poxvqv.hidejunkie.com Open in urlscan Pro
185.165.29.232 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://slf.su.edu.pk/k/
Effective URL:
https://poxvqv.hidejunkie.com/k/
Submission: On January 14 via manual (January 14th 2021, 6:33:30 pm UTC) from FR

Summary HTTP 9 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 9 HTTP transactions. The main IP is 185.165.29.232, located in Iran, Islamic Republic Of and belongs to SERVERIUS-AS, NL. The main domain is poxvqv.hidejunkie.com.
TLS certificate: Issued by R3 on January 14th 2021. Valid for: 3 months.

This is the only time poxvqv.hidejunkie.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3034::6812:32cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.165.29.232 185.165.29.232	50673 (SERVERIUS-AS) (SERVERIUS-AS)
6	87.98.190.36 87.98.190.36	16276 (OVH) (OVH)
1	212.83.187.44 212.83.187.44	12876 (Online SAS) (Online SAS)
9	4

1 2606:4700:3034::6812:32cc (United States)

ASN13335 (CLOUDFLARENET, US)

slf.su.edu.pk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.165.29.232 (Iran, Islamic Republic Of)

ASN50673 (SERVERIUS-AS, NL)

poxvqv.hidejunkie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 87.98.190.36 (France)

ASN16276 (OVH, FR)
PTR: oxi90.com

oxi90.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.83.187.44 (Saint-Arnoult-en-Yvelines, France)

ASN12876 (Online SAS, FR)
PTR: u44.oxemis.net

oxi51.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	oxi90.com oxi90.com	326 KB
1	oxi51.com oxi51.com	974 B
1	hidejunkie.com poxvqv.hidejunkie.com	10 KB
1	su.edu.pk slf.su.edu.pk	861 B
9	4

	Domain	Requested by
6	oxi90.com	poxvqv.hidejunkie.com
1	oxi51.com	poxvqv.hidejunkie.com
1	poxvqv.hidejunkie.com	slf.su.edu.pk
1	slf.su.edu.pk
9	4

This site contains links to these domains. Also see Links.

Domain
oxi51.com

Subject Issuer	Validity	Valid
poxvqv.hidejunkie.com R3	`2021-01-14` - `2021-04-14`	3 months	crt.sh
oxi90.com R3	`2020-12-14` - `2021-03-14`	3 months	crt.sh
oxi51.com Let's Encrypt Authority X3	`2020-11-20` - `2021-02-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://poxvqv.hidejunkie.com/k/
Frame ID: 263055412B977358A33524B5779E32E3
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://slf.su.edu.pk/k/ Page URL
https://poxvqv.hidejunkie.com/k/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

9
Requests

89 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

338 kB
Transfer

335 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://oxi51.com/c6.php?ec=2&l=jYaJsH27dWtm&i=ZGRolGaXaGhn&t=ZQ&e=lKClzJGQlJigoM6gl4+TpMegzpZz0qWV0suaZZ2m&u=m6iq1KOdYGaiqM5rYJCVps9jv4OGr4CMqJhoZm1tnJdsbXuccpRqfWdilmdym3dqlmqrZGiYY2ycnXl7ZaTL0g&v=8
Title: consultez-le en ligne

Search URL Search Domain Scan URL

URL: https://oxi51.com/c6.php?ec=2&l=jYaJsH27dWtm&i=ZGRolGaXaGhn&t=ZA&e=lKClzJGQlJigoM6gl4+TpMegzpZz0qWV0suaZZ2m&u=m6iq1KOdYGaqp9xglduXqo+p1V+W0qA&v=8

Search URL Search Domain Scan URL

URL: https://oxi51.com/c6.php?ec=2&l=jYaJsH27dWtm&i=ZGRolGaXaGhn&t=ZA&e=lKClzJGQlJigoM6gl4+TpMegzpZz0qWV0suaZZ2m&u=m6iq1KOdYGaqp9xglduXqo+p1V+W0qBjxceYrJydz5FlaGyXXciUqZSekpWZ0Jekw2HMoKHJn5XG0JpkpGLL1qCgWZM&v=8

Search URL Search Domain Scan URL

URL: https://oxi51.com/c6.php?ec=2&l=jYaJsH27dWtm&i=ZGRolGaXaGhn&t=ZA&e=lKClzJGQlJigoM6gl4+TpMegzpZz0qWV0suaZZ2m&u=m6iq1KOdYGaqp9xglduXqo+p1V+W0qBj2NaWpaqV14+Vo5/XX5Rhb2ld2aSR0KWY1mHHoJzWYJfT0aWjnKiRyqehoodf&v=8

Search URL Search Domain Scan URL

URL: https://oxi51.com/c6.php?ec=2&l=jYaJsH27dWtm&i=ZGRolGaXaGhn&t=ZA&e=lKClzJGQlJigoM6gl4+TpMegzpZz0qWV0suaZZ2m&u=m6iq1KOdYGaqp9xglduXqo+p1V+W0qBj2NaWpaqV14+Vo5/XXcqWmKGklGNpmmhk1qbGn6bEp2HG056qZJvIw6GoY9yoz1+fp53RVV8&v=8

Search URL Search Domain Scan URL

URL: https://oxi51.com/c6.php?ec=2&l=jYaJsH27dWtm&i=ZGRolGaXaGhn&t=ZA&e=lKClzJGQlJigoM6gl4+TpMegzpZz0qWV0suaZZ2m&u=m6iq1KOdYGaqp9xglduXqo+p1V+W0qBjlpVuZKSjxcufnZvWow&v=8

Search URL Search Domain Scan URL

URL: https://oxi51.com/d6.php?ec=2&l=jYaJsH27dWtm&e=lKClzJGQlJigoM6gl4+TpMegzpZz0qWV0suaZZ2m&i=ZGRolGaXaGhn&v=8
Title: Veuillez me retirer de votre liste de diffusion

