urlscan.io logo urlscan.io
SecurityTrails logo

birdhouiu.com Open in urlscan Pro
172.67.163.75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://storage.googleapis.com/trap4ou01/t01trxin.html#/4rpKsF11869nWJm164htlbqxaujj13820DLQFJTVZDMLDMQJ14082/4232Z18
Effective URL: https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892
Submission: On August 28 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 20 HTTP transactions. The main IP is 172.67.163.75, located in and belongs to . The main domain is birdhouiu.com.
TLS certificate: Issued by GTS CA 1P5 on August 16th 2023. Valid for: 3 months.
This is the only time birdhouiu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    172.217.13.144 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s05-in-f16.1e100.net
storage.googleapis.com
2    185.80.128.14 (Lithuania)

ASN61053 (VPSNET-AS, LT)
PTR: sequinrzfi.entasrum.com
185.80.128.14
1    185.8.60.86 (Latvia)

ASN58269 (AS-CLOUDHOSTING, LV)
PTR: vps-60-86.cloudhosting.lv
hockian.com
1    15.204.234.122 (Reston, United States)

ASN16276 (OVH, FR)
PTR: vps-89a19c84.vps.ovh.us
embrypi.com
6    172.67.163.75 (None, )

ASN- ()
birdhouiu.com
1    104.18.23.52 (None, )

ASN- ()
kit.fontawesome.com
3    172.64.130.9 (None, )

ASN- ()
ka-f.fontawesome.com
1    172.217.13.138 (None, )

ASN- ()
fonts.googleapis.com
1    172.67.177.88 (None, )

ASN- ()
virtualpushplatform.com
1    45.55.126.207 (None, )

ASN- ()
beacon.birdhouiu.com
Domain Requested by
6 birdhouiu.com hockian.com
birdhouiu.com
3 ka-f.fontawesome.com kit.fontawesome.com
1 beacon.birdhouiu.com birdhouiu.com
1 virtualpushplatform.com birdhouiu.com
1 fonts.googleapis.com birdhouiu.com
1 kit.fontawesome.com birdhouiu.com
1 embrypi.com 1 redirects
1 hockian.com 185.80.128.14
1 storage.googleapis.com
0 pushvisit.xyz Failed virtualpushplatform.com
20 10

This site contains no links.

Subject Issuer Validity Valid
storage.googleapis.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
hockian.com
Go Daddy Secure Certificate Authority - G2		 2023-06-10 -
2024-07-11		 a year crt.sh
birdhouiu.com
GTS CA 1P5		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-22 -
2023-12-23		 a year crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2023-07-13 -
2023-10-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-14 -
2024-02-13		 a year crt.sh
beacon.birdhouiu.com
R3		 2023-08-18 -
2023-11-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892
Frame ID: 980ADDF0103E6AF1FCB0C9956485BF3D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://storage.googleapis.com/trap4ou01/t01trxin.html Page URL
  2. http://185.80.128.14//4rpKsF11869nWJm164htlbqxaujj13820DLQFJTVZDMLDMQJ14082/4232Z18 Page URL
  3. http://185.80.128.14/t//4rpKsF11869nWJm164htlbqxaujj13820DLQFJTVZDMLDMQJ14082/4232Z18 Page URL
  4. https://hockian.com/100e5c1c8627324a800/18/164-11869/13820-14082-4232 Page URL
  5. https://embrypi.com/r/77de1c91-6ff3-421b-a500-054b004a19c5/473892/1398825970/18 HTTP 302
    https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js

Page Statistics

20
Requests

75 %
HTTPS

0 %
IPv6

7
Domains

10
Subdomains

10
IPs

3
Countries

531 kB
Transfer

1483 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/trap4ou01/t01trxin.html Page URL
  2. http://185.80.128.14//4rpKsF11869nWJm164htlbqxaujj13820DLQFJTVZDMLDMQJ14082/4232Z18 Page URL
  3. http://185.80.128.14/t//4rpKsF11869nWJm164htlbqxaujj13820DLQFJTVZDMLDMQJ14082/4232Z18 Page URL
  4. https://hockian.com/100e5c1c8627324a800/18/164-11869/13820-14082-4232 Page URL
  5. https://embrypi.com/r/77de1c91-6ff3-421b-a500-054b004a19c5/473892/1398825970/18 HTTP 302
    https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://beacon.birdhouiu.com/g2/ef1b7a09-70d0-47e7-bdb1-3cbabfbc66b9?aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892&item=BT5M HTTP 302
  • https://beacon.birdhouiu.com/s/88a36a10-489a-461e-82dd-7fe8a0397572?&requestid=zVtEo1Z7wk&destinationid=596291801&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892&item=BT5M

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
t01trxin.html
storage.googleapis.com/trap4ou01/ 		243 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/trap4ou01/t01trxin.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.144 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f16.1e100.net
Software
UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-length
243
content-type
text/html
date
Mon, 28 Aug 2023 21:18:51 GMT
etag
"229b917f62c46b83b00af6b9788457ab"
expires
Mon, 28 Aug 2023 22:18:51 GMT
last-modified
Thu, 04 May 2023 23:29:31 GMT
server
UploadServer
x-goog-generation
1683242971421846
x-goog-hash
crc32c=gsGi+g== md5=IpuRf2LEa4OwCva5eIRXqw==
x-goog-metageneration
2
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
243
x-guploader-uploadid
ADPycduSMMzcgkoar3_VKHnbfA6af2v6X-h_NhHiSNFq_ZPAP3cZRpAyR3DYkG-0MRkYsizDIuFu6a4rj7Lh8GNLVIg6k0_2n93U
4232Z18
185.80.128.14//4rpKsF11869nWJm164htlbqxaujj13820DLQFJTVZDMLDMQJ14082/ 		458 B
575 B 		Document
General
Check archive.org
Download Go to
Full URL
http://185.80.128.14//4rpKsF11869nWJm164htlbqxaujj13820DLQFJTVZDMLDMQJ14082/4232Z18
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/trap4ou01/t01trxin.html
Protocol
HTTP/1.1
Server
185.80.128.14 , Lithuania, ASN61053 (VPSNET-AS, LT),
Reverse DNS
sequinrzfi.entasrum.com
Software
/
Resource Hash
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
458
Content-Type
text/html; charset=utf-8
Date
Mon, 28 Aug 2023 21:18:52 GMT
4232Z18
185.80.128.14/t//4rpKsF11869nWJm164htlbqxaujj13820DLQFJTVZDMLDMQJ14082/ 		264 B
381 B 		Document
General
Check archive.org
Download Go to
Full URL
http://185.80.128.14/t//4rpKsF11869nWJm164htlbqxaujj13820DLQFJTVZDMLDMQJ14082/4232Z18
Requested by
Host: 185.80.128.14
URL: http://185.80.128.14//4rpKsF11869nWJm164htlbqxaujj13820DLQFJTVZDMLDMQJ14082/4232Z18
Protocol
HTTP/1.1
Server
185.80.128.14 , Lithuania, ASN61053 (VPSNET-AS, LT),
Reverse DNS
sequinrzfi.entasrum.com
Software
/
Resource Hash
6f1ff296b558b9c4879fb0083a0233534e4b9c55420bff77601ef971d813241c

Request headers

Referer
http://185.80.128.14//4rpKsF11869nWJm164htlbqxaujj13820DLQFJTVZDMLDMQJ14082/4232Z18
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
264
Content-Type
text/html; charset=utf-8
Date
Mon, 28 Aug 2023 21:18:53 GMT
13820-14082-4232
hockian.com/100e5c1c8627324a800/18/164-11869/ 		142 B
436 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hockian.com/100e5c1c8627324a800/18/164-11869/13820-14082-4232
Requested by
Host: 185.80.128.14
URL: http://185.80.128.14/t//4rpKsF11869nWJm164htlbqxaujj13820DLQFJTVZDMLDMQJ14082/4232Z18
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.8.60.86 , Latvia, ASN58269 (AS-CLOUDHOSTING, LV),
Reverse DNS
vps-60-86.cloudhosting.lv
Software
Apache /
Resource Hash

Request headers

Referer
http://185.80.128.14/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
142
Content-Type
text/html; charset=UTF-8
Date
Mon, 28 Aug 2023 21:18:55 GMT
Server
Apache
Primary Request 0
birdhouiu.com/sf/tpl26/
Redirect Chain
  • https://embrypi.com/r/77de1c91-6ff3-421b-a500-054b004a19c5/473892/1398825970/18
  • https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892
Requested by
Host: hockian.com
URL: https://hockian.com/100e5c1c8627324a800/18/164-11869/13820-14082-4232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.75 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
76d0c7c4f3262bb5bb299186d4d95875e556d29f9120e3973ede5a6ab3b9e098

