.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3034::6815:3ffe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	88.99.4.111 88.99.4.111	24940 (HETZNER-AS) (HETZNER-AS)
1	185.21.42.144 185.21.42.144	48854 (ZITCOM) (ZITCOM)
1	2a02:2350:5:1... 2a02:2350:5:106:65:3640:cbf5:cb42	51468 (ONECOM) (ONECOM)
1 1	2606:4700:20:... 2606:4700:20::ac43:48e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:583	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	5

1 2606:4700:3034::6815:3ffe (United States)

ASN13335 (CLOUDFLARENET, US)

face.pressibdotugiback.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.4.111 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.111.4.99.88.clients.your-server.de

docplayer.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.21.42.144 (Denmark)

ASN48854 (ZITCOM, DK)
PTR: mail.vipdaters.se

www.vipdaters.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2350:5:106:65:3640:cbf5:cb42 (Denmark)

ASN51468 (ONECOM, DK)

www.wonderfuldenmark.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:48e8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.mypartnerforever.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:583 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mypartnerforever.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	mypartnerforever.com 1 redirects www.mypartnerforever.com	21 KB
1	wonderfuldenmark.dk www.wonderfuldenmark.dk
1	vipdaters.dk www.vipdaters.dk	38 KB
1	docplayer.dk docplayer.dk	104 KB
1	pressibdotugiback.tk face.pressibdotugiback.tk	20 KB
5	5

	Domain	Requested by
2	www.mypartnerforever.com	1 redirects face.pressibdotugiback.tk
1	www.wonderfuldenmark.dk	face.pressibdotugiback.tk
1	www.vipdaters.dk	face.pressibdotugiback.tk
1	docplayer.dk	face.pressibdotugiback.tk
1	face.pressibdotugiback.tk
5	5

This site contains no links.

Subject Issuer	Validity	Valid
*.docplayer.dk R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
vipdaters.dk Sectigo RSA Domain Validation Secure Server CA	`2022-11-01` - `2023-11-08`	a year	crt.sh
*.wonderfuldenmark.dk R3	`2023-01-21` - `2023-04-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://face.pressibdotugiback.tk/
Frame ID: DBEB785225956F500C4C9EBB5530BDF7
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Resultater

Page Statistics

5
Requests

60 %
HTTPS

67 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

182 kB
Transfer

216 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://www.mypartnerforever.com/xml/zz250/photo-single-lady-from-ukraine-darina-from-kiev-ukraine-171768.jpg HTTP 302
https://www.mypartnerforever.com/xml/zz250/photo-single-lady-from-ukraine-darina-from-kiev-ukraine-171768.jpg

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response face.pressibdotugiback.tk/	55 KB 20 KB	337ms 227ms	Document text/html	2606:4700:3034::6815:3ffe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://face.pressibdotugiback.tk/ Protocol HTTP/1.1 Server 2606:4700:3034::6815:3ffe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ad418f2d5cf2eb867a26450ac9005a75b3912c5ad3940360d7a5c9a815594d81` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language en-US,en;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 79f6bff27c021a03-EWR Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sun, 26 Feb 2023 06:51:01 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyihYm6kn3mh8NnR13ZxXvPvJG7%2BC6T%2BAsRCYXr0s4x2wqDFEZgVgF5yanusY0%2FpjrimQ%2FlG0Yu4XAmYyBfqPV%2F8c6rq6M%2B6njxQm2FnBZkNpiFzur58IB9zo5WgWsuC%2B%2BTXJtd6xOOAXg3bhm%2F2e5MPmLIJcggF"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	page_3.jpg docplayer.dk/docs-images/45/23341223/images/	103 KB 104 KB	505ms 176ms	Image image/jpeg	88.99.4.111 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://docplayer.dk/docs-images/45/23341223/images/page_3.jpg Requested by Host: face.pressibdotugiback.tk URL: http://face.pressibdotugiback.tk/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.99.4.111 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.111.4.99.88.clients.your-server.de Software nginx / Resource Hash `1b654ba5a85001fea7e5470336acaa6d8aa2026e7f097b77c8a4a2431afc81a2` Request headers accept-language en-US,en;q=0.9 Referer http://face.pressibdotugiback.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Sun, 26 Feb 2023 06:51:01 GMT Last-Modified Thu, 27 Oct 2016 13:33:38 GMT Server nginx Cloud-Cache-Backend-Server nginx-114 ETag "58120232-19c16" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Frontend slideplayer-101 Content-Length 105494 Link <https://docplayer.dk/docs-images/45/23341223/images/page_3.jpg>; rel="canonical"
GET H2	200	96549_thumb1.jpg www.vipdaters.dk/vipphotos/	38 KB 38 KB	520ms 102ms	Image image/jpeg	185.21.42.144 ZITCOM
General Check archive.org Show headers Download Go to Show image Full URL https://www.vipdaters.dk/vipphotos/96549_thumb1.jpg Requested by Host: face.pressibdotugiback.tk URL: http://face.pressibdotugiback.tk/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 185.21.42.144 , Denmark, ASN48854 (ZITCOM, DK), Reverse DNS mail.vipdaters.se Software Microsoft-IIS/10.0 / ASP.NET Resource Hash `5a03307d189b3a7cc55e67d9fffda95efa667236fb6c8c65ab483717e4ab171d` Request headers accept-language en-US,en;q=0.9 Referer http://face.pressibdotugiback.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 06:51:01 GMT last-modified Tue, 03 Mar 2020 11:07:51 GMT server Microsoft-IIS/10.0 etag "86b4ddfa4bf1d51:0" x-powered-by ASP.NET content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 38447
GET H2	404	bosse.png www.wonderfuldenmark.dk/i/	0 0	771ms 90ms	Image text/html	2a02:2350:5:106:65:3640:cbf5:cb42 ONECOM
General Check archive.org Show headers Download Go to Show image Full URL https://www.wonderfuldenmark.dk/i/bosse.png Requested by Host: face.pressibdotugiback.tk URL: http://face.pressibdotugiback.tk/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:2350:5:106:65:3640:cbf5:cb42 , Denmark, ASN51468 (ONECOM, DK), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer http://face.pressibdotugiback.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers
GET H2	200	photo-single-lady-from-ukraine-darina-from-kiev-ukraine-171768.jpg www.mypartnerforever.com/xml/zz250/ Redirect Chain http://www.mypartnerforever.com/xml/zz250/photo-single-lady-from-ukraine-darina-from-kiev-ukraine-171768.jpg https://www.mypartnerforever.com/xml/zz250/photo-single-lady-from-ukraine-darina-from-kiev-ukraine-171768.jpg	20 KB 20 KB	263ms 247ms	Image image/jpeg	2606:4700:20::681a:583 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.mypartnerforever.com/xml/zz250/photo-single-lady-from-ukraine-darina-from-kiev-ukraine-171768.jpg Requested by Host: face.pressibdotugiback.tk URL: http://face.pressibdotugiback.tk/ Protocol H2 Server 2606:4700:20::681a:583 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `b1e311ba0836e356446a86cbd6838338a44d4eff1745ebe06a0e75f9d169eb02` Request headers accept-language en-US,en;q=0.9 Referer http://face.pressibdotugiback.tk/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 06:51:01 GMT cf-cache-status MISS last-modified Fri, 13 Apr 2018 04:54:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "299d7f8de3d2d31:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FXM4RItDDZbyTQddWz6ReuHfxIDxT9nzIABwHXcIWKUDb%2B19hC5balqGVCNd0%2FFJknubkhCqYiO2dJzIfozSyqo1Mv8fwaijWF2DTbyFTXpzpXXsCE%2BNTxpLA5vF07M%2FS%2F9VfBthiNBJ3g4RtmPpGwqfM%2BcjHg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=604800 accept-ranges bytes cf-ray 79f6bff5b98cc47a-EWR content-length 20184 Redirect headers Date Sun, 26 Feb 2023 06:51:01 GMT CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare X-Powered-By ASP.NET Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BUdSuz8jEZJuaj4HE641sLhpa0qWzDWdXkoaB5xR5mvx7OlX0Wf6cuC6gEP8YEgfGf9yIPZ49%2FG7h7IbszyTYePpf%2B1wIdHJNcVrokkLwpsYctXKX74G65W3NHbQEiB1MwabufPFJaDOBZKk4Hx%2FZlzDRjr5lg%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=UTF-8 Location https://www.mypartnerforever.com/xml/zz250/photo-single-lady-from-ukraine-darina-from-kiev-ukraine-171768.jpg Connection keep-alive CF-RAY 79f6bff4ebefc427-EWR Content-Length 232

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			face.pressibdotugiback.tk/	1969-12-31 23:59:59	Name: ch1c Value: b

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.wonderfuldenmark.dk/i/bosse.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

docplayer.dk
face.pressibdotugiback.tk
www.mypartnerforever.com
www.vipdaters.dk
www.wonderfuldenmark.dk
185.21.42.144
2606:4700:20::681a:583
2606:4700:20::ac43:48e8
2606:4700:3034::6815:3ffe
2a02:2350:5:106:65:3640:cbf5:cb42
88.99.4.111
1b654ba5a85001fea7e5470336acaa6d8aa2026e7f097b77c8a4a2431afc81a2
5a03307d189b3a7cc55e67d9fffda95efa667236fb6c8c65ab483717e4ab171d
ad418f2d5cf2eb867a26450ac9005a75b3912c5ad3940360d7a5c9a815594d81
b1e311ba0836e356446a86cbd6838338a44d4eff1745ebe06a0e75f9d169eb02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

face.pressibdotugiback.tk Open in urlscan Pro 2606:4700:3034::6815:3ffe Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

60 %HTTPS

67 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

182 kBTransfer

216 kBSize

1 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

face.pressibdotugiback.tk Open in urlscan Pro
2606:4700:3034::6815:3ffe Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

60 %
HTTPS

67 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

182 kB
Transfer

216 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions