urlscan.io logo urlscan.io
SecurityTrails logo

forum-metal.com Open in urlscan Pro
82.165.25.137  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://forum-metal.com/on/index.html
Submission Tags: @ipnigh
Submission: On February 22 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 25 HTTP transactions. The main IP is 82.165.25.137, located in Germany and belongs to ONEANDONE-AS Brauerstrasse 48, DE. The main domain is forum-metal.com.
This is the only time forum-metal.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BT (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
16 82.165.25.137 8560 (ONEANDONE...)
1 178.79.227.144 22822 (LLNW)
1 216.58.208.34 15169 (GOOGLE)
2 143.204.208.140 16509 (AMAZON-02)
1 93.184.220.100 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 66.117.29.3 15224 (OMNITURE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 10
16    82.165.25.137 (Germany)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: s15954151.onlinehome-server.info
forum-metal.com
1    178.79.227.144 (Italy)

ASN22822 (LLNW, US)
PTR: https-178-79-227-144.vie.llnw.net
assets.bt.com
1    216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f34.1e100.net
www.googleadservices.com
2    143.204.208.140 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-140.fra53.r.cloudfront.net
d3c3cq33003psk.cloudfront.net
1    93.184.220.100 (London, United Kingdom)

ASN15133 (EDGECAST, US)
a.mobify.com
1    2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    66.117.29.3 (United States)

ASN15224 (OMNITURE, US)
bt.tt.omtrdc.net
1    2a00:1450:4001:821::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
16 forum-metal.com forum-metal.com
2 d3c3cq33003psk.cloudfront.net forum-metal.com
1 www.google.de forum-metal.com
1 www.google.com forum-metal.com
1 bt.tt.omtrdc.net assets.bt.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 a.mobify.com forum-metal.com
1 www.googleadservices.com forum-metal.com
1 assets.bt.com forum-metal.com
25 9

This site contains links to these domains. Also see Links.

Domain
www.bt.com
bt.com
www.btplc.com
www.thephonebook.bt.com
Subject Issuer Validity Valid
www.bt.com
DigiCert SHA2 Extended Validation Server CA		 2019-10-14 -
2020-10-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://forum-metal.com/on/index.html
Frame ID: 05617045AD239C44D281AB63928603F3
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

25
Requests

16 %
HTTPS

33 %
IPv6

9
Domains

9
Subdomains

10
IPs

4
Countries

380 kB
Transfer

405 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
forum-metal.com/on/ 		15 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
82.165.25.137 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s15954151.onlinehome-server.info
Software
Apache / PleskLin
Resource Hash
3997104bbbc54eabc9fbb06af9c6fb1ef7f134dd859c5696e10f404c54ebe47e

Request headers

Host
forum-metal.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:45 GMT
Server
Apache
Last-Modified
Wed, 28 Mar 2018 01:11:00 GMT
ETag
"2a434-3ac9-5686eae173100"
Accept-Ranges
bytes
Content-Length
15049
X-Powered-By
PleskLin
Connection
close
Content-Type
text/html
stylesheet.css
forum-metal.com/on/css/ 		218 KB
219 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://forum-metal.com/on/css/stylesheet.css
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
82.165.25.137 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s15954151.onlinehome-server.info
Software
Apache / PleskLin
Resource Hash
7add7344b5d3313f4e64af7059e016353b18ccc1f5866d13a24649fb9c4f4824

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:45 GMT
Last-Modified
Wed, 28 Mar 2018 01:06:22 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"2a441-36902-5686e9d853f80"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
223490
bt.cookies.api.js
forum-metal.com/on/css/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://forum-metal.com/on/css/bt.cookies.api.js
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
82.165.25.137 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s15954151.onlinehome-server.info
Software
Apache / PleskLin
Resource Hash
98db84cda3e8d2b72b56e9da066b374765f92f4184fba2fe15b1edc9fb8eb5c2

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:45 GMT
Last-Modified
Wed, 28 Mar 2018 01:06:26 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"2a435-8ee-5686e9dc24880"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
2286
modernizr-2.6.2.min.js
forum-metal.com/on/css/vendor/ 		281 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
http://forum-metal.com/on/css/vendor/modernizr-2.6.2.min.js
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
82.165.25.137 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s15954151.onlinehome-server.info
Software
Apache / PleskLin
Resource Hash
231f02ec6abfd5f54548ea3eb6ac2e756a3b9ccc159a50953868e61d8c629254

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:45 GMT
Server
Apache
Connection
close
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
text/html;charset=utf-8
jquery-1.8.2.min.js
forum-metal.com/on/css/vendor/ 		281 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
http://forum-metal.com/on/css/vendor/jquery-1.8.2.min.js
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
82.165.25.137 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s15954151.onlinehome-server.info
Software
Apache / PleskLin
Resource Hash
231f02ec6abfd5f54548ea3eb6ac2e756a3b9ccc159a50953868e61d8c629254

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:45 GMT
Server
Apache
Connection
close
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
text/html;charset=utf-8
jquery.validate.js
forum-metal.com/on/css/ 		39 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://forum-metal.com/on/css/jquery.validate.js
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
82.165.25.137 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s15954151.onlinehome-server.info
Software
Apache / PleskLin
Resource Hash
3e9ee9662c314b3999180fa7bd4dd16ae67af193dbad5862debfa040ed96bd6c

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:45 GMT
Last-Modified
Wed, 28 Mar 2018 01:06:34 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"2a439-9a4f-5686e9e3c5a80"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
39503
script.js
forum-metal.com/on/css/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://forum-metal.com/on/css/script.js
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
82.165.25.137 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s15954151.onlinehome-server.info
Software
Apache / PleskLin
Resource Hash
5e3f0a8136f4ccc5dc7bc7581f679cf87e49793597db128cf70153d20e486530

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:45 GMT
Last-Modified
Wed, 28 Mar 2018 01:06:36 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"2a440-a7f-5686e9e5adf00"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
2687
login.js
forum-metal.com/on/css/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://forum-metal.com/on/css/login.js
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
82.165.25.137 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s15954151.onlinehome-server.info
Software
Apache / PleskLin
Resource Hash
a542a9b2cdbcfcf2d65c26c79e33ec073ecde630a5ea30e348fe9fc6fc2b6a55

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:45 GMT
Last-Modified
Wed, 28 Mar 2018 01:06:36 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"2a43a-13f0-5686e9e5adf00"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
5104
login_remember.js
forum-metal.com/on/css/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://forum-metal.com/on/css/login_remember.js
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
82.165.25.137 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s15954151.onlinehome-server.info
Software
Apache / PleskLin
Resource Hash
7cb5914c06929b81bb9c5844c797f7fc46444fb28d01d7242e650ca8ca1ee797

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:45 GMT
Last-Modified
Wed, 28 Mar 2018 01:06:38 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"2a43c-85d-5686e9e796380"
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
2141
mbox.js
assets.bt.com/v1/btcome/global/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bt.com/v1/btcome/global/js/mbox.js
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.79.227.144 , Italy, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-227-144.vie.llnw.net
Software
CloudStorage /
Resource Hash
b34e1a28a7954d2dfa27ee6fe149b7010d036f08f503899227fe4ab57ccf1fdd

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sat, 22 Feb 2020 01:22:46 GMT
Content-Encoding
gzip
X-Agile-Request-Id
d24d25b023e9a23c5a21032fef0615ca, 1a62af94fffaafd1623fb10d655f42a3
X-Agile-Brick-Id
480527910
Connection
keep-alive
Content-Length
6143
Accept-Ranges
bytes
Last-Modified
Thu, 06 Oct 2016 09:09:19 GMT
Server
CloudStorage
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Agile-Checksum
b34e1a28a7954d2dfa27ee6fe149b7010d036f08f503899227fe4ab57ccf1fdd
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Content-Type,Accept-Encoding,Accept-Language,Cache-Control
X-Agile-Source
178.79.224.66:1987
conversion.js
www.googleadservices.com/pagead/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googleadservices.com/pagead/conversion.js
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f34.1e100.net
Software
cafe /
Resource Hash
bb5e9451b0252787ba4debc98172ce5a19a921382d647dd31d05fb9bb0a3eb5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript; charset=UTF-8
Server
cafe
ETag
354882672169007084
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
9854
X-XSS-Protection
0
Expires
Sat, 22 Feb 2020 01:22:45 GMT
opentag-84691-994976.js
d3c3cq33003psk.cloudfront.net/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://d3c3cq33003psk.cloudfront.net/opentag-84691-994976.js
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
143.204.208.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-208-140.fra53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
logo_102x50.gif
forum-metal.com/on/css/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://forum-metal.com/on/css/logo_102x50.gif
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
82.165.25.137 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s15954151.onlinehome-server.info
Software
Apache / PleskLin
Resource Hash
6ff70b5bf1afb0cbc3e6458d4126b1b49dd49c06e76b7a169aea5babb6f066d6

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:46 GMT
Last-Modified
Wed, 28 Mar 2018 01:10:40 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"2a43d-db4-5686eace60400"
Content-Type
image/gif
Connection
close
Accept-Ranges
bytes
Content-Length
3508
a.js
a.mobify.com/bt/ 		0
197 B 		Script
General
Check archive.org
Download Go to
Full URL
http://a.mobify.com/bt/a.js
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
93.184.220.100 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:47 GMT
Cache-Control
public, max-age=1800
Server
nginx/1.16.1
Content-Length
0
X-Frame-Options
DENY
Content-Type
text/html; charset=utf-8
style_761.css
forum-metal.com/on/css/ 		8 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://forum-metal.com/on/css/style_761.css
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
82.165.25.137 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s15954151.onlinehome-server.info
Software
Apache / PleskLin
Resource Hash
264aefdcb1b227a453714e82c1b34e448213c816e672d0181211c06b1f1a782a

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:47 GMT
Last-Modified
Wed, 28 Mar 2018 01:06:24 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"2a444-207b-5686e9da3c400"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
8315
style_480.css
forum-metal.com/on/css/ 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://forum-metal.com/on/css/style_480.css
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
82.165.25.137 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s15954151.onlinehome-server.info
Software
Apache / PleskLin
Resource Hash
b63ada3e8c0f3903caf1dd86dbf5165a0112cda7e130ac8aa97c5fefd1943a0d

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:47 GMT
Last-Modified
Wed, 28 Mar 2018 01:06:26 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"2a443-4482-5686e9dc24880"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
17538
s_code_remote.js
forum-metal.com/static/includes/appsauth/js/ 		281 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
http://forum-metal.com/static/includes/appsauth/js/s_code_remote.js
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
82.165.25.137 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s15954151.onlinehome-server.info
Software
Apache / PleskLin
Resource Hash
231f02ec6abfd5f54548ea3eb6ac2e756a3b9ccc159a50953868e61d8c629254

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:46 GMT
Server
Apache
Connection
close
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
text/html;charset=utf-8
omniture.js
forum-metal.com/static/includes/appsauth/js/ 		281 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
http://forum-metal.com/static/includes/appsauth/js/omniture.js
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
82.165.25.137 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s15954151.onlinehome-server.info
Software
Apache / PleskLin
Resource Hash
231f02ec6abfd5f54548ea3eb6ac2e756a3b9ccc159a50953868e61d8c629254

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:46 GMT
Server
Apache
Connection
close
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
text/html;charset=utf-8
bt.cookies.js
forum-metal.com/static/includes/globalheader/ 		281 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
http://forum-metal.com/static/includes/globalheader/bt.cookies.js
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
82.165.25.137 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s15954151.onlinehome-server.info
Software
Apache / PleskLin
Resource Hash
231f02ec6abfd5f54548ea3eb6ac2e756a3b9ccc159a50953868e61d8c629254

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:47 GMT
Server
Apache
Connection
close
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
text/html;charset=utf-8
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/972002336/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972002336/?random=1582334567372&cv=9&fst=1582334567372&num=1&label=Snt7CPDmpwUQoKi-zwM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=http%3A%2F%2Fforum-metal.com%2Fon%2Findex.html&tiba=My%20BT%3A%20Login%20to%20access%20your%20personal%20details&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f39227a4bc7a264e51d042355e6407bd0caf4f594399f6d8cd3adc11b8db176
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Sat, 22 Feb 2020 01:22:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
text/javascript; charset=UTF-8
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1056
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
opentag-84691-994976.js
d3c3cq33003psk.cloudfront.net/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://d3c3cq33003psk.cloudfront.net/opentag-84691-994976.js
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
143.204.208.140 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-208-140.fra53.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
sprite.png
forum-metal.com/static/wa/appsauth/consumer/img/ 		281 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://forum-metal.com/static/wa/appsauth/consumer/img/sprite.png
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
HTTP/1.1
Server
82.165.25.137 , Germany, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
s15954151.onlinehome-server.info
Software
Apache / PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://forum-metal.com/on/css/stylesheet.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 22 Feb 2020 01:22:47 GMT
Server
Apache
Connection
close
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Content-Type
text/html;charset=utf-8
truncated
/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91d32af051d9ace7282b43d300b85debad94fa8659ee69f3e7616e4e1a7605e2

Request headers

Origin
http://forum-metal.com
Referer
http://forum-metal.com/on/css/stylesheet.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
font/opentype;charset=utf-8
standard
bt.tt.omtrdc.net/m2/bt/mbox/ 		137 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
http://bt.tt.omtrdc.net/m2/bt/mbox/standard?mboxHost=forum-metal.com&mboxSession=1582334567370-586754&mboxPage=1582334567370-586754&screenHeight=1200&screenWidth=1600&browserWidth=1600&browserHeight=1200&browserTimeOffset=60&colorDepth=24&mboxCount=1&mbox=logged_in_not_signed_up&mboxId=0&mboxTime=1582338167386&mboxURL=http%3A%2F%2Fforum-metal.com%2Fon%2Findex.html&mboxReferrer=&mboxVersion=40
Requested by
Host: assets.bt.com
URL: https://assets.bt.com/v1/btcome/global/js/mbox.js
Protocol
HTTP/1.1
Server
66.117.29.3 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
/
Resource Hash
d7b51265f2ebe2cb78e2e47c913f71af468b189099cdc6014201466ea7a3c932

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Sat, 22 Feb 2020 01:22:47 GMT
Cache-Control
no-cache
Timing-Allow-Origin
*
Content-Length
137
X-Request-ID
b8e1f767-ca91-45aa-a169-c2ab39c3fabb
Content-Type
text/javascript;charset=utf-8
/
www.google.com/pagead/1p-user-list/972002336/ 		42 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/972002336/?random=1582334567372&cv=9&fst=1582333200000&num=1&label=Snt7CPDmpwUQoKi-zwM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fforum-metal.com%2Fon%2Findex.html&tiba=My%20BT%3A%20Login%20to%20access%20your%20personal%20details&fmt=3&is_vtc=1&random=4000554218&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 22 Feb 2020 01:22:47 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/972002336/ 		42 B
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/972002336/?random=1582334567372&cv=9&fst=1582333200000&num=1&label=Snt7CPDmpwUQoKi-zwM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=http%3A%2F%2Fforum-metal.com%2Fon%2Findex.html&tiba=My%20BT%3A%20Login%20to%20access%20your%20personal%20details&fmt=3&is_vtc=1&random=4000554218&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: forum-metal.com
URL: http://forum-metal.com/on/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://forum-metal.com/on/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Sat, 22 Feb 2020 01:22:47 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BT (Telecommunication)

