urlscan.io logo urlscan.io
SecurityTrails logo

pgfywp348p.sihanol.store Open in urlscan Pro
199.192.27.240  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tap-rt-prod1-t.campaign.adobe.com/r/?id=h9ecb88b,c1e96b3,69fe0fb&p1=//reignads.com%2Fjnds83e8%2Fh38h482%2Fp1hbpq%2F%2F%2F%2FZC5tb2...
Effective URL: https://pgfywp348p.sihanol.store/?email=d.moestl@ueg.eu
Submission: On December 01 via manual from AT — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 4 HTTP transactions. The main IP is 199.192.27.240, located in United States and belongs to NAMECHEAP-NET, US. The main domain is pgfywp348p.sihanol.store.
TLS certificate: Issued by R3 on November 27th 2023. Valid for: 3 months.
This is the only time pgfywp348p.sihanol.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.209.63.132 16509 (AMAZON-02)
1 192.185.174.50 19871 (NETWORK-S...)
1 199.192.27.240 22612 (NAMECHEAP...)
2 104.16.87.20 13335 (CLOUDFLAR...)
4 3
Apex Domain
Subdomains		 Transfer
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
57 KB
1 sihanol.store
pgfywp348p.sihanol.store
24 KB
1 reignads.com
reignads.com
184 B
1 adobe.com
tap-rt-prod1-t.campaign.adobe.com
651 B
4 4
Domain Requested by
2 cdn.jsdelivr.net pgfywp348p.sihanol.store
1 pgfywp348p.sihanol.store
1 reignads.com
1 tap-rt-prod1-t.campaign.adobe.com 1 redirects
4 4

This site contains no links.

Subject Issuer Validity Valid
*.reignads.com
R3		 2023-10-08 -
2024-01-06		 3 months crt.sh
pgfywp348p.sihanol.store
R3		 2023-11-27 -
2024-02-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://pgfywp348p.sihanol.store/?email=d.moestl@ueg.eu
Frame ID: 76D315602FCDDF77BF1721043CA88E1D
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading... Wait...

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

82 kB
Transfer

352 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://tap-rt-prod1-t.campaign.adobe.com/r/?id=h9ecb88b,c1e96b3,69fe0fb&p1=//reignads.com%2Fjnds83e8%2Fh38h482%2Fp1hbpq%2F%2F%2F%2FZC5tb2VzdGxAdWVnLmV1 HTTP 302
  • https://reignads.com/jnds83e8/h38h482/p1hbpq////ZC5tb2VzdGxAdWVnLmV1

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ZC5tb2VzdGxAdWVnLmV1
reignads.com/jnds83e8/h38h482/p1hbpq////
Redirect Chain
  • https://tap-rt-prod1-t.campaign.adobe.com/r/?id=h9ecb88b,c1e96b3,69fe0fb&p1=//reignads.com%2Fjnds83e8%2Fh38h482%2Fp1hbpq%2F%2F%2F%2FZC5tb2VzdGxAdWVnLmV1
  • https://reignads.com/jnds83e8/h38h482/p1hbpq////ZC5tb2VzdGxAdWVnLmV1
0
184 B 		Document
General
Check archive.org
Download Go to
Full URL
https://reignads.com/jnds83e8/h38h482/p1hbpq////ZC5tb2VzdGxAdWVnLmV1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.174.50 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
192-185-174-50.unifiedlayer.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
max-age=3600
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 01 Dec 2023 09:37:36 GMT
expires
Fri, 01 Dec 2023 10:37:36 GMT
referrer-policy
no-referrer-when-downgrade
refresh
0;url=https://pgfywp348p.sihanol.store/?email=d.moestl@ueg.eu
server
Apache

Redirect headers

Connection
keep-alive
Content-Length
17
Content-Type
text/plain; charset=utf-8
Date
Fri, 01 Dec 2023 09:37:35 GMT
Location
https:////reignads.com/jnds83e8/h38h482/p1hbpq////ZC5tb2VzdGxAdWVnLmV1
P3P
CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
Server
Apache
X-Robots-Tag
noindex
Primary Request /
pgfywp348p.sihanol.store/ 		45 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pgfywp348p.sihanol.store/?email=d.moestl@ueg.eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.192.27.240 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
svr.hostemedks.host
Software
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips / PHP/7.4.1
Resource Hash
2cee21b1a2ce71dff5099cd4a5f5c96e66cce174c8f80029aab85dd409d003b4

Request headers

Referer
https://reignads.com/jnds83e8/h38h482/p1hbpq////ZC5tb2VzdGxAdWVnLmV1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
24031
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Dec 2023 09:37:37 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache/2.4.57 (Unix) OpenSSL/1.0.2k-fips
Vary
Accept-Encoding,User-Agent
X-Powered-By
PHP/7.4.1
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/ 		227 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css
Requested by
Host: pgfywp348p.sihanol.store
URL: https://pgfywp348p.sihanol.store/?email=d.moestl@ueg.eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pgfywp348p.sihanol.store/
Origin
https://pgfywp348p.sihanol.store
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 09:37:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
201227
x-jsd-version
5.3.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220083-FRA, cache-vie6381-VIE
x-jsd-version-type
version
server
cloudflare
etag
W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVl%2FhWKOi61XR5Mdn2vTWmhWK%2FOOfVLGvFPvnvN9tpT%2FJUAItd23OhASLjtAeAS%2BmyMjdWSY57sx0gKI9UP2fQNwYUexmn7JKw7uiKGV26yGqzYRIOZV1YsZiyUVfcy4HQM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
82ea5a485f475b19-VIE
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: pgfywp348p.sihanol.store
URL: https://pgfywp348p.sihanol.store/?email=d.moestl@ueg.eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pgfywp348p.sihanol.store/
Origin
https://pgfywp348p.sihanol.store
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 09:37:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
201227
x-jsd-version
5.3.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220085-FRA, cache-vie6374-VIE
x-jsd-version-type
version
server
cloudflare
etag
W/"13b17-9/0PPchLLPk7+B6DJQWmc/NU4KM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3aEVdGOWHVMBdWH3ZjXDr9bjLCLwH5fi0WRVV5570ljxGYLT4oZDX6QyBaPSEPiCRyvVPexRbtZNgpVyIaIOLd%2Brl%2Fo6O9BSde2pYEBwrWoimAT9JWitiH5hEgRXB920O8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
82ea5a4918745b19-VIE

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| uidEvent object| bootstrap number| Timeout function| myFunction function| goto function| setCookie

4 Cookies

Domain/Path Name / Value
.adobe.com/ Name: AMCV_A7672BA85ECD64E10A495FF4%40AdobeOrg
Value: MCMID%7C82843627184550051830185482109752705023
.adobe.com/ Name: nlid
Value: 9ecb88b|c1e96b3
.adobe.com/ Name: nllastdelid
Value: c1e96b3
pgfywp348p.sihanol.store/ Name: PHPSESSID
Value: 41ba75bcfa4dda68358505d6b663cee8