oblaue.com Open in urlscan Pro
88.208.38.96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cragtwier.click/impxmzmstsroguvxmduptndvbd/69782/?scontext_r=mzan8dye45zz46ngymqhdhkdbp9ysxj2apzrlwerxaa&nrb=1&p...
Effective URL:
https://oblaue.com/play-2_1?h=waWQiOjExMzUwNjksInNpZCI6MTM3NDQ0MSwid2lkIjo2MDk4OTIsInNyYyI6Mn0=eyJ&clickid=6726d318...
Submission: On November 03 via api (November 3rd 2024, 1:34:24 am UTC) from US — Scanned from CA

Summary HTTP 5 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 5 HTTP transactions. The main IP is 88.208.38.96, located in Amsterdam, Netherlands and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is oblaue.com.
TLS certificate: Issued by R11 on August 26th 2024. Valid for: 3 months.

This is the only time oblaue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	212.117.184.188 212.117.184.188	7979 (SERVERS-COM) (SERVERS-COM)
1 1	34.141.179.97 34.141.179.97	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	31.220.27.98 31.220.27.98	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	88.208.38.96 88.208.38.96	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::5647:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2606:4700:303... 2606:4700:3033::ac43:ca6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	5

1 212.117.184.188 (Luxembourg, Luxembourg)

ASN7979 (SERVERS-COM, US)

cragtwier.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.141.179.97 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 97.179.141.34.bc.googleusercontent.com

maroola.aditms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.98 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

yendem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.38.96 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

oblaue.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::5647:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cagrep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:ca6c (United States)

ASN13335 (CLOUDFLARENET, US)

veachy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	veachy.com veachy.com — Cisco Umbrella Rank: 36592	7 KB
1	cagrep.com cagrep.com	101 B
1	oblaue.com oblaue.com	27 KB
1	yendem.com 1 redirects yendem.com	236 B
1	aditms.me 1 redirects maroola.aditms.me — Cisco Umbrella Rank: 483315	366 B
1	cragtwier.click cragtwier.click	2 KB
5	6

	Domain	Requested by
2	veachy.com	oblaue.com veachy.com
1	cagrep.com	oblaue.com
1	oblaue.com	cragtwier.click
1	yendem.com	1 redirects
1	maroola.aditms.me	1 redirects
1	cragtwier.click
5	6

This site contains no links.

Subject Issuer	Validity	Valid
cragtwier.click R10	`2024-10-27` - `2025-01-25`	3 months	crt.sh
oblaue.com R11	`2024-08-26` - `2024-11-24`	3 months	crt.sh
cagrep.com R11	`2024-10-08` - `2025-01-06`	3 months	crt.sh
veachy.com WE1	`2024-09-29` - `2024-12-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://oblaue.com/play-2_1?h=waWQiOjExMzUwNjksInNpZCI6MTM3NDQ0MSwid2lkIjo2MDk4OTIsInNyYyI6Mn0=eyJ&clickid=6726d3181180fa0001414209&si1=692_210580
Frame ID: A42D845F16CB5E7A13E039121A05E402
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Play video

Page URL History Show full URLs

http://cragtwier.click/impxmzmstsroguvxmduptndvbd/69782/?scontext_r=mzan8dye45zz46ngymqhdhkdbp9ysxj... HTTP 307
https://cragtwier.click/impxmzmstsroguvxmduptndvbd/69782/?scontext_r=mzan8dye45zz46ngymqhdhkdbp9ysxj... Page URL
https://maroola.aditms.me/click?pid=692&offer_id=22482&sub2=210580&sub1=BC8893C0-9983-11EF-A53C-D17477... HTTP 302
https://yendem.com/t?h=waWQiOjExMzUwNjksInNpZCI6MTM3NDQ0MSwid2lkIjo2MDk4OTIsInNyYyI6Mn0=eyJ&cli... HTTP 302
https://oblaue.com/play-2_1?h=waWQiOjExMzUwNjksInNpZCI6MTM3NDQ0MSwid2lkIjo2MDk4OTIsInNyYyI6Mn0=... Page URL

Page Statistics

5
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

35 kB
Transfer

73 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cragtwier.click/impxmzmstsroguvxmduptndvbd/69782/?scontext_r=mzan8dye45zz46ngymqhdhkdbp9ysxj2apzrlwerxaa&nrb=1&param_3=nortb_fallback&md=eyj0ysi6ik5vihrvcgljcyisinvhaci6eyjhijoiedg2iiwiyii6ijy0iiwichyioiixns4wljailcj1dii6ijezmc4wljy3mjmunzailcj1bci6w3siyii6iknocm9taxvti...%20312%20...xiivvki6sxfsiybjjio71xf&ab=f4f HTTP 307
https://cragtwier.click/impxmzmstsroguvxmduptndvbd/69782/?scontext_r=mzan8dye45zz46ngymqhdhkdbp9ysxj2apzrlwerxaa&nrb=1&param_3=nortb_fallback&md=eyj0ysi6ik5vihrvcgljcyisinvhaci6eyjhijoiedg2iiwiyii6ijy0iiwichyioiixns4wljailcj1dii6ijezmc4wljy3mjmunzailcj1bci6w3siyii6iknocm9taxvti...%20312%20...xiivvki6sxfsiybjjio71xf&ab=f4f Page URL
https://maroola.aditms.me/click?pid=692&offer_id=22482&sub2=210580&sub1=BC8893C0-9983-11EF-A53C-D1747750AEC7 HTTP 302
https://yendem.com/t?h=waWQiOjExMzUwNjksInNpZCI6MTM3NDQ0MSwid2lkIjo2MDk4OTIsInNyYyI6Mn0=eyJ&clickid=6726d3181180fa0001414209&si1=692_210580 HTTP 302
https://oblaue.com/play-2_1?h=waWQiOjExMzUwNjksInNpZCI6MTM3NDQ0MSwid2lkIjo2MDk4OTIsInNyYyI6Mn0=eyJ&clickid=6726d3181180fa0001414209&si1=692_210580 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://cragtwier.click/impxmzmstsroguvxmduptndvbd/69782/?scontext_r=mzan8dye45zz46ngymqhdhkdbp9ysxj2apzrlwerxaa&nrb=1&param_3=nortb_fallback&md=eyj0ysi6ik5vihrvcgljcyisinvhaci6eyjhijoiedg2iiwiyii6ijy0iiwichyioiixns4wljailcj1dii6ijezmc4wljy3mjmunzailcj1bci6w3siyii6iknocm9taxvti...%20312%20...xiivvki6sxfsiybjjio71xf&ab=f4f HTTP 307
https://cragtwier.click/impxmzmstsroguvxmduptndvbd/69782/?scontext_r=mzan8dye45zz46ngymqhdhkdbp9ysxj2apzrlwerxaa&nrb=1&param_3=nortb_fallback&md=eyj0ysi6ik5vihrvcgljcyisinvhaci6eyjhijoiedg2iiwiyii6ijy0iiwichyioiixns4wljailcj1dii6ijezmc4wljy3mjmunzailcj1bci6w3siyii6iknocm9taxvti...%20312%20...xiivvki6sxfsiybjjio71xf&ab=f4f

5 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
cragtwier.click/impxmzmstsroguvxmduptndvbd/69782/
Redirect Chain

http://cragtwier.click/impxmzmstsroguvxmduptndvbd/69782/?scontext_r=mzan8dye45zz46ngymqhdhkdbp9ysxj2apzrlwerxaa&nrb=1&param_3=nortb_fallback&md=eyj0ysi6ik5vihrvcgljcyisinvhaci6eyjhijoiedg2iiwiyii6i...
https://cragtwier.click/impxmzmstsroguvxmduptndvbd/69782/?scontext_r=mzan8dye45zz46ngymqhdhkdbp9ysxj2apzrlwerxaa&nrb=1&param_3=nortb_fallback&md=eyj0ysi6ik5vihrvcgljcyisinvhaci6eyjhijoiedg2iiwiyii6...

688 B
2 KB

791ms
142ms

Document
text/html

212.117.184.188
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL

https://cragtwier.click/impxmzmstsroguvxmduptndvbd/69782/?scontext_r=mzan8dye45zz46ngymqhdhkdbp9ysxj2apzrlwerxaa&nrb=1&param_3=nortb_fallback&md=eyj0ysi6ik5vihrvcgljcyisinvhaci6eyjhijoiedg2iiwiyii6ijy0iiwichyioiixns4wljailcj1dii6ijezmc4wljy3mjmunzailcj1bci6w3siyii6iknocm9taxvti...%20312%20...xiivvki6sxfsiybjjio71xf&ab=f4f

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

212.117.184.188 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 03 Nov 2024 01:34:15 GMT
Keep-Alive: timeout=20
Server: nginx
Strict-Transport-Security: max-age=1
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

Redirect headers

Location: https://cragtwier.click/impxmzmstsroguvxmduptndvbd/69782/?scontext_r=mzan8dye45zz46ngymqhdhkdbp9ysxj2apzrlwerxaa&nrb=1&param_3=nortb_fallback&md=eyj0ysi6ik5vihrvcgljcyisinvhaci6eyjhijoiedg2iiwiyii6ijy0iiwichyioiixns4wljailcj1dii6ijezmc4wljy3mjmunzailcj1bci6w3siyii6iknocm9taxvti...%20312%20...xiivvki6sxfsiybjjio71xf&ab=f4f
Non-Authoritative-Reason: HttpsUpgrades

GET
H2

200

Primary Request play-2_1 Show response
oblaue.com/
Redirect Chain

https://maroola.aditms.me/click?pid=692&offer_id=22482&sub2=210580&sub1=BC8893C0-9983-11EF-A53C-D1747750AEC7
https://yendem.com/t?h=waWQiOjExMzUwNjksInNpZCI6MTM3NDQ0MSwid2lkIjo2MDk4OTIsInNyYyI6Mn0=eyJ&clickid=6726d3181180fa0001414209&si1=692_210580
https://oblaue.com/play-2_1?h=waWQiOjExMzUwNjksInNpZCI6MTM3NDQ0MSwid2lkIjo2MDk4OTIsInNyYyI6Mn0=eyJ&clickid=6726d3181180fa0001414209&si1=692_210580

45 KB
27 KB

793ms
241ms

Document
text/html

88.208.38.96
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oblaue.com/play-2_1?h=waWQiOjExMzUwNjksInNpZCI6MTM3NDQ0MSwid2lkIjo2MDk4OTIsInNyYyI6Mn0=eyJ&clickid=6726d3181180fa0001414209&si1=692_210580
Requested by: Host: cragtwier.click
URL: https://cragtwier.click/impxmzmstsroguvxmduptndvbd/69782/?scontext_r=mzan8dye45zz46ngymqhdhkdbp9ysxj2apzrlwerxaa&nrb=1&param_3=nortb_fallback&md=eyj0ysi6ik5vihrvcgljcyisinvhaci6eyjhijoiedg2iiwiyii6ijy0iiwichyioiixns4wljailcj1dii6ijezmc4wljy3mjmunzailcj1bci6w3siyii6iknocm9taxvti...%20312%20...xiivvki6sxfsiybjjio71xf&ab=f4f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 88.208.38.96 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.25.0 /
Resource Hash: 94b5474931e7b282194bd8e01f84a5d4b9bfbdae8a2a0192e8722cc12d260dea

Request headers

Referer: https://cragtwier.click/impxmzmstsroguvxmduptndvbd/69782/?scontext_r=mzan8dye45zz46ngymqhdhkdbp9ysxj2apzrlwerxaa&nrb=1&param_3=nortb_fallback&md=eyj0ysi6ik5vihrvcgljcyisinvhaci6eyjhijoiedg2iiwiyii6ijy0iiwichyioiixns4wljailcj1dii6ijezmc4wljy3mjmunzailcj1bci6w3siyii6iknocm9taxvti...%20312%20...xiivvki6sxfsiybjjio71xf&ab=f4f
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 03 Nov 2024 01:34:19 GMT
server: nginx/1.25.0
vary: Accept-Encoding
x-zone: eu4

Redirect headers

cache-control: no-cache
content-type: text/html; charset=UTF-8
date: Sun, 03 Nov 2024 01:34:18 GMT
location: https://oblaue.com/play-2_1?h=waWQiOjExMzUwNjksInNpZCI6MTM3NDQ0MSwid2lkIjo2MDk4OTIsInNyYyI6Mn0=eyJ&clickid=6726d3181180fa0001414209&si1=692_210580
max-age: 0
server: nginx/1.25.0
x-zone: eu

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b519e1bcbc35079ef50aaab895842ea026611d673b3dfa5b58b3cb4dcf36e26

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cc71c138bb1363b0d6769a2a368cd590b4f18a7931d1bc5968d4e8ec2bc472e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0dd767b3353fd502f36d093ee6d2949bab4bd8f6721d13f9ab54d1363104c9ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 344538d5d7aceea8552c80c60c98e0e9719ddfc1523f5e9d9a72b1444c468fbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9f2b44919d7146b281a69a55ca6b6ca6dcedcc990f646879b5d721dc7f1a391

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b538e36bb0bfd3ab7a1c0b0c76df0fbd24aefceb51e0edfc34bc9a6292d7850

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 914 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9eda24c37eff6d4792c314e045f6123d52fdabc8cd266eff0647666aed59ca2e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/webp

