159.89.145.125 Open in urlscan Pro
159.89.145.125  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://159.89.145.125/?semcid=amazon.social.google.gt-c-en.car&SEMDTL=a1894432125.b144522333757.d1260449266131.e1c.f11t1.g1kwd-295205470739.h1e.i1.j11027028.k1.l1g.m1.n1&gclsrc=aw.ds&url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/?url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/&id=72 Page URL
2. http://159.89.145.125/anglerscovey.stream/2/index.html Page URL
3. http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response 159.89.145.125/	5 KB 5 KB	314ms 156ms	Document text/html	159.89.145.125 DigitalOcean
General Check archive.org Show headers Download Go to Full URL http://159.89.145.125/?semcid=amazon.social.google.gt-c-en.car&SEMDTL=a1894432125.b144522333757.d1260449266131.e1c.f11t1.g1kwd-295205470739.h1e.i1.j11027028.k1.l1g.m1.n1&gclsrc=aw.ds&url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/?url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/&id=72 Protocol HTTP/1.1 Server 159.89.145.125 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software Apache/2.4.6 (CentOS) PHP/5.4.16 / Resource Hash af51e56cb805c77f4317638331a45578d5566302002cc11907c6f7539bc1a7d4 Request headers Host 159.89.145.125 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 6142E26A2BFCF4AD0B54B864A1C49553 Response headers Date Wed, 25 Jul 2018 13:34:44 GMT Server Apache/2.4.6 (CentOS) PHP/5.4.16 Last-Modified Tue, 24 Jul 2018 21:50:45 GMT ETag "1472-571c5c11bc6f1" Accept-Ranges bytes Content-Length 5234 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	backblue.gif 159.89.145.125/	4 KB 4 KB	157ms 156ms	Image image/gif	159.89.145.125 DigitalOcean
General Check archive.org Show headers Download Go to Show image Full URL http://159.89.145.125/backblue.gif Requested by Host: 159.89.145.125 URL: http://159.89.145.125/?semcid=amazon.social.google.gt-c-en.car&SEMDTL=a1894432125.b144522333757.d1260449266131.e1c.f11t1.g1kwd-295205470739.h1e.i1.j11027028.k1.l1g.m1.n1&gclsrc=aw.ds&url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/?url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/&id=72 Protocol HTTP/1.1 Server 159.89.145.125 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software Apache/2.4.6 (CentOS) PHP/5.4.16 / Resource Hash 5ecd3c65a71650f10ddc799403b682af2d866e50fc1ea30e972fd8c7df3f77e7 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 159.89.145.125 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://159.89.145.125/?semcid=amazon.social.google.gt-c-en.car&SEMDTL=a1894432125.b144522333757.d1260449266131.e1c.f11t1.g1kwd-295205470739.h1e.i1.j11027028.k1.l1g.m1.n1&gclsrc=aw.ds&url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/?url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/&id=72 Connection keep-alive Cache-Control no-cache Referer http://159.89.145.125/?semcid=amazon.social.google.gt-c-en.car&SEMDTL=a1894432125.b144522333757.d1260449266131.e1c.f11t1.g1kwd-295205470739.h1e.i1.j11027028.k1.l1g.m1.n1&gclsrc=aw.ds&url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/?url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/&id=72 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 25 Jul 2018 13:34:44 GMT Last-Modified Tue, 24 Jul 2018 21:50:44 GMT Server Apache/2.4.6 (CentOS) PHP/5.4.16 ETag "1093-571c5c101de2a" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 4243
GET H/1.1	200 OK	fade.gif 159.89.145.125/	828 B 1 KB	313ms 156ms	Image image/gif	159.89.145.125 DigitalOcean
