urlscan.io logo urlscan.io
SecurityTrails logo

dhnm.wwbudmh.ru Open in urlscan Pro
172.67.130.186  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.tiktok.com/link/v2?aid=1988&lang=enFSmPWg&scene=bio_url&target=google.com.%2F%2F%2F%2Famp%2Fs%2F%E2%80%8Bc%...
Effective URL: https://dhnm.wwbudmh.ru/S7BuQR/
Submission Tags: falconsandbox
Submission: On September 10 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 8 domains to perform 8 HTTP transactions. The main IP is 172.67.130.186, located in United States and belongs to CLOUDFLARENET, US. The main domain is dhnm.wwbudmh.ru.
TLS certificate: Issued by WE1 on August 10th 2024. Valid for: 3 months.
This is the only time dhnm.wwbudmh.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.219.36.236 20940 (AKAMAI-ASN1)
2 2 142.250.80.110 15169 (GOOGLE)
1 1 142.250.65.228 15169 (GOOGLE)
2 103.28.36.23 131353 (NHANHOA-A...)
1 196.41.122.245 36874 (Cybersmart)
2 172.67.130.186 13335 (CLOUDFLAR...)
1 172.67.219.12 13335 (CLOUDFLAR...)
8 5
1    23.219.36.236 (Chicago, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-219-36-236.deploy.static.akamaitechnologies.com
www.tiktok.com
2    142.250.80.110 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f14.1e100.net
google.com.
google.com
1    142.250.65.228 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f4.1e100.net
www.google.com
2    103.28.36.23 (Viet Nam)

ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN)
PTR: ns13.nhanhoa.com
cth.vn
1    196.41.122.245 (South Africa)

ASN36874 (Cybersmart, ZA)
PTR: cpanel32.mywebserver.co.za
rswebsolutions.co.za
2    172.67.130.186 (United States)

ASN13335 (CLOUDFLARENET, US)
dhnm.wwbudmh.ru
1    172.67.219.12 (United States)

ASN13335 (CLOUDFLARENET, US)
5zjzh.adrelica.ru
Apex Domain
Subdomains		 Transfer
2 wwbudmh.ru
dhnm.wwbudmh.ru Failed
8 KB
2 cth.vn
cth.vn
878 B
2 google.com
google.com — Cisco Umbrella Rank: 1
www.google.com — Cisco Umbrella Rank: 10
47 B
1 adrelica.ru
5zjzh.adrelica.ru
450 B
1 rswebsolutions.co.za
rswebsolutions.co.za
2 KB
1 com.
google.com.
15 B
1 tiktok.com
www.tiktok.com — Cisco Umbrella Rank: 3787
4 KB
0 ebay.com Failed
www.ebay.com Failed
8 8
Domain Requested by
2 dhnm.wwbudmh.ru rswebsolutions.co.za
2 cth.vn
1 5zjzh.adrelica.ru dhnm.wwbudmh.ru
1 rswebsolutions.co.za
1 www.google.com 1 redirects
1 google.com 1 redirects
1 google.com. 1 redirects
1 www.tiktok.com 1 redirects
0 www.ebay.com Failed dhnm.wwbudmh.ru
8 9

This site contains no links.

Subject Issuer Validity Valid
www.cth.vn
R10		 2024-08-20 -
2024-11-18		 3 months crt.sh
*.rswebsolutions.co.za
R10		 2024-08-03 -
2024-11-01		 3 months crt.sh
wwbudmh.ru
WE1		 2024-08-10 -
2024-11-08		 3 months crt.sh
adrelica.ru
WE1		 2024-09-04 -
2024-12-03		 3 months crt.sh

This page contains 1 frames:

Frame: https://www.ebay.com/
Frame ID: C8342B10BC34F85FC1CF506D1C2E47A2
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://rswebsolutions.co.za/.dev/ Page URL
  2. https://dhnm.wwbudmh.ru/S7BuQR/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

8
Requests

75 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

5
IPs

3
Countries

12 kB
Transfer

21 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://rswebsolutions.co.za/.dev/ Page URL
  2. https://dhnm.wwbudmh.ru/S7BuQR/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.tiktok.com/link/v2?aid=1988&lang=enFSmPWg&scene=bio_url&target=google.com.%2F%2F%2F%2Famp%2Fs%2F%E2%80%8Bc%C2%ADt%C2%ADh%E2%80%8B.%C2%ADv%C2%ADn%2F.dev%2Fga4lFCpn%2FYXN1bkB3ZXN0bGFrZWZpbmFuY2lhbC5jb20%3D%3D%24%E3%80%82 HTTP 302
  • https://google.com.////amp/s/%E2%80%8Bc%C2%ADt%C2%ADh%E2%80%8B.%C2%ADv%C2%ADn/.dev/ga4lFCpn/YXN1bkB3ZXN0bGFrZWZpbmFuY2lhbC5jb20==$%E3%80%82?safe=active HTTP 301
  • https://google.com/amp/s/%E2%80%8Bc%C2%ADt%C2%ADh%E2%80%8B.%C2%ADv%C2%ADn/.dev/ga4lFCpn/YXN1bkB3ZXN0bGFrZWZpbmFuY2lhbC5jb20==$%E3%80%82?safe=active HTTP 301
  • https://www.google.com/amp/s/%E2%80%8Bc%C2%ADt%C2%ADh%E2%80%8B.%C2%ADv%C2%ADn/.dev/ga4lFCpn/YXN1bkB3ZXN0bGFrZWZpbmFuY2lhbC5jb20==$%E3%80%82?safe=active HTTP 302
  • https://cth.vn/.dev/ga4lFCpn/YXN1bkB3ZXN0bGFrZWZpbmFuY2lhbC5jb20==$%E3%80%82

