valleyspiritusa.dynserv.org Open in urlscan Pro
34.106.118.238 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://valleyspiritusa.dynserv.org/page2.html
Submission: On July 10 via automatic, source openphish (July 10th 2021, 1:28:10 am UTC)

Summary HTTP 25 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 25 HTTP transactions. The main IP is 34.106.118.238, located in Salt Lake City, United States and belongs to GOOGLE, US. The main domain is valleyspiritusa.dynserv.org.

This is the only time valleyspiritusa.dynserv.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	34.106.118.238 34.106.118.238	15169 (GOOGLE) (GOOGLE)
1 3	63.32.153.45 63.32.153.45	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.30.135.179 52.30.135.179	16509 (AMAZON-02) (AMAZON-02)
2	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 1	54.171.42.33 54.171.42.33	16509 (AMAZON-02) (AMAZON-02)
25	5

18 34.106.118.238 (Salt Lake City, United States)

ASN15169 (GOOGLE, US)
PTR: 238.118.106.34.bc.googleusercontent.com

valleyspiritusa.dynserv.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.32.153.45 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-153-45.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.135.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-135-179.eu-west-1.compute.amazonaws.com

bbandt.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

sstats.bbt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.bbt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.42.33 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-42-33.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	dynserv.org valleyspiritusa.dynserv.org	1 MB
4	demdex.net 1 redirects dpm.demdex.net bbandt.demdex.net	6 KB
2	bbt.com sstats.bbt.com stats.bbt.com	1 KB
2	adobedtm.com assets.adobedtm.com	14 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
25	5

	Domain	Requested by
18	valleyspiritusa.dynserv.org	valleyspiritusa.dynserv.org
3	dpm.demdex.net	1 redirects valleyspiritusa.dynserv.org
2	assets.adobedtm.com	valleyspiritusa.dynserv.org
1	stats.bbt.com	valleyspiritusa.dynserv.org
1	cm.everesttech.net	1 redirects
1	sstats.bbt.com	valleyspiritusa.dynserv.org
1	bbandt.demdex.net	valleyspiritusa.dynserv.org
25	7

This site contains links to these domains. Also see Links.

Domain
bank.bbt.com

Subject Issuer	Validity	Valid
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
sstats.bbt.com DigiCert SHA2 Secure Server CA	`2019-11-22` - `2021-11-22`	2 years	crt.sh

This page contains 2 frames:

Primary Page: http://valleyspiritusa.dynserv.org/page2.html
Frame ID: 170DD438A2B679D25E55DD35833C0F62
Requests: 24 HTTP requests in this frame

Frame: https://bbandt.demdex.net/dest5.html?d_nsid=0
Frame ID: A842B83B38BE373F6DEE6D1844C76C64
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Adobe DTM (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/assets.adobedtm.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

25
Requests

24 %
HTTPS

17 %
IPv6

5
Domains

7
Subdomains

5
IPs

4
Countries

1073 kB
Transfer

1093 kB
Size

3
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://bank.bbt.com/bbtpassreset/bbtuseridreset/accountidentification.do#content-wrapper
Title: Skip Navigation

Search URL Search Domain Scan URL

URL: https://bank.bbt.com/bbtpassreset/bbtuseridreset/accountidentification.do#contFlowIcon

Search URL Search Domain Scan URL

URL: https://bank.bbt.com/bbtpassreset/bbtuseridreset/accountidentification.do#leaveFlowButton
Title: Yes Leave page and no changes are made.

Search URL Search Domain Scan URL

URL: https://bank.bbt.com/bbtpassreset/bbtuseridreset/accountidentification.do#contFlowButton
Title: No click to close window and return to Page

Search URL Search Domain Scan URL

URL: https://bank.bbt.com/bbtpassreset/bbtuseridreset/accountidentification.do#contFlowLink
Title: Click to Close Window

Search URL Search Domain Scan URL

URL: https://bank.bbt.com/bbtpassreset/bbtuseridreset/accountidentification.do#_

Search URL Search Domain Scan URL

URL: https://bank.bbt.com/bbtpassreset/bbtuseridreset/logoffuseridrst.do
Title: Leave Pageand no changes saved