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://slf.su.edu.pk/k/ Page URL
https://poxvqv.hidejunkie.com/k/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set / Show response slf.su.edu.pk/k/	103 B 861 B	563ms 548ms	Document text/html	2606:4700:3034::6812:32cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://slf.su.edu.pk/k/ Protocol HTTP/1.1 Server 2606:4700:3034::6812:32cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0997ed3fa6a7b67f1b0019b270e1eaf78f3cac15d17971787d769bfa8862e352` Request headers Host slf.su.edu.pk Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 18:33:10 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=de0cd6a913ce3eae2a832f1440fcde2501610649189; expires=Sat, 13-Feb-21 18:33:09 GMT; path=/; domain=.su.edu.pk; HttpOnly; SameSite=Lax CF-Cache-Status DYNAMIC cf-request-id 07a3c5555c00004a7430b5c000000001 Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f71x0WSS%2Bdap%2Bf4Nl%2FAl3TpL04xziXO2fTXzOg22uOpZ8XrQzESGXUCk4ZgsxzAM9lDsCuy5xrTaZ14PU0b9C2pQbHepBOesjN3boZ2%2FnisNISojLlHu995T"}],"group":"cf-nel","max_age":604800} NEL {"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6119719bcf424a74-FRA Content-Encoding gzip
GET H/1.1	200 OK	Primary Request / Show response poxvqv.hidejunkie.com/k/	10 KB 10 KB	231ms 26ms	Document text/html	185.165.29.232 SERVERIUS-AS
General Check archive.org Show headers Download Go to Full URL https://poxvqv.hidejunkie.com/k/ Requested by Host: slf.su.edu.pk URL: http://slf.su.edu.pk/k/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.165.29.232 , Iran, Islamic Republic Of, ASN50673 (SERVERIUS-AS, NL), Reverse DNS Software nginx / Resource Hash `588d7315fde1c724b7f673c49c44d524441c8a747f8ed42bbcd2a8b39fd93f04` Request headers Host poxvqv.hidejunkie.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer http://slf.su.edu.pk/k/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://slf.su.edu.pk/k/ Response headers Content-Type text/html; charset=UTF-8 Date Thu, 14 Jan 2021 18:33:10 GMT Server nginx Transfer-Encoding chunked
GET H/1.1	200 OK	NEWSLETTER-ecran-cinema-gonflable_01_9ee0c686f6.jpg oxi90.com/ZRSLMXD43/	98 KB 98 KB	525ms 30ms	Image image/jpeg	87.98.190.36 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://oxi90.com/ZRSLMXD43/NEWSLETTER-ecran-cinema-gonflable_01_9ee0c686f6.jpg Requested by Host: poxvqv.hidejunkie.com URL: https://poxvqv.hidejunkie.com/k/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 87.98.190.36 , France, ASN16276 (OVH, FR), Reverse DNS oxi90.com Software Apache / Resource Hash `82e247646446ff0ea15645e683fd2e83e9604d6e6934cb820b30424133fc97b0` Request headers Referer https://poxvqv.hidejunkie.com/k/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 18:33:11 GMT Last-Modified Mon, 27 Jul 2020 12:39:35 GMT Server Apache ETag "1863c-5ab6b9d749902" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 99900
GET H/1.1	200 OK	NEWSLETTER-ecran-cinema-gonflable_02_aa91c626d6.jpg oxi90.com/ZRSLMXD43/	47 KB 47 KB	532ms 31ms	Image image/jpeg	87.98.190.36 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://oxi90.com/ZRSLMXD43/NEWSLETTER-ecran-cinema-gonflable_02_aa91c626d6.jpg Requested by Host: poxvqv.hidejunkie.com URL: https://poxvqv.hidejunkie.com/k/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 87.98.190.36 , France, ASN16276 (OVH, FR), Reverse DNS oxi90.com Software Apache / Resource Hash `c4261ce5ec30b859c972306de756d06e4c893bb810d333d1bb9bf226789e6c39` Request headers Referer https://poxvqv.hidejunkie.com/k/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 18:33:11 GMT Last-Modified Mon, 27 Jul 2020 12:39:35 GMT Server Apache ETag "bbb6-5ab6b9d761fa2" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 48054
GET H/1.1	200 OK	NEWSLETTER-ecran-cinema-gonflable_03_789863a661.jpg oxi90.com/ZRSLMXD43/	83 KB 83 KB	536ms 31ms	Image image/jpeg	87.98.190.36 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://oxi90.com/ZRSLMXD43/NEWSLETTER-ecran-cinema-gonflable_03_789863a661.jpg Requested by Host: poxvqv.hidejunkie.com URL: https://poxvqv.hidejunkie.com/k/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 87.98.190.36 , France, ASN16276 (OVH, FR), Reverse DNS oxi90.com Software Apache / Resource Hash `424941efbaa2371cef0515e9c58289ef140b80cc4849a20600405ba126a8e3f1` Request headers Referer https://poxvqv.hidejunkie.com/k/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 18:33:11 GMT Last-Modified Mon, 27 Jul 2020 12:39:35 GMT Server Apache ETag "14c96-5ab6b9d77c581" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 85142
GET H/1.1	200 OK	NEWSLETTER-ecran-cinema-gonflable_04_fbcb4e3aff.jpg oxi90.com/ZRSLMXD43/	69 KB 69 KB	578ms 32ms	Image image/jpeg	87.98.190.36 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://oxi90.com/ZRSLMXD43/NEWSLETTER-ecran-cinema-gonflable_04_fbcb4e3aff.jpg Requested by Host: poxvqv.hidejunkie.com URL: https://poxvqv.hidejunkie.com/k/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 87.98.190.36 , France, ASN16276 (OVH, FR), Reverse DNS oxi90.com Software Apache / Resource Hash `0527518c2339a1afb97979363bd6c3ff78e0a2c9d051d9fdb1e93c1ef1e7b4bf` Request headers Referer https://poxvqv.hidejunkie.com/k/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 18:33:11 GMT Last-Modified Mon, 27 Jul 2020 12:39:35 GMT Server Apache ETag "112f6-5ab6b9d793c81" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 70390
GET H/1.1	200 OK	NEWSLETTER-ecran-cinema-gonflable_05_4c9418c306.jpg oxi90.com/ZRSLMXD43/	17 KB 17 KB	580ms 32ms	Image image/jpeg	87.98.190.36 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://oxi90.com/ZRSLMXD43/NEWSLETTER-ecran-cinema-gonflable_05_4c9418c306.jpg Requested by Host: poxvqv.hidejunkie.com URL: https://poxvqv.hidejunkie.com/k/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 87.98.190.36 , France, ASN16276 (OVH, FR), Reverse DNS oxi90.com Software Apache / Resource Hash `7a9965d39cf8355ef2e2332629e89f8ec34dd74b135e1dcfb6384b8294df9c92` Request headers Referer https://poxvqv.hidejunkie.com/k/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 18:33:11 GMT Last-Modified Mon, 27 Jul 2020 12:39:35 GMT Server Apache ETag "429b-5ab6b9d7a9440" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 17051
GET H/1.1	200 OK	NEWSLETTER-ecran-cinema-gonflable_06_fc856d2d18.jpg oxi90.com/ZRSLMXD43/	11 KB 12 KB	603ms 30ms	Image image/jpeg	87.98.190.36 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://oxi90.com/ZRSLMXD43/NEWSLETTER-ecran-cinema-gonflable_06_fc856d2d18.jpg Requested by Host: poxvqv.hidejunkie.com URL: https://poxvqv.hidejunkie.com/k/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 87.98.190.36 , France, ASN16276 (OVH, FR), Reverse DNS oxi90.com Software Apache / Resource Hash `3ab5357350ea2b0761b07477ff54baa2cd1a62fad70dd8670633e86be79aabac` Request headers Referer https://poxvqv.hidejunkie.com/k/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 14 Jan 2021 18:33:11 GMT Last-Modified Mon, 27 Jul 2020 12:39:35 GMT Server Apache ETag "2df5-5ab6b9d7b6f00" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 11765
GET H/1.1	200 OK	o6.php oxi51.com/	807 B 974 B	121ms 37ms	Image image/gif	212.83.187.44 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://oxi51.com/o6.php?ec=2&l=jYaJsH27dWtm&v=8&i=ZGRolGaXaGhn&e=lKClzJGQlJigoM6gl4+TpMegzpZz0qWV0suaZZ2m Requested by Host: poxvqv.hidejunkie.com URL: https://poxvqv.hidejunkie.com/k/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 212.83.187.44 Saint-Arnoult-en-Yvelines, France, ASN12876 (Online SAS, FR), Reverse DNS u44.oxemis.net Software Apache / Resource Hash `8913bb9aa8725e1d44003609b39a29f5316e167672684efaf096aca11d6cae6b` Request headers Referer https://poxvqv.hidejunkie.com/k/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 Jan 2021 18:33:10 GMT Expires 0 Server Apache Connection close Content-Length 807 Content-Type image/gif