GET
H2 200 rpe Show response
cagrep.com/ 0
101 B 793ms
386ms XHR
text/plain 2a02:b4a:1:7::5647:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cagrep.com/rpe?a=1&s=1&act=17&src=2&p=1135069&st=1374441&wd=609892&d=oblaue.com&tpl=78&rnd=0.9056592762129738&sbid=692_210580&sbid2=
Requested by: Host: oblaue.com
URL: https://oblaue.com/play-2_1?h=waWQiOjExMzUwNjksInNpZCI6MTM3NDQ0MSwid2lkIjo2MDk4OTIsInNyYyI6Mn0=eyJ&clickid=6726d3181180fa0001414209&si1=692_210580
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::5647:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://oblaue.com/

Response headers

access-control-allow-origin: *
content-length: 0
date: Sun, 03 Nov 2024 01:34:20 GMT
accept-ch: Sec-CH-UA-Platform-Version
server: nginx/1.18.0

GET
H2 200 sdk.js Show response
veachy.com/v1/ 13 KB
6 KB 617ms
304ms Script
application/javascript 2606:4700:3033::ac43:ca6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://veachy.com/v1/sdk.js?h=waWQiOjExMzUwNjksInNpZCI6MTM3NDQ0MSwid2lkIjo2MDk4OTIsInNyYyI6MiwicG0iOjJ9eyJ&d=oblaue.com&tpl=78&pbd=iOjExMzUwNjksInNpZCI6MTM3NDQ0MSwid2lkIjo2MDk4OTIsImNsaWNraWQiOiI2NzI2ZDMxODExODBmYTAwMDE0MTQyMDkiLCJzaTEiOiI2OTJfMjEwNTgwIn0=eyJwaWQ
Requested by: Host: oblaue.com
URL: https://oblaue.com/play-2_1?h=waWQiOjExMzUwNjksInNpZCI6MTM3NDQ0MSwid2lkIjo2MDk4OTIsInNyYyI6Mn0=eyJ&clickid=6726d3181180fa0001414209&si1=692_210580
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:ca6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9625843f5a789d1862dc59a8bb2853e92cab6111b9668585b62031ff20fed290

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://oblaue.com/

Response headers

cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"ktF2ObCnKHP6eGLQ2pCDd4E7dtg"
x-zone: eu
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zBTYFeE6HGjm6PHulXplVVvS7fHvUwiVdf1rW3m96NO1%2FZLiPNmDEu0f%2BgfFBrfYRkoU26gJESOA515t3cN9Msq1DA0N13eHl7wUgP2YjTLD8fP5QuQyfpxSajM1%2FN0yDTWb0Wiz4xGF"}],"group":"cf-nel","max_age":604800}
cf-ray: 8dc89f0e3edf43c2-EWR
access-control-allow-origin: https://oblaue.com
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=22899&sent=7&recv=9&lost=0&retrans=0&sent_bytes=4003&recv_bytes=2442&delivery_rate=239268&cwnd=245&unsent_bytes=0&cid=4d1e3042dc1dfe35&ts=249&x=0"
date: Sun, 03 Nov 2024 01:34:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

GET
H2 200 fp.js Show response
veachy.com/ 1 KB
1 KB 388ms
387ms Script
application/javascript 2606:4700:3033::ac43:ca6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://veachy.com/fp.js?d=oblaue.com
Requested by: Host: veachy.com
URL: https://veachy.com/v1/sdk.js?h=waWQiOjExMzUwNjksInNpZCI6MTM3NDQ0MSwid2lkIjo2MDk4OTIsInNyYyI6MiwicG0iOjJ9eyJ&d=oblaue.com&tpl=78&pbd=iOjExMzUwNjksInNpZCI6MTM3NDQ0MSwid2lkIjo2MDk4OTIsImNsaWNraWQiOiI2NzI2ZDMxODExODBmYTAwMDE0MTQyMDkiLCJzaTEiOiI2OTJfMjEwNTgwIn0=eyJwaWQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:ca6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863592d0201e81db62794cd2d3138712d6c64afde763173ea72c12bd6845b6c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://oblaue.com/

Response headers

content-encoding: gzip
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NUnrD91PeaxggetdCfP4cCPAeI1mtRlRvSvLZCqh6ACXMtPbxlpvWSaOrOwKOA6xjr6829Rwpzp1LZliElh2whKoFJU3UDEqb1M74ZARiGOARy1jf5IcXG3AjIpTWq8gIRWiyhkA0321"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21542&sent=15&recv=12&lost=0&retrans=0&sent_bytes=9905&recv_bytes=2506&delivery_rate=555490&cwnd=248&unsent_bytes=0&cid=4d1e3042dc1dfe35&ts=545&x=0"
date: Sun, 03 Nov 2024 01:34:20 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 03 Nov 2024 01:34:20 GMT
cache-control: max-age=14400
max-age: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-zone: eu
cf-ray: 8dc89f1018df43c2-EWR
access-control-allow-origin: https://oblaue.com
server: cloudflare

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cragtwier.click/	1970-01-21 00:44:44	Name: GL_UI4 Value: eJw9jVtugzAQRSFgkrSBdiQW0CVAns1nld%2FuwTLjgbgBT2Qc0u6%2BbqX26z50dG8URbPyCeIpW0JyUzt4oUOF1f74ut8S1kjUHnbrDa4Rj822blHD0ozSq6Ynn8JiHJTz0k8prDqy5AxKZE05PAfqr7lYvtsUROOU1TmIIRB9DvPG8X0kVyaQWjUQZKez46BiUB%2FsIKk3VfDGBh9XMOOxTIoHEO%2FG3j6LVRYVRRbB47VXvmU3SKNDFJ1TmiB%2BgwUqTx27L5hrGi%2BerwDca%2FnP%2F36K%2FmcNMk2TwRDZn8l9Ayg%2FTvw%3D
cragtwier.click/	1970-01-21 00:44:44	Name: GL_GI10 Value: eJwtykEKwjAQBdDMIFFRFx97AE%2BQtgG717jURfEEaTpIIaQlrZ5fF24fTynFxR48TDjUTWMqY6uzsbYGvcDuAg4J2vnkew%2FK4NaB84%2Fat3QSQAGbx5iWLD6CBuyuEuPp%2FznN2DrfRSlvzzto0gq8jOsVeO4LBfro4xe4jhva
cragtwier.click/	1970-01-21 02:09:41	Name: cvn1 Value: CwaAAAAAAhQBCgAWlo4GAQM%3D
cragtwier.click/	1970-01-21 00:44:44	Name: GL_BC Value: eJxjYGBgEmEU5EyKNzSxMDA2NhFh5EpXuyzOxggAK0gD9w%3D%3D
cragtwier.click/	1970-01-21 00:44:44	Name: GL_CA_69782 Value: eJxjYGBgEmHkYhAJeSXCJMiYzMYoyFjCla52WRwAJnQEDQ%3D%3D
cragtwier.click/	1970-01-21 00:44:44	Name: GL_OC Value: eJxjYGBgEmEUZMmPNzQVYeRKV7sszsYIABjgAv4%3D
maroola.aditms.me/	1970-01-21 09:28:53	Name: afclick Value: 6726d3181180fa0001414209
maroola.aditms.me/	1970-01-21 09:28:53	Name: afoffers Value: {"22482":1730597656}
.oblaue.com/	1970-01-21 00:44:44	Name: truniq Value: 1
.oblaue.com/	1970-01-21 09:28:53	Name: prompt Value: 1
.oblaue.com/	1970-01-21 00:53:22	Name: ufp2 Value: 78b688a1686820868e2996ace166c0674aaabc83

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cagrep.com
cragtwier.click
maroola.aditms.me
oblaue.com
veachy.com
yendem.com
212.117.184.188
2606:4700:3033::ac43:ca6c
2a02:b4a:1:7::5647:1
31.220.27.98
34.141.179.97
88.208.38.96
0dd767b3353fd502f36d093ee6d2949bab4bd8f6721d13f9ab54d1363104c9ca
1b519e1bcbc35079ef50aaab895842ea026611d673b3dfa5b58b3cb4dcf36e26
344538d5d7aceea8552c80c60c98e0e9719ddfc1523f5e9d9a72b1444c468fbe
5b538e36bb0bfd3ab7a1c0b0c76df0fbd24aefceb51e0edfc34bc9a6292d7850
7cc71c138bb1363b0d6769a2a368cd590b4f18a7931d1bc5968d4e8ec2bc472e
863592d0201e81db62794cd2d3138712d6c64afde763173ea72c12bd6845b6c5
94b5474931e7b282194bd8e01f84a5d4b9bfbdae8a2a0192e8722cc12d260dea
9625843f5a789d1862dc59a8bb2853e92cab6111b9668585b62031ff20fed290
9eda24c37eff6d4792c314e045f6123d52fdabc8cd266eff0647666aed59ca2e
a9f2b44919d7146b281a69a55ca6b6ca6dcedcc990f646879b5d721dc7f1a391
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

oblaue.com Open in urlscan Pro 88.208.38.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

35 kBTransfer

73 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

11 Cookies

Security Headers

Indicators

oblaue.com Open in urlscan Pro
88.208.38.96 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

35 kB
Transfer

73 kB
Size

11
Cookies

5 HTTP transactions
7 data transactions