urlscan.io logo urlscan.io
SecurityTrails logo

haksaigho.com Open in urlscan Pro
139.45.197.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dragonorders.com/loading/blockfilter.php?extid=adakfdcjddkdjolfgopncdandijkdlde&p=9200&v=400&url=https://www.tren...
Effective URL: https://haksaigho.com/?b=15727546&ba=1&campid=6323526&did=2&dm=0&ep=1&fp=0&g=DE&i18db=1&l=GTcdOYaHegWVtMq&oaid=ae6a36c...
Submission: On September 26 via api from CZ — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 9 domains to perform 8 HTTP transactions. The main IP is 139.45.197.158, located in Ascension Island and belongs to RETN-AS, GB. The main domain is haksaigho.com.
TLS certificate: Issued by R3 on September 11th 2023. Valid for: 3 months.
This is the only time haksaigho.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 37.48.87.182 60781 (LEASEWEB-...)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 139.45.197.239 9002 (RETN-AS)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 139.45.195.253 9002 (RETN-AS)
2 139.45.197.158 9002 (RETN-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
8 6
1    2606:4700:3035::ac43:83e7 (United States)

ASN13335 (CLOUDFLARENET, US)
dragonorders.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    37.48.87.182 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
twnt1.rdtk.io
1    2a06:98c1:3121::3 (United Kingdom)

ASN13335 (CLOUDFLARENET, US)
extappnotifcation.com
1    139.45.197.239 (Ascension Island)

ASN9002 (RETN-AS, GB)
gggtrenks.com
1    2a06:98c1:3120::3 (United Kingdom)

ASN13335 (CLOUDFLARENET, US)
cdntechone.com
1    139.45.195.253 (Ascension Island)

ASN9002 (RETN-AS, GB)
datatechone.com
2    139.45.197.158 (Ascension Island)

ASN9002 (RETN-AS, GB)
haksaigho.com
2    2606:4700:10::6816:1974 (United States)

ASN13335 (CLOUDFLARENET, US)
littlecdn.com
Apex Domain
Subdomains		 Transfer
2 littlecdn.com
littlecdn.com — Cisco Umbrella Rank: 10078
11 KB
2 haksaigho.com
haksaigho.com
5 KB
1 datatechone.com
datatechone.com — Cisco Umbrella Rank: 22356
467 B
1 cdntechone.com
cdntechone.com — Cisco Umbrella Rank: 38651
9 KB
1 gggtrenks.com
gggtrenks.com — Cisco Umbrella Rank: 800751
1 KB
1 extappnotifcation.com
extappnotifcation.com — Cisco Umbrella Rank: 811125
558 B
1 rdtk.io
twnt1.rdtk.io — Cisco Umbrella Rank: 255354
942 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1476
7 KB
1 dragonorders.com
dragonorders.com — Cisco Umbrella Rank: 549172
948 B
8 9
Domain Requested by
2 littlecdn.com haksaigho.com
2 haksaigho.com cdntechone.com
haksaigho.com
1 datatechone.com cdntechone.com
1 cdntechone.com dragonorders.com
1 gggtrenks.com 1 redirects
1 extappnotifcation.com 1 redirects
1 twnt1.rdtk.io 1 redirects
1 static.cloudflareinsights.com dragonorders.com
1 dragonorders.com
8 9

This site contains links to these domains. Also see Links.

Domain
glugreez.com
Subject Issuer Validity Valid
dragonorders.com
E1		 2023-08-20 -
2023-11-18		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
datatechone.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-18 -
2023-12-24		 a year crt.sh
haksaigho.com
R3		 2023-09-11 -
2023-12-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://haksaigho.com/?b=15727546&ba=1&campid=6323526&did=2&dm=0&ep=1&fp=0&g=DE&i18db=1&l=GTcdOYaHegWVtMq&oaid=ae6a36c8f97f4a5cae5ba329eb79ca64&s=730429817503355330&ssk=c3327bef17fe349c0c0855432436d465&svar=1695711622&vi=1&vo=1&z=5532346&tr=default&acb=proxy&axcusid2=Software&axadvid=855334&axcamid=7850
Frame ID: FD671A966F2390224CD12E5A8100BD17
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Norton Antivirus