General Check archive.org Show headers Download Go to Show image Full URL http://159.89.145.125/fade.gif Requested by Host: 159.89.145.125 URL: http://159.89.145.125/?semcid=amazon.social.google.gt-c-en.car&SEMDTL=a1894432125.b144522333757.d1260449266131.e1c.f11t1.g1kwd-295205470739.h1e.i1.j11027028.k1.l1g.m1.n1&gclsrc=aw.ds&url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/?url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/&id=72 Protocol HTTP/1.1 Server 159.89.145.125 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software Apache/2.4.6 (CentOS) PHP/5.4.16 / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 159.89.145.125 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://159.89.145.125/?semcid=amazon.social.google.gt-c-en.car&SEMDTL=a1894432125.b144522333757.d1260449266131.e1c.f11t1.g1kwd-295205470739.h1e.i1.j11027028.k1.l1g.m1.n1&gclsrc=aw.ds&url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/?url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/&id=72 Connection keep-alive Cache-Control no-cache Referer http://159.89.145.125/?semcid=amazon.social.google.gt-c-en.car&SEMDTL=a1894432125.b144522333757.d1260449266131.e1c.f11t1.g1kwd-295205470739.h1e.i1.j11027028.k1.l1g.m1.n1&gclsrc=aw.ds&url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/?url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/&id=72 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 25 Jul 2018 13:34:44 GMT Last-Modified Tue, 24 Jul 2018 21:50:42 GMT Server Apache/2.4.6 (CentOS) PHP/5.4.16 ETag "33c-571c5c0eee6b8" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 828
GET H/1.1	200 OK	index.html Show response 159.89.145.125/anglerscovey.stream/2/	716 B 1 KB	156ms 156ms	Document text/html	159.89.145.125 DigitalOcean
General Check archive.org Show headers Download Go to Full URL http://159.89.145.125/anglerscovey.stream/2/index.html Protocol HTTP/1.1 Server 159.89.145.125 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software Apache/2.4.6 (CentOS) PHP/5.4.16 / Resource Hash be73c78eb557e4a4e97a422585b5a646ad3359d79eea72938cb07d41e22c8629 Request headers Host 159.89.145.125 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer http://159.89.145.125/?semcid=amazon.social.google.gt-c-en.car&SEMDTL=a1894432125.b144522333757.d1260449266131.e1c.f11t1.g1kwd-295205470739.h1e.i1.j11027028.k1.l1g.m1.n1&gclsrc=aw.ds&url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/?url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/&id=72 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 6142E26A2BFCF4AD0B54B864A1C49553 Referer http://159.89.145.125/?semcid=amazon.social.google.gt-c-en.car&SEMDTL=a1894432125.b144522333757.d1260449266131.e1c.f11t1.g1kwd-295205470739.h1e.i1.j11027028.k1.l1g.m1.n1&gclsrc=aw.ds&url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/?url=https://www.amazon.com/FOCUSPOWER-Bluetooth-Smallest-Invisible-Headphone/dp/B01M2ZOLLP/&id=72 Response headers Date Wed, 25 Jul 2018 13:34:45 GMT Server Apache/2.4.6 (CentOS) PHP/5.4.16 Last-Modified Tue, 24 Jul 2018 21:51:06 GMT ETag "2cc-571c5c25d33ad" Accept-Ranges bytes Content-Length 716 Keep-Alive timeout=5, max=97 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	jquery-3.1.1.min.js Show response 159.89.145.125/anglerscovey.stream/2/	85 KB 85 KB	156ms 156ms	Script application/javascript	159.89.145.125 DigitalOcean
General Check archive.org Show headers Download Go to Full URL http://159.89.145.125/anglerscovey.stream/2/jquery-3.1.1.min.js Requested by Host: 159.89.145.125 URL: http://159.89.145.125/anglerscovey.stream/2/index.html Protocol HTTP/1.1 Server 159.89.145.125 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software Apache/2.4.6 (CentOS) PHP/5.4.16 / Resource Hash 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 159.89.145.125 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer http://159.89.145.125/anglerscovey.stream/2/index.html Connection keep-alive Cache-Control no-cache Referer http://159.89.145.125/anglerscovey.stream/2/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 25 Jul 2018 13:34:45 GMT Last-Modified Tue, 24 Jul 2018 21:51:09 GMT Server Apache/2.4.6 (CentOS) PHP/5.4.16 ETag "152b5-571c5c2830350" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 86709
GET H/1.1	200 OK	font-include.js Show response 159.89.145.125/anglerscovey.stream/2/	583 B 891 B	165ms 165ms	Script application/javascript	159.89.145.125 DigitalOcean
General Check archive.org Show headers Download Go to Full URL http://159.89.145.125/anglerscovey.stream/2/font-include.js Requested by Host: 159.89.145.125 URL: http://159.89.145.125/anglerscovey.stream/2/index.html Protocol HTTP/1.1 Server 159.89.145.125 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software Apache/2.4.6 (CentOS) PHP/5.4.16 / Resource Hash 4840ce73dca79f85b593a8e0063a9d989c91fe5fe15957cd8426ab3ab011bdfb Request headers Pragma no-cache Accept-Encoding gzip, deflate Host 159.89.145.125 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer http://159.89.145.125/anglerscovey.stream/2/index.html Connection keep-alive Cache-Control no-cache Referer http://159.89.145.125/anglerscovey.stream/2/index.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 25 Jul 2018 13:34:45 GMT Last-Modified Tue, 24 Jul 2018 21:51:06 GMT Server Apache/2.4.6 (CentOS) PHP/5.4.16 ETag "247-571c5c25dd7bd" Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 583
GET		fontinit.php fontsizes.org/3.0.1/	0 0
GET H/1.1	200 OK	Primary Request indexaf0f.html Show response 159.89.145.125/anglerscovey.stream/2/windows/chrome/	90 KB 90 KB	156ms 156ms	Document text/html	159.89.145.125 DigitalOcean
General Check archive.org Show headers Download Go to Full URL http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Requested by Host: 159.89.145.125 URL: http://159.89.145.125/anglerscovey.stream/2/index.html Protocol HTTP/1.1 Server 159.89.145.125 Vancouver, Canada, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US), Reverse DNS Software Apache/2.4.6 (CentOS) PHP/5.4.16 / Resource Hash 370b4c73ec814629486d544efb63738fe0532d332c87737d568f0240a335c8f6 Request headers Host 159.89.145.125 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer http://159.89.145.125/anglerscovey.stream/2/index.html Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 6142E26A2BFCF4AD0B54B864A1C49553 Referer http://159.89.145.125/anglerscovey.stream/2/index.html Response headers Date Wed, 25 Jul 2018 13:34:45 GMT Server Apache/2.4.6 (CentOS) PHP/5.4.16 Last-Modified Tue, 24 Jul 2018 21:51:20 GMT ETag "166ad-571c5c32f96c6" Accept-Ranges bytes Content-Length 91821 Keep-Alive timeout=5, max=95 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET S	200	js Show response www.googletagmanager.com/gtag/	72 KB 25 KB	20ms 18ms	Script application/javascript	2a00:1450:4001:810::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-106562603-2 Requested by Host: 159.89.145.125 URL: http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Protocol SPDY Server 2a00:1450:4001:810::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager (scaffolding) / Resource Hash f791e5bcfc17b62bd8df9a3a4c6b69f4599f0b859eb3466ac6e128970812b563 Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Referer http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Wed, 25 Jul 2018 13:34:45 GMT content-encoding gzip server Google Tag Manager (scaffolding) access-control-allow-headers Cache-Control status 200 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin http://www.googletagmanager.com cache-control private, max-age=900 access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 25741 x-xss-protection 1; mode=block expires Wed, 25 Jul 2018 13:34:45 GMT
GET H/1.1	200 OK	bootstrap.css anglerscovey.stream/2/windows/chrome/index_files/	118 KB 119 KB	603ms 108ms	Stylesheet text/css	66.198.240.25 A2 Hosting
General Check archive.org Show headers Download Go to Full URL https://anglerscovey.stream/2/windows/chrome/index_files/bootstrap.css Requested by Host: 159.89.145.125 URL: http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Protocol HTTP/1.1 Server 66.198.240.25 Chicago, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US), Reverse DNS a2ss37.a2hosting.com Software Apache / Resource Hash b809cdcf8cddf73245f98400be326be4831a53924798a1c71c6f17c790bb4496 Request headers Referer http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 25 Jul 2018 13:34:46 GMT Last-Modified Tue, 24 Jul 2018 20:44:05 GMT Server Apache ETag "40c4e9-1d9c6-571c4d2a7635b" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 121286
GET H/1.1	200 OK	style.css anglerscovey.stream/2/windows/chrome/index_files/	23 KB 23 KB	707ms 170ms	Stylesheet text/css	66.198.240.25 A2 Hosting
General Check archive.org Show headers Download Go to Full URL https://anglerscovey.stream/2/windows/chrome/index_files/style.css Requested by Host: 159.89.145.125 URL: http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Protocol HTTP/1.1 Server 66.198.240.25 Chicago, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US), Reverse DNS a2ss37.a2hosting.com Software Apache / Resource Hash a7fdd2397e0f7290cbf6c599af043bf91d351d755e5fcbcf7cef9f5bf8fc252f Request headers Referer http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 25 Jul 2018 13:34:46 GMT Last-Modified Tue, 24 Jul 2018 20:44:05 GMT Server Apache ETag "40c4ea-5ac0-571c4d2a76743" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 23232
GET H/1.1	404 Not Found	translator.css anglerscovey.stream/2/windows/chrome/index_files/	0 0	733ms 195ms	Stylesheet text/html	66.198.240.25 A2 Hosting
General Check archive.org Show headers Download Go to Full URL https://anglerscovey.stream/2/windows/chrome/index_files/translator.css Requested by Host: 159.89.145.125 URL: http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Protocol HTTP/1.1 Server 66.198.240.25 Chicago, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US), Reverse DNS a2ss37.a2hosting.com Software / Resource Hash Request headers Referer http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	alert.css anglerscovey.stream/2/windows/chrome/index_files/	3 KB 3 KB	758ms 219ms	Stylesheet text/css	66.198.240.25 A2 Hosting
General Check archive.org Show headers Download Go to Full URL https://anglerscovey.stream/2/windows/chrome/index_files/alert.css Requested by Host: 159.89.145.125 URL: http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Protocol HTTP/1.1 Server 66.198.240.25 Chicago, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US), Reverse DNS a2ss37.a2hosting.com Software Apache / Resource Hash e4113c5c9a786841db2b70edc02f02da379b2a37605580dafbabd0f8036c33e9 Request headers Referer http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 25 Jul 2018 13:34:46 GMT Last-Modified Tue, 24 Jul 2018 20:44:05 GMT Server Apache ETag "40c1ae-bfe-571c4d2a7635b" Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 3070
GET H/1.1	200 OK	windows.png anglerscovey.stream/2/windows/chrome/index_files/	2 KB 3 KB	122ms 122ms	Image image/png	66.198.240.25 A2 Hosting
General Check archive.org Show headers Download Go to Show image Full URL https://anglerscovey.stream/2/windows/chrome/index_files/windows.png Requested by Host: 159.89.145.125 URL: http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Protocol HTTP/1.1 Server 66.198.240.25 Chicago, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US), Reverse DNS a2ss37.a2hosting.com Software Apache / Resource Hash 9e590c1c5e7601413a44e2c7b8611dab5fb2ee6d6287d3c88bf137465279ef54 Request headers Referer http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Wed, 25 Jul 2018 13:34:46 GMT Last-Modified Tue, 24 Jul 2018 20:44:05 GMT Server Apache ETag "40c4d9-9d3-571c4d2a7635b" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2515
GET S	200	analytics.js Show response www.google-analytics.com/	34 KB 14 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:810::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-106562603-2 Protocol SPDY Server 2a00:1450:4001:810::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 18 May 2018 01:10:24 GMT server Golfe2 age 2158 date Wed, 25 Jul 2018 12:58:48 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 14386 expires Wed, 25 Jul 2018 14:58:48 GMT
GET S	200	collect www.google-analytics.com/r/	35 B 111 B	13ms 13ms	Image image/gif	2a00:1450:4001:810::200e Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j68&a=153843061&t=pageview&_s=1&dl=http%3A%2F%2F159.89.145.125%2Fanglerscovey.stream%2F2%2Fwindows%2Fchrome%2Findexaf0f.html%3Fq%3D2b312d3838382d3430302d31373434%26amp%3Bua%3D55412d37373532343034342d32&ul=en-us&de=UTF-8&dt=Information&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1636322069&gjid=1895258356&cid=968326509.1532525687&tid=UA-106562603-2&_gid=722954617.1532525687&_r=1&gtm=u7g&z=849488544 Requested by Host: 159.89.145.125 URL: http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Protocol SPDY Server 2a00:1450:4001:810::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Wed, 25 Jul 2018 13:34:46 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	404 Not Found	a.htm anglerscovey.stream/2/windows/chrome/index_files/ Frame B5F4	0 0	108ms 107ms	Document text/html	66.198.240.25 A2 Hosting
