urlscan.io logo urlscan.io
SecurityTrails logo

l1nc8hyvxmizarb.000webhostapp.com Open in urlscan Pro
2a02:4780:dead:cdcd::1  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://v.ht/tBzEU?Home-Facebook-Confirmation
Effective URL: https://l1nc8hyvxmizarb.000webhostapp.com/index.php
Submission: On December 03 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 22 HTTP transactions. The main IP is 2a02:4780:dead:cdcd::1, located in United States and belongs to AWEX, CY. The main domain is l1nc8hyvxmizarb.000webhostapp.com.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on August 4th 2022. Valid for: a year.
This is the only time l1nc8hyvxmizarb.000webhostapp.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

1    69.61.26.123 (Atlanta, United States)

ASN22653 (GLOBALCOMPASS, US)
v.ht
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ee481a4749572d738d23b3c36f0c5dbc.safeframe.googlesyndication.com
6    2a02:4780:dead:cdcd::1 (United States)

ASN204915 (AWEX, CY)
l1nc8hyvxmizarb.000webhostapp.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2606:4700::6813:b878 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.000webhost.com
Apex Domain
Subdomains		 Transfer
6 000webhostapp.com
l1nc8hyvxmizarb.000webhostapp.com
50 KB
3 googlesyndication.com
ee481a4749572d738d23b3c36f0c5dbc.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
21 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 189
132 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
1 000webhost.com
cdn.000webhost.com — Cisco Umbrella Rank: 142485
2 KB
1 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com Failed
549 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8649
792 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
43 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 182
27 KB
1 v.ht
v.ht
2 KB
22 10
Domain Requested by
6 l1nc8hyvxmizarb.000webhostapp.com v.ht
l1nc8hyvxmizarb.000webhostapp.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 cdn.000webhost.com l1nc8hyvxmizarb.000webhostapp.com
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
1 pagead2.googlesyndication.com securepubads.g.doubleclick.net
1 ee481a4749572d738d23b3c36f0c5dbc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.googletagmanager.com v.ht
1 www.googletagservices.com v.ht
1 v.ht
0 www.google.com Failed tpc.googlesyndication.com
22 13

This site contains links to these domains. Also see Links.

Domain
www.000webhost.com
Subject Issuer Validity Valid
www.v.ht
R3		 2022-12-01 -
2023-03-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.000webhostapp.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-08-04 -
2023-07-10		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.000webhost.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-17 -
2023-01-13		 a year crt.sh

This page contains 4 frames:

Primary Page: https://l1nc8hyvxmizarb.000webhostapp.com/index.php
Frame ID: 2E12C202F32A2B9E669E1201EDDD62F3
Requests: 19 HTTP requests in this frame

Frame: https://ee481a4749572d738d23b3c36f0c5dbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 700A3FDF826A2CE08F9C2AB6B42AD58C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B27BBC22E3EBDC73A0E1F1FA91E09187
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C3FA1A71E780119DDB404C4AC19338E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

User Safety

Page URL History Show full URLs

  1. https://v.ht/tBzEU?Home-Facebook-Confirmation Page URL
  2. https://l1nc8hyvxmizarb.000webhostapp.com/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

22
Requests

91 %
HTTPS

92 %
IPv6

10
Domains

13
Subdomains

13
IPs

2
Countries

299 kB
Transfer

781 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://v.ht/tBzEU?Home-Facebook-Confirmation Page URL
  2. https://l1nc8hyvxmizarb.000webhostapp.com/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
tBzEU
v.ht/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v.ht/tBzEU?Home-Facebook-Confirmation
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.61.26.123 Atlanta, United States, ASN22653 (GLOBALCOMPASS, US),
Reverse DNS
Software
Hotcores.com /
Resource Hash
867949534e406d003c07df9dfc6d48deee89e36e721a987f3a8e1d3915d014a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Date
Sat, 03 Dec 2022 13:26:38 GMT
I-AM
Gamma
Pragma
no-cache
Server
Hotcores.com
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Robots-Tag
noindex, nofollow
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: v.ht
URL: https://v.ht/tBzEU?Home-Facebook-Confirmation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9fe733f72e1cfd0005caaea2e7bc5f9162dd769c3a8f6231f79586e4a37ef1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27505
x-xss-protection
0
server
sffe
etag
"1410 / 588 of 1000 / last-modified: 1670022507"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 03 Dec 2022 13:30:29 GMT
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31510493-3
Requested by
Host: v.ht
URL: https://v.ht/tBzEU?Home-Facebook-Confirmation
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f51ce6dea7fdeb051fef3ed0b77cb7a06a03b07a57a07c7c10d9d65bb3834615
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43656
x-xss-protection
0
last-modified
Sat, 03 Dec 2022 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 03 Dec 2022 13:30:29 GMT
pubads_impl_2022113001.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071115
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
728e669b9c7cb9efcdc7fd22a9b2250ea2f9ea278392fd8f48cdc40f1946944e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 08:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16732
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133236
x-xss-protection
0
last-modified
Wed, 30 Nov 2022 09:36:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 03 Dec 2023 08:51:37 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		37 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=v.ht
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
603ef6552aebe435b9c89ce14e83dee4b378439ebb379d1c288ad370d384a0f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37
x-xss-protection
0
expires
Sat, 03 Dec 2022 13:30:29 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 03 Dec 2022 13:24:40 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
349
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 03 Dec 2022 15:24:40 GMT
collect
www.google-analytics.com/j/ 		1 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1539742327&t=pageview&_s=1&dl=https%3A%2F%2Fv.ht%2FtBzEU%3FHome-Facebook-Confirmation&ul=en-us&de=UTF-8&dt=tBzEU&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=875888791&gjid=692169869&cid=1086550629.1670074230&tid=UA-31510493-3&_gid=548196129.1670074230&_r=1&gtm=2oubu0&z=1177933795
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://v.ht/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Dec 2022 13:30:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://v.ht
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=v.ht
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=v.ht
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		676 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3257876158645985&correlator=1784229713324089&eid=31071115%2C44777900&output=ldjh&gdfp_req=1&vrg=2022113001&ptt=17&impl=fif&iu_parts=5837603%2CVht_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&ifi=1&adks=495576698&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1670074229692&lmt=1670074229&dlt=1670074229208&idt=457&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fv.ht%2FtBzEU%3FHome-Facebook-Confirmation&frm=20&vis=1&psz=300x63&msz=0x0&fws=128&ohw=0&ga_vid=1086550629.1670074230&ga_sid=1670074230&ga_hid=1539742327&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e39c405e1184bfbb1301407202d5f31143e15e89c71e8696883d8d490e13f463
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
354
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://v.ht
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ee481a4749572d738d23b3c36f0c5dbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 700A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ee481a4749572d738d23b3c36f0c5dbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://v.ht/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 13:30:29 GMT
expires
Sun, 03 Dec 2023 13:30:29 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Primary Request index.php
l1nc8hyvxmizarb.000webhostapp.com/ 		16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://l1nc8hyvxmizarb.000webhostapp.com/index.php
Requested by
Host: v.ht
URL: https://v.ht/tBzEU?Home-Facebook-Confirmation
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:cdcd::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
87a4a5de4dfb0437bcf3f7d7c5e56d8a163736f24f2d871d13b9eefed3e94d28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://v.ht/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 03 Dec 2022 13:30:30 GMT
server
awex
x-content-type-options
nosniff
x-request-id
b87fa5a309f8613b4dd75027c72d8182
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022113001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11022
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 03 Dec 2022 13:30:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B27B 		0
0
aframe
www.google.com/recaptcha/api2/ Frame C3FA 		0
0
dindingdalam2.css
l1nc8hyvxmizarb.000webhostapp.com/rsrc.php/css/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://l1nc8hyvxmizarb.000webhostapp.com/rsrc.php/css/dindingdalam2.css?_nc_x=Rec0v3r
Requested by
Host: l1nc8hyvxmizarb.000webhostapp.com
URL: https://l1nc8hyvxmizarb.000webhostapp.com/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:cdcd::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
002f859c6179ccc09849ca5525ce62d51bc4afd20af9859afba62a99664e3c51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l1nc8hyvxmizarb.000webhostapp.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 30 Nov 2022 02:40:56 GMT
server
awex
content-type
text/css
x-xss-protection
1; mode=block
x-request-id
847616c0ddf1837313fe3a579817dbd6
dindingdalam1.css
l1nc8hyvxmizarb.000webhostapp.com/rsrc.php/css/ 		28 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://l1nc8hyvxmizarb.000webhostapp.com/rsrc.php/css/dindingdalam1.css?_nc_x=Rec0v3r
Requested by
Host: l1nc8hyvxmizarb.000webhostapp.com
URL: https://l1nc8hyvxmizarb.000webhostapp.com/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:cdcd::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
833b1fafbca85d54df80edab02d96f76ce3c2aae6ac5225cbe88d5287d64b53d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l1nc8hyvxmizarb.000webhostapp.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 30 Nov 2022 02:40:56 GMT
server
awex
content-type
text/css
x-xss-protection
1; mode=block
x-request-id
2772dde5dcc652d6a5c0481e9e80e405
dindingdalam.css
l1nc8hyvxmizarb.000webhostapp.com/rsrc.php/css/ 		34 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://l1nc8hyvxmizarb.000webhostapp.com/rsrc.php/css/dindingdalam.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: l1nc8hyvxmizarb.000webhostapp.com
URL: https://l1nc8hyvxmizarb.000webhostapp.com/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:cdcd::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
11e642a0429cebfccffa9deec1f28c57ac174f0d10defc83f3441bf6fb8ceb82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l1nc8hyvxmizarb.000webhostapp.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 30 Nov 2022 02:40:56 GMT
server
awex
content-type
text/css
x-xss-protection
1; mode=block
x-request-id
ee3803be272d55dd3ab66bfc8ab1e81e
logoup.svg
l1nc8hyvxmizarb.000webhostapp.com/rsrc.php/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l1nc8hyvxmizarb.000webhostapp.com/rsrc.php/logoup.svg
Requested by
Host: l1nc8hyvxmizarb.000webhostapp.com
URL: https://l1nc8hyvxmizarb.000webhostapp.com/index.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:cdcd::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l1nc8hyvxmizarb.000webhostapp.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 30 Nov 2022 02:40:17 GMT
server
awex
content-type
image/svg+xml
x-xss-protection
1; mode=block
x-request-id
bc631208d66c896079430e8f01328f7c
footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png
Requested by
Host: l1nc8hyvxmizarb.000webhostapp.com
URL: https://l1nc8hyvxmizarb.000webhostapp.com/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b878 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l1nc8hyvxmizarb.000webhostapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:30 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
cf-cache-status
HIT
age
6882
cf-polished
origFmt=png, origSize=2046
content-disposition
inline; filename="footer-powered-by-000webhost-white2.webp"
x-hostinger-datacenter
srv
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1696
x-xss-protection
1; mode=block
cf-bgj
imgq:100,h2pri
last-modified
Thu, 24 Nov 2022 08:04:16 GMT
server
cloudflare
etag
"637f2580-7fe"
vary
Accept
x-frame-options
sameorigin
content-type
image/webp
cache-control
public, max-age=14400
x-hostinger-node
nl-srv-cdn1
accept-ranges
bytes
cf-ray
773ca844f8ff5c44-FRA
expires
Sat, 03 Dec 2022 17:30:30 GMT
NPC1-PQL6zh.png
l1nc8hyvxmizarb.000webhostapp.com/rsrc.php/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l1nc8hyvxmizarb.000webhostapp.com/rsrc.php/NPC1-PQL6zh.png
Requested by
Host: l1nc8hyvxmizarb.000webhostapp.com
URL: https://l1nc8hyvxmizarb.000webhostapp.com/rsrc.php/css/dindingdalam.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:cdcd::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
cb4adc9d6dc480e03f4b510d146d4fc3b0c4c3c900894d0f85b3a5b18947c0f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://l1nc8hyvxmizarb.000webhostapp.com/rsrc.php/css/dindingdalam.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date
Sat, 03 Dec 2022 13:30:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 30 Nov 2022 02:40:18 GMT
server
awex
content-type
image/png
accept-ranges
bytes
content-length
20334
x-xss-protection
1; mode=block
x-request-id
711e4911d86e3eba7405cfd7aab7755e

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/aframe

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| mousedwn function| getCookie undefined| wordpressAdminBody object| notification object| hostingerLogo undefined| mainContent undefined| googleFont undefined| css undefined| style undefined| sheet undefined| button undefined| link undefined| mainContentHolder undefined| h1Tag undefined| h2Tag undefined| paragraph undefined| list undefined| org_html undefined| new_html undefined| saleImage

6 Cookies

Domain/Path Name / Value
.v.ht/ Name: _ga
Value: GA1.2.1086550629.1670074230
.v.ht/ Name: _gid
Value: GA1.2.548196129.1670074230
.v.ht/ Name: _gat_gtag_UA_31510493_3
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.v.ht/ Name: __gads
Value: ID=b0fc858d7291e834:T=1670074229:S=ALNI_Mal_2cUj68-9XvrSN_80Aa_Qs7d4Q
.v.ht/ Name: __gpi
Value: UID=00000b2b548ee0c6:T=1670074229:RT=1670074229:S=ALNI_MYzIQ1M0y5ElVAeIj1OiswmnY1VyA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.000webhost.com
ee481a4749572d738d23b3c36f0c5dbc.safeframe.googlesyndication.com
l1nc8hyvxmizarb.000webhostapp.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
v.ht
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
tpc.googlesyndication.com
www.google.com
2606:4700::6813:b878
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a02:4780:dead:cdcd::1
69.61.26.123
002f859c6179ccc09849ca5525ce62d51bc4afd20af9859afba62a99664e3c51
11e642a0429cebfccffa9deec1f28c57ac174f0d10defc83f3441bf6fb8ceb82
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
603ef6552aebe435b9c89ce14e83dee4b378439ebb379d1c288ad370d384a0f2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
728e669b9c7cb9efcdc7fd22a9b2250ea2f9ea278392fd8f48cdc40f1946944e
833b1fafbca85d54df80edab02d96f76ce3c2aae6ac5225cbe88d5287d64b53d
867949534e406d003c07df9dfc6d48deee89e36e721a987f3a8e1d3915d014a0
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
87a4a5de4dfb0437bcf3f7d7c5e56d8a163736f24f2d871d13b9eefed3e94d28
9531e96099e973b3d1c291f3e60419d8fe4730f46de8a492fccd2b4c962c96ce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b9fe733f72e1cfd0005caaea2e7bc5f9162dd769c3a8f6231f79586e4a37ef1e
cb4adc9d6dc480e03f4b510d146d4fc3b0c4c3c900894d0f85b3a5b18947c0f9
e39c405e1184bfbb1301407202d5f31143e15e89c71e8696883d8d490e13f463
f51ce6dea7fdeb051fef3ed0b77cb7a06a03b07a57a07c7c10d9d65bb3834615