ohookah2go.com Open in urlscan Pro
205.134.252.120 Malicious Activity! Public Scan

URL:
https://ohookah2go.com/vin/
Submission: On June 15 via manual (June 15th 2020, 9:47:42 am UTC) from GB

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 205.134.252.120, located in Los Angeles, United States and belongs to IMH-WEST, US. The main domain is ohookah2go.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 30th 2020. Valid for: 3 months.

This is the only time ohookah2go.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
4	205.134.252.120 205.134.252.120	22611 (IMH-WEST) (IMH-WEST)
3	2a00:1450:400... 2a00:1450:4001:815::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
8	3

4 205.134.252.120 (Los Angeles, United States)

ASN22611 (IMH-WEST, US)

ohookah2go.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:815::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	ohookah2go.com ohookah2go.com	66 KB
3	google.com www.google.com	538 B
1	gstatic.com www.gstatic.com	122 KB
8	3

	Domain	Requested by
4	ohookah2go.com	ohookah2go.com
3	www.google.com	ohookah2go.com www.gstatic.com
1	www.gstatic.com	www.google.com
8	3

This site contains no links.

Subject Issuer	Validity	Valid
ohookah2go.com cPanel, Inc. Certification Authority	`2020-05-30` - `2020-08-28`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://ohookah2go.com/vin/
Frame ID: F2F019F39E0C71C47DAA1DD92DF62755
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfrPbMUAAAAAF2DLXNWH8-s0Ln08lXtaX9k1tRC&co=aHR0cHM6Ly9vaG9va2FoMmdvLmNvbTo0NDM.&hl=en&type=image&v=2diXFiiA9NsPIBTU15LG6xPf&theme=light&size=normal&badge=bottomright&cb=x453x5j1vqy9
Frame ID: 465A038E36423BA733764F82D140568B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=2diXFiiA9NsPIBTU15LG6xPf&k=6LfrPbMUAAAAAF2DLXNWH8-s0Ln08lXtaX9k1tRC&cb=a3srrire7vv7
Frame ID: 34C228BD7CE7A75B2F820C1223B3D99A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

8
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

188 kB
Transfer

509 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ohookah2go.com/vin/ 5 KB
4 KB 1508ms
1008ms Document
text/html 205.134.252.120
IMH-WEST

General

Check archive.org

Show headers Download Go to

Full URL

https://ohookah2go.com/vin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.134.252.120 Los Angeles, United States, ASN22611 (IMH-WEST, US),

Reverse DNS

Software

Apache / PHP/7.2.24

Resource Hash

d2dc49dd8e054c48ccd1a24c4f15cc1828c691391aed88f68118409544ce8a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: ohookah2go.com
:scheme: https
:path: /vin/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 15 Jun 2020 09:47:23 GMT
server: Apache
x-powered-by: PHP/7.2.24
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: toxic_hydra=2f42fa28bcfcdb3c440896b81afbf65a5165237b; expires=Mon, 15-Jun-2020 11:47:23 GMT; Max-Age=7200; path=/; HttpOnly
vary: Accept-Encoding,User-Agent
content-encoding: gzip
accept-ranges: none
strict-transport-security: max-age=31536000
content-length: 3903
content-type: text/html; charset=UTF-8

GET
H2 200 6EA258D78F5716C8.css
ohookah2go.com/vin/ASSETS-584796/_css/ 7 KB
2 KB 754ms
754ms Stylesheet
text/css 205.134.252.120
IMH-WEST

General

Check archive.org

Show headers Download Go to

Full URL

https://ohookah2go.com/vin/ASSETS-584796/_css/6EA258D78F5716C8.css

Requested by

Host: ohookah2go.com
URL: https://ohookah2go.com/vin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.134.252.120 Los Angeles, United States, ASN22611 (IMH-WEST, US),

Reverse DNS

Software

Apache / PHP/7.2.24

Resource Hash

42187e8f846f2e1c3c0ce8142a63693f295625404d3f6eb27291b7a3f22b9449

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ohookah2go.com/vin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jun 2020 09:47:24 GMT
content-encoding: gzip
server: Apache
x-powered-by: PHP/7.2.24
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000
accept-ranges: none
content-length: 1823
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 EB7927B14EC73350.js Show response
ohookah2go.com/vin/ASSETS-584796/_js/ 184 KB
56 KB 448ms
448ms Script
text/javascript 205.134.252.120
IMH-WEST

General

Check archive.org

Show headers Download Go to

Full URL

https://ohookah2go.com/vin/ASSETS-584796/_js/EB7927B14EC73350.js

Requested by

Host: ohookah2go.com
URL: https://ohookah2go.com/vin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.134.252.120 Los Angeles, United States, ASN22611 (IMH-WEST, US),

Reverse DNS

Software

Apache / PHP/7.2.24

Resource Hash

6b045fc533c6aaf0590a2acdf82263388bbf2b1f7695c944b167ff6bd79bc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ohookah2go.com/vin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Jun 2020 09:47:24 GMT
content-encoding: gzip
server: Apache
x-powered-by: PHP/7.2.24
vary: Accept-Encoding,User-Agent
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 674 B
538 B 16ms
15ms Script
text/javascript 2a00:1450:4001:815::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: ohookah2go.com
URL: https://ohookah2go.com/vin/ASSETS-584796/_js/EB7927B14EC73350.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1f3302d655d50dbc0cc823c182c5aaa30e3c621388d40b902c24b4d8ac0348cd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ohookah2go.com/vin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Jun 2020 09:47:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 447
x-xss-protection: 1; mode=block
expires: Mon, 15 Jun 2020 09:47:25 GMT

GET
H2 200 l.png
ohookah2go.com/vin/ASSETS-584796/_img/ 3 KB
3 KB 446ms
445ms Image
image/png 205.134.252.120
IMH-WEST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ohookah2go.com/vin/ASSETS-584796/_img/l.png

Requested by

Host: ohookah2go.com
URL: https://ohookah2go.com/vin/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

205.134.252.120 Los Angeles, United States, ASN22611 (IMH-WEST, US),

Reverse DNS

Software

Apache / PHP/7.2.24

Resource Hash

78302e6e6a4a18f92edf0f6fbc4a9ce4ab9a8bf986bf1def3a2296336d2e73b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ohookah2go.com/vin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Jun 2020 09:47:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.2.24
status: 200
content-transfer-encoding: binary
content-disposition: filename=l.png;
content-length: 2942
pragma: no-cache
last-modified: Mon, 15 Jun 2020 09:47:25 GMT
server: Apache
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: no-store, no-cache, must-revalidate
accept-ranges: none
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/ 310 KB
122 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c521581b808702299ee8b8948ae8e90ae270ea93206bb1f95846843e0efee725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ohookah2go.com/vin/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 02:19:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Jun 2020 19:45:58 GMT
server: sffe
age: 372469
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125146
x-xss-protection: 0
expires: Fri, 11 Jun 2021 02:19:36 GMT

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 465A 0
0 37ms
36ms Document
text/html 2a00:1450:4001:815::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfrPbMUAAAAAF2DLXNWH8-s0Ln08lXtaX9k1tRC&co=aHR0cHM6Ly9vaG9va2FoMmdvLmNvbTo0NDM.&hl=en&type=image&v=2diXFiiA9NsPIBTU15LG6xPf&theme=light&size=normal&badge=bottomright&cb=x453x5j1vqy9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VH1TS8UNdPrehC0sSyQpCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfrPbMUAAAAAF2DLXNWH8-s0Ln08lXtaX9k1tRC&co=aHR0cHM6Ly9vaG9va2FoMmdvLmNvbTo0NDM.&hl=en&type=image&v=2diXFiiA9NsPIBTU15LG6xPf&theme=light&size=normal&badge=bottomright&cb=x453x5j1vqy9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ohookah2go.com/vin/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ohookah2go.com/vin/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 15 Jun 2020 09:47:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-VH1TS8UNdPrehC0sSyQpCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10292
server: GSE
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 34C2 0
0 22ms
21ms Document
text/html 2a00:1450:4001:815::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=2diXFiiA9NsPIBTU15LG6xPf&k=6LfrPbMUAAAAAF2DLXNWH8-s0Ln08lXtaX9k1tRC&cb=a3srrire7vv7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/2diXFiiA9NsPIBTU15LG6xPf/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+qzLE1elqjqS8cOV0d9vwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=2diXFiiA9NsPIBTU15LG6xPf&k=6LfrPbMUAAAAAF2DLXNWH8-s0Ln08lXtaX9k1tRC&cb=a3srrire7vv7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ohookah2go.com/vin/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://ohookah2go.com/vin/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 15 Jun 2020 09:47:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-+qzLE1elqjqS8cOV0d9vwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1176
server: GSE
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ohookah2go.com/	1970-01-19 10:17:01	Name: toxic_hydra Value: 0156dfa7a15178705c680a97246a3a52efca9761

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ohookah2go.com/vin/ASSETS-584796/_js/EB7927B14EC73350.js(Line 1) Message: captcha loaded

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ohookah2go.com
www.google.com
www.gstatic.com
205.134.252.120
2a00:1450:4001:815::2004
2a00:1450:4001:81f::2003
1f3302d655d50dbc0cc823c182c5aaa30e3c621388d40b902c24b4d8ac0348cd
42187e8f846f2e1c3c0ce8142a63693f295625404d3f6eb27291b7a3f22b9449
6b045fc533c6aaf0590a2acdf82263388bbf2b1f7695c944b167ff6bd79bc404
78302e6e6a4a18f92edf0f6fbc4a9ce4ab9a8bf986bf1def3a2296336d2e73b8
c521581b808702299ee8b8948ae8e90ae270ea93206bb1f95846843e0efee725
d2dc49dd8e054c48ccd1a24c4f15cc1828c691391aed88f68118409544ce8a61

ohookah2go.com Open in urlscan Pro 205.134.252.120 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

188 kBTransfer

509 kBSize

1 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

14 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

ohookah2go.com Open in urlscan Pro
205.134.252.120 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

188 kB
Transfer

509 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!