General Check archive.org Show headers Download Go to Full URL https://anglerscovey.stream/2/windows/chrome/index_files/a.htm Requested by Host: 159.89.145.125 URL: http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 66.198.240.25 Chicago, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US), Reverse DNS a2ss37.a2hosting.com Software Apache / Resource Hash Request headers Host anglerscovey.stream Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Referer http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 6142E26A2BFCF4AD0B54B864A1C49553 Referer http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Response headers Date Wed, 25 Jul 2018 13:34:47 GMT Server Apache Content-Length 351 Keep-Alive timeout=5, max=99 Connection Keep-Alive Content-Type text/html; charset=iso-8859-1
GET		glyphicons-halflings-regular.woff2 anglerscovey.stream/2/windows/chrome/fonts/	0 0
GET H/1.1	206 Partial Content	fr.mp3 anglerscovey.stream/2/windows/chrome/	0 0	108ms 108ms	Media audio/mpeg	66.198.240.25 A2 Hosting
General Check archive.org Show headers Download Go to Full URL https://anglerscovey.stream/2/windows/chrome/fr.mp3 Requested by Host: 159.89.145.125 URL: http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Protocol HTTP/1.1 Server 66.198.240.25 Chicago, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US), Reverse DNS a2ss37.a2hosting.com Software Apache / Resource Hash Request headers Referer http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Range bytes=0- chrome-proxy frfr Response headers Date Wed, 25 Jul 2018 13:34:47 GMT Last-Modified Tue, 24 Jul 2018 20:44:05 GMT Server Apache ETag "40c506-8c3ca-571c4d2a76f13" Content-Type audio/mpeg Content-Range bytes 0-574409/574410 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 574410
GET H/1.1	206 Partial Content	fr.mp3 anglerscovey.stream/2/windows/chrome/	160 KB 0	114ms 114ms	Media audio/mpeg	66.198.240.25 A2 Hosting
General Check archive.org Show headers Download Go to Full URL https://anglerscovey.stream/2/windows/chrome/fr.mp3 Requested by Host: 159.89.145.125 URL: http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Protocol HTTP/1.1 Server 66.198.240.25 Chicago, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US), Reverse DNS a2ss37.a2hosting.com Software Apache / Resource Hash Request headers Referer http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Range bytes=0- chrome-proxy frfr Response headers Date Wed, 25 Jul 2018 13:34:47 GMT Last-Modified Tue, 24 Jul 2018 20:44:05 GMT Server Apache ETag "40c506-8c3ca-571c4d2a76f13" Content-Type audio/mpeg Content-Range bytes 0-574409/574410 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 574410
GET H/1.1	404 Not Found	js15_as.js anglerscovey.stream/2/windows/s10.histats.com/	0 0	107ms 107ms	Script text/html	66.198.240.25 A2 Hosting
General Check archive.org Show headers Download Go to Full URL https://anglerscovey.stream/2/windows/s10.histats.com/js15_as.js Requested by Host: 159.89.145.125 URL: http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 Protocol HTTP/1.1 Server 66.198.240.25 Chicago, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US), Reverse DNS a2ss37.a2hosting.com Software / Resource Hash Request headers Referer http://159.89.145.125/anglerscovey.stream/2/windows/chrome/indexaf0f.html?q=2b312d3838382d3430302d31373434&ua=55412d37373532343034342d32 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Content-Type text/html; charset=iso-8859-1
GET		glyphicons-halflings-regular.woff anglerscovey.stream/2/windows/chrome/fonts/	0 0
GET		glyphicons-halflings-regular.ttf anglerscovey.stream/2/windows/chrome/fonts/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

fontsizes.org

URL

http://fontsizes.org/3.0.1/fontinit.php

Domain

anglerscovey.stream

URL

https://anglerscovey.stream/2/windows/chrome/fonts/glyphicons-halflings-regular.woff2

Domain

anglerscovey.stream

URL

https://anglerscovey.stream/2/windows/chrome/fonts/glyphicons-halflings-regular.woff

Domain

anglerscovey.stream

URL

https://anglerscovey.stream/2/windows/chrome/fonts/glyphicons-halflings-regular.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft Defender (Consumer)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| getURLParameter string| error string| stroka function| toggleFullScreen string| subid string| clickid string| postback boolean| cl boolean| isFullScreen function| kzogExQSrDChY4Iq function| setCookie function| hTRnKeAy1lgYB4La function| gpAkSJDl9ENT5gLQ function| eKxJS2GzrfWPEjgm function| hCPNapvlhFicLoDm function| hxvw7JrbMUZBqVhN function| f5WOxk2dF74GMRLf function| dsfsf function| addEvent function| removeEvent string| nomer string| red object| _Hasync

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			159.89.145.125/	1970-01-18 17:42:05	Name: _gat_gtag_UA_106562603_2 Value: 1
			159.89.145.125/	1970-01-18 17:43:32	Name: _gid Value: GA1.1.722954617.1532525687
			159.89.145.125/	1970-01-19 11:13:17	Name: _ga Value: GA1.1.968326509.1532525687

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anglerscovey.stream
fontsizes.org
www.google-analytics.com
www.googletagmanager.com
anglerscovey.stream
fontsizes.org
159.89.145.125
2a00:1450:4001:810::2008
2a00:1450:4001:810::200e
66.198.240.25
370b4c73ec814629486d544efb63738fe0532d332c87737d568f0240a335c8f6
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
4840ce73dca79f85b593a8e0063a9d989c91fe5fe15957cd8426ab3ab011bdfb
5ecd3c65a71650f10ddc799403b682af2d866e50fc1ea30e972fd8c7df3f77e7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
9e590c1c5e7601413a44e2c7b8611dab5fb2ee6d6287d3c88bf137465279ef54
a7fdd2397e0f7290cbf6c599af043bf91d351d755e5fcbcf7cef9f5bf8fc252f
af51e56cb805c77f4317638331a45578d5566302002cc11907c6f7539bc1a7d4
b809cdcf8cddf73245f98400be326be4831a53924798a1c71c6f17c790bb4496
be73c78eb557e4a4e97a422585b5a646ad3359d79eea72938cb07d41e22c8629
e4113c5c9a786841db2b70edc02f02da379b2a37605580dafbabd0f8036c33e9
f791e5bcfc17b62bd8df9a3a4c6b69f4599f0b859eb3466ac6e128970812b563