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=135D34FA53DA9B160A490D44%40AdobeOrg&d_nsid=0&ts=1625880472421 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=135D34FA53DA9B160A490D44%40AdobeOrg&d_nsid=0&ts=1625880472421

Request Chain 19

https://cm.everesttech.net/cm/dd?d_uuid=48322525604076119542616955058497041343 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YOj3mAAAAMgYjR0T

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request page2.html Show response
valleyspiritusa.dynserv.org/ 15 KB
15 KB 281ms
256ms Document
text/html 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/page2.html
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 9c1dec5541627f9832fab81701ed4f2ed53701d9828e0c40f5553d2f4d124bdb

Request headers

Host: valleyspiritusa.dynserv.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:51 GMT
Server: Apache
Last-Modified: Mon, 31 May 2021 04:40:22 GMT
Accept-Ranges: bytes
Content-Length: 14952
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK jquery-1.9.1.min.js.download Show response
valleyspiritusa.dynserv.org/next/ 97 KB
98 KB 265ms
258ms Script
application/javascript 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/next/jquery-1.9.1.min.js.download
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/page2.html
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 754739f717dea0a4a759313c0fa9aa864761426b671e01aa609c903c3bc74f18

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://valleyspiritusa.dynserv.org/page2.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://valleyspiritusa.dynserv.org/page2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:51 GMT
Last-Modified: Thu, 15 Apr 2021 16:37:42 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 99829

GET
H/1.1 200
OK jquery.mask.js.download Show response
valleyspiritusa.dynserv.org/next/ 16 KB
16 KB 264ms
257ms Script
application/javascript 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/next/jquery.mask.js.download
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/page2.html
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 52e13531849e2eb1d9580a63b400b2c6512b2119dd42657e61c84a1c324f7ec3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://valleyspiritusa.dynserv.org/page2.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://valleyspiritusa.dynserv.org/page2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:51 GMT
Last-Modified: Thu, 15 Apr 2021 16:37:42 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15874

GET
H/1.1 200
OK launch-EN98a9ba6c8b7b4584946ffeeb9f2bac9d.min.js.download Show response
valleyspiritusa.dynserv.org/next/ 393 KB
394 KB 263ms
256ms Script
application/javascript 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/next/launch-EN98a9ba6c8b7b4584946ffeeb9f2bac9d.min.js.download
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/page2.html
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 24d1f129758088ded55c43ace0e8462244b3cd91f832f84e635fdc7ae75acceb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://valleyspiritusa.dynserv.org/page2.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://valleyspiritusa.dynserv.org/page2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:51 GMT
Last-Modified: Thu, 15 Apr 2021 16:37:42 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 402751

GET
H/1.1 200
OK AppMeasurement.min.js.download Show response
valleyspiritusa.dynserv.org/next/ 33 KB
33 KB 131ms
131ms Script
application/javascript 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/next/AppMeasurement.min.js.download
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/page2.html
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://valleyspiritusa.dynserv.org/page2.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://valleyspiritusa.dynserv.org/page2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:52 GMT
Last-Modified: Thu, 15 Apr 2021 16:37:42 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 33462

GET
H/1.1 200
OK AppMeasurement_Module_ActivityMap.min.js.download Show response
valleyspiritusa.dynserv.org/next/ 3 KB
3 KB 133ms
132ms Script
application/javascript 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/next/AppMeasurement_Module_ActivityMap.min.js.download
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/page2.html
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://valleyspiritusa.dynserv.org/page2.html
Cookie: AMCV_135D34FA53DA9B160A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18819%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://valleyspiritusa.dynserv.org/page2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:52 GMT
Last-Modified: Thu, 15 Apr 2021 16:37:42 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3303

GET
H/1.1 200
OK WAnalytics10122019.js.download Show response
valleyspiritusa.dynserv.org/next/ 10 KB
10 KB 251ms
131ms Script
application/javascript 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/next/WAnalytics10122019.js.download
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/page2.html
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: f301a98472daddd9aae7dc83d3d8c5be7ebc31dc3ba22e2673e511e531ca10d3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://valleyspiritusa.dynserv.org/page2.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://valleyspiritusa.dynserv.org/page2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:51 GMT
Last-Modified: Thu, 15 Apr 2021 16:37:42 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9748

GET
H/1.1 200
OK overview_v1.css
valleyspiritusa.dynserv.org/next/ 79 KB
79 KB 263ms
257ms Stylesheet
text/css 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/next/overview_v1.css
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/page2.html
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: bb4482d252af40dce2f4f1a550756c9bd98ecfb7230cefef4e53571f262d3109

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://valleyspiritusa.dynserv.org/page2.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://valleyspiritusa.dynserv.org/page2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:51 GMT
Last-Modified: Thu, 15 Apr 2021 16:37:42 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 81159

GET
H/1.1 200
OK styles_v1.css
valleyspiritusa.dynserv.org/next/ 315 KB
316 KB 264ms
258ms Stylesheet
text/css 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/next/styles_v1.css
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/page2.html
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 177d679046c2862770d537dc4e7ced86f97f44cd290e3298df2317058d3d5484

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://valleyspiritusa.dynserv.org/page2.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://valleyspiritusa.dynserv.org/page2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:51 GMT
Last-Modified: Thu, 15 Apr 2021 16:37:42 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 323058

GET
H/1.1 200
OK alert.png
valleyspiritusa.dynserv.org/next/ 2 KB
2 KB 132ms
131ms Image
image/png 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://valleyspiritusa.dynserv.org/next/alert.png
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/page2.html
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: c27b9d5725813c610593aae646532de8613972fb42e29addc464d1fe81a03e71

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://valleyspiritusa.dynserv.org/page2.html
Cookie: AMCV_135D34FA53DA9B160A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18819%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://valleyspiritusa.dynserv.org/page2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:52 GMT
Last-Modified: Thu, 15 Apr 2021 16:37:40 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2062

GET
H/1.1 200
OK passrst-script_v1.js.download Show response
valleyspiritusa.dynserv.org/next/ 82 KB
82 KB 133ms
132ms Script
application/javascript 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/next/passrst-script_v1.js.download
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/page2.html
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: 0ad03d29ddccb578e4836c5463d15814132a481f601d79909537eec07d393810

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://valleyspiritusa.dynserv.org/page2.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://valleyspiritusa.dynserv.org/page2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:52 GMT
Last-Modified: Thu, 15 Apr 2021 16:37:42 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 83673

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=135D34FA53DA9B160A490D44%40AdobeOrg&d_nsid=0&ts=1625880472421
https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=135D34FA53DA9B160A490D44%40AdobeOrg&d_nsid=0&ts=1625880472421

365 B
1 KB

31ms
31ms

XHR
application/json

63.32.153.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=135D34FA53DA9B160A490D44%40AdobeOrg&d_nsid=0&ts=1625880472421

Requested by

Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/page2.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.153.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-153-45.eu-west-1.compute.amazonaws.com

Software

Resource Hash

fbf4bbedd6e97c2432ca60b3122275b381166ed59a89b5f734c016dbd61bb953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://valleyspiritusa.dynserv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-0ebff4e77.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: rnb9I9EjSI8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://valleyspiritusa.dynserv.org
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 308
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v012-03bf80bc5.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: http://valleyspiritusa.dynserv.org
X-TID: /xQ+QNHhTbs=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=135D34FA53DA9B160A490D44%40AdobeOrg&d_nsid=0&ts=1625880472421
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 19ms
6ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/next/launch-EN98a9ba6c8b7b4584946ffeeb9f2bac9d.min.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Referer: http://valleyspiritusa.dynserv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 01:27:52 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://valleyspiritusa.dynserv.org
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Sat, 10 Jul 2021 02:27:52 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 23ms
10ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/next/launch-EN98a9ba6c8b7b4584946ffeeb9f2bac9d.min.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Referer: http://valleyspiritusa.dynserv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 01:27:52 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://valleyspiritusa.dynserv.org
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Sat, 10 Jul 2021 02:27:52 GMT

GET
H/1.1 200
OK print.css
valleyspiritusa.dynserv.org/next/ 5 KB
5 KB 132ms
131ms Stylesheet
text/css 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/next/print.css
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/page2.html
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: aa5ba3a07a3970664e8c4280188a2ccf47a5775dead3595afe24d8351a377f0f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://valleyspiritusa.dynserv.org/page2.html
Cookie: AMCV_135D34FA53DA9B160A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18819%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Referer: http://valleyspiritusa.dynserv.org/page2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:52 GMT
Last-Modified: Thu, 15 Apr 2021 16:37:42 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4996

GET
H/1.1 404
Not Found sourcesanspro-regular-webfont.woff
valleyspiritusa.dynserv.org/next/fonts/ 0
0 130ms
130ms Font
text/html 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/next/fonts/sourcesanspro-regular-webfont.woff
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/next/overview_v1.css
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Origin: http://valleyspiritusa.dynserv.org
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://valleyspiritusa.dynserv.org/next/overview_v1.css
Cookie: AMCV_135D34FA53DA9B160A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18819%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Origin: http://valleyspiritusa.dynserv.org
Referer: http://valleyspiritusa.dynserv.org/next/overview_v1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:52 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-semibold-webfont.woff
valleyspiritusa.dynserv.org/next/fonts/ 0
0 225ms
131ms Font
text/html 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/next/fonts/sourcesanspro-semibold-webfont.woff
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/next/overview_v1.css
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Origin: http://valleyspiritusa.dynserv.org
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://valleyspiritusa.dynserv.org/next/overview_v1.css
Cookie: AMCV_135D34FA53DA9B160A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18819%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Origin: http://valleyspiritusa.dynserv.org
Referer: http://valleyspiritusa.dynserv.org/next/overview_v1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:52 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-bold-webfont.woff
valleyspiritusa.dynserv.org/next/fonts/ 0
0 227ms
131ms Font
text/html 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/next/fonts/sourcesanspro-bold-webfont.woff
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/next/overview_v1.css
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Origin: http://valleyspiritusa.dynserv.org
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://valleyspiritusa.dynserv.org/next/overview_v1.css
Cookie: AMCV_135D34FA53DA9B160A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18819%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Origin: http://valleyspiritusa.dynserv.org
Referer: http://valleyspiritusa.dynserv.org/next/overview_v1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:52 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK dest5.html Show response
bbandt.demdex.net/ Frame A842 7 KB
3 KB 124ms
30ms Document
text/html 52.30.135.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbandt.demdex.net/dest5.html?d_nsid=0

Requested by

Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/next/launch-EN98a9ba6c8b7b4584946ffeeb9f2bac9d.min.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.135.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-135-179.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: bbandt.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://valleyspiritusa.dynserv.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=48322525604076119542616955058497041343
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://valleyspiritusa.dynserv.org/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sat, 10 Jul 2021 01:27:52 GMT
DCS: dcs-prod-irl1-2-v012-053bbcc6f.edge-irl1.demdex.com 6.3.1.20210623115127
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 2 Jul 2021 08:59:53 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: S5kEfhoMQdg=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
sstats.bbt.com/ 48 B
513 B 86ms
21ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sstats.bbt.com/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=135D34FA53DA9B160A490D44%40AdobeOrg&mid=48297613121777071502618865759219556611&ts=1625880472547

Requested by

Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/next/launch-EN98a9ba6c8b7b4584946ffeeb9f2bac9d.min.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

6b0a3c096c9f2703bed408543402125c969c480f8acfa9d5e158d43b9cd17d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://valleyspiritusa.dynserv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 10 Jul 2021 01:27:52 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-58944c9887-m2mrn
vary: Origin
x-c: main-1489.I96e1bb.M0-504
p3p: CP="This is not a P3P policy"
access-control-allow-origin: http://valleyspiritusa.dynserv.org
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YOj3mAAAAMgYjR0T
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=48322525604076119542616955058497041343
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YOj3mAAAAMgYjR0T

42 B
956 B

31ms
31ms

Image
image/gif

63.32.153.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YOj3mAAAAMgYjR0T

Requested by

Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/page2.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.32.153.45 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-153-45.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: http://valleyspiritusa.dynserv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v012-070ade798.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: C+u9o9T2QGM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YOj3mAAAAMgYjR0T
Date: Sat, 10 Jul 2021 01:27:52 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1 404
Not Found sourcesanspro-regular-webfont.ttf
valleyspiritusa.dynserv.org/next/fonts/ 0
0 131ms
130ms Font
text/html 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/next/fonts/sourcesanspro-regular-webfont.ttf
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/next/overview_v1.css
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Origin: http://valleyspiritusa.dynserv.org
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://valleyspiritusa.dynserv.org/next/overview_v1.css
Cookie: AMCVS_135D34FA53DA9B160A490D44%40AdobeOrg=1; AMCV_135D34FA53DA9B160A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18819%7CMCMID%7C48297613121777071502618865759219556611%7CMCAAMLH-1626485272%7C6%7CMCAAMB-1626485272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1625887672s%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Origin: http://valleyspiritusa.dynserv.org
Referer: http://valleyspiritusa.dynserv.org/next/overview_v1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:52 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-semibold-webfont.ttf
valleyspiritusa.dynserv.org/next/fonts/ 0
0 131ms
131ms Font
text/html 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/next/fonts/sourcesanspro-semibold-webfont.ttf
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/next/overview_v1.css
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Origin: http://valleyspiritusa.dynserv.org
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://valleyspiritusa.dynserv.org/next/overview_v1.css
Cookie: AMCVS_135D34FA53DA9B160A490D44%40AdobeOrg=1; AMCV_135D34FA53DA9B160A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18819%7CMCMID%7C48297613121777071502618865759219556611%7CMCAAMLH-1626485272%7C6%7CMCAAMB-1626485272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1625887672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Origin: http://valleyspiritusa.dynserv.org
Referer: http://valleyspiritusa.dynserv.org/next/overview_v1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:52 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found sourcesanspro-bold-webfont.ttf
valleyspiritusa.dynserv.org/next/fonts/ 0
0 132ms
132ms Font
text/html 34.106.118.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://valleyspiritusa.dynserv.org/next/fonts/sourcesanspro-bold-webfont.ttf
Requested by: Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/next/overview_v1.css
Protocol: HTTP/1.1
Server: 34.106.118.238 Salt Lake City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 238.118.106.34.bc.googleusercontent.com
Software: Apache /
Resource Hash

Request headers

Pragma: no-cache
Origin: http://valleyspiritusa.dynserv.org
Accept-Encoding: gzip, deflate
Host: valleyspiritusa.dynserv.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://valleyspiritusa.dynserv.org/next/overview_v1.css
Cookie: AMCVS_135D34FA53DA9B160A490D44%40AdobeOrg=1; AMCV_135D34FA53DA9B160A490D44%40AdobeOrg=-1124106680%7CMCIDTS%7C18819%7CMCMID%7C48297613121777071502618865759219556611%7CMCAAMLH-1626485272%7C6%7CMCAAMB-1626485272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1625887672s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
Connection: keep-alive
Cache-Control: no-cache
Origin: http://valleyspiritusa.dynserv.org
Referer: http://valleyspiritusa.dynserv.org/next/overview_v1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 10 Jul 2021 01:27:52 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK s46779552372404
stats.bbt.com/b/ss/bbtdevall/1/JS-2.22.0-LBQ1/ 43 B
599 B 75ms
38ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://stats.bbt.com/b/ss/bbtdevall/1/JS-2.22.0-LBQ1/s46779552372404?AQB=1&ndh=1&pf=1&t=10%2F6%2F2021%203%3A27%3A52%206%20-120&mid=48297613121777071502618865759219556611&aamlh=6&ce=UTF-8&pageName=unknownsite%3Apage2&g=http%3A%2F%2Fvalleyspiritusa.dynserv.org%2Fpage2.html&cc=USD&ch=unknownsite%3Apage2&server=unknownsite&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&h1=unknownsite%3Apage2&c2=D%3Dv29&c4=D%3Dv39&c5=unknown&c6=New&c7=D%3Dv30&c9=D%3Dv9&c21=D%3DpageName&c22=D%3Dl1&v24=9%3A27%20PM%7CFriday&c32=D%3Dv24&v32=unknownsite%3Apage2&c33=D%3Dc17&v33=unknownsite%3Apage2%3Ano_tracking_code%3Awithout_caseid&v39=http%3A%2F%2Fvalleyspiritusa.dynserv.org%2Fpage2.html&c44=D%3Dv41&c46=D%3Dv85&v47=D%3DpageName&c49=D%3Dv49&c59=D%3Dv59&v59=EN&c70=D%3Dv38&c73=D%3Dv73&v73=D%3Dmid&c74=AppMeasurement%202.22.0&v77=DCR%20trackPageObject%28%29&v82=bbt%20u%20web%7Cproduction%7C2021-03-13T06%3A29%3A04Z&v84=http%3A%2F%2Fvalleyspiritusa.dynserv.org%2Fpage2.html&v85=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=135D34FA53DA9B160A490D44%40AdobeOrg&AQE=1

Requested by

Host: valleyspiritusa.dynserv.org
URL: http://valleyspiritusa.dynserv.org/page2.html

Protocol

HTTP/1.1

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://valleyspiritusa.dynserv.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 01:27:52 GMT
x-content-type-options: nosniff
x-c: main-1489.I96e1bb.M0-504
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Sun, 11 Jul 2021 01:27:52 GMT
server: jag
xserver: anedge-58944c9887-xcpk2
etag: 3491551728034185216-4619878894331187247
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Fri, 09 Jul 2021 01:27:52 GMT

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 23:57:12	Name: demdex Value: 48322525604076119542616955058497041343
.valleyspiritusa.dynserv.org/	1970-01-20 13:09:12	Name: AMCV_135D34FA53DA9B160A490D44%40AdobeOrg Value: -1124106680%7CMCIDTS%7C18819%7CMCMID%7C48297613121777071502618865759219556611%7CMCAAMLH-1626485272%7C6%7CMCAAMB-1626485272%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1625887672s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18826%7CvVersion%7C5.2.0
.valleyspiritusa.dynserv.org/	1969-12-31 23:59:59	Name: AMCVS_135D34FA53DA9B160A490D44%40AdobeOrg Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://valleyspiritusa.dynserv.org/next/passrst-script_v1.js.download(Line 1196) Message: ssn typing

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
bbandt.demdex.net
cm.everesttech.net
dpm.demdex.net
sstats.bbt.com
stats.bbt.com
valleyspiritusa.dynserv.org
15.188.95.229
2a02:26f0:6c00:28a::1e80
34.106.118.238
52.30.135.179
54.171.42.33
63.32.153.45
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
0ad03d29ddccb578e4836c5463d15814132a481f601d79909537eec07d393810
177d679046c2862770d537dc4e7ced86f97f44cd290e3298df2317058d3d5484
24d1f129758088ded55c43ace0e8462244b3cd91f832f84e635fdc7ae75acceb
52e13531849e2eb1d9580a63b400b2c6512b2119dd42657e61c84a1c324f7ec3
6b0a3c096c9f2703bed408543402125c969c480f8acfa9d5e158d43b9cd17d3f
754739f717dea0a4a759313c0fa9aa864761426b671e01aa609c903c3bc74f18
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
9c1dec5541627f9832fab81701ed4f2ed53701d9828e0c40f5553d2f4d124bdb
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
aa5ba3a07a3970664e8c4280188a2ccf47a5775dead3595afe24d8351a377f0f
bb4482d252af40dce2f4f1a550756c9bd98ecfb7230cefef4e53571f262d3109
c27b9d5725813c610593aae646532de8613972fb42e29addc464d1fe81a03e71
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f301a98472daddd9aae7dc83d3d8c5be7ebc31dc3ba22e2673e511e531ca10d3
fbf4bbedd6e97c2432ca60b3122275b381166ed59a89b5f734c016dbd61bb953

valleyspiritusa.dynserv.org Open in urlscan Pro 34.106.118.238 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

25 Requests

24 %HTTPS

17 %IPv6

5 Domains

7 Subdomains

5 IPs

4 Countries

1073 kBTransfer

1093 kBSize

3 Cookies

7 Outgoing links

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

3 Cookies

1 Console Messages

Indicators

valleyspiritusa.dynserv.org Open in urlscan Pro
34.106.118.238 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

24 %
HTTPS

17 %
IPv6

5
Domains

7
Subdomains

5
IPs

4
Countries

1073 kB
Transfer

1093 kB
Size

3
Cookies

25 HTTP transactions
0 data transactions