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
YXN1bkB3ZXN0bGFrZWZpbmFuY2lhbC5jb20==$%E3%80%82
cth.vn/.dev/ga4lFCpn/
Redirect Chain
  • https://www.tiktok.com/link/v2?aid=1988&lang=enFSmPWg&scene=bio_url&target=google.com.%2F%2F%2F%2Famp%2Fs%2F%E2%80%8Bc%C2%ADt%C2%ADh%E2%80%8B.%C2%ADv%C2%ADn%2F.dev%2Fga4lFCpn%2FYXN1bkB3ZXN0bGFrZWZp...
  • https://google.com.////amp/s/%E2%80%8Bc%C2%ADt%C2%ADh%E2%80%8B.%C2%ADv%C2%ADn/.dev/ga4lFCpn/YXN1bkB3ZXN0bGFrZWZpbmFuY2lhbC5jb20==$%E3%80%82?safe=active
  • https://google.com/amp/s/%E2%80%8Bc%C2%ADt%C2%ADh%E2%80%8B.%C2%ADv%C2%ADn/.dev/ga4lFCpn/YXN1bkB3ZXN0bGFrZWZpbmFuY2lhbC5jb20==$%E3%80%82?safe=active
  • https://www.google.com/amp/s/%E2%80%8Bc%C2%ADt%C2%ADh%E2%80%8B.%C2%ADv%C2%ADn/.dev/ga4lFCpn/YXN1bkB3ZXN0bGFrZWZpbmFuY2lhbC5jb20==$%E3%80%82?safe=active
  • https://cth.vn/.dev/ga4lFCpn/YXN1bkB3ZXN0bGFrZWZpbmFuY2lhbC5jb20==$%E3%80%82
0
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cth.vn/.dev/ga4lFCpn/YXN1bkB3ZXN0bGFrZWZpbmFuY2lhbC5jb20==$%E3%80%82
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.28.36.23 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
ns13.nhanhoa.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 10 Sep 2024 19:20:42 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding
refresh
0;url=https://rswebsolutions.co.za/.dev/#YXN1bkB3ZXN0bGFrZWZpbmFuY2lhbC5jb20==

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
281
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-lHreWU6LYJQov3gLjsUhBQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
content-type
text/html; charset=UTF-8
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
date
Tue, 10 Sep 2024 19:20:38 GMT
location
https://​c­t­h​.­v­n/.dev/ga4lFCpn/YXN1bkB3ZXN0bGFrZWZpbmFuY2lhbC5jb20==$。
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
server
gws
x-frame-options
SAMEORIGIN
x-robots-tag
noindex
x-xss-protection
0
/
rswebsolutions.co.za/.dev/ 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rswebsolutions.co.za/.dev/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
196.41.122.245 , South Africa, ASN36874 (Cybersmart, ZA),
Reverse DNS
cpanel32.mywebserver.co.za
Software
Apache /
Resource Hash
8f04b1450b575288548650212cda7fe888019194cb1c9cb3e49365530f81ca3c

Request headers

Referer
https://cth.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1907
Content-Type
text/html; charset=UTF-8
Date
Tue, 10 Sep 2024 19:20:43 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding,User-Agent
favicon.ico
cth.vn/ 		315 B
515 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cth.vn/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.28.36.23 , Viet Nam, ASN131353 (NHANHOA-AS-VN NhanHoa Software company, VN),
Reverse DNS
ns13.nhanhoa.com
Software
Apache /
Resource Hash

Request headers

Referer
https://cth.vn/.dev/ga4lFCpn/YXN1bkB3ZXN0bGFrZWZpbmFuY2lhbC5jb20==$%E3%80%82
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Tue, 10 Sep 2024 19:20:43 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
315
Content-Type
text/html; charset=iso-8859-1
/
dhnm.wwbudmh.ru/S7BuQR/ 		0
0
Primary Request /
dhnm.wwbudmh.ru/S7BuQR/ 		13 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dhnm.wwbudmh.ru/S7BuQR/
Requested by
Host: rswebsolutions.co.za
URL: https://rswebsolutions.co.za/.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aead92b3beededf3cef65f7f51afd798eae1bc949e77416fb2c5f3adf41203b

Request headers

Referer
https://rswebsolutions.co.za/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8c11c6eb9c1ba4ee-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 10 Sep 2024 19:20:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=21HOz%2FwAnkCkxKC6G6q4r0vnxG4BopcbngXCAesFXGVB4bQMjdFxMrFbhdarP7l%2FvfYtRWstV6tUDqK86uux%2FRg9fzzD4FzF17OuLP6EZY29zR2V2VGuYK9ITxTl4A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
dtngvkwihqbqayvlyqbkgnmagpgmTTMomBPSBGNLKKQFWTFHEZAOWFQPNZOTJJFCUICEQEYBWMXFRURCSCUKDR
5zjzh.adrelica.ru/ 		1 B
450 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://5zjzh.adrelica.ru/dtngvkwihqbqayvlyqbkgnmagpgmTTMomBPSBGNLKKQFWTFHEZAOWFQPNZOTJJFCUICEQEYBWMXFRURCSCUKDR
Requested by
Host: dhnm.wwbudmh.ru
URL: https://dhnm.wwbudmh.ru/S7BuQR/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.219.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://dhnm.wwbudmh.ru/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 19:20:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KtCAWYGe9u6z%2B3VSbdoXdTxqOYtmN9WxpKUQMrbQwHvinQqvo8e64iRRDzRTtYMwWvWCM56CZWCFXj%2B%2FLR95cUZGEyiFNrFdr5A65tckvm7ERh7mHYItZxh86Zz0UmrR3%2BfLTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
8c11c6f05d099ae6-MIA
alt-svc
h3=":443"; ma=86400
favicon.ico
dhnm.wwbudmh.ru/ 		0
431 B 		Other
General
Check archive.org
Download Go to
Full URL
https://dhnm.wwbudmh.ru/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.130.186 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dhnm.wwbudmh.ru/S7BuQR/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Tue, 10 Sep 2024 19:20:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
12119
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UbKTnqxvV5Arlpsnqj1c0eS%2Fd3qlz%2BUS8mpOSHLDRJuCuI6u6rbbFRN%2BSuZushxfQl7DHRsQLeW5aHilletnG7Wu4sH0SBM%2Bt2Xeff6FviYn2Ld9qvZZNYuymMr3CA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
8c11c6ef09eaa4ee-MIA
alt-svc
h3=":443"; ma=86400
/
www.ebay.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dhnm.wwbudmh.ru
URL
https://dhnm.wwbudmh.ru/S7BuQR/
Domain
www.ebay.com
URL
https://www.ebay.com/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 517=QpQ3liO6Ti14WNhoUF-CMrjLC_ML24VyFPxKB1AMP3Ym5HPcrfC-OvaXNYvPpG_9Pv9U6NOQXmILUMMIi0pP-CciKggp8YNiGQ3n-Aa28yCmcMDkOR3I-RozW3VDkM8h2--ZlEEIiO_yFAnALGAaa4LfOSpM-psXAQnU04hEbNL2QpXToJNsBA
dhnm.wwbudmh.ru/ Name: XSRF-TOKEN
Value: eyJpdiI6InFxUE15ZjY2K0czd1VxM1pZMGZqRUE9PSIsInZhbHVlIjoiN0ZCZG1DTm0xRllhZ1lFWDQ4T2NCVGZuMzZXQjBaWDZlak81OWhlajAya1ZmTy8vMDI1SXI1VmV1eXNjbW0vSUtWUHpxa0w1bFZkSzZ1ZXFmUHFyZnN1enYyTXExVjhyREVxd2V5R1hzbG9ZSEZGMU1ySkhoSVJWV21DK01leC8iLCJtYWMiOiI4ZGJmOGFmYWY4MWM0M2QxMTNjMjM1YjQ2Yjg3NWVmYTY5MTgzODhlYmJlMzBlNDVmMWUzNDMxOGEwODQxZjAwIiwidGFnIjoiIn0%3D
dhnm.wwbudmh.ru/ Name: laravel_session
Value: eyJpdiI6ImRTeHYvbnl1NDZZaXdmbG1IRCtqOHc9PSIsInZhbHVlIjoiMkFuRlhXOTVDU2R0QXc2YVNpQkF2K2orTHVpL2tiZSswTFE4eUd2MFdiaXk0NmxYVlZpWlBKL2FUeFVUS0JsenRTR1B5b3FmTXpSYlBieW9qb3pOTE1nYmpJRHJSdnBsQU9peGFmQlJ1aUs2REo1d2JUV0hQMzc0N3RhcDQ0bEkiLCJtYWMiOiI1M2QwMjA0MTA5MzYwNWU1MjA1NzdlNWE4MGI2NTY1ZmY1MzQ4OGE5MGQ3YmU2Y2RiYjgyNTRiNGEwNDUyOTFiIiwidGFnIjoiIn0%3D

2 Console Messages

Source Level URL
Text
network error URL: https://cth.vn/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://dhnm.wwbudmh.ru/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()