Page URL History Show full URLs

  1. https://dragonorders.com/loading/blockfilter.php?extid=adakfdcjddkdjolfgopncdandijkdlde&p=9200&v=400&... Page URL
  2. https://twnt1.rdtk.io/6348593e7dc7fd000150aa60 HTTP 302
    https://extappnotifcation.com/reds/?clickid=65128185a0963b00018369ce HTTP 302
    https://gggtrenks.com/link?z=5532346&var=0&ymid=65128185a0963b00018369ce HTTP 302
    https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5532346&axcusid1=0&... Page URL
  3. https://haksaigho.com/?b=15727546&ba=1&campid=6323526&did=2&dm=0&ep=1&fp=0&g=DE&i18db=1&l=GTcdOYaH... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

8
Requests

100 %
HTTPS

56 %
IPv6

9
Domains

9
Subdomains

6
IPs

4
Countries

33 kB
Transfer

72 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dragonorders.com/loading/blockfilter.php?extid=adakfdcjddkdjolfgopncdandijkdlde&p=9200&v=400&url=https://www.trendmicro.com/fr_fr/business.html&guid=60463A04573F4CDBA181321F1F8260C1 Page URL
  2. https://twnt1.rdtk.io/6348593e7dc7fd000150aa60 HTTP 302
    https://extappnotifcation.com/reds/?clickid=65128185a0963b00018369ce HTTP 302
    https://gggtrenks.com/link?z=5532346&var=0&ymid=65128185a0963b00018369ce HTTP 302
    https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5532346&axcusid1=0&clid={ymid}&r=https%3A%2F%2Fhaksaigho.com%2F%3Fb%3D15727546%26ba%3D1%26campid%3D6323526%26did%3D2%26dm%3D0%26ep%3D1%26fp%3D0%26g%3DDE%26i18db%3D1%26l%3DGTcdOYaHegWVtMq%26oaid%3Dae6a36c8f97f4a5cae5ba329eb79ca64%26s%3D730429817503355330%26ssk%3Dc3327bef17fe349c0c0855432436d465%26svar%3D1695711622%26vi%3D1%26vo%3D1%26z%3D5532346%26tr%3Ddefault%26acb%3Dproxy&axcusid2=Software&axadvid=855334&axcamid=7850 Page URL
  3. https://haksaigho.com/?b=15727546&ba=1&campid=6323526&did=2&dm=0&ep=1&fp=0&g=DE&i18db=1&l=GTcdOYaHegWVtMq&oaid=ae6a36c8f97f4a5cae5ba329eb79ca64&s=730429817503355330&ssk=c3327bef17fe349c0c0855432436d465&svar=1695711622&vi=1&vo=1&z=5532346&tr=default&acb=proxy&axcusid2=Software&axadvid=855334&axcamid=7850 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://twnt1.rdtk.io/6348593e7dc7fd000150aa60 HTTP 302
  • https://extappnotifcation.com/reds/?clickid=65128185a0963b00018369ce HTTP 302
  • https://gggtrenks.com/link?z=5532346&var=0&ymid=65128185a0963b00018369ce HTTP 302
  • https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5532346&axcusid1=0&clid={ymid}&r=https%3A%2F%2Fhaksaigho.com%2F%3Fb%3D15727546%26ba%3D1%26campid%3D6323526%26did%3D2%26dm%3D0%26ep%3D1%26fp%3D0%26g%3DDE%26i18db%3D1%26l%3DGTcdOYaHegWVtMq%26oaid%3Dae6a36c8f97f4a5cae5ba329eb79ca64%26s%3D730429817503355330%26ssk%3Dc3327bef17fe349c0c0855432436d465%26svar%3D1695711622%26vi%3D1%26vo%3D1%26z%3D5532346%26tr%3Ddefault%26acb%3Dproxy&axcusid2=Software&axadvid=855334&axcamid=7850

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
blockfilter.php
dragonorders.com/loading/ 		696 B
948 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dragonorders.com/loading/blockfilter.php?extid=adakfdcjddkdjolfgopncdandijkdlde&p=9200&v=400&url=https://www.trendmicro.com/fr_fr/business.html&guid=60463A04573F4CDBA181321F1F8260C1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:83e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74736caa57b79dddbabc4bc7a57b3306898d0ab9854836c776358feeba6818a7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80c9a122db04425e-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 26 Sep 2023 07:00:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mANzxvkKPOA4xzNi9zBMmPgb9j0%2BeStkgQDigZoBvOGAhFfo8gbQrsjQ8%2FPvqGUrwuEmd2uz9IaSR9V%2B6dI%2FSvBjRkvut9bgNcv52MVpgc4Z95%2Bh86qD469KxwvPUjqr6pCpxVHH2ThdQb3lhsjz"}],"group":"cf-nel","max_age":604800}
server
cloudflare
v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by
Host: dragonorders.com
URL: https://dragonorders.com/loading/blockfilter.php?extid=adakfdcjddkdjolfgopncdandijkdlde&p=9200&v=400&url=https://www.trendmicro.com/fr_fr/business.html&guid=60463A04573F4CDBA181321F1F8260C1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://dragonorders.com/
Origin
https://dragonorders.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 07:00:21 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 18:10:27 GMT
server
cloudflare
etag
W/"2023.7.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
80c9a123bfbf03f8-FRA
r.html
cdntechone.com/
Redirect Chain
  • https://twnt1.rdtk.io/6348593e7dc7fd000150aa60
  • https://extappnotifcation.com/reds/?clickid=65128185a0963b00018369ce
  • https://gggtrenks.com/link?z=5532346&var=0&ymid=65128185a0963b00018369ce
  • https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5532346&axcusid1=0&clid={ymid}&r=https%3A%2F%2Fhaksaigho.com%2F%3Fb%3D15727546%26ba%3D1%26campid%3D6323526%26did%3D2%...
22 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5532346&axcusid1=0&clid={ymid}&r=https%3A%2F%2Fhaksaigho.com%2F%3Fb%3D15727546%26ba%3D1%26campid%3D6323526%26did%3D2%26dm%3D0%26ep%3D1%26fp%3D0%26g%3DDE%26i18db%3D1%26l%3DGTcdOYaHegWVtMq%26oaid%3Dae6a36c8f97f4a5cae5ba329eb79ca64%26s%3D730429817503355330%26ssk%3Dc3327bef17fe349c0c0855432436d465%26svar%3D1695711622%26vi%3D1%26vo%3D1%26z%3D5532346%26tr%3Ddefault%26acb%3Dproxy&axcusid2=Software&axadvid=855334&axcamid=7850
Requested by
Host: dragonorders.com
URL: https://dragonorders.com/loading/blockfilter.php?extid=adakfdcjddkdjolfgopncdandijkdlde&p=9200&v=400&url=https://www.trendmicro.com/fr_fr/business.html&guid=60463A04573F4CDBA181321F1F8260C1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United Kingdom, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfb93a8d1f5ae9c534c1eb39bb8241be1944d494a321532812d2aa3be915f61a

Request headers

Referer
https://dragonorders.com/loading/blockfilter.php?extid=adakfdcjddkdjolfgopncdandijkdlde&p=9200&v=400&url=https://www.trendmicro.com/fr_fr/business.html&guid=60463A04573F4CDBA181321F1F8260C1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80c9a1291a509c37-IAD
content-encoding
br
content-type
text/html
date
Tue, 26 Sep 2023 07:00:22 GMT
last-modified
Thu, 07 Sep 2023 08:19:46 GMT
link
<https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OiyCQHFIVqcQKXfrW7lLPB8XVnME%2BLbeMvFvFsv6uxXOmfj9VNg%2B40b3uNhrZ7lTbFbv%2F34Z7Vhw0l33mJPtOEapEkSsh7Vu8xUwo3RLVDAXjSeUEQ0PxMWpP3NAXBho4AKuoaIdZnjefXyeA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-length
0
date
Tue, 26 Sep 2023 07:00:22 GMT
expires
Tue, 11 Jan 1994 10:00:00 GMT
link
<https://cdntechone.com>; rel="dns-prefetch preconnect"
location
https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5532346&axcusid1=0&clid={ymid}&r=https%3A%2F%2Fhaksaigho.com%2F%3Fb%3D15727546%26ba%3D1%26campid%3D6323526%26did%3D2%26dm%3D0%26ep%3D1%26fp%3D0%26g%3DDE%26i18db%3D1%26l%3DGTcdOYaHegWVtMq%26oaid%3Dae6a36c8f97f4a5cae5ba329eb79ca64%26s%3D730429817503355330%26ssk%3Dc3327bef17fe349c0c0855432436d465%26svar%3D1695711622%26vi%3D1%26vo%3D1%26z%3D5532346%26tr%3Ddefault%26acb%3Dproxy&axcusid2=Software&axadvid=855334&axcamid=7850
pragma
no-cache
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
x-content-type-options
nosniff
x-trace-id
7d746fc0fe974780602d8e99d299814c
add
datatechone.com/log/ 		2 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://datatechone.com/log/add?cid=e7ddf874-40d2-43d7-b8fd-56541bff0853
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5532346&axcusid1=0&clid={ymid}&r=https%3A%2F%2Fhaksaigho.com%2F%3Fb%3D15727546%26ba%3D1%26campid%3D6323526%26did%3D2%26dm%3D0%26ep%3D1%26fp%3D0%26g%3DDE%26i18db%3D1%26l%3DGTcdOYaHegWVtMq%26oaid%3Dae6a36c8f97f4a5cae5ba329eb79ca64%26s%3D730429817503355330%26ssk%3Dc3327bef17fe349c0c0855432436d465%26svar%3D1695711622%26vi%3D1%26vo%3D1%26z%3D5532346%26tr%3Ddefault%26acb%3Dproxy&axcusid2=Software&axadvid=855334&axcamid=7850
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.253 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash

Request headers

Referer
https://cdntechone.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 26 Sep 2023 07:00:23 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://cdntechone.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
2
Primary Request /
haksaigho.com/ 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://haksaigho.com/?b=15727546&ba=1&campid=6323526&did=2&dm=0&ep=1&fp=0&g=DE&i18db=1&l=GTcdOYaHegWVtMq&oaid=ae6a36c8f97f4a5cae5ba329eb79ca64&s=730429817503355330&ssk=c3327bef17fe349c0c0855432436d465&svar=1695711622&vi=1&vo=1&z=5532346&tr=default&acb=proxy&axcusid2=Software&axadvid=855334&axcamid=7850
Requested by
Host: cdntechone.com
URL: https://cdntechone.com/r.html?axcid=e7ddf874-40d2-43d7-b8fd-56541bff0853&axtsid=5532346&axcusid1=0&clid={ymid}&r=https%3A%2F%2Fhaksaigho.com%2F%3Fb%3D15727546%26ba%3D1%26campid%3D6323526%26did%3D2%26dm%3D0%26ep%3D1%26fp%3D0%26g%3DDE%26i18db%3D1%26l%3DGTcdOYaHegWVtMq%26oaid%3Dae6a36c8f97f4a5cae5ba329eb79ca64%26s%3D730429817503355330%26ssk%3Dc3327bef17fe349c0c0855432436d465%26svar%3D1695711622%26vi%3D1%26vo%3D1%26z%3D5532346%26tr%3Ddefault%26acb%3Dproxy&axcusid2=Software&axadvid=855334&axcamid=7850
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.158 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
c6130133f4d807f95fa8e5e86fc20eae99b173ce218b03211707bc8e7f350282

Request headers

Referer
https://cdntechone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 26 Sep 2023 07:00:23 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
style.css
littlecdn.com/apps/templates/application/norton-1-copy/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://littlecdn.com/apps/templates/application/norton-1-copy/css/style.css?v=123
Requested by
Host: haksaigho.com
URL: https://haksaigho.com/?b=15727546&ba=1&campid=6323526&did=2&dm=0&ep=1&fp=0&g=DE&i18db=1&l=GTcdOYaHegWVtMq&oaid=ae6a36c8f97f4a5cae5ba329eb79ca64&s=730429817503355330&ssk=c3327bef17fe349c0c0855432436d465&svar=1695711622&vi=1&vo=1&z=5532346&tr=default&acb=proxy&axcusid2=Software&axadvid=855334&axcamid=7850
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
412da4b14d07393a9ab1ce667eaf115704196a30c441dc3b82d568ea73323b4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haksaigho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 07:00:23 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 11:52:21 GMT
server
cloudflare
age
1728
etag
W/"650d7ff5-f25"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
cf-ray
80c9a12f0c1d6922-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
logo.png
littlecdn.com/apps/templates/application/norton-1-copy/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://littlecdn.com/apps/templates/application/norton-1-copy/img/logo.png
Requested by
Host: haksaigho.com
URL: https://haksaigho.com/?b=15727546&ba=1&campid=6323526&did=2&dm=0&ep=1&fp=0&g=DE&i18db=1&l=GTcdOYaHegWVtMq&oaid=ae6a36c8f97f4a5cae5ba329eb79ca64&s=730429817503355330&ssk=c3327bef17fe349c0c0855432436d465&svar=1695711622&vi=1&vo=1&z=5532346&tr=default&acb=proxy&axcusid2=Software&axadvid=855334&axcamid=7850
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1974 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
595ce86576024ae55d2a19858c43698d8be01b858d2ea0c3871b7ead40380857

