bestspots.gallery.beautifulscenery.click Open in urlscan Pro
129.80.233.8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bestspots.gallery.beautifulscenery.click/
Effective URL:
https://bestspots.gallery.beautifulscenery.click/
Submission: On December 05 via api (December 5th 2023, 1:10:07 am UTC) from US — Scanned from DE

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 20 HTTP transactions. The main IP is 129.80.233.8, located in Ashburn, United States and belongs to ORACLE-BMC-31898, US. The main domain is bestspots.gallery.beautifulscenery.click.
TLS certificate: Issued by R3 on December 4th 2023. Valid for: 3 months.

This is the only time bestspots.gallery.beautifulscenery.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 12	129.80.233.8 129.80.233.8	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1178:1:4... 2a00:1178:1:4b::1a	35415 (WEBZILLA) (WEBZILLA)
2	67.216.91.19 67.216.91.19	35415 (WEBZILLA) (WEBZILLA)
20	7

12 129.80.233.8 (Ashburn, United States) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

bestspots.gallery.beautifulscenery.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1178:1:4b::1a (Netherlands)

ASN35415 (WEBZILLA, NL)

grimsecretary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.216.91.19 (United States)

ASN35415 (WEBZILLA, NL)

www.incompatible-singer.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	beautifulscenery.click 1 redirects bestspots.gallery.beautifulscenery.click	861 KB
2	incompatible-singer.pro www.incompatible-singer.pro	53 KB
2	grimsecretary.com grimsecretary.com	14 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189	325 B
1	gstatic.com fonts.gstatic.com	253 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	91 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	873 B
20	7

	Domain	Requested by
12	bestspots.gallery.beautifulscenery.click	1 redirects bestspots.gallery.beautifulscenery.click
2	www.incompatible-singer.pro	grimsecretary.com
2	grimsecretary.com	bestspots.gallery.beautifulscenery.click grimsecretary.com
2	region1.google-analytics.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	bestspots.gallery.beautifulscenery.click
1	fonts.googleapis.com	bestspots.gallery.beautifulscenery.click
20	7

This site contains no links.

Subject Issuer	Validity	Valid
bestspots.gallery.beautifulscenery.click R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
grimsecretary.com R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
www.incompatible-singer.pro R3	`2023-12-01` - `2024-02-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://bestspots.gallery.beautifulscenery.click/
Frame ID: 109DDD304C2631343025638B113D84D1
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

versatile

Page URL History Show full URLs

http://bestspots.gallery.beautifulscenery.click/ HTTP 308
https://bestspots.gallery.beautifulscenery.click/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

20
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

1273 kB
Transfer

1567 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bestspots.gallery.beautifulscenery.click/ HTTP 308
https://bestspots.gallery.beautifulscenery.click/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
bestspots.gallery.beautifulscenery.click/
Redirect Chain

http://bestspots.gallery.beautifulscenery.click/
https://bestspots.gallery.beautifulscenery.click/

2 KB
2 KB

307ms
105ms

Document
text/html

129.80.233.8
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://bestspots.gallery.beautifulscenery.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.233.8 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 16607c26c4f4b537c207c8ba4d5833962d359448ee01ea622581c713c4131d6c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
cache-control: public, max-age=0
content-length: 1873
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 01:09:54 GMT
etag: W/"751-18c30c00265"
last-modified: Sun, 03 Dec 2023 17:35:39 GMT
server: Caddy
x-powered-by: Express

Redirect headers

Connection: close
Content-Length: 0
Date: Tue, 05 Dec 2023 01:09:53 GMT
Location: https://bestspots.gallery.beautifulscenery.click/
Server: Caddy

GET
H2 200 style.css
bestspots.gallery.beautifulscenery.click/resources/ 5 KB
5 KB 102ms
100ms Stylesheet
text/css 129.80.233.8
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://bestspots.gallery.beautifulscenery.click/resources/style.css
Requested by: Host: bestspots.gallery.beautifulscenery.click
URL: https://bestspots.gallery.beautifulscenery.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.233.8 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: dc4a9ee961bef9599aa5cef3494214648bbef8036f96e93df10cc4227e180596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestspots.gallery.beautifulscenery.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:09:54 GMT
last-modified: Sun, 03 Dec 2023 14:47:32 GMT
server: Caddy
etag: W/"1322-18c302617a0"
x-powered-by: Express
content-type: text/css; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 4898

GET
H2 200 css2
fonts.googleapis.com/ 696 B
873 B 40ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0

Requested by

Host: bestspots.gallery.beautifulscenery.click
URL: https://bestspots.gallery.beautifulscenery.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2643779ea0dd96a23e85b95f82d4ce2cedc52144f2330f245a59bcba6d56fe46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestspots.gallery.beautifulscenery.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 01:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 01:09:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 01:09:54 GMT

GET
H2 200 uv.bundle.js Show response
bestspots.gallery.beautifulscenery.click/uv/ 657 KB
657 KB 287ms
284ms Script
application/javascript 129.80.233.8
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://bestspots.gallery.beautifulscenery.click/uv/uv.bundle.js
Requested by: Host: bestspots.gallery.beautifulscenery.click
URL: https://bestspots.gallery.beautifulscenery.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.233.8 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 764447d9c52eec36d699a359467d507935829d363049431c3e6d5cae6f2cbd25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestspots.gallery.beautifulscenery.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:09:54 GMT
last-modified: Sat, 02 Dec 2023 23:46:12 GMT
server: Caddy
etag: W/"a4229-18c2cece5f0"
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 672297

GET
H2 200 uv.config.js Show response
bestspots.gallery.beautifulscenery.click/uv/ 297 B
346 B 287ms
285ms Script
application/javascript 129.80.233.8
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://bestspots.gallery.beautifulscenery.click/uv/uv.config.js
Requested by: Host: bestspots.gallery.beautifulscenery.click
URL: https://bestspots.gallery.beautifulscenery.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.233.8 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 3612cd18bee7a378572e3256fbba142186d39a2081a71fef69e0877cd7293691

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestspots.gallery.beautifulscenery.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:09:54 GMT
last-modified: Sun, 03 Dec 2023 14:47:32 GMT
server: Caddy
etag: W/"129-18c302617a0"
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 297

GET
H2 200 register-sw.js Show response
bestspots.gallery.beautifulscenery.click/ 762 B
811 B 288ms
286ms Script
application/javascript 129.80.233.8
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://bestspots.gallery.beautifulscenery.click/register-sw.js
Requested by: Host: bestspots.gallery.beautifulscenery.click
URL: https://bestspots.gallery.beautifulscenery.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.233.8 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 9f462250b8dd8564db2ef14c92b49d52447a61d49fe9505ea6398eaa74994424

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestspots.gallery.beautifulscenery.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:09:54 GMT
last-modified: Sun, 03 Dec 2023 14:47:31 GMT
server: Caddy
etag: W/"2fa-18c3026179c"
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 762

GET
H2 200 search.js Show response
bestspots.gallery.beautifulscenery.click/ 957 B
1006 B 289ms
287ms Script
application/javascript 129.80.233.8
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://bestspots.gallery.beautifulscenery.click/search.js
Requested by: Host: bestspots.gallery.beautifulscenery.click
URL: https://bestspots.gallery.beautifulscenery.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.233.8 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: cad28de920bb5bc555ed1076c023a98760529360f8da14dee1f9264585a74595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestspots.gallery.beautifulscenery.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:09:54 GMT
last-modified: Sun, 03 Dec 2023 14:47:32 GMT
server: Caddy
etag: W/"3bd-18c302617a0"
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 957

GET
H2 200 index.js Show response
bestspots.gallery.beautifulscenery.click/ 858 B
907 B 387ms
385ms Script
application/javascript 129.80.233.8
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://bestspots.gallery.beautifulscenery.click/index.js
Requested by: Host: bestspots.gallery.beautifulscenery.click
URL: https://bestspots.gallery.beautifulscenery.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.233.8 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 113e249db59433554f79173bd16c0a50303a4581319707653eca278e28da0ebc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestspots.gallery.beautifulscenery.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:09:54 GMT
last-modified: Sun, 03 Dec 2023 14:47:31 GMT
server: Caddy
etag: W/"35a-18c3026179c"
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 858

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 44ms
21ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VDGKNZHC53

Requested by

Host: bestspots.gallery.beautifulscenery.click
URL: https://bestspots.gallery.beautifulscenery.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77ba8531ec5b5b8886fa16969097ade72fdb27121327123c0d78c7ff7482c2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestspots.gallery.beautifulscenery.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:09:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93016
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 01:09:54 GMT

GET
H2 200 icon.png
bestspots.gallery.beautifulscenery.click/resources/img/ 12 KB
12 KB 102ms
101ms Image
image/png 129.80.233.8
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bestspots.gallery.beautifulscenery.click/resources/img/icon.png
Requested by: Host: bestspots.gallery.beautifulscenery.click
URL: https://bestspots.gallery.beautifulscenery.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.233.8 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 887a22b453129b508f01f45407ebc7126416adb053ea7fb887d720c5e985e97e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestspots.gallery.beautifulscenery.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:09:54 GMT
last-modified: Sun, 03 Dec 2023 14:47:31 GMT
server: Caddy
etag: W/"312e-18c3026179c"
x-powered-by: Express
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 12590

GET
H2 200 ad1.js Show response
bestspots.gallery.beautifulscenery.click/ 87 KB
87 KB 192ms
191ms Script
application/javascript 129.80.233.8
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://bestspots.gallery.beautifulscenery.click/ad1.js
Requested by: Host: bestspots.gallery.beautifulscenery.click
URL: https://bestspots.gallery.beautifulscenery.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.233.8 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 817432df4495bbf46fcb370be80bae31faa3cdb900a2168f19e38173e4920825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestspots.gallery.beautifulscenery.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:09:54 GMT
last-modified: Sun, 03 Dec 2023 17:35:06 GMT
server: Caddy
etag: W/"15a40-18c30bf828d"
x-powered-by: Express
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 88640

GET
H2 200 psreg.ttf
bestspots.gallery.beautifulscenery.click/resources/fonts/ 40 KB
40 KB 283ms
282ms Font
font/ttf 129.80.233.8
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://bestspots.gallery.beautifulscenery.click/resources/fonts/psreg.ttf
Requested by: Host: bestspots.gallery.beautifulscenery.click
URL: https://bestspots.gallery.beautifulscenery.click/resources/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.233.8 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: b34cbb71d75b84eb4925f51e050249f65fb3e3550133aba0a4c161c6820aec82

Request headers

Referer: https://bestspots.gallery.beautifulscenery.click/resources/style.css
Origin: https://bestspots.gallery.beautifulscenery.click
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:09:54 GMT
last-modified: Sun, 03 Dec 2023 14:47:31 GMT
server: Caddy
etag: W/"a09c-18c3026179c"
x-powered-by: Express
content-type: font/ttf
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 41116

GET
H2 200 kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1n-q_4MrImHCIJIZrDCvHOej.woff2
fonts.gstatic.com/s/materialsymbolsoutlined/v151/ 252 KB
253 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialsymbolsoutlined/v151/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1n-q_4MrImHCIJIZrDCvHOej.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e50df9ee5459dd77704e2ba9d43748bf55bd87cf826a73bec95039380e251c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bestspots.gallery.beautifulscenery.click
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:17:37 GMT
x-content-type-options: nosniff
age: 352337
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258404
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 23:41:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:17:37 GMT

GET
H2 200 psbold.ttf
bestspots.gallery.beautifulscenery.click/resources/fonts/ 54 KB
54 KB 282ms
282ms Font
font/ttf 129.80.233.8
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://bestspots.gallery.beautifulscenery.click/resources/fonts/psbold.ttf
Requested by: Host: bestspots.gallery.beautifulscenery.click
URL: https://bestspots.gallery.beautifulscenery.click/resources/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.233.8 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: Caddy / Express
Resource Hash: 8dbeee804c249634fd860cae932f54afe759de8c17c136995fcae57c24348cf9

Request headers

Referer: https://bestspots.gallery.beautifulscenery.click/resources/style.css
Origin: https://bestspots.gallery.beautifulscenery.click
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:09:54 GMT
last-modified: Sun, 03 Dec 2023 14:47:31 GMT
server: Caddy
etag: W/"d8fc-18c3026179c"
x-powered-by: Express
content-type: font/ttf
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
content-length: 55548

POST
H2 204 collect
region1.google-analytics.com/g/ 0
271 B 36ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VDGKNZHC53&gtm=45je3bt0v9168754690&_p=1701738594324&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1433414736.1701738594&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701738594&sct=1&seg=0&dl=https%3A%2F%2Fbestspots.gallery.beautifulscenery.click%2F&dt=versatile&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=759
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VDGKNZHC53
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestspots.gallery.beautifulscenery.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 01:09:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bestspots.gallery.beautifulscenery.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xnMITxQO5a Show response
grimsecretary.com/c_Du9.6ibV2b5KlGSSWlQc9ON/D-kT3/MGTTEB0IOrCv0J0DOeT-c/ 41 KB
14 KB 80ms
52ms Script
application/javascript 2a00:1178:1:4b::1a
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://grimsecretary.com/c_Du9.6ibV2b5KlGSSWlQc9ON/D-kT3/MGTTEB0IOrCv0J0DOeT-c/xnMITxQO5a

Requested by

Host: bestspots.gallery.beautifulscenery.click
URL: https://bestspots.gallery.beautifulscenery.click/ad1.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2a00:1178:1:4b::1a , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

804c48236d308262918bff1125c5eb7c71e919ccac5d3b9e18d8eaea8f5ccee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestspots.gallery.beautifulscenery.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 01:09:54 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 05 Dec 2023 01:09:54 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
expires: Mon, 26 Jul 2011 05:00:00 GMT

GET
H2 200 9e933b0365d7.js Show response
www.incompatible-singer.pro/dea777/ 70 KB
26 KB 55ms
13ms XHR
application/javascript 67.216.91.19
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.incompatible-singer.pro/dea777/9e933b0365d7.js
Requested by: Host: grimsecretary.com
URL: https://grimsecretary.com/c_Du9.6ibV2b5KlGSSWlQc9ON/D-kT3/MGTTEB0IOrCv0J0DOeT-c/xnMITxQO5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.216.91.19 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn/1.24.0 /
Resource Hash: 1adae707ecd73d542b41f03e26391413e822960968ca7aa5cc50a439b6b4747f

Request headers

Referer: https://bestspots.gallery.beautifulscenery.click/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-type: text/plain

Response headers

date: Tue, 05 Dec 2023 01:09:54 GMT
content-encoding: br
server: ucdn/1.24.0
x-ureq-id: AtR4+TmCffq2MB2wX79RrpIetrX1zc4R01Kj0M8c5S/Oe41Qymi26r4j68hUHBQHl2gt7OBpn6Egk6/67wqfsOur/YRU0+EtSabRsxImr2Iy2K2UOVw8OhxfbuG5/iHc
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-vhostid: 103, 11675
cache-control: max-age=315039318, public
access-control-allow-credentials: true
x-served-from: l1
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 9e933b0365d7.js Show response
www.incompatible-singer.pro/dea777/ 70 KB
26 KB 75ms
23ms Script
application/javascript 67.216.91.19
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.incompatible-singer.pro/dea777/9e933b0365d7.js
Requested by: Host: grimsecretary.com
URL: https://grimsecretary.com/c_Du9.6ibV2b5KlGSSWlQc9ON/D-kT3/MGTTEB0IOrCv0J0DOeT-c/xnMITxQO5a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.216.91.19 , United States, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: ucdn/1.24.0 /
Resource Hash: 1adae707ecd73d542b41f03e26391413e822960968ca7aa5cc50a439b6b4747f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestspots.gallery.beautifulscenery.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 01:09:54 GMT
content-encoding: br
server: ucdn/1.24.0
x-ureq-id: AtR4+TmCffq2MB2wX79RrpIetrX1zc4R01Kj0M8c5S/Oe41Qymi26r4j68hUHBQHl2gt7OBpn6Egk6/67wqfsOur/YRU0+EtSabRsxImr2Iy2K2UOVw8OhxfbuG5/iHc
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-vhostid: 103, 11564
cache-control: max-age=315039318, public
access-control-allow-credentials: true
x-served-from: l1
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 YH2-xJpKZ.WL5M0_ZOGPFQ0RY-TT9UyVcWm_lYkZPaTbU-2dMeWfNgl_MiDjgk5lN-mnEo0pYqT_Ms5tNuDvN-kxZyWzJAk_MCDDEE2FZ-DHlImJOKD_IM2NNOWPI-yR
grimsecretary.com/ 0
322 B 73ms
72ms Ping
text/plain 2a00:1178:1:4b::1a
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://grimsecretary.com/YH2-xJpKZ.WL5M0_ZOGPFQ0RY-TT9UyVcWm_lYkZPaTbU-2dMeWfNgl_MiDjgk5lN-mnEo0pYqT_Ms5tNuDvN-kxZyWzJAk_MCDDEE2FZ-DHlImJOKD_IM2NNOWPI-yR

Requested by

Host: grimsecretary.com
URL: https://grimsecretary.com/c_Du9.6ibV2b5KlGSSWlQc9ON/D-kT3/MGTTEB0IOrCv0J0DOeT-c/xnMITxQO5a

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2a00:1178:1:4b::1a , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bestspots.gallery.beautifulscenery.click/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 01:09:54 GMT
x-content-type-options: nosniff
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 26 Jul 2011 05:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VDGKNZHC53&gtm=45je3bt0v9168754690&_p=1701738594324&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1433414736.1701738594&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1701738594&sct=1&seg=0&dl=https%3A%2F%2Fbestspots.gallery.beautifulscenery.click%2F&dt=versatile&en=scroll&epn.percent_scrolled=90&_et=6&tfd=5769
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VDGKNZHC53
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bestspots.gallery.beautifulscenery.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 01:09:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bestspots.gallery.beautifulscenery.click
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.beautifulscenery.click/	1970-01-21 02:18:18	Name: _ga Value: GA1.1.1433414736.1701738594
			.beautifulscenery.click/	1970-01-21 02:18:18	Name: _ga_VDGKNZHC53 Value: GS1.1.1701738594.1.0.1701738594.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bestspots.gallery.beautifulscenery.click
fonts.googleapis.com
fonts.gstatic.com
grimsecretary.com
region1.google-analytics.com
www.googletagmanager.com
www.incompatible-singer.pro
129.80.233.8
2001:4860:4802:32::36
2a00:1178:1:4b::1a
2a00:1450:4001:812::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:830::2008
67.216.91.19
113e249db59433554f79173bd16c0a50303a4581319707653eca278e28da0ebc
16607c26c4f4b537c207c8ba4d5833962d359448ee01ea622581c713c4131d6c
1adae707ecd73d542b41f03e26391413e822960968ca7aa5cc50a439b6b4747f
2643779ea0dd96a23e85b95f82d4ce2cedc52144f2330f245a59bcba6d56fe46
3612cd18bee7a378572e3256fbba142186d39a2081a71fef69e0877cd7293691
764447d9c52eec36d699a359467d507935829d363049431c3e6d5cae6f2cbd25
77ba8531ec5b5b8886fa16969097ade72fdb27121327123c0d78c7ff7482c2ec
804c48236d308262918bff1125c5eb7c71e919ccac5d3b9e18d8eaea8f5ccee4
817432df4495bbf46fcb370be80bae31faa3cdb900a2168f19e38173e4920825
887a22b453129b508f01f45407ebc7126416adb053ea7fb887d720c5e985e97e
8dbeee804c249634fd860cae932f54afe759de8c17c136995fcae57c24348cf9
8e50df9ee5459dd77704e2ba9d43748bf55bd87cf826a73bec95039380e251c6
9f462250b8dd8564db2ef14c92b49d52447a61d49fe9505ea6398eaa74994424
b34cbb71d75b84eb4925f51e050249f65fb3e3550133aba0a4c161c6820aec82
cad28de920bb5bc555ed1076c023a98760529360f8da14dee1f9264585a74595
dc4a9ee961bef9599aa5cef3494214648bbef8036f96e93df10cc4227e180596
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

bestspots.gallery.beautifulscenery.click Open in urlscan Pro 129.80.233.8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

71 %IPv6

7 Domains

7 Subdomains

7 IPs

3 Countries

1273 kBTransfer

1567 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

2 Cookies

Indicators

bestspots.gallery.beautifulscenery.click Open in urlscan Pro
129.80.233.8 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

1273 kB
Transfer

1567 kB
Size

2
Cookies

20 HTTP transactions
0 data transactions