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

oxi51.com
oxi90.com
poxvqv.hidejunkie.com
slf.su.edu.pk
185.165.29.232
212.83.187.44
2606:4700:3034::6812:32cc
87.98.190.36
0527518c2339a1afb97979363bd6c3ff78e0a2c9d051d9fdb1e93c1ef1e7b4bf
0997ed3fa6a7b67f1b0019b270e1eaf78f3cac15d17971787d769bfa8862e352
3ab5357350ea2b0761b07477ff54baa2cd1a62fad70dd8670633e86be79aabac
424941efbaa2371cef0515e9c58289ef140b80cc4849a20600405ba126a8e3f1
588d7315fde1c724b7f673c49c44d524441c8a747f8ed42bbcd2a8b39fd93f04
7a9965d39cf8355ef2e2332629e89f8ec34dd74b135e1dcfb6384b8294df9c92
82e247646446ff0ea15645e683fd2e83e9604d6e6934cb820b30424133fc97b0
8913bb9aa8725e1d44003609b39a29f5316e167672684efaf096aca11d6cae6b
c4261ce5ec30b859c972306de756d06e4c893bb810d333d1bb9bf226789e6c39

poxvqv.hidejunkie.com Open in urlscan Pro 185.165.29.232 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

89 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

338 kBTransfer

335 kBSize

0 Cookies

7 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

Indicators

poxvqv.hidejunkie.com Open in urlscan Pro
185.165.29.232 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

338 kB
Transfer

335 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions