dhfhfghfgh.altervista.org Open in urlscan Pro
78.129.205.47 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Submission: On July 20 via manual (July 20th 2018, 1:01:20 pm UTC) from US

Summary HTTP 55 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 12 domains to perform 55 HTTP transactions. The main IP is 78.129.205.47, located in United Kingdom and belongs to IOMART-AS, GB. The main domain is dhfhfghfgh.altervista.org.

This is the only time dhfhfghfgh.altervista.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AT&T (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	78.129.205.47 78.129.205.47	20860 (IOMART-AS) (IOMART-AS)
1 1	2a02:26f0:6c0... 2a02:26f0:6c00:195::2db1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00:187::2db1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	144.160.149.126 144.160.149.126	797 (AMERITECH-AS) (AMERITECH-AS - AT&T Services)
1	69.168.96.158 69.168.96.158	36271 (SYNACOR-C...) (SYNACOR-CLUSTER - Synacor)
2	52.32.186.42 52.32.186.42	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	172.82.228.16 172.82.228.16	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	144.160.225.146 144.160.225.146	797 (AMERITECH-AS) (AMERITECH-AS - AT&T Services)
9	136.243.2.60 136.243.2.60	24940 (HETZNER-AS) (HETZNER-AS)
1	2.16.186.56 2.16.186.56	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	78.129.205.14 78.129.205.14	20860 (IOMART-AS) (IOMART-AS)
2	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1	31.186.231.25 31.186.231.25	15570 (Internap ...) (Internap European Autonomous System)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
55	18

1 78.129.205.47 (United Kingdom)

ASN20860 (IOMART-AS, GB)
PTR: ns355.altervista.org

dhfhfghfgh.altervista.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:195::2db1 (European Union) 1 redirects

ASN20940 (AKAMAI-ASN1, US)

www.att.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:187::2db1 (European Union)

ASN20940 (AKAMAI-ASN1, US)

www.att.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 144.160.149.126 (United States)

ASN797 (AMERITECH-AS - AT&T Services, Inc., US)

home.secureapp.att.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.168.96.158 (Buffalo, United States)

ASN36271 (SYNACOR-CLUSTER - Synacor, Inc., US)

sadlib.static-app.synacor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.32.186.42 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-32-186-42.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.82.228.16 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.d1.sc.omtrdc.net

metrics.att.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (Lehi, United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.160.225.146 (United States)

ASN797 (AMERITECH-AS - AT&T Services, Inc., US)

loginprodx.att.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 136.243.2.60 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.60.2.243.136.clients.your-server.de

tb.altervista.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.56 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-56.deploy.static.akamaitechnologies.com

fast.att.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.129.205.14 (United Kingdom)

ASN20860 (IOMART-AS, GB)

tb.altervista.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.22.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.186.231.25 (United Kingdom)

ASN15570 (Internap European Autonomous System, GB)
PTR: statse.webtrendslive.com

statse.webtrendslive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	att.net home.secureapp.att.net loginprodx.att.net	227 KB
14	altervista.org dhfhfghfgh.altervista.org tb.altervista.org	80 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	352 KB
4	doubleclick.net securepubads.g.doubleclick.net	84 KB
4	att.com 1 redirects www.att.com metrics.att.com	20 KB
3	demdex.net dpm.demdex.net fast.att.demdex.net	2 KB
1	webtrendslive.com statse.webtrendslive.com	195 B
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	googletagservices.com www.googletagservices.com	8 KB
1	everesttech.net 1 redirects cm.everesttech.net	526 B
1	synacor.com sadlib.static-app.synacor.com	17 KB
55	12

	Domain	Requested by
16	home.secureapp.att.net	dhfhfghfgh.altervista.org home.secureapp.att.net
13	tb.altervista.org	dhfhfghfgh.altervista.org tb.altervista.org
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net dhfhfghfgh.altervista.org
3	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
3	www.att.com	1 redirects dhfhfghfgh.altervista.org
2	dpm.demdex.net	www.att.com dhfhfghfgh.altervista.org
1	statse.webtrendslive.com	loginprodx.att.net
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	www.googletagservices.com	sadlib.static-app.synacor.com
1	fast.att.demdex.net	www.att.com
1	loginprodx.att.net	dhfhfghfgh.altervista.org
1	cm.everesttech.net	1 redirects
1	metrics.att.com	www.att.com
1	sadlib.static-app.synacor.com	dhfhfghfgh.altervista.org
1	dhfhfghfgh.altervista.org
55	17

This site contains links to these domains. Also see Links.

Domain
en.altervista.org
www.att.net
www.att.com
uverseonline.att.net
elportal.att.net
loginprodx.att.net
home.secureapp.att.net

Subject Issuer	Validity	Valid

This page contains 4 frames:

Primary Page: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Frame ID: BA9FA56C3939C1CD6C7A845D5F1E4115
Requests: 41 HTTP requests in this frame

Frame: http://fast.att.demdex.net/dest5.html?d_nsid=0
Frame ID: B14E7A3E3E602D1368CBB62A7216FD13
Requests: 1 HTTP requests in this frame

Frame: http://tb.altervista.org/tb_html/8/t2_dhfhfghfgh.html?ref=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&iubenda=0
Frame ID: FECB619252E0E12021AA908AD4A02487
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20180716/r20110914/abg_lite.js
Frame ID: 79F5B507A331722F76624207C8BDCAE7
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i
env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i

Webtrends (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<img[^>]+id="DCSIMG"[^>]+webtrends/i
env /^(?:WTOptimize|WebTrends)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

55
Requests

0 %
HTTPS

37 %
IPv6

12
Domains

17
Subdomains

18
IPs

5
Countries

789 kB
Transfer

1266 kB
Size

4
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://en.altervista.org/?utm_campaign=toolbar&utm_source=link&utm_medium=link
Title: Get a site

Search URL Search Domain Scan URL

URL: http://www.att.net/
Title: att.net

Search URL Search Domain Scan URL

URL: http://www.att.com/
Title: att.com

Search URL Search Domain Scan URL

URL: http://uverseonline.att.net/
Title: uverse.com

Search URL Search Domain Scan URL

URL: http://elportal.att.net/
Title: En Español

Search URL Search Domain Scan URL

URL: https://www.att.com/esupport/index.jsp?App_ID=PBY
Title: AT&T Support

Search URL Search Domain Scan URL

URL: https://www.att.com/esupport/article.html#!/wireless/KM1187387
Title: Learn about shared passwords for AT&T email and your AT&T Access ID

Search URL Search Domain Scan URL

URL: https://www.att.com/olam/unauth/enterEmailForgotId.myworld?origination_point=att.net&Return_URL=https://loginprodx.att.net/FIM/sps/ATTidp/saml20/logininitial?RequestBinding=HTTPPost&PartnerId=https%3A%2F%2Flogin.yahoo.com%2Fsaml%2F2.0%2Fatt&.lang=en-US&Target=https%3A%2F%2Fwww.yahoo.com%2F&Cancel_URL=https://loginprodx.att.net/FIM/sps/ATTidp/saml20/logininitial?RequestBinding=HTTPPost&PartnerId=https%3A%2F%2Flogin.yahoo.com%2Fsaml%2F2.0%2Fatt&.lang=en-US&Target=https%3A%2F%2Fwww.yahoo.com%2F
Title: Forgot User ID?

