urlscan.io logo urlscan.io
SecurityTrails logo

missing.hi2.ro Open in urlscan Pro
89.42.38.163  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mafiagalati.hi2.ro/log/
Effective URL: http://missing.hi2.ro/missing.html
Submission: On January 24 via manual from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 15 HTTP transactions. The main IP is 89.42.38.163, located in Romania and belongs to RO-3X-AS soseaua Dobroesti nr. 7, RO. The main domain is missing.hi2.ro.
This is the only time missing.hi2.ro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 89.42.39.89 48931 (RO-3X-AS ...)
1 89.42.38.163 48931 (RO-3X-AS ...)
2 172.217.23.130 15169 (GOOGLE)
3 172.217.16.194 15169 (GOOGLE)
4 172.217.21.226 15169 (GOOGLE)
4 172.217.21.225 15169 (GOOGLE)
15 6
1    89.42.39.89 (Romania)

ASN48931 (RO-3X-AS soseaua Dobroesti nr. 7, RO)
mafiagalati.hi2.ro
1    89.42.38.163 (Romania)

ASN48931 (RO-3X-AS soseaua Dobroesti nr. 7, RO)
PTR: mx.hi2.ro
missing.hi2.ro
2    172.217.23.130 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f130.1e100.net
www.googletagservices.com
pagead2.googlesyndication.com
3    172.217.16.194 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f2.1e100.net
adservice.google.de
adservice.google.com
pagead2.googlesyndication.com
4    172.217.21.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f2.1e100.net
securepubads.g.doubleclick.net
4    172.217.21.225 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f225.1e100.net
tpc.googlesyndication.com
Domain Requested by
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
missing.hi2.ro
2 pagead2.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.googletagservices.com missing.hi2.ro
1 missing.hi2.ro
1 mafiagalati.hi2.ro 1 redirects
15 8

This site contains no links.

Subject Issuer Validity Valid

This page contains 2 frames:

Primary Page: http://missing.hi2.ro/missing.html
Frame ID: (4B6BC73540A545A06CF02DC92BD2D1D)
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180118/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: (8394C17B83F7F470F4F0FBDF143F9B8)
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mafiagalati.hi2.ro/log/ HTTP 302
    http://missing.hi2.ro/missing.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i

Page Statistics

15
Requests

0 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

6
IPs

2
Countries

164 kB
Transfer

416 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mafiagalati.hi2.ro/log/ HTTP 302
    http://missing.hi2.ro/missing.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request missing.html
missing.hi2.ro/
Redirect Chain
  • http://mafiagalati.hi2.ro/log/
  • http://missing.hi2.ro/missing.html
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://missing.hi2.ro/missing.html
Protocol
HTTP/1.1
Server
89.42.38.163 , Romania, ASN48931 (RO-3X-AS soseaua Dobroesti nr. 7, RO),
Reverse DNS
mx.hi2.ro
Software
nginx /
Resource Hash
6bcf0e00673e257054126379c7918a3f8829677f769a10ff89273336d763f3b3

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
missing.hi2.ro
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 24 Jan 2018 09:24:53 GMT
Last-Modified
Sun, 06 May 2012 17:24:00 GMT
Server
nginx
ETag
"51838e3-538-4bf616b504c00"
Vary
Host
Content-Type
text/html
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
1336

Redirect headers

Location
http://missing.hi2.ro/missing.html
Date
Wed, 24 Jan 2018 09:24:53 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
589
Content-Type
text/html; charset=iso-8859-1
gpt.js
www.googletagservices.com/tag/js/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: missing.hi2.ro
URL: http://missing.hi2.ro/missing.html
Protocol
HTTP/1.1
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f130.1e100.net
Software
sffe /
Resource Hash
1f039a25c474756b7b0d03ce01d35007b1696c44ca5e985500275333a682fa12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://missing.hi2.ro/missing.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Wed, 24 Jan 2018 09:24:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1516753930925062"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin
*
Content-Length
5433
X-XSS-Protection
1; mode=block
Expires
Wed, 24 Jan 2018 09:24:54 GMT
integrator.js
adservice.google.de/adsid/ 		108 B
174 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=missing.hi2.ro
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://missing.hi2.ro/missing.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Jan 2018 09:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
107
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		108 B
174 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=missing.hi2.ro
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://missing.hi2.ro/missing.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Jan 2018 09:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
107
x-xss-protection
1; mode=block
pubads_impl_175.js
securepubads.g.doubleclick.net/gpt/ 		178 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_175.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
172.217.21.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f2.1e100.net
Software
sffe /
Resource Hash
05ad22ffa00e655ef14734601a87649b4e2df3ba9d98affb679cd4610b896b3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://missing.hi2.ro/missing.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 24 Jan 2018 09:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2018 21:10:38 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
63944
x-xss-protection
1; mode=block
expires
Wed, 24 Jan 2018 09:24:54 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4493995717132838&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21060361%2C21061149%2C21061300&sc=0&sfv=1-0-15&iu_parts=16833085%2Chi2_404_468x60&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&cookie_enabled=1&abxe=1&lmt=1336325040&dt=1516785894136&frm=20&biw=1600&bih=1200&oid=3&adxs=566&adys=8&adks=684399547&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fmissing.hi2.ro%2Fmissing.html&dssz=7&icsg=130&std=0&vrg=175&vis=1&scr_x=0&scr_y=0&ga_vid=1762890593.1516785894&ga_sid=1516785894&ga_hid=1591985952
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_175.js
Protocol
SPDY
Server
172.217.21.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f2.1e100.net
Software
cafe /
Resource Hash
dd9ea232d0dd9ea5efb9461447ada463638a51ffb29e6c9f2f39ba5766d066a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://missing.hi2.ro/missing.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 24 Jan 2018 09:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
4216
x-xss-protection
1; mode=block
google-lineitem-id
13764525
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
12724227405
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_175.js
securepubads.g.doubleclick.net/gpt/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_175.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_175.js
Protocol
SPDY
Server
172.217.21.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f2.1e100.net
Software
sffe /
Resource Hash
a9b28c7b260b061c77691f803ea0a56c7f4bee3968281db6c1aaec10d60093dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://missing.hi2.ro/missing.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Wed, 24 Jan 2018 09:24:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 Jan 2018 21:10:38 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
12650
x-xss-protection
1; mode=block
expires
Wed, 24 Jan 2018 09:24:54 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-15/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
http://tpc.googlesyndication.com/safeframe/1-0-15/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_175.js
Protocol
HTTP/1.1
Server
172.217.21.225 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f225.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Purpose
prefetch
Referer
http://missing.hi2.ro/missing.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 12 Jan 2018 16:47:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 10 Jan 2018 20:47:08 GMT
Server
sffe
Age
1010247
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, immutable, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1453
X-XSS-Protection
1; mode=block
Expires
Sat, 12 Jan 2019 16:47:27 GMT
m_window_focus_non_hydra.js
tpc.googlesyndication.com/pagead/js/r20180118/r20110914/client/ext/ Frame (839 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20180118/r20110914/client/ext/m_window_focus_non_hydra.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_175.js
Protocol
SPDY
Server
172.217.21.225 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f225.1e100.net
Software
cafe /
Resource Hash
f17c52d128492e3041982fb68e8aef913b60dacdffae62cb260af2a67eaec603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://missing.hi2.ro/missing.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Thu, 18 Jan 2018 14:04:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
501609
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
1203
x-xss-protection
1; mode=block
server
cafe
etag
2112876643077467119
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 01 Feb 2018 14:04:45 GMT
osd_listener_heavy.js
tpc.googlesyndication.com/pagead/js/r20180118/r20180118/activeview/ Frame (839 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20180118/r20180118/activeview/osd_listener_heavy.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_175.js
Protocol
SPDY
Server
172.217.21.225 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f225.1e100.net
Software
cafe /
Resource Hash
1bc7107d45a5f7e3a41c877ba95c2dea4d0bf94102e4726cdfcf4ea94b9dc322
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://missing.hi2.ro/missing.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Fri, 19 Jan 2018 15:16:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
410878
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
29570
x-xss-protection
1; mode=block
server
cafe
etag
16251374734199442412
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Feb 2018 15:16:56 GMT
4374139149074254057
tpc.googlesyndication.com/simgad/ Frame (839 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4374139149074254057
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_175.js
Protocol
SPDY
Server
172.217.21.225 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f225.1e100.net
Software
sffe /
Resource Hash
ae0199db3af042a3424a99d076b4f07c975df367219d3c9008043203c6098ddd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://missing.hi2.ro/missing.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date
Mon, 11 Dec 2017 14:07:53 GMT
x-content-type-options
nosniff
last-modified
Fri, 27 Apr 2012 20:27:46 GMT
server
sffe
age
3784621
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
16281
x-xss-protection
1; mode=block
expires
Tue, 11 Dec 2018 14:07:53 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		83 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_175.js
Protocol
HTTP/1.1
Server
172.217.23.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f130.1e100.net
Software
cafe /
Resource Hash
af583ba439f2ae017bc3c259ec35efd7a6c22b69c36b1edb7c6a46d576befefc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://missing.hi2.ro/missing.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 24 Jan 2018 09:18:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Age
399
ETag
15648377097031356754
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
public, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
30434
X-XSS-Protection
1; mode=block
Expires
Wed, 24 Jan 2018 10:18:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame (839 		0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvawGOLN0PmEN8GvSYGTTpQYdsZsh142BY9X2sBUFCK6JVYrwdWwgas2fH2vamM8sFhCo1Qv76pRqyJF6HEs-DnD0xVc6zPD0qfnbtcGlFYHPpdFncpRhL-Iqr_INN2DJubjAgCCjkrLqJuq0o4dr2XBb9PNSsnPomu_W01NvFu3-rAWmaczTkQJYO2aRzr9w5sa58fVHgUvz9wbgjLvzVADq5Cyys5xFcYNVd7i-kEvGFvz0GMgzGVngBlqf9xuKBrrk_H9fjpWgcJuEHxmpwHe2YlN1Tg4lJhrlKY-n5e4K4XeQ-alxMvS-K1Jfc&sig=Cg0ArKJSzFvqthZ9R-WbEAE&adurl=
Requested by
Host: missing.hi2.ro
URL: http://missing.hi2.ro/missing.html
Protocol
SPDY
Server
172.217.21.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://missing.hi2.ro/missing.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 24 Jan 2018 09:24:54 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
content-type
text/html; charset=UTF-8
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
0
x-xss-protection
1; mode=block
expires
Wed, 24 Jan 2018 09:24:54 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame (839 		42 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1vdFNbVjCUSSqdVUqxKnnre7d7b_TluPYWtIBQXWgpfvdkQDBBpvbeThY3Bpi2C5e837xJZLUZZFv06TQotL1y5t0iWnKrEE&sig=Cg0ArKJSzNg52IA1RIPSEAE&id=osdim&ti=1&r=v&adk=684399547&tt=908&bs=1600,1200&mtos=1050,1050,1050,1050,1050&tos=1050,0,0,0,0&p=8,566,68,1034&inapp=0&mcvt=1050&rs=3&ht=0&tfs=10&tls=1060&mc=1&lte=1&bas=0&bac=0&bos=1600,1200&ps=1600,1200&ss=1600,1200&pt=153&deb=1-1-1-5-11-2&tvt=1051&op=1&avms=geo&uc=10&tgt=DIV&cl=1&cec=5&clc=1&cac=0468x60&v=r20180118
Protocol
SPDY
Server
172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://missing.hi2.ro/missing.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jan 2018 09:24:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="41,39,38,37,35",hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| googletag object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| GPT_jstiming undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id object| closure_memoize_cache_ object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| google_timing_params object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb

2 Cookies

Domain/Path Name / Value
www.naturo.ro/ Name: PHPSESSID
Value: 012pb5d0ch06slvquargrodkj2
.hi2.ro/ Name: __gads
Value: ID=9c0937c520eb465c:T=1516785894:S=ALNI_MZ2j8Wmi9LZxkUwjt98g2Znsysk-Q