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Mobify object| btCookiesAPI function| omniOnClick function| omniOnError function| GetCookie number| submitcount string| domainName function| checkSubmit function| setRememberMeCookiees function| jsSubmit function| changeBTClickUserName function| allSubmit function| consumerLoginSubmit function| getQueryParameter function| checkLoginSubmit function| setRememberMeCookie function| setUsernameFromCookie function| getUsernameFromCookie string| mboxCopyright number| mboxVersion object| mboxFactories object| mboxFactoryDefault function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxFactory function| mboxSignaler function| mboxList function| mboxLocatorDefault function| mboxLocatorNode function| mboxCreate function| mboxDefine function| mboxUpdate function| mbox function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxSetCookie function| mboxGetCookie function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth object| google_conversion_id object| google_conversion_label object| google_custom_params object| google_remarketing_only function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_evaluemrc object| google_conversion_currency object| google_conversion_domain object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_disable_merchant_reported_conversions object| google_additional_conversion_params object| google_transport_url string| hashCode string| hash object| hashParam number| c_start string| cUserName string| s_pageName string| s_channel string| s_server string| s_products string| s_events string| s_hier1 string| s_prop6 string| s_prop9 string| s_prop36 string| s_prop37 string| s_eVar37 string| s_prop38 string| s_eVar38 string| s_account

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mobify.com
assets.bt.com
bt.tt.omtrdc.net
d3c3cq33003psk.cloudfront.net
forum-metal.com
googleads.g.doubleclick.net
www.google.com
www.google.de
www.googleadservices.com
143.204.208.140
178.79.227.144
216.58.208.34
2a00:1450:4001:81f::2002
2a00:1450:4001:821::2003
2a00:1450:4001:821::2004
66.117.29.3
82.165.25.137
93.184.220.100
231f02ec6abfd5f54548ea3eb6ac2e756a3b9ccc159a50953868e61d8c629254
264aefdcb1b227a453714e82c1b34e448213c816e672d0181211c06b1f1a782a
3997104bbbc54eabc9fbb06af9c6fb1ef7f134dd859c5696e10f404c54ebe47e
3e9ee9662c314b3999180fa7bd4dd16ae67af193dbad5862debfa040ed96bd6c
3f39227a4bc7a264e51d042355e6407bd0caf4f594399f6d8cd3adc11b8db176
5e3f0a8136f4ccc5dc7bc7581f679cf87e49793597db128cf70153d20e486530
6ff70b5bf1afb0cbc3e6458d4126b1b49dd49c06e76b7a169aea5babb6f066d6
7add7344b5d3313f4e64af7059e016353b18ccc1f5866d13a24649fb9c4f4824
7cb5914c06929b81bb9c5844c797f7fc46444fb28d01d7242e650ca8ca1ee797
91d32af051d9ace7282b43d300b85debad94fa8659ee69f3e7616e4e1a7605e2
98db84cda3e8d2b72b56e9da066b374765f92f4184fba2fe15b1edc9fb8eb5c2
a542a9b2cdbcfcf2d65c26c79e33ec073ecde630a5ea30e348fe9fc6fc2b6a55
b34e1a28a7954d2dfa27ee6fe149b7010d036f08f503899227fe4ab57ccf1fdd
b63ada3e8c0f3903caf1dd86dbf5165a0112cda7e130ac8aa97c5fefd1943a0d
bb5e9451b0252787ba4debc98172ce5a19a921382d647dd31d05fb9bb0a3eb5e
d7b51265f2ebe2cb78e2e47c913f71af468b189099cdc6014201466ea7a3c932
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629