urlscan.io logo urlscan.io
SecurityTrails logo

orientationleave.click Open in urlscan Pro
138.197.140.119  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgA...
Effective URL: http://orientationleave.click/news?q=IP%20provider%20is%20blacklisted!%20OVH%20SAS
Submission: On September 16 via api from BE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 138.197.140.119, located in Toronto, Canada and belongs to DIGITALOCEAN-ASN, US. The main domain is orientationleave.click.
This is the only time orientationleave.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 138.197.140.119 14061 (DIGITALOC...)
1 1 151.101.2.132 54113 (FASTLY)
1 2600:141b:1c0... 20940 (AKAMAI-ASN1)
5 2
Apex Domain
Subdomains		 Transfer
4 orientationleave.click
orientationleave.click
5 KB
2 foxnews.com
feeds.foxnews.com — Cisco Umbrella Rank: 535164
moxie.foxnews.com — Cisco Umbrella Rank: 31480
52 KB
5 2
Domain Requested by
4 orientationleave.click orientationleave.click
1 moxie.foxnews.com
1 feeds.foxnews.com 1 redirects
5 3

This site contains links to these domains. Also see Links.

Domain
www.foxnews.com
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://orientationleave.click/news?q=IP%20provider%20is%20blacklisted!%20OVH%20SAS
Frame ID: ED0931641141372BEFEF3C0E9496D526
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fox News World RSS Feed - remontada.fun

Page URL History Show full URLs

  1. http://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOl... HTTP 307
    https://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOl... HTTP 307
    http://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOl... Page URL
  2. http://orientationleave.click/t/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPO... Page URL
  3. http://orientationleave.click/news?q=IP%20provider%20is%20blacklisted!%20OVH%20SAS Page URL

Page Statistics

5
Requests

0 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

57 kB
Transfer

196 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12 HTTP 307
    https://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12 HTTP 307
    http://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12 Page URL
  2. http://orientationleave.click/t/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12 Page URL
  3. http://orientationleave.click/news?q=IP%20provider%20is%20blacklisted!%20OVH%20SAS Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12 HTTP 307
  • https://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12 HTTP 307
  • http://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12
Request Chain 3
  • https://feeds.foxnews.com/foxnews/world HTTP 301
  • https://moxie.foxnews.com/google-publisher/world.xml

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12
orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/
Redirect Chain
  • http://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12
  • https://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12
  • http://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12
458 B
713 B 		Document
General
Check archive.org
Download Go to
Full URL
http://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12
Protocol
HTTP/1.1
Server
138.197.140.119 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
remontada.fun
Software
/
Resource Hash
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
458
Content-Type
text/html; charset=utf-8
Date
Mon, 16 Sep 2024 10:09:07 GMT
X-Address
gin_throttle_mw_7200000000_167.114.209.103
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
499
X-Ratelimit-Reset
1726484947

Redirect headers

Location
http://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
orientationleave.click/ 		0
261 B 		Other
General
Check archive.org
Download Go to
Full URL
http://orientationleave.click/favicon.ico
Protocol
HTTP/1.1
Server
138.197.140.119 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
remontada.fun
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Mon, 16 Sep 2024 10:09:07 GMT
X-Address
gin_throttle_mw_7200000000_167.114.209.103
X-Ratelimit-Reset
1726484947
X-Ratelimit-Limit
500
Content-Length
0
X-Ratelimit-Remaining
498
Content-Type
text/plain; charset=utf-8
4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12
orientationleave.click/t/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/ 		212 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
http://orientationleave.click/t/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12
Requested by
Host: orientationleave.click
URL: http://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12
Protocol
HTTP/1.1
Server
138.197.140.119 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
remontada.fun
Software
/
Resource Hash
27152b356d906f16056015e48d86c7bf6c09d2229cdb87bc1fc1644decb2e081

Request headers

Referer
http://orientationleave.click/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Length
212
Content-Type
text/html; charset=utf-8
Date
Mon, 16 Sep 2024 10:09:08 GMT
X-Address
gin_throttle_mw_7200000000_167.114.209.103
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
497
X-Ratelimit-Reset
1726484947
Primary Request news
orientationleave.click/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://orientationleave.click/news?q=IP%20provider%20is%20blacklisted!%20OVH%20SAS
Requested by
Host: orientationleave.click
URL: http://orientationleave.click/t/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12
Protocol
HTTP/1.1
Server
138.197.140.119 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
remontada.fun
Software
/
Resource Hash
6dd71a806171d4f46230fb6debbb348556f6b2ca49fdc121b65eb76ee4d108f8

Request headers

Referer
http://orientationleave.click/t/r/jqqlddouvzkbcgusminvzwpebbgtkgvmnrdohtecmxrvcxahvw.YpZIkXGGYPyIXQXmQuTPOOlqrMaJIgjtJQIBzMsPqgAzeILBUT/4axwkd20011JmOv3880pqmvavgjne740181FNQRBSDIILKETLN818XNIJ78711X12
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
text/html; charset=utf-8
Date
Mon, 16 Sep 2024 10:09:10 GMT
Transfer-Encoding
chunked
X-Address
gin_throttle_mw_7200000000_167.114.209.103
X-Ratelimit-Limit
500
X-Ratelimit-Remaining
496
X-Ratelimit-Reset
1726484947
world.xml
moxie.foxnews.com/google-publisher/
Redirect Chain
  • https://feeds.foxnews.com/foxnews/world
  • https://moxie.foxnews.com/google-publisher/world.xml
192 KB
52 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://moxie.foxnews.com/google-publisher/world.xml
Protocol
H2
Server
2600:141b:1c00:986::2313 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c4450a340af24ad96d23b4e899fad2785713b49fb843606ac67c33a2feacd4ad

Request headers

Referer
http://orientationleave.click/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires
Mon, 16 Sep 2024 10:13:50 GMT
date
Mon, 16 Sep 2024 10:09:10 GMT
content-encoding
gzip
x-origin
prod_moxie
x-amz-cf-pop
IAD55-P5
x-amzn-requestid
5e10fa92-64ce-4391-91ac-59d23f12397e
x-amz-apigw-id
eLnGbHhlIAMEpNQ=
content-length
52261
x-served-by
cache-iad-kiad7000170-IAD, cache-iad-kiad7000170-IAD, cache-pdk-kfty2130023-PDK
moxie-version
1.0
x-forwarded-host
moxie.foxnews.com
moxie-uptime
49.91ms
x-timer
S1726481351.570239,VS0,VE1
etag
b2a0a2eea53bd501d6949d488680d546
x-amzn-trace-id
Root=1-66e7b88f-4e17166a24331f2063c8e9f6;Parent=43d37013965ea3db;Sampled=0;lineage=1:c27b69c6:0
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/xml;charset=utf-8
access-control-allow-origin
*
cache-control
must-revalidate, max-age=280
access-control-allow-credentials
false
access-control-max-age
86400
accept-ranges
bytes
x-robots-tag
noindex, nofollow
x-debug-path
/prod/fn/google-publisher/world.xml
x-amz-cf-id
ATwpZ4DBeyZgBD5BvBlP8zWBCpBxCSFPGmg-XJpHUJLUgqj6JFRVNw==
access-control-allow-headers
*
x-cache-hits
0, 0, 1

Redirect headers

date
Mon, 16 Sep 2024 10:09:10 GMT
via
1.1 varnish
x-cache
HIT
content-length
0
x-served-by
cache-yul1970038-YUL
x-timer
S1726481350.370813,VS0,VE0
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,POST,OPTIONS
location
https://moxie.foxnews.com/google-publisher/world.xml
access-control-allow-origin
*
access-control-expose-headers
etag
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
retry-after
0
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: http://orientationleave.click/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)