Search URL Search Domain Scan URL

URL: https://loginprodx.att.net/commonLogin/igate_edam/#modal
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://home.secureapp.att.net/attportal/s/context.dll?id=9002001&type=clickthru&name=cgate.Register.Pageviews.www-att-net&redirecturl=https://attreg.att.net/PortalRegWeb/PortalRegController?callingAppId=OP&returnUrl=

Search URL Search Domain Scan URL

URL: https://loginprodx.att.net/commonLogin/igate_edam/

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.support&redirecturl=https://www.att.com/esupport/index.jsp?App_ID=PBY
Title: AT&T Support

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.adinfo&redirecturl=http://www.att.net/legal/advertising
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.TOS&redirecturl=http://www.att.com/shop/internet/att-internet-terms-of-service.jsp
Title: Terms of Service

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.copyright&redirecturl=http://info.yahoo.com/copyright/details.html
Title: Copyright

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.privacy&redirecturl=http://att.yahoo.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.aboutourads&redirecturl=http://info.yahoo.com/privacy/us/yahoo/attandyahoo/adchoices.html
Title: About Our Ads

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.AUP&redirecturl=https://www.att.com/legal/terms.aup.html
Title: Acceptable Use Policy

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.IP&redirecturl=http://www.att.com/gen/privacy-policy?pid=2587
Title: © 2018 AT&T Intellectual Property

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.att.com/scripts/adobe/prod/detm-container-hdr.js HTTP 301
https://www.att.com/scripts/adobe/prod/detm-container-hdr.js

Request Chain 9

http://www.att.com/scripts/adobe/prod/detm-container-ftr.js HTTP 307
https://www.att.com/scripts/adobe/prod/detm-container-ftr.js

Request Chain 13

http://cm.everesttech.net/cm/dd?d_uuid=86044634048968954401922834449137410406 HTTP 302
http://dpm.demdex.net/ibs:dpid=411&dpuuid=W1HdFAAABs0qeRN_

Request Chain 42

https://home.secureapp.att.net/attportal/s/context.dll?id=9002001&type=clickthru&name=cgate.signIn.Pageviews.www-att-net&redirecturl=/i/s.gif?nocache=7271 HTTP 302
http://home.secureapp.att.net/i/s.gif?nocache=7271

55 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request ikkkk.php Show response
dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ 9 KB
4 KB 38ms
21ms Document
text/html 78.129.205.47
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.1
Server: 78.129.205.47 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS: ns355.altervista.org
Software: Apache /
Resource Hash: 20282ee485ddb8abdb805bad560dc49a7e45dbee38377d5811ff4bd3aec8d8ab

Request headers

Host: dhfhfghfgh.altervista.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: BA9FA56C3939C1CD6C7A845D5F1E4115

Response headers

Date: Fri, 20 Jul 2018 13:01:07 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
S

200

detm-container-hdr.js Show response
www.att.com/scripts/adobe/prod/
Redirect Chain

http://www.att.com/scripts/adobe/prod/detm-container-hdr.js
https://www.att.com/scripts/adobe/prod/detm-container-hdr.js

54 KB
18 KB

104ms
88ms

Script
application/javascript

2a02:26f0:6c00:187::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/adobe/prod/detm-container-hdr.js

Requested by

Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php

Protocol

SPDY

Server

2a02:26f0:6c00:187::2db1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

d042de9bcda8057872786142e57c8b96ee0c13c55723139b8fdb8764a6445b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; preload

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 20 Jul 2018 13:01:07 GMT
content-encoding: gzip
last-modified: Thu, 12 Jul 2018 17:53:57 GMT
server: Apache
etag: "d7e8-570d10c191740"
vary: Accept-Encoding
content-type: application/javascript
status: 200
uxtime: W1EN9goUAVkAAMvdjxgAAADT D=12744
cache-control: max-age=900
server-timing: cdn-cache; desc=HIT;, edge; dur=13;
strict-transport-security: max-age=15768000 ; preload
accept-ranges: bytes
content-length: 18167

Redirect headers

Location: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js
Date: Fri, 20 Jul 2018 13:01:07 GMT
Cache-Control: max-age=900
Server: AkamaiGHost
Server-Timing: cdn-cache; desc=HIT;, edge; dur=0;
Content-Length: 0
Connection: keep-alive

GET
H/1.0 200
OK _fontface.css
home.secureapp.att.net/css/sso/slid/1201/ 0
223 B 171ms
170ms Stylesheet
text/css 144.160.149.126
AT&T Services

General

Check archive.org

Show headers Download Go to

Full URL: https://home.secureapp.att.net/css/sso/slid/1201/_fontface.css
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.0
Server: 144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:06 GMT
Last-modified: Thu, 02 Nov 2017 04:21:10 GMT
Server: ""
Etag: "0-59fa9d36"
Content-type: text/css
Connection: keep-alive
Accept-ranges: bytes
Content-length: 0

GET
H/1.0 200
OK main.css
home.secureapp.att.net/css/sso/slid/1201/ 28 KB
28 KB 511ms
341ms Stylesheet
text/css 144.160.149.126
AT&T Services

General

Check archive.org

Show headers Download Go to

Full URL: https://home.secureapp.att.net/css/sso/slid/1201/main.css
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.0
Server: 144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: dfa2be020e3374a4b1c871c88ada990120fb198d4e8ff685ad35cfae88ad3466

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:06 GMT
Last-modified: Tue, 24 Oct 2017 04:39:16 GMT
Server: ""
Etag: "6fd5-59eec3f4"
Content-type: text/css
Connection: keep-alive
Accept-ranges: bytes
Content-length: 28629

GET
H/1.0 200
OK jquery-1.5.1.min.js Show response
home.secureapp.att.net/js/jquery/ 83 KB
84 KB 814ms
322ms Script
application/x-javascript 144.160.149.126
AT&T Services

General

Check archive.org

Show headers Download Go to

Full URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.0
Server: 144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:07 GMT
Last-modified: Fri, 11 Mar 2011 22:40:27 GMT
Server: ""
Etag: "14d0c-4d7aa4db"
Content-type: application/x-javascript
Connection: keep-alive
Accept-ranges: bytes
Content-length: 85260

GET
H/1.0 200
OK jquery.simplemodal.js Show response
home.secureapp.att.net/js/jquery/simplemodal/ 9 KB
10 KB 814ms
322ms Script
application/x-javascript 144.160.149.126
AT&T Services

General

Check archive.org

Show headers Download Go to

Full URL: https://home.secureapp.att.net/js/jquery/simplemodal/jquery.simplemodal.js
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.0
Server: 144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: da0f28b0d18d448b29cb3ee6e742952e7247c627d3800d045ba1573ca1fc07f4

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:07 GMT
Last-modified: Tue, 27 Mar 2018 20:03:41 GMT
Server: ""
Etag: "255a-5abaa39d"
Content-type: application/x-javascript
Connection: keep-alive
Accept-ranges: bytes
Content-length: 9562

GET
H/1.0 200
OK script.js Show response
home.secureapp.att.net/js/sso/slid/1201/ 47 KB
48 KB 831ms
332ms Script
application/x-javascript 144.160.149.126
AT&T Services

General

Check archive.org

Show headers Download Go to

Full URL: https://home.secureapp.att.net/js/sso/slid/1201/script.js
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.0
Server: 144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: db2a3260d580716fb8dae973b1b994f799f545d520b7a1636d473ecbdbdd2223

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:07 GMT
Last-modified: Fri, 29 Dec 2017 04:07:49 GMT
Server: ""
Etag: "bdff-5a45bf95"
Content-type: application/x-javascript
Connection: keep-alive
Accept-ranges: bytes
Content-length: 48639

GET
H/1.1 200
OK att.js Show response
sadlib.static-app.synacor.com/client/att/ 60 KB
17 KB 274ms
114ms Script
text/javascript 69.168.96.158
Synacor

General

Check archive.org

Show headers Download Go to

Full URL: http://sadlib.static-app.synacor.com/client/att/att.js
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.1
Server: 69.168.96.158 Buffalo, United States, ASN36271 (SYNACOR-CLUSTER - Synacor, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 02315fc51588752c5b9ffd21eb8e18d96634a733a91bf6baa008b718a85f29d3

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Content-Encoding: gzip
Age: 0
P3P: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
Connection: keep-alive
Content-Length: 16535
Access-Control-Allow-Origin: *
Last-Modified: Wed, 27 Jun 2018 13:42:56 GMT
Server: nginx
ETag: "ef01-56f9fcac5d800"
Vary: Accept-Encoding
X-Varnish: 173756906
Via: 1.1 varnish
Cache-Control: max-age=300
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Fri, 20 Jul 2018 13:06:08 GMT

GET
H/1.0 200
OK Button.png
home.secureapp.att.net/design/CDLS10/img/logos/ 2 KB
3 KB 165ms
163ms Image
image/png 144.160.149.126
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/design/CDLS10/img/logos/Button.png
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.0
Server: 144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: 8e6ec1efd720fba57823309829b05bb57ebb5716c813c88b3c88cf36ab9aa5e9

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Last-modified: Tue, 16 Aug 2016 22:02:34 GMT
Server: ""
Etag: "9a2-57b38d7a"
Content-type: image/png
Connection: keep-alive
Accept-ranges: bytes
Content-length: 2466

GET
H/1.0 200
OK AT&T_logo.png
home.secureapp.att.net/design/CDLS10/img/logos/ 3 KB
4 KB 172ms
171ms Image
image/png 144.160.149.126
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/design/CDLS10/img/logos/AT&T_logo.png
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.0
Server: 144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: a8c89bb3937cdc4a70b3568eae5a390d918433be78f89deba07846932ae7c695

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Last-modified: Tue, 16 Aug 2016 22:02:34 GMT
Server: ""
Etag: "d37-57b38d7a"
Content-type: image/png
Connection: keep-alive
Accept-ranges: bytes
Content-length: 3383

GET
S

200

detm-container-ftr.js Show response
www.att.com/scripts/adobe/prod/
Redirect Chain

http://www.att.com/scripts/adobe/prod/detm-container-ftr.js
https://www.att.com/scripts/adobe/prod/detm-container-ftr.js

540 B
595 B

13ms
12ms

Script
application/javascript

2a02:26f0:6c00:187::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/adobe/prod/detm-container-ftr.js

Requested by

Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php

Protocol

SPDY

Server

2a02:26f0:6c00:187::2db1 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

9e0db7af94ee7bd2d325475edb564226b87d4a0c528f4b69a112f8769ed52ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; preload

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 20 Jul 2018 13:01:08 GMT
content-encoding: gzip
last-modified: Thu, 03 May 2018 16:18:06 GMT
server: Apache
etag: "21c-56b4f8c6b8b80"
vary: Accept-Encoding
content-type: application/javascript
status: 200
uxtime: W1EN8AoUATYAAC1vfnQAAAio D=64881
cache-control: max-age=900
server-timing: cdn-cache; desc=HIT;, edge; dur=0;
strict-transport-security: max-age=15768000 ; preload
accept-ranges: bytes
content-length: 320

Redirect headers

Location: https://www.att.com/scripts/adobe/prod/detm-container-ftr.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 1 KB
1 KB 348ms
177ms XHR
application/json 52.32.186.42
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/id?d_visid_ver=2.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=55633F7A534535110A490D44%40AdobeOrg&d_nsid=0&ts=1532091667290
Requested by: Host: www.att.com
URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js
Protocol: HTTP/1.1
Server: 52.32.186.42 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-32-186-42.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: fa3156321b84e9a753715304efa52a25d9072ed8d2ed46641e65a671337d5d12

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Origin: http://dhfhfghfgh.altervista.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: usw2-prod-dcs-0f036d23e.edge-usw2.demdex.com 5.34.2.20180719143257 4ms
Pragma: no-cache
Content-Encoding: gzip
X-TID: YJmBFEmiSP0=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://dhfhfghfgh.altervista.org
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 530
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.0 200
OK mobile.css
home.secureapp.att.net/css/sso/slid/1201/ 4 KB
4 KB 166ms
164ms Stylesheet
text/css 144.160.149.126
AT&T Services

General

Check archive.org

Show headers Download Go to

Full URL: https://home.secureapp.att.net/css/sso/slid/1201/mobile.css
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.0
Server: 144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: 30a949cc26cd4f709fa897313f8d448b2cb724a40a170c4b8e8ce6b3aa890fd1

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Last-modified: Wed, 21 Dec 2016 10:14:45 GMT
Server: ""
Etag: "fa3-585a5615"
Content-type: text/css
Connection: keep-alive
Accept-ranges: bytes
Content-length: 4003

GET
H/1.1 200
OK id Show response
metrics.att.com/ 49 B
585 B 64ms
21ms XHR
application/x-javascript 172.82.228.16
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://metrics.att.com/id?d_visid_ver=2.0.0&d_fieldgroup=A&mcorgid=55633F7A534535110A490D44%40AdobeOrg&mid=85779825111573032821931318544852137796&ts=1532091667642

Requested by

Host: www.att.com
URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js

Protocol

HTTP/1.1

Server

172.82.228.16 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

*.d1.sc.omtrdc.net

Software

Omniture DC/2.0.0 /

Resource Hash

bd4c9097947bd81fe4397042e8302b0f5743d4f49a64ca954cf3a72afb18e7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Origin: http://dhfhfghfgh.altervista.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 20 Jul 2018 13:01:07 GMT
X-Content-Type-Options: nosniff
Server: Omniture DC/2.0.0
xserver: www170
Vary: Origin
Access-Control-Allow-Methods: GET, POST, DELETE
P3P: CP="This is not a P3P policy"
Access-Control-Allow-Origin: http://dhfhfghfgh.altervista.org
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 49
X-XSS-Protection: 1; mode=block
X-C: ms-6.4.0

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=W1HdFAAABs0qeRN_
dpm.demdex.net/
Redirect Chain

http://cm.everesttech.net/cm/dd?d_uuid=86044634048968954401922834449137410406
http://dpm.demdex.net/ibs:dpid=411&dpuuid=W1HdFAAABs0qeRN_

42 B
763 B

177ms
176ms

Image
image/gif

52.32.186.42
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dpm.demdex.net/ibs:dpid=411&dpuuid=W1HdFAAABs0qeRN_
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.1
Server: 52.32.186.42 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-32-186-42.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: usw2-prod-dcs-5f7eaf00.edge-usw2.demdex.com 5.34.2.20180719143257 4ms
Pragma: no-cache
X-TID: EEqDS5HOSPQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 20 Jul 2018 13:01:07 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: http://dpm.demdex.net/ibs:dpid=411&dpuuid=W1HdFAAABs0qeRN_
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H/1.1 200
OK webtrends.min.js Show response
loginprodx.att.net/commonLogin/igate_edam/staticContent/images/SLID/js/ 22 KB
22 KB 822ms
118ms Script
application/x-javascript 144.160.225.146
AT&T Services

General

Check archive.org

Show headers Download Go to

Full URL: https://loginprodx.att.net/commonLogin/igate_edam/staticContent/images/SLID/js/webtrends.min.js
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.1
Server: 144.160.225.146 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: /
Resource Hash: 50de74141721246d0341cbeea72a1e69a3363af1659a4171ef5e3200c9f8eda6

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 20 Jul 2018 13:01:09 GMT
last-modified: Wed, 20 Jun 2018 02:13:00 GMT
content-type: application/x-javascript
content-length: 22315
content-language: en-US
p3p: CP="NON CUR OTPi OUR NOR UNI"

GET
H/1.1 200
OK script.js Show response
tb.altervista.org/js/ 5 KB
2 KB 3ms
1ms Script
text/javascript 136.243.2.60
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tb.altervista.org/js/script.js?1
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.1
Server: 136.243.2.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.60.2.243.136.clients.your-server.de
Software: lighttpd /
Resource Hash: db6b849b04da0e9deca82d5e0ab1772445ba1225fe3936c5cba06b6360572940

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tb.altervista.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Cookie: AMCVS_55633F7A534535110A490D44%40AdobeOrg=1; AMCV_55633F7A534535110A490D44%40AdobeOrg=2096510701%7CMCIDTS%7C17733%7CMCMID%7C85779825111573032821931318544852137796%7CMCAAMLH-1532696467%7C9%7CMCAAMB-1532696467%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1532098867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C2.0.0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Jun 2015 12:37:36 GMT
Server: lighttpd
ETag: "2258168418"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 2171
Expires: Fri, 27 Jul 2018 13:01:08 GMT

GET
H/1.0 200
OK footerBg.png
home.secureapp.att.net/design/CDLS10/img/ui/ 560 B
788 B 173ms
172ms Image
image/png 144.160.149.126
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/design/CDLS10/img/ui/footerBg.png
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.0
Server: 144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: 61e91515aaf72cba3014a136331a138eca6b27831c8f2e6b0c128825243f5263

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Last-modified: Fri, 17 Jul 2009 17:05:33 GMT
Server: ""
Etag: "230-4a60af5d"
Content-type: image/png
Connection: keep-alive
Accept-ranges: bytes
Content-length: 560

GET
H/1.0 200
OK pageBg.png
home.secureapp.att.net/design/cdls10/img/ui/ 169 B
396 B 176ms
176ms Image
image/png 144.160.149.126
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/design/cdls10/img/ui/pageBg.png
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.0
Server: 144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: c537cf7e2770d1b4953255dfccff8e0bdbfd4adb4e88d868e353208ae7ff13c1

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Last-modified: Tue, 11 Aug 2009 21:10:32 GMT
Server: ""
Etag: "a9-4a81de48"
Content-type: image/png
Connection: keep-alive
Accept-ranges: bytes
Content-length: 169

GET
H/1.0 200
OK btnSumbit.png
home.secureapp.att.net/img/sso/slid/ 1 KB
2 KB 486ms
161ms Image
image/png 144.160.149.126
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/img/sso/slid/btnSumbit.png
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.0
Server: 144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: 27da51ec2023f96407f92161ddda0e290b0661a765822ff03e5d61f3aecf8aa0

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Last-modified: Tue, 21 Sep 2010 15:06:50 GMT
Server: ""
Etag: "573-4c98ca0a"
Content-type: image/png
Connection: keep-alive
Accept-ranges: bytes
Content-length: 1395

GET
H/1.0 200
OK txt-clear.png
home.secureapp.att.net/img/sso/slid/ 3 KB
3 KB 320ms
171ms Image
image/png 144.160.149.126
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/img/sso/slid/txt-clear.png
Requested by: Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol: HTTP/1.0
Server: 144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: fdee766a03e4032897a2cd75326c135d8e938592bfb00f12ed5b4eb223f54c3f

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Last-modified: Tue, 29 Jul 2014 15:04:17 GMT
Server: ""
Etag: "cda-53d7b7f1"
Content-type: image/png
Connection: keep-alive
Accept-ranges: bytes
Content-length: 3290

GET
H/1.0 200
OK support-icon.jpg
home.secureapp.att.net/img/sso/slid/ 2 KB
2 KB 314ms
167ms Image
image/jpeg 144.160.149.126
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/img/sso/slid/support-icon.jpg
Requested by: Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol: HTTP/1.0
Server: 144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: 01a7e22fd83c617ff55898233518c54a9ecce7e0de3e8a63c4fa59315b029c6b

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Last-modified: Mon, 26 Jul 2010 21:26:50 GMT
Server: ""
Etag: "615-4c4dfd9a"
Content-type: image/jpeg
Connection: keep-alive
Accept-ranges: bytes
Content-length: 1557

GET
H/1.0 200
OK att_globe_blue_80x80.png
home.secureapp.att.net/design/CDLS10/img/logos/ 16 KB
16 KB 301ms
161ms Image
image/png 144.160.149.126
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/design/CDLS10/img/logos/att_globe_blue_80x80.png
Requested by: Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol: HTTP/1.0
Server: 144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: dfa35aa4643a991e1d2ec6e3562e1a0465174c7200a7572c92619904bb08530f

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Last-modified: Fri, 20 May 2016 12:43:47 GMT
Server: ""
Etag: "40c4-573f0683"
Content-type: image/png
Connection: keep-alive
Accept-ranges: bytes
Content-length: 16580

GET
H/1.0 200
OK attGlobalNavHeader-bg.gif
home.secureapp.att.net/design/cdls20/img/ui/ 149 B
376 B 301ms
161ms Image
image/gif 144.160.149.126
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/design/cdls20/img/ui/attGlobalNavHeader-bg.gif
Requested by: Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol: HTTP/1.0
Server: 144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: 9880eb5b6a6b1dec8f568c14a1a5be755c460d2ea2df66fa7b5e6b99227f7128

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Last-modified: Thu, 26 Apr 2012 21:04:53 GMT
Server: ""
Etag: "95-4f99b875"
Content-type: image/gif
Connection: keep-alive
Accept-ranges: bytes
Content-length: 149

GET
H/1.0 200
OK ques.png
home.secureapp.att.net/img/sso/slid/ 363 B
591 B 329ms
176ms Image
image/png 144.160.149.126
AT&T Services

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/img/sso/slid/ques.png
Requested by: Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/sso/slid/1201/script.js
Protocol: HTTP/1.0
Server: 144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software: "" /
Resource Hash: 5fd69c4fa9f1a2a6fbdab11ff45053dbd08237e6190dfc9c071fadd08fe9b7d5

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Last-modified: Mon, 19 Jul 2010 03:35:58 GMT
Server: ""
Etag: "16b-4c43c81e"
Content-type: image/png
Connection: keep-alive
Accept-ranges: bytes
Content-length: 363

GET
H/1.1 200
OK dest5.html
fast.att.demdex.net/ Frame B14E 0
0 19ms
5ms Document
text/html 2.16.186.56
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://fast.att.demdex.net/dest5.html?d_nsid=0
Requested by: Host: www.att.com
URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js
Protocol: HTTP/1.1
Server: 2.16.186.56 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-56.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: fast.att.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Accept-Encoding: gzip, deflate
Cookie: demdex=86044634048968954401922834449137410406
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: BA9FA56C3939C1CD6C7A845D5F1E4115
Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php

Response headers

Server: Apache
ETag: "c4cfbeeecf2116c47acc61dc46349b18:1529611110"
Last-Modified: Thu, 21 Jun 2018 19:58:30 GMT
Accept-Ranges: bytes
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2766
Cache-Control: max-age=21600
Date: Fri, 20 Jul 2018 13:01:08 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"

GET
H/1.1 200
OK toolbar-font.css
tb.altervista.org/css/ 302 B
498 B 1ms
0ms Stylesheet
text/css 136.243.2.60
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tb.altervista.org/css/toolbar-font.css
Requested by: Host: tb.altervista.org
URL: http://tb.altervista.org/js/script.js?1
Protocol: HTTP/1.1
Server: 136.243.2.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.60.2.243.136.clients.your-server.de
Software: lighttpd /
Resource Hash: 86a48fbf6c35393d61e2f76d286cfca947cec108a6e61db04883d9fca1eaced2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tb.altervista.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Cookie: AMCVS_55633F7A534535110A490D44%40AdobeOrg=1; AMCV_55633F7A534535110A490D44%40AdobeOrg=2096510701%7CMCIDTS%7C17733%7CMCMID%7C85779825111573032821931318544852137796%7CMCAAMLH-1532696467%7C9%7CMCAAMB-1532696467%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1532098867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C2.0.0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Feb 2018 09:56:51 GMT
Server: lighttpd
ETag: "2424462105"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 173
Expires: Fri, 27 Jul 2018 13:01:08 GMT

GET
H/1.1 200
OK toolbar-icons.css
tb.altervista.org/css/ 3 KB
1 KB 2ms
0ms Stylesheet
text/css 136.243.2.60
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tb.altervista.org/css/toolbar-icons.css
Requested by: Host: tb.altervista.org
URL: http://tb.altervista.org/js/script.js?1
Protocol: HTTP/1.1
Server: 136.243.2.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.60.2.243.136.clients.your-server.de
Software: lighttpd /
Resource Hash: 5326345e0a3d2b6c1e1bd24a63f0194fffa3c97198f88249ab9a9bc2fa145109

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tb.altervista.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Cookie: AMCVS_55633F7A534535110A490D44%40AdobeOrg=1; AMCV_55633F7A534535110A490D44%40AdobeOrg=2096510701%7CMCIDTS%7C17733%7CMCMID%7C85779825111573032821931318544852137796%7CMCAAMLH-1532696467%7C9%7CMCAAMB-1532696467%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1532098867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C2.0.0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Nov 2014 14:27:26 GMT
Server: lighttpd
ETag: "4289086545"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 852
Expires: Fri, 27 Jul 2018 13:01:08 GMT

GET
H/1.1 200
OK site.css
tb.altervista.org/css/ 2 KB
955 B 3ms
1ms Stylesheet
text/css 136.243.2.60
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tb.altervista.org/css/site.css
Requested by: Host: tb.altervista.org
URL: http://tb.altervista.org/js/script.js?1
Protocol: HTTP/1.1
Server: 136.243.2.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.60.2.243.136.clients.your-server.de
Software: lighttpd /
Resource Hash: e1e7f23b0faebe69c81433f005cd8db401bb56ba700f0737c2e9c2a017295b3a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tb.altervista.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Cookie: AMCVS_55633F7A534535110A490D44%40AdobeOrg=1; AMCV_55633F7A534535110A490D44%40AdobeOrg=2096510701%7CMCIDTS%7C17733%7CMCMID%7C85779825111573032821931318544852137796%7CMCAAMLH-1532696467%7C9%7CMCAAMB-1532696467%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1532098867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C2.0.0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Feb 2018 14:02:28 GMT
Server: lighttpd
ETag: "1834976043"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 630
Expires: Fri, 27 Jul 2018 13:01:08 GMT

GET
H/1.1 200
OK t2_dhfhfghfgh.html Show response
tb.altervista.org/tb_html/8/ Frame FECB 3 KB
1 KB 6ms
1ms Document
text/html 136.243.2.60
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tb.altervista.org/tb_html/8/t2_dhfhfghfgh.html?ref=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&iubenda=0
Requested by: Host: tb.altervista.org
URL: http://tb.altervista.org/js/script.js?1
Protocol: HTTP/1.1
Server: 136.243.2.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.60.2.243.136.clients.your-server.de
Software: lighttpd /
Resource Hash: 843a8ddbf8b0dae1055be4f3bb9843e92b2f3077582b42b696ec799412cb8a48

Request headers

Host: tb.altervista.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Accept-Encoding: gzip, deflate
Cookie: AMCVS_55633F7A534535110A490D44%40AdobeOrg=1; AMCV_55633F7A534535110A490D44%40AdobeOrg=2096510701%7CMCIDTS%7C17733%7CMCMID%7C85779825111573032821931318544852137796%7CMCAAMLH-1532696467%7C9%7CMCAAMB-1532696467%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1532098867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C2.0.0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: BA9FA56C3939C1CD6C7A845D5F1E4115
Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php

Response headers

Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Fri, 05 Dec 2014 13:23:35 GMT
ETag: "742572576"
Content-Type: text/html
Accept-Ranges: bytes
Content-Length: 832
Date: Fri, 20 Jul 2018 13:01:08 GMT
Server: lighttpd

GET
H/1.1 200
OK toolbar-icons.woff2
tb.altervista.org/css/fonts/ 11 KB
11 KB 2ms
1ms Font
application/font-woff2 136.243.2.60
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tb.altervista.org/css/fonts/toolbar-icons.woff2
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.1
Server: 136.243.2.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.60.2.243.136.clients.your-server.de
Software: lighttpd /
Resource Hash: 9b9fa645cd86084ea7344274e08ccec18be2682988032de348e225953d523b1e

Request headers

Pragma: no-cache
Origin: http://dhfhfghfgh.altervista.org
Accept-Encoding: gzip, deflate
Host: tb.altervista.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://tb.altervista.org/css/toolbar-icons.css
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://tb.altervista.org/css/toolbar-icons.css
Origin: http://dhfhfghfgh.altervista.org

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Last-Modified: Mon, 10 Nov 2014 13:36:37 GMT
Server: lighttpd
ETag: "3031478189"
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 11360
Expires: Fri, 27 Jul 2018 13:01:08 GMT

GET
H/1.1 200
OK lato-regular.woff2
tb.altervista.org/css/fonts/ 24 KB
25 KB 2ms
1ms Font
application/font-woff2 136.243.2.60
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tb.altervista.org/css/fonts/lato-regular.woff2
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: HTTP/1.1
Server: 136.243.2.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.60.2.243.136.clients.your-server.de
Software: lighttpd /
Resource Hash: 377dc073f93dba7c43f036a141528964df4651c787472d7a323648f53cb14efe

Request headers

Pragma: no-cache
Origin: http://dhfhfghfgh.altervista.org
Accept-Encoding: gzip, deflate
Host: tb.altervista.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://tb.altervista.org/css/toolbar-font.css
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://tb.altervista.org/css/toolbar-font.css
Origin: http://dhfhfghfgh.altervista.org

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Last-Modified: Tue, 13 Feb 2018 13:43:24 GMT
Server: lighttpd
ETag: "2299998859"
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 25024
Expires: Fri, 27 Jul 2018 13:01:08 GMT

GET
H/1.1 200
OK toolbar-font.css
tb.altervista.org/css/ Frame FECB 302 B
498 B 2ms
1ms Stylesheet
text/css 136.243.2.60
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tb.altervista.org/css/toolbar-font.css?ver=1.0.0
Requested by: Host: tb.altervista.org
URL: http://tb.altervista.org/tb_html/8/t2_dhfhfghfgh.html?ref=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&iubenda=0
Protocol: HTTP/1.1
Server: 136.243.2.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.60.2.243.136.clients.your-server.de
Software: lighttpd /
Resource Hash: 86a48fbf6c35393d61e2f76d286cfca947cec108a6e61db04883d9fca1eaced2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tb.altervista.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://tb.altervista.org/tb_html/8/t2_dhfhfghfgh.html?ref=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&iubenda=0
Cookie: AMCVS_55633F7A534535110A490D44%40AdobeOrg=1; AMCV_55633F7A534535110A490D44%40AdobeOrg=2096510701%7CMCIDTS%7C17733%7CMCMID%7C85779825111573032821931318544852137796%7CMCAAMLH-1532696467%7C9%7CMCAAMB-1532696467%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1532098867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C2.0.0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://tb.altervista.org/tb_html/8/t2_dhfhfghfgh.html?ref=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&iubenda=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Feb 2018 09:56:51 GMT
Server: lighttpd
ETag: "2424462105"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 173
Expires: Fri, 27 Jul 2018 13:01:08 GMT

GET
H/1.1 200
OK style.css
tb.altervista.org/css/ Frame FECB 10 KB
3 KB 18ms
18ms Stylesheet
text/css 78.129.205.14
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tb.altervista.org/css/style.css?ver=1.0.0
Requested by: Host: tb.altervista.org
URL: http://tb.altervista.org/tb_html/8/t2_dhfhfghfgh.html?ref=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&iubenda=0
Protocol: HTTP/1.1
Server: 78.129.205.14 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software: lighttpd /
Resource Hash: 5012461ee1204621c2bf7147026d05d3ba959009675195376ce5612f1e83603e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tb.altervista.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://tb.altervista.org/tb_html/8/t2_dhfhfghfgh.html?ref=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&iubenda=0
Cookie: AMCVS_55633F7A534535110A490D44%40AdobeOrg=1; AMCV_55633F7A534535110A490D44%40AdobeOrg=2096510701%7CMCIDTS%7C17733%7CMCMID%7C85779825111573032821931318544852137796%7CMCAAMLH-1532696467%7C9%7CMCAAMB-1532696467%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1532098867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C2.0.0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://tb.altervista.org/tb_html/8/t2_dhfhfghfgh.html?ref=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&iubenda=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Feb 2018 15:58:13 GMT
Server: lighttpd
ETag: "3164853157"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 2324
Expires: Fri, 27 Jul 2018 13:01:08 GMT

GET
H/1.1 200
OK toolbar-icons.css
tb.altervista.org/css/ Frame FECB 3 KB
1 KB 18ms
18ms Stylesheet
text/css 78.129.205.14
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tb.altervista.org/css/toolbar-icons.css?ver=1.0.3
Requested by: Host: tb.altervista.org
URL: http://tb.altervista.org/tb_html/8/t2_dhfhfghfgh.html?ref=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&iubenda=0
Protocol: HTTP/1.1
Server: 78.129.205.14 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software: lighttpd /
Resource Hash: 5326345e0a3d2b6c1e1bd24a63f0194fffa3c97198f88249ab9a9bc2fa145109

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tb.altervista.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://tb.altervista.org/tb_html/8/t2_dhfhfghfgh.html?ref=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&iubenda=0
Cookie: AMCVS_55633F7A534535110A490D44%40AdobeOrg=1; AMCV_55633F7A534535110A490D44%40AdobeOrg=2096510701%7CMCIDTS%7C17733%7CMCMID%7C85779825111573032821931318544852137796%7CMCAAMLH-1532696467%7C9%7CMCAAMB-1532696467%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1532098867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C2.0.0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://tb.altervista.org/tb_html/8/t2_dhfhfghfgh.html?ref=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&iubenda=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Nov 2014 14:27:26 GMT
Server: lighttpd
ETag: "4186343381"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 852
Expires: Fri, 27 Jul 2018 13:01:08 GMT

GET
H/1.1 200
OK toolbar.js Show response
tb.altervista.org/js/ Frame FECB 6 KB
2 KB 2ms
1ms Script
text/javascript 136.243.2.60
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tb.altervista.org/js/toolbar.js
Requested by: Host: tb.altervista.org
URL: http://tb.altervista.org/tb_html/8/t2_dhfhfghfgh.html?ref=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&iubenda=0
Protocol: HTTP/1.1
Server: 136.243.2.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.60.2.243.136.clients.your-server.de
Software: lighttpd /
Resource Hash: 23c10b89026951971693a3020054feb194ebb3bfefdc920c8b350d8bef45dec2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tb.altervista.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://tb.altervista.org/tb_html/8/t2_dhfhfghfgh.html?ref=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&iubenda=0
Cookie: AMCVS_55633F7A534535110A490D44%40AdobeOrg=1; AMCV_55633F7A534535110A490D44%40AdobeOrg=2096510701%7CMCIDTS%7C17733%7CMCMID%7C85779825111573032821931318544852137796%7CMCAAMLH-1532696467%7C9%7CMCAAMB-1532696467%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1532098867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C2.0.0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://tb.altervista.org/tb_html/8/t2_dhfhfghfgh.html?ref=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&iubenda=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Jun 2015 13:35:45 GMT
Server: lighttpd
ETag: "4036100458"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 2065
Expires: Fri, 27 Jul 2018 13:01:08 GMT

GET
H/1.1 200
OK altervista-logo.png
tb.altervista.org/css/loghi/ Frame FECB 3 KB
3 KB 18ms
17ms Image
image/png 78.129.205.14
IOMART-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://tb.altervista.org/css/loghi/altervista-logo.png
Requested by: Host: tb.altervista.org
URL: http://tb.altervista.org/tb_html/8/t2_dhfhfghfgh.html?ref=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&iubenda=0
Protocol: HTTP/1.1
Server: 78.129.205.14 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software: lighttpd /
Resource Hash: a0cb4bc5a62bae222f4465fa4b7092aac2b33aa7478d5f959f308bf234f6e2e3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: tb.altervista.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://tb.altervista.org/css/style.css?ver=1.0.0
Cookie: AMCVS_55633F7A534535110A490D44%40AdobeOrg=1; AMCV_55633F7A534535110A490D44%40AdobeOrg=2096510701%7CMCIDTS%7C17733%7CMCMID%7C85779825111573032821931318544852137796%7CMCAAMLH-1532696467%7C9%7CMCAAMB-1532696467%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1532098867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C2.0.0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://tb.altervista.org/css/style.css?ver=1.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Last-Modified: Wed, 02 Dec 2015 16:39:00 GMT
Server: lighttpd
ETag: "2664914629"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 3047
Expires: Fri, 27 Jul 2018 13:01:08 GMT

GET
H/1.1 200
OK lato-regular.woff2
tb.altervista.org/css/fonts/ Frame FECB 24 KB
25 KB 18ms
17ms Font
application/font-woff2 78.129.205.14
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tb.altervista.org/css/fonts/lato-regular.woff2
Requested by: Host: tb.altervista.org
URL: http://tb.altervista.org/tb_html/8/t2_dhfhfghfgh.html?ref=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&iubenda=0
Protocol: HTTP/1.1
Server: 78.129.205.14 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software: lighttpd /
Resource Hash: 377dc073f93dba7c43f036a141528964df4651c787472d7a323648f53cb14efe

Request headers

Pragma: no-cache
Origin: http://tb.altervista.org
Accept-Encoding: gzip, deflate
Host: tb.altervista.org
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://tb.altervista.org/css/toolbar-font.css?ver=1.0.0
Cookie: AMCVS_55633F7A534535110A490D44%40AdobeOrg=1; AMCV_55633F7A534535110A490D44%40AdobeOrg=2096510701%7CMCIDTS%7C17733%7CMCMID%7C85779825111573032821931318544852137796%7CMCAAMLH-1532696467%7C9%7CMCAAMB-1532696467%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1532098867s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C2.0.0
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://tb.altervista.org/css/toolbar-font.css?ver=1.0.0
Origin: http://tb.altervista.org

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Last-Modified: Tue, 13 Feb 2018 13:43:24 GMT
Server: lighttpd
ETag: "117338266"
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 25024
Expires: Fri, 27 Jul 2018 13:01:08 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 20 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: sadlib.static-app.synacor.com
URL: http://sadlib.static-app.synacor.com/client/att/att.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c355027432cf6b3ddfdca93bbc6cbda09d40fa61c5240dcd6fc0beff68f2a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "5 / 996 of 1000 / last-modified: 1531962510"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 7852
X-XSS-Protection: 1; mode=block
Expires: Fri, 20 Jul 2018 13:01:08 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 40ms
40ms Script
application/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=dhfhfghfgh.altervista.org

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Jul 2018 13:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:825::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=dhfhfghfgh.altervista.org

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Jul 2018 13:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 pubads_impl_232.js Show response
securepubads.g.doubleclick.net/gpt/ 179 KB
62 KB 43ms
42ms Script
text/javascript 172.217.22.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

SPDY

Server

172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f2.1e100.net

Software

sffe /

Resource Hash

c7fe9f3ef41048988ca528f7ff45a3d503cdb99f5f0844034160f10ee3e38899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 20 Jul 2018 13:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Jul 2018 13:50:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 62863
x-xss-protection: 1; mode=block
expires: Fri, 20 Jul 2018 13:01:08 GMT

GET
H/1.1 200
Ok wtid.js Show response
statse.webtrendslive.com/dcsdjtdi8wz5bdo7rtxv6ly3m_4s9j/ 10 B
195 B 27ms
14ms Script
application/x-javascript 31.186.231.25
Internap European...

General

Check archive.org

Show headers Download Go to

Full URL: http://statse.webtrendslive.com/dcsdjtdi8wz5bdo7rtxv6ly3m_4s9j/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
Requested by: Host: loginprodx.att.net
URL: https://loginprodx.att.net/commonLogin/igate_edam/staticContent/images/SLID/js/webtrends.min.js
Protocol: HTTP/1.1
Server: 31.186.231.25 , United Kingdom, ASN15570 (Internap European Autonomous System, GB),
Reverse DNS: statse.webtrendslive.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: d3f45949797ac9329127b9e128b0e0656aa48d5dbd8d5e8e42c8b451780c34f2

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 20 Jul 2018 13:01:08 GMT
Server: Microsoft-IIS/7.5
Connection: close
X-Powered-By: ASP.NET
Content-Length: 10
Content-Type: application/x-javascript

GET

s.gif
home.secureapp.att.net/i/
Redirect Chain

https://home.secureapp.att.net/attportal/s/context.dll?id=9002001&type=clickthru&name=cgate.signIn.Pageviews.www-att-net&redirecturl=/i/s.gif?nocache=7271
http://home.secureapp.att.net/i/s.gif?nocache=7271

0
0

GET
H/1.1 200
OK show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 166 KB
61 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

cc194b36ec82795c9d21a09fb2ccce9c073a950b8c25d2fd4c9269705040c2d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 20 Jul 2018 12:12:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 2894
ETag: 5819088703091853325
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 62340
X-XSS-Protection: 1; mode=block
Expires: Fri, 20 Jul 2018 13:12:56 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
6 KB 51ms
51ms XHR
text/javascript 172.217.22.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2791406976228944&correlator=2339882469362916&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061502%2C370204027&vrg=232&guci=1.2.0.0.2.2.0&sc=0&sfv=1-0-29&iu_parts=5284%2Csyn.att%2Clogin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1440x1024%7C1440x800%7C300x250%7C300x600%7C640x450&eri=4&cookie_enabled=1&bc=7&abxe=1&lmt=1532091670&dt=1532091670051&frm=20&biw=1585&bih=1200&oid=3&adxs=73&adys=152&adks=2565056540&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&loc=http%3A%2F%2Fdhfhfghfgh.altervista.org%2Fwp-content%2Fplugins%2Fubh%2Fikkkk.php&dssz=19&icsg=142606504&std=0&vis=1&scr_x=0&scr_y=0&psz=1440x-1&msz=1440x-1&ga_vid=315839890.1532091670&ga_sid=1532091670&ga_hid=1731920402

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

SPDY

Server

172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f2.1e100.net

Software

cafe /

Resource Hash

419efc755bda07fab7f93a1b6ffdbe92c903c3c9b2120dbf3477da1d376dbb9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Origin: http://dhfhfghfgh.altervista.org

Response headers

date: Fri, 20 Jul 2018 13:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 6005
x-xss-protection: 1; mode=block
google-lineitem-id: 4640315462
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138230412606
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: http://dhfhfghfgh.altervista.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 pubads_impl_rendering_232.js Show response
securepubads.g.doubleclick.net/gpt/ 42 KB
16 KB 41ms
40ms Script
text/javascript 172.217.22.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_232.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

SPDY

Server

172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f2.1e100.net

Software

sffe /

Resource Hash

906fe8798eeaa303394db1cce162a4068073978bf3a6f8308dfbaf1ea49d2fb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 20 Jul 2018 13:01:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Jul 2018 13:50:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 16413
x-xss-protection: 1; mode=block
expires: Fri, 20 Jul 2018 13:01:10 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ 0
0 12ms
6ms Other
text/html 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Expires: Tue, 16 Jul 2019 17:06:59 GMT
Cache-Control: public, immutable, max-age=31536000
Last-Modified: Mon, 11 Jun 2018 14:38:59 GMT
Content-Type: text/html

GET
S 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20180716/r20110914/ Frame 79F5 34 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180716/r20110914/abg_lite.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e789d2a66b75a759eab6d2ae1e33e1abce4d8636c3755b4ec985129382ec1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 16 Jul 2018 13:49:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 13102
x-xss-protection: 1; mode=block
server: cafe
etag: 11504575144475378051
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Jul 2018 13:49:33 GMT

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20180716/r20110914/client/ext/ Frame 79F5 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180716/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

1a293ba4bafc51d86b3dad969390594bc7a9308da6b196d5742b00264a378cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 18 Jul 2018 01:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215785
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1405
x-xss-protection: 1; mode=block
server: cafe
etag: 6849122372092353771
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Aug 2018 01:04:45 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20180716/r20110914/activeview/ Frame 79F5 70 KB
26 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20180716/r20110914/activeview/osd_listener.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fcbc952d73603173d1289c64eff23efb16b17636dd83d60f424c2c7edcfce304

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 16 Jul 2018 13:49:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342701
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 26170
x-xss-protection: 1; mode=block
server: cafe
etag: 10782178046593131600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 30 Jul 2018 13:49:29 GMT

GET
S 200 13078176567635761354
tpc.googlesyndication.com/simgad/ Frame 79F5 224 KB
224 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:81d::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13078176567635761354

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

SPDY

Server

2a00:1450:4001:81d::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2e38bbb7c1392079c33536ebd44493c90cb149088a88ef57e86e8f85bf583acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 13 Jul 2018 22:51:07 GMT
x-content-type-options: nosniff
age: 569403
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 229259
x-xss-protection: 1; mode=block
last-modified: Thu, 12 Apr 2018 17:30:14 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jul 2019 22:51:07 GMT

GET
H/1.1 200
OK osd.js Show response
pagead2.googlesyndication.com/pagead/ 70 KB
26 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_232.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

98967be95015e8c9218a2d31f44b5335c8eeb5fd9c3a5eddd5e779280c87f771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 20 Jul 2018 12:59:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 90
ETag: 10899681090142805410
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 26232
X-XSS-Protection: 1; mode=block
Expires: Fri, 20 Jul 2018 13:59:40 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 79F5 0
56 B 17ms
17ms Image
text/html 172.217.22.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7s_Ejl6V8_wbXH_mZ3jziCE08yfDPeGJK8BbiXQu8y2VWcGoOahwJ6EQziriDk-dSsnjw4how1YeYByfd4tSdxTvQkha0kUnIxymYJiF_eGoOYV7c9Rhp07ZVjsngP242WW0m2buQtF-s4qr-fcMteQXxafNE6Rv00AWCFBz_8GuTdmwaxbJy_tPRofyyIDH7IVW5D1JLE1BbpSUCQqR7sTdiwQ2EwwQPhrlSYpXa72W_PwMAR-x4PfRpUMqa-OY48Q&sai=AMfl-YS_NWmaz--dfUgXRTamaGCZnFq0ugZjYkR9OMyDhrsH4c0PqGakKDhOi5tMoUo7vK2iQWWoO2i01AX9cQGF2WqEK-yBHOmZxugBfbWTMQBOkG7L9i-gMojz71Q&sig=Cg0ArKJSzP4CVBcEbq01EAE&adurl=
Requested by: Host: dhfhfghfgh.altervista.org
URL: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
Protocol: SPDY
Server: 172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s18-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

cache-control: private
content-type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 79F5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f5ba741b5b4d20c399a4f1acfb846ee97b681dde4b2e061bbf82198df8e5b09

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
S 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 79F5 42 B
110 B 15ms
14ms Image
image/gif 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyp8iob4HkmjH96n7ibGNV5LPy0vlbkx8Muxq-tPdhmHqnEom0DOHg8B7CzAWLb83c4fqwp-SaEwtBvrV-ID6XABXfHL_npYw&sig=Cg0ArKJSzNBaIyq5FXNWEAE&adk=2565056540&tt=1039&bs=1585%2C1200&mtos=0%2C1008%2C1008%2C1008%2C1008&tos=0%2C1008%2C0%2C0%2C0&p=152%2C73%2C1262%2C1513&sela=0&mcvt=1008&rs=3&ht=0&tfs=39&tls=1047&mc=0.94&lte=0.94&bas=0&bac=0&la=1&avms=geo&sel=1&bos=1600%2C1200&ps=1585%2C1248&ss=1600%2C1200&pt=8&deb=1-1-1-4-12-3-51-10&tvt=1038&op=1&r=v&id=osdim&ti=1&uc=46&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=1440x1110&v=r20180716

Protocol

SPDY

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://dhfhfghfgh.altervista.org/wp-content/plugins/ubh/ikkkk.php
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Jul 2018 13:01:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: home.secureapp.att.net
URL: http://home.secureapp.att.net/i/s.gif?nocache=7271

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-18 21:54:03	Name: dextp Value: 269-1-1532091668694\|358-1-1532091668709\|477-1-1532091668725\|771-1-1532091668740
.demdex.net/	1970-01-18 21:54:03	Name: demdex Value: 86044634048968954401922834449137410406
.altervista.org/	1970-01-19 11:07:30	Name: AMCV_55633F7A534535110A490D44%40AdobeOrg Value: 2096510701%7CMCIDTS%7C17733%7CMCMID%7C85779825111573032821931318544852137796%7CMCAAMLH-1532696467%7C9%7CMCAAMB-1532696467%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1532098867s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-17740%7CvVersion%7C2.0.0
.altervista.org/	1969-12-31 23:59:59	Name: AMCVS_55633F7A534535110A490D44%40AdobeOrg Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cm.everesttech.net
dhfhfghfgh.altervista.org
dpm.demdex.net
fast.att.demdex.net
home.secureapp.att.net
loginprodx.att.net
metrics.att.com
pagead2.googlesyndication.com
sadlib.static-app.synacor.com
securepubads.g.doubleclick.net
statse.webtrendslive.com
tb.altervista.org
tpc.googlesyndication.com
www.att.com
www.googletagservices.com
home.secureapp.att.net
136.243.2.60
144.160.149.126
144.160.225.146
172.217.22.98
172.82.228.16
2.16.186.56
2a00:1450:4001:806::2002
2a00:1450:4001:816::2002
2a00:1450:4001:81d::2001
2a00:1450:4001:820::2002
2a00:1450:4001:825::2002
2a02:26f0:6c00:187::2db1
2a02:26f0:6c00:195::2db1
31.186.231.25
52.32.186.42
66.117.28.86
69.168.96.158
78.129.205.14
78.129.205.47
01a7e22fd83c617ff55898233518c54a9ecce7e0de3e8a63c4fa59315b029c6b
02315fc51588752c5b9ffd21eb8e18d96634a733a91bf6baa008b718a85f29d3
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1a293ba4bafc51d86b3dad969390594bc7a9308da6b196d5742b00264a378cdc
20282ee485ddb8abdb805bad560dc49a7e45dbee38377d5811ff4bd3aec8d8ab
23c10b89026951971693a3020054feb194ebb3bfefdc920c8b350d8bef45dec2
27da51ec2023f96407f92161ddda0e290b0661a765822ff03e5d61f3aecf8aa0
2e38bbb7c1392079c33536ebd44493c90cb149088a88ef57e86e8f85bf583acb
2f5ba741b5b4d20c399a4f1acfb846ee97b681dde4b2e061bbf82198df8e5b09
30a949cc26cd4f709fa897313f8d448b2cb724a40a170c4b8e8ce6b3aa890fd1
377dc073f93dba7c43f036a141528964df4651c787472d7a323648f53cb14efe
419efc755bda07fab7f93a1b6ffdbe92c903c3c9b2120dbf3477da1d376dbb9f
5012461ee1204621c2bf7147026d05d3ba959009675195376ce5612f1e83603e
50de74141721246d0341cbeea72a1e69a3363af1659a4171ef5e3200c9f8eda6
5326345e0a3d2b6c1e1bd24a63f0194fffa3c97198f88249ab9a9bc2fa145109
54c355027432cf6b3ddfdca93bbc6cbda09d40fa61c5240dcd6fc0beff68f2a1
5fd69c4fa9f1a2a6fbdab11ff45053dbd08237e6190dfc9c071fadd08fe9b7d5
61e91515aaf72cba3014a136331a138eca6b27831c8f2e6b0c128825243f5263
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
843a8ddbf8b0dae1055be4f3bb9843e92b2f3077582b42b696ec799412cb8a48
86a48fbf6c35393d61e2f76d286cfca947cec108a6e61db04883d9fca1eaced2
8e6ec1efd720fba57823309829b05bb57ebb5716c813c88b3c88cf36ab9aa5e9
906fe8798eeaa303394db1cce162a4068073978bf3a6f8308dfbaf1ea49d2fb7
9880eb5b6a6b1dec8f568c14a1a5be755c460d2ea2df66fa7b5e6b99227f7128
98967be95015e8c9218a2d31f44b5335c8eeb5fd9c3a5eddd5e779280c87f771
9b9fa645cd86084ea7344274e08ccec18be2682988032de348e225953d523b1e
9e0db7af94ee7bd2d325475edb564226b87d4a0c528f4b69a112f8769ed52ab0
a0cb4bc5a62bae222f4465fa4b7092aac2b33aa7478d5f959f308bf234f6e2e3
a8c89bb3937cdc4a70b3568eae5a390d918433be78f89deba07846932ae7c695
bd4c9097947bd81fe4397042e8302b0f5743d4f49a64ca954cf3a72afb18e7aa
c537cf7e2770d1b4953255dfccff8e0bdbfd4adb4e88d868e353208ae7ff13c1
c7fe9f3ef41048988ca528f7ff45a3d503cdb99f5f0844034160f10ee3e38899
cc194b36ec82795c9d21a09fb2ccce9c073a950b8c25d2fd4c9269705040c2d4
d042de9bcda8057872786142e57c8b96ee0c13c55723139b8fdb8764a6445b0d
d3f45949797ac9329127b9e128b0e0656aa48d5dbd8d5e8e42c8b451780c34f2
d6e789d2a66b75a759eab6d2ae1e33e1abce4d8636c3755b4ec985129382ec1e
da0f28b0d18d448b29cb3ee6e742952e7247c627d3800d045ba1573ca1fc07f4
db2a3260d580716fb8dae973b1b994f799f545d520b7a1636d473ecbdbdd2223
db6b849b04da0e9deca82d5e0ab1772445ba1225fe3936c5cba06b6360572940
dfa2be020e3374a4b1c871c88ada990120fb198d4e8ff685ad35cfae88ad3466
dfa35aa4643a991e1d2ec6e3562e1a0465174c7200a7572c92619904bb08530f
e1e7f23b0faebe69c81433f005cd8db401bb56ba700f0737c2e9c2a017295b3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa3156321b84e9a753715304efa52a25d9072ed8d2ed46641e65a671337d5d12
fcbc952d73603173d1289c64eff23efb16b17636dd83d60f424c2c7edcfce304
fdee766a03e4032897a2cd75326c135d8e938592bfb00f12ed5b4eb223f54c3f

dhfhfghfgh.altervista.org Open in urlscan Pro 78.129.205.47 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

55 Requests

0 %HTTPS

37 %IPv6

12 Domains

17 Subdomains

18 IPs

5 Countries

789 kBTransfer

1266 kBSize

4 Cookies

19 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dhfhfghfgh.altervista.org Open in urlscan Pro
78.129.205.47 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

0 %
HTTPS

37 %
IPv6

12
Domains

17
Subdomains

18
IPs

5
Countries

789 kB
Transfer

1266 kB
Size

4
Cookies

55 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!