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haksaigho.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 07:00:23 GMT
cf-cache-status
HIT
age
1728
content-length
9170
last-modified
Fri, 22 Sep 2023 11:52:21 GMT
server
cloudflare
etag
"650d7ff5-23d2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
80c9a12f0c1e6922-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
/
haksaigho.com/ 		2 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://haksaigho.com/?b=15727546&ba=1&campid=6323526&did=2&dm=0&ep=1&fp=0&g=DE&i18db=1&l=GTcdOYaHegWVtMq&oaid=ae6a36c8f97f4a5cae5ba329eb79ca64&s=730429817503355330&ssk=c3327bef17fe349c0c0855432436d465&svar=1695711622&vi=1&vo=1&z=5532346&tr=default&acb=proxy&axcusid2=Software&axadvid=855334&axcamid=7850&mprtr=1
Requested by
Host: haksaigho.com
URL: https://haksaigho.com/?b=15727546&ba=1&campid=6323526&did=2&dm=0&ep=1&fp=0&g=DE&i18db=1&l=GTcdOYaHegWVtMq&oaid=ae6a36c8f97f4a5cae5ba329eb79ca64&s=730429817503355330&ssk=c3327bef17fe349c0c0855432436d465&svar=1695711622&vi=1&vo=1&z=5532346&tr=default&acb=proxy&axcusid2=Software&axadvid=855334&axcamid=7850
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.158 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://haksaigho.com/?b=15727546&ba=1&campid=6323526&did=2&dm=0&ep=1&fp=0&g=DE&i18db=1&l=GTcdOYaHegWVtMq&oaid=ae6a36c8f97f4a5cae5ba329eb79ca64&s=730429817503355330&ssk=c3327bef17fe349c0c0855432436d465&svar=1695711622&vi=1&vo=1&z=5532346&tr=default&acb=proxy&axcusid2=Software&axadvid=855334&axcamid=7850
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 07:00:23 GMT
content-encoding
br
server
nginx
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| global_vars function| addURLParams string| osVerUrlParam string| osVerNum object| osVerPromise object| content object| popup object| popupBg object| popupBtn

9 Cookies

Domain/Path Name / Value
.twnt1.rdtk.io/ Name: redcmps
Value: W3siaWQiOiI2MzQ4NTkzZTdkYzdmZDAwMDE1MGFhNjAiLCJ0IjoiMjAyMy0wOS0yNlQwNzowMDoyMS45MTIwNDQwNzNaIn1d
.twnt1.rdtk.io/ Name: redhash
Value: NjUxMjgxODVhMDk2M2IwMDAxODM2OWNlfDB8NjM0ODU5M2U3ZGM3ZmQwMDAxNTBhYTYwfHw1ZDMzNTYzMS1jNzg4LTRlM2YtODM1MC1mNmE2OTk1YmJhYzh8MTY5NTcxMTYyMQ==
gggtrenks.com/ Name: OAID
Value: ae6a36c8f97f4a5cae5ba329eb79ca64
gggtrenks.com/ Name: oaidts
Value: 1695711622
gggtrenks.com/ Name: OXCCLK
Value: 6323526.1
gggtrenks.com/ Name: allcnt
Value: 1
haksaigho.com/ Name: reverse
Value: OotacVUKTan5PJRbsMp2T_jbjK42MsrK-CbUHnTk4C8
haksaigho.com/ Name: OAID
Value: ae6a36c8f97f4a5cae5ba329eb79ca64
haksaigho.com/ Name: oaidts
Value: 1695711623