Request headers

Referer
https://hockian.com/100e5c1c8627324a800/18/164-11869/13820-14082-4232
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7fdf96efae1ca20e-YYZ
content-encoding
br
content-type
text/html
date
Mon, 28 Aug 2023 21:18:55 GMT
last-modified
Thu, 06 Jul 2023 21:17:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFrxlMbSo4K6rT%2Bhfq%2Bj54VUhgvl2VhXsnzzDCvm6q3HbmCkBj9%2BzJTbiZMVviPfR9fY5qRC4B4zb7qhT9N8k8WHIjIQBkKsS2xLioTzlNyBNWn12dD%2FgE%2BG4XCBbXga"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
135
Date
Mon, 28 Aug 2023 21:18:55 GMT
Expires
Mon, 28 Aug 2023 21:18:55 GMT
Location
https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892
Server
nginx
access-control-allow-methods
GET, HEAD, OPTIONS, POST, PUT
access-control-allow-origin
null
access-control-max-age
1800
268a7048dd.js
kit.fontawesome.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/268a7048dd.js
Requested by
Host: birdhouiu.com
URL: https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.23.52 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7e749dcd41c25e4176a25cce76820a0287c7506c9e27467675ce07369c21c8bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://birdhouiu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 21:18:56 GMT
strict-transport-security
max-age=31536000; preload
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
29
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=60, public, must-revalidate
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray
7fdf96f12c1436b5-YYZ
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F3a06wLZe5AxK-UAAh0n
bundle.c85f704dd111d71d28c3.css
birdhouiu.com/sf/tpl26/ 		68 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://birdhouiu.com/sf/tpl26/bundle.c85f704dd111d71d28c3.css?t=1688678189596
Requested by
Host: birdhouiu.com
URL: https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.75 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
96feebe10d8e4a432e6e250c4985931b1076339754eea40be688e7ea916b671d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 21:18:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 06 Jul 2023 21:17:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64a72f68-11138"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Uj7u85GVwQlHJ8ybeSo6uDO0rOtbGDT0p0yk25HVBfUe%2Bq%2BSL%2F0Z5l8uf%2BRMfrSmf5MPmBi5%2FAgcpcRqYLlRKkAVcQ00qTbenNLDZXHzgOMJABUnnnP1H5wol%2Fd3FiA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
7fdf96f04ecba20e-YYZ
alt-svc
h3=":443"; ma=86400
expires
Tue, 27 Aug 2024 21:18:56 GMT
logo.png
birdhouiu.com/sf/tpl26/public/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://birdhouiu.com/sf/tpl26/public/logo.png
Requested by
Host: birdhouiu.com
URL: https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.75 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b7629b5a48ad04fe5455caeaa36ea515a099f099c23f13cb28631137bbcbd879

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 21:18:57 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jul 2023 21:17:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64a72f68-f025"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4Yh64zUeFCSq3QbkjmoWnoogGC2IbDO5SOYUUm16jUmX0vb1NBjTNKWSDGSnatez8tfe9IYeOpFvUXKXemUwC6%2BkmGfFoEbseVub%2FgWR5vonIEP2vh5jj8uydxmVuEU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7fdf96f05ee5a20e-YYZ
alt-svc
h3=":443"; ma=86400
content-length
61477
expires
Tue, 27 Aug 2024 21:18:56 GMT
Preloader.gif
birdhouiu.com/sf/tpl26/public/ 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://birdhouiu.com/sf/tpl26/public/Preloader.gif
Requested by
Host: birdhouiu.com
URL: https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.75 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
9922d8b1a5db03886f879c834f0bd8fd9ecb4a594042290182046bc68586b9b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 21:18:56 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jul 2023 21:17:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64a72f68-2bb41"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EeGk%2BmlDjou9juPP%2BjKm4r0o1HnTZiyfRv3IODgktTx1URjRpDIPtb9RRCNXJtMSGLUIFdRmxfcYrF3sPI5BTMWGoDZcgV87w0XBEQpB%2BBhZwbe4WyOR4yuNuvmbDNdw"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
7fdf96f05ee8a20e-YYZ
alt-svc
h3=":443"; ma=86400
content-length
179009
expires
Tue, 27 Aug 2024 21:18:56 GMT
11.c37298dd.chunk.js
birdhouiu.com/sf/tpl26/js/ 		360 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://birdhouiu.com/sf/tpl26/js/11.c37298dd.chunk.js
Requested by
Host: birdhouiu.com
URL: https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.75 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3d157039aa107eb7f4c9afa698f2ade4741776320f72471e238094e0cca01461

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 21:18:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 06 Jul 2023 21:17:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64a72f68-5a020"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edc8ZRf%2FTb3MwOWlasF10GBQfHUgQOT%2FdL%2BrP29YKcVkASZnChb0FmWcqTRhqIk1eZ7O%2F50AiE5ua4MGMbFg4f0l1Cr5doWijmlw1XZma9rrg95jIoPkWKMdUfoN7ZUm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7fdf96f05ee0a20e-YYZ
alt-svc
h3=":443"; ma=86400
expires
Tue, 27 Aug 2024 21:18:56 GMT
app.3488736e.js
birdhouiu.com/sf/tpl26/js/ 		706 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://birdhouiu.com/sf/tpl26/js/app.3488736e.js
Requested by
Host: birdhouiu.com
URL: https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.163.75 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
70aee248dec740b86acf892097a9d3c5d98a32afeb4c1b89d8d54580f9f3bc05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://birdhouiu.com/sf/tpl26/0?item=BT5M&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 21:18:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 06 Jul 2023 21:17:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64a72f68-b0766"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBenuAFTPf3yUcvyx%2BBUXgT5szf1KbX58e%2BN6EPYH50HTZFcpc4kEWEgxRn92eBr8Txx7Yx5KsCA3W9WIgHXt2hVXUXqTuJkjoYhsH93GkzYwbVDYT0KyDhy2ZVwKt7a"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7fdf96f05ee2a20e-YYZ
alt-svc
h3=":443"; ma=86400
expires
Tue, 27 Aug 2024 21:18:56 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.130.9 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://birdhouiu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 21:18:56 GMT
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
111172
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKPJZYB9Uh1XJ0vL%2BfSR2kC6mKk0JDXuxeMmLGFKJubYVO%2BTkMk6FdfLqHjtaUwIdGyrZIk%2BONlolhUegsUESDwtfkRc6%2FcZOls0E57H1UVpazrAsh4KYBXjvbwCSSjYE5Y7g1buFg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7fdf96f2da4c42c6-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
rbXeaZcNx0LDoZGivTHM_baSNcApG4_y153WmcGLtCLfUQgoy-A0lw==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.130.9 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://birdhouiu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 21:18:56 GMT
via
1.1 7c10de2006b7b1d4ae37bbcf905eecd6.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
111172
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVKSzVNlY4S1FXphHEVXDZgOX9cPFoOEX0T%2BCgW1NV3iWumKSMQD1nzwx3gP3UpOyupNcJvOTXZJWy67K57Gl%2FJI5DJ0egPBs2PgcHdBhotJmZhk6G89YTlmx1T9i9luUm%2FDVCpJqA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7fdf96f2da5042c6-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
BDqOYA0Kwf9BEQDCiHdipM0IrGExZJprjdxvZSU6a3y1AkdKajXJOw==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=268a7048dd
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/268a7048dd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.130.9 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://birdhouiu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 21:18:56 GMT
via
1.1 39947baba82573c8d139cba81c505476.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
JFK50-P8
age
111172
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NUPqHMFHYUONgXtgJK3wFjNK8lnWLwjN2qbXGpsFop34Wd4RwajGHvcZrOmnyUCyc1nVlgKhf0UdgztvF8IAfyhpWdYd%2BQ9YbL%2BFikTbPMhMAnnznS%2BoV3xXItEW1Tj9PYnehxfWtA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
7fdf96f2da5242c6-EWR
access-control-allow-headers
fa-kit-token
x-amz-cf-id
r9uuM7DCyLMS1uYOlRGO05HQo9usNvG4BPRLHXsSFjNF_xZZTiDw4w==
css2
fonts.googleapis.com/ 		2 KB
849 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@400;700;900&display=swap
Requested by
Host: birdhouiu.com
URL: https://birdhouiu.com/sf/tpl26/bundle.c85f704dd111d71d28c3.css?t=1688678189596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
0cee972f52f443216ed569505738e89b08925201f31b5d7a51783ee9a0dcc785
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://birdhouiu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Aug 2023 21:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 20:20:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Aug 2023 21:18:56 GMT
ace-push.js
virtualpushplatform.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://virtualpushplatform.com/ace-push.js
Requested by
Host: birdhouiu.com
URL: https://birdhouiu.com/sf/tpl26/js/app.3488736e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.177.88 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
5b7b38d49ff538ea30f98de682751d8edd607525a9f204564ed9353f6e678d06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://birdhouiu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 21:18:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4228
cf-polished
origSize=13415
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Aug 2023 15:12:14 GMT
server
cloudflare
etag
W/"1d9d0540989ef67"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFvGl5bSV94TBrTHdw99%2BHd7ftvDTpSAxKWKkY%2BNiVvgh%2FzI9fzn5%2FKRSrFIWOQ4VydDfTUoH3xI9uJLFTs%2BF%2FcKjI0pcgXFvqNu113JG5tNBQd1iVRuWqwmFVq%2FktyBZvr93MV6R85zYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=3600
cf-ray
7fdf96f89f08a1e1-YYZ
summary
beacon.birdhouiu.com/geo/ 		116 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://beacon.birdhouiu.com/geo/summary
Requested by
Host: birdhouiu.com
URL: https://birdhouiu.com/sf/tpl26/js/11.c37298dd.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.55.126.207 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
0fcbd009528c24225e41d3ad65f43987027e0d9f56d495a266c51cec95b1784a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://birdhouiu.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 21:18:57 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PATCH, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin, Accept, Cache-Control, If-Modified-Since, Keep-Alive, Range, DNT, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization
88a36a10-489a-461e-82dd-7fe8a0397572
beacon.birdhouiu.com/s/
Redirect Chain
  • https://beacon.birdhouiu.com/g2/ef1b7a09-70d0-47e7-bdb1-3cbabfbc66b9?aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892&item=BT5M
  • https://beacon.birdhouiu.com/s/88a36a10-489a-461e-82dd-7fe8a0397572?&requestid=zVtEo1Z7wk&destinationid=596291801&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892&item=BT5M
0
0
visit
pushvisit.xyz/api/v1/ 		0
0
visit
pushvisit.xyz/api/v1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
beacon.birdhouiu.com
URL
https://beacon.birdhouiu.com/s/88a36a10-489a-461e-82dd-7fe8a0397572?&requestid=zVtEo1Z7wk&destinationid=596291801&aff_click_id=e9224313-188e-4a12-a509-6a41fdd89957&aff_sub=NOA3_473892&item=BT5M
Domain
pushvisit.xyz
URL
https://pushvisit.xyz/api/v1/visit
Domain
pushvisit.xyz
URL
https://pushvisit.xyz/api/v1/visit

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

1 Cookies

Domain/Path Name / Value
hockian.com/ Name: uid22169
Value: 1398825970-20230828161855-6141d83686f5f62e13469eff55914c9b-

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.birdhouiu.com
birdhouiu.com
embrypi.com
fonts.googleapis.com
hockian.com
ka-f.fontawesome.com
kit.fontawesome.com
pushvisit.xyz
storage.googleapis.com
virtualpushplatform.com
beacon.birdhouiu.com
pushvisit.xyz
104.18.23.52
15.204.234.122
172.217.13.138
172.217.13.144
172.64.130.9
172.67.163.75
172.67.177.88
185.8.60.86
185.80.128.14
45.55.126.207
0cee972f52f443216ed569505738e89b08925201f31b5d7a51783ee9a0dcc785
0f3a07f36d6bddee418f7d7548bc165b09817e10764a359d2773388cdec9ff8a
0fcbd009528c24225e41d3ad65f43987027e0d9f56d495a266c51cec95b1784a
3d157039aa107eb7f4c9afa698f2ade4741776320f72471e238094e0cca01461
5b7b38d49ff538ea30f98de682751d8edd607525a9f204564ed9353f6e678d06
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6f1ff296b558b9c4879fb0083a0233534e4b9c55420bff77601ef971d813241c
70aee248dec740b86acf892097a9d3c5d98a32afeb4c1b89d8d54580f9f3bc05
76d0c7c4f3262bb5bb299186d4d95875e556d29f9120e3973ede5a6ab3b9e098
7e749dcd41c25e4176a25cce76820a0287c7506c9e27467675ce07369c21c8bb
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
96feebe10d8e4a432e6e250c4985931b1076339754eea40be688e7ea916b671d
9922d8b1a5db03886f879c834f0bd8fd9ecb4a594042290182046bc68586b9b1
b7629b5a48ad04fe5455caeaa36ea515a099f099c23f13cb28631137bbcbd879
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda