urlscan.io logo urlscan.io
SecurityTrails logo

refreshcreativity.com Open in urlscan Pro
50.87.9.26  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-P...
Submission: On January 17 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 5 countries across 6 domains to perform 17 HTTP transactions. The main IP is 50.87.9.26, located in Provo, United States and belongs to UNIFIEDLAYER-AS-1 - Unified Layer, US. The main domain is refreshcreativity.com.
This is the only time refreshcreativity.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

IP Address AS Autonomous System
9 50.87.9.26 46606 (UNIFIEDLA...)
2 2.16.186.57 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 141.8.225.89 40034 (CONFLUENC...)
2 208.91.196.4 40034 (CONFLUENC...)
17 5
9    50.87.9.26 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: 50-87-9-26.unifiedlayer.com
refreshcreativity.com
2    2.16.186.57 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-57.deploy.static.akamaitechnologies.com
cdn.dsultra.com
2    2a00:1450:4001:815::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:815::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    141.8.225.89 (Switzerland)

ASN40034 (CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG)
dsregredir.com
2    208.91.196.4 (Road Town, Virgin Islands (British))

ASN40034 (CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG)
www.searchesinteractive.com
Domain Requested by
9 refreshcreativity.com refreshcreativity.com
2 www.searchesinteractive.com cdn.dsultra.com
2 dsregredir.com 2 redirects
2 www.google.com pagead2.googlesyndication.com
2 pagead2.googlesyndication.com cdn.dsultra.com
2 cdn.dsultra.com refreshcreativity.com
17 6

This site contains no links.

Subject Issuer Validity Valid
www.google.com
Google Internet Authority G3		 2018-12-19 -
2019-03-13		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Frame ID: F17054B24CC5609214603C246E5E2A82
Requests: 7 HTTP requests in this frame

Frame: http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/a.htm
Frame ID: 8F8507B867410EB19F154DE3B26F8953
Requests: 4 HTTP requests in this frame

Frame: http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/i.htm
Frame ID: AD37DA695FC461B7E22A14664F40CDA4
Requests: 4 HTTP requests in this frame

Frame: http://www.searchesinteractive.com/?dn=refreshcreativity.com&pid=9PO2GG478
Frame ID: A249B24419637904E038398DD2AEDF0D
Requests: 1 HTTP requests in this frame

Frame: http://www.searchesinteractive.com/?dn=refreshcreativity.com&pid=9PO2GG478
Frame ID: F6D69DFCA29D62727ED9EA40437CD3D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
  • env /^Modernizr$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

17
Requests

12 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

5
Countries

86 kB
Transfer

218 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • http://dsregredir.com/?domainname=refreshcreativity.com&drid=as-drid-2578124767373827&a_id=143209&session_token=undefined HTTP 302
  • http://www.searchesinteractive.com/?dn=refreshcreativity.com&pid=9PO2GG478
Request Chain 15
  • http://dsregredir.com/?domainname=refreshcreativity.com&drid=as-drid-2578124767373827&a_id=143209&session_token=undefined HTTP 302
  • http://www.searchesinteractive.com/?dn=refreshcreativity.com&pid=9PO2GG478

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set loginauth.php
refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Protocol
HTTP/1.1
Server
50.87.9.26 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
50-87-9-26.unifiedlayer.com
Software
nginx/1.14.1 /
Resource Hash
f898b4a4eb0b93b097f91d05bbcdef7fac8b31a161082000f068e6de58032ee1

Request headers

Host
refreshcreativity.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx/1.14.1
Date
Thu, 17 Jan 2019 04:33:25 GMT
Content-Type
text/html
Content-Length
2343
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Set-Cookie
PHPSESSID=2jajsk82sm684ppje6nnv8v1n7; path=/
Vary
Accept-Encoding
Content-Encoding
gzip
app_ys.css
refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/YSASSETS/css/ 		41 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/YSASSETS/css/app_ys.css
Requested by
Host: refreshcreativity.com
URL: http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Protocol
HTTP/1.1
Server
50.87.9.26 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
50-87-9-26.unifiedlayer.com
Software
nginx/1.14.1 /
Resource Hash
d491110d14c4d7182a0c9790d351b5c40cea642c4add3842bf8412687bd08f3d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
refreshcreativity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Cookie
PHPSESSID=2jajsk82sm684ppje6nnv8v1n7
Connection
keep-alive
Cache-Control
no-cache
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 17 Jan 2019 04:33:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Dec 2018 18:20:59 GMT
Server
nginx/1.14.1
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10186
ys_rotate.css
refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/YSASSETS/css/ 		2 KB
838 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/YSASSETS/css/ys_rotate.css
Requested by
Host: refreshcreativity.com
URL: http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Protocol
HTTP/1.1
Server
50.87.9.26 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
50-87-9-26.unifiedlayer.com
Software
nginx/1.14.1 /
Resource Hash
5ca63f9d668f1d38e6a85f426704c402571f11b25e54cabc0814c9079e77fc4a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
refreshcreativity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Cookie
PHPSESSID=2jajsk82sm684ppje6nnv8v1n7
Connection
keep-alive
Cache-Control
no-cache
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 17 Jan 2019 04:33:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Dec 2018 18:20:59 GMT
Server
nginx/1.14.1
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
576
modernizr-2.js
refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/YSASSETS/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/YSASSETS/js/modernizr-2.js
Requested by
Host: refreshcreativity.com
URL: http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Protocol
HTTP/1.1
Server
50.87.9.26 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
50-87-9-26.unifiedlayer.com
Software
nginx/1.14.1 /
Resource Hash
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
refreshcreativity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Cookie
PHPSESSID=2jajsk82sm684ppje6nnv8v1n7
Connection
keep-alive
Cache-Control
no-cache
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 17 Jan 2019 04:33:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Dec 2018 18:20:59 GMT
Server
nginx/1.14.1
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1877
ys_dowira_jquery.js
refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/YSASSETS/js/ 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/YSASSETS/js/ys_dowira_jquery.js
Requested by
Host: refreshcreativity.com
URL: http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Protocol
HTTP/1.1
Server
50.87.9.26 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
50-87-9-26.unifiedlayer.com
Software
nginx/1.14.1 /
Resource Hash
e8fbccfcac07bb996f74fd19e77f601372a374b3f756a2d8389e931271945c2a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
refreshcreativity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Cookie
PHPSESSID=2jajsk82sm684ppje6nnv8v1n7
Connection
keep-alive
Cache-Control
no-cache
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 17 Jan 2019 04:33:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Dec 2018 18:20:59 GMT
Server
nginx/1.14.1
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38918
ys_dowira_plugins.js
refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/YSASSETS/js/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/YSASSETS/js/ys_dowira_plugins.js
Requested by
Host: refreshcreativity.com
URL: http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Protocol
HTTP/1.1
Server
50.87.9.26 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
50-87-9-26.unifiedlayer.com
Software
nginx/1.14.1 /
Resource Hash
607530a98b7c468dd0734a70b6e1d3d1decf1d2e5f949cae492b98f43ee74949

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
refreshcreativity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Cookie
PHPSESSID=2jajsk82sm684ppje6nnv8v1n7
Connection
keep-alive
Cache-Control
no-cache
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 17 Jan 2019 04:33:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Dec 2018 18:20:59 GMT
Server
nginx/1.14.1
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18314
a.htm
refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/ Frame 8F85 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/a.htm
Requested by
Host: refreshcreativity.com
URL: http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Protocol
HTTP/1.1
Server
50.87.9.26 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
50-87-9-26.unifiedlayer.com
Software
nginx/1.14.1 /
Resource Hash
331458063fa1388e57d48f7bb1f9203f1280a669aede4ebca9a89908a106a5f3

Request headers

Host
refreshcreativity.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Accept-Encoding
gzip, deflate
Cookie
PHPSESSID=2jajsk82sm684ppje6nnv8v1n7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.

Response headers

Server
nginx/1.14.1
Date
Thu, 17 Jan 2019 04:33:26 GMT
Content-Type
text/html
Content-Length
870
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
YS_paypal-logo-129x32.svg
refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/YSASSETS/img/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/YSASSETS/img/YS_paypal-logo-129x32.svg
Requested by
Host: refreshcreativity.com
URL: http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Protocol
HTTP/1.1
Server
50.87.9.26 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
50-87-9-26.unifiedlayer.com
Software
nginx/1.14.1 /
Resource Hash
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
refreshcreativity.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/YSASSETS/css/app_ys.css
Cookie
PHPSESSID=2jajsk82sm684ppje6nnv8v1n7
Connection
keep-alive
Cache-Control
no-cache
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/YSASSETS/css/app_ys.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 17 Jan 2019 04:33:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Dec 2018 18:20:59 GMT
Server
nginx/1.14.1
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2074
i.htm
refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/ Frame AD37 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/i.htm
Requested by
Host: refreshcreativity.com
URL: http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Protocol
HTTP/1.1
Server
50.87.9.26 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
50-87-9-26.unifiedlayer.com
Software
nginx/1.14.1 /
Resource Hash
331458063fa1388e57d48f7bb1f9203f1280a669aede4ebca9a89908a106a5f3

Request headers

Host
refreshcreativity.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.
Accept-Encoding
gzip, deflate
Cookie
PHPSESSID=2jajsk82sm684ppje6nnv8v1n7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/loginauth.php?country.x=&locale.x=&SEC.x=ID-PAc80ad85040c96f220db2eff04d7b85b4&home?$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.&Safety=xLtOgM6Y4b2nDJhXEVUBHk0WIl5qKsmRvTyC1zF7iNZPQ3uoGcwSfajA8edp9rN3Sz5YtXuhQpUVy6rOkxFWe7ERIGL9dcaCvj0qi8D142gHAmloPfZbsMBwKnJT77462650040&$1$YkvsP.It$fuBuMUeFTZbVZIuF9mq6I.

Response headers

Server
nginx/1.14.1
Date
Thu, 17 Jan 2019 04:33:26 GMT
Content-Type
text/html
Content-Length
870
Connection
keep-alive
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
registrar.js
cdn.dsultra.com/js/ Frame 8F85 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.dsultra.com/js/registrar.js
Requested by
Host: refreshcreativity.com
URL: http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/a.htm
Protocol
HTTP/1.1
Server
2.16.186.57 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-57.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
055f392ecc066e80dfd57da53d329fa8a8e263133c569100ae5598dc56493b55

Request headers

Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/a.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 17 Jan 2019 04:33:26 GMT
Last-Modified
Tue, 31 May 2016 17:57:54 GMT
Server
nginx
ETag
"574dd0a2-6ea"
Content-Type
application/javascript
Cache-Control
public, max-age=80822
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1770
Expires
Fri, 18 Jan 2019 03:00:28 GMT
registrar.js
cdn.dsultra.com/js/ Frame AD37 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.dsultra.com/js/registrar.js
Requested by
Host: refreshcreativity.com
URL: http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/i.htm
Protocol
HTTP/1.1
Server
2.16.186.57 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-57.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
055f392ecc066e80dfd57da53d329fa8a8e263133c569100ae5598dc56493b55

Request headers

Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/i.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 17 Jan 2019 04:33:26 GMT
Last-Modified
Tue, 31 May 2016 17:57:54 GMT
Server
nginx
ETag
"574dd0a2-6ea"
Content-Type
application/javascript
Cache-Control
public, max-age=80822
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1770
Expires
Fri, 18 Jan 2019 03:00:28 GMT
show_afd_ads.js
pagead2.googlesyndication.com/apps/domainpark/ Frame 8F85 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js
Requested by
Host: cdn.dsultra.com
URL: http://cdn.dsultra.com/js/registrar.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
028f5d51a82cd752677d21413de55334103c1c95956f5c6dd293b290858da34e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/a.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 17 Jan 2019 04:33:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"3311595511751825060"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Accept-Ranges
bytes
Content-Length
1165
X-XSS-Protection
1; mode=block
Expires
Thu, 17 Jan 2019 04:33:26 GMT
show_afd_ads.js
pagead2.googlesyndication.com/apps/domainpark/ Frame AD37 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js
Requested by
Host: cdn.dsultra.com
URL: http://cdn.dsultra.com/js/registrar.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:815::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
028f5d51a82cd752677d21413de55334103c1c95956f5c6dd293b290858da34e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/i.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 17 Jan 2019 04:33:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"3311595511751825060"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Accept-Ranges
bytes
Content-Length
1165
X-XSS-Protection
1; mode=block
Expires
Thu, 17 Jan 2019 04:33:26 GMT
ads
www.google.com/dp/ Frame AD37 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/dp/ads?output=afd_ads&client=dp-oversee_ncd&domain_name=refreshcreativity.com&afdt=create&swp=as-drid-2578124767373827&dt=1547699606913&u_tz=0&u_his=2&u_h=1200&u_w=1600&frm=1
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/i.htm
Origin
http://refreshcreativity.com

Response headers
ads
www.google.com/dp/ Frame 8F85 		0
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/dp/ads?output=afd_ads&client=dp-oversee_ncd&domain_name=refreshcreativity.com&afdt=create&swp=as-drid-2578124767373827&dt=1547699606917&u_tz=0&u_his=2&u_h=1200&u_w=1600&frm=1
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:815::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/a.htm
Origin
http://refreshcreativity.com

Response headers
/
www.searchesinteractive.com/ Frame A249
Redirect Chain
  • http://dsregredir.com/?domainname=refreshcreativity.com&drid=as-drid-2578124767373827&a_id=143209&session_token=undefined
  • http://www.searchesinteractive.com/?dn=refreshcreativity.com&pid=9PO2GG478
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.searchesinteractive.com/?dn=refreshcreativity.com&pid=9PO2GG478
Requested by
Host: cdn.dsultra.com
URL: http://cdn.dsultra.com/js/registrar.js
Protocol
HTTP/1.1
Server
208.91.196.4 Road Town, Virgin Islands (British), ASN40034 (CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
www.searchesinteractive.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/i.htm
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/i.htm

Response headers

Date
Thu, 17 Jan 2019 04:33:29 GMT
Server
Apache
ntCoent-Length
271
Keep-Alive
timeout=5, max=128
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Cache-Control
private
Content-Encoding
gzip
Content-Length
195

Redirect headers

Date
Thu, 17 Jan 2019 04:33:28 GMT
Server
Apache
Location
http://www.searchesinteractive.com/?dn=refreshcreativity.com&pid=9PO2GG478
Content-Length
0
Keep-Alive
timeout=5, max=128
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
/
www.searchesinteractive.com/ Frame F6D6
Redirect Chain
  • http://dsregredir.com/?domainname=refreshcreativity.com&drid=as-drid-2578124767373827&a_id=143209&session_token=undefined
  • http://www.searchesinteractive.com/?dn=refreshcreativity.com&pid=9PO2GG478
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://www.searchesinteractive.com/?dn=refreshcreativity.com&pid=9PO2GG478
Requested by
Host: cdn.dsultra.com
URL: http://cdn.dsultra.com/js/registrar.js
Protocol
HTTP/1.1
Server
208.91.196.4 Road Town, Virgin Islands (British), ASN40034 (CONFLUENCE-NETWORK-INC - Confluence Networks Inc, VG),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Host
www.searchesinteractive.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/a.htm
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://refreshcreativity.com/includes/help/Old/4139503b90a7f18e7ede372a25b1c6b9/style/a.htm

Response headers

Date
Thu, 17 Jan 2019 04:33:28 GMT
Server
Apache
ntCoent-Length
272
Keep-Alive
timeout=5, max=126
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Cache-Control
private
Content-Encoding
gzip
Content-Length
196

Redirect headers

Date
Thu, 17 Jan 2019 04:33:28 GMT
Server
Apache
Location
http://www.searchesinteractive.com/?dn=refreshcreativity.com&pid=9PO2GG478
Content-Length
0
Keep-Alive
timeout=5, max=128
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| html5 object| Modernizr function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
refreshcreativity.com/ Name: PHPSESSID
Value: 2jajsk82sm684ppje6nnv8v1n7