oapdw.sihighlyrecom.xyz
Open in
urlscan Pro
44.195.137.121
Public Scan
Effective URL: https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f...
Submission Tags: falconsandbox
Submission: On September 12 via api from US — Scanned from NL
Summary
TLS certificate: Issued by R3 on August 17th 2022. Valid for: 3 months.
This is the only time oapdw.sihighlyrecom.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 188.114.97.12 188.114.97.12 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2606:4700:303... 2606:4700:3033::6815:5ce6 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 65.9.95.104 65.9.95.104 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 44.195.137.121 44.195.137.121 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 13.32.110.29 13.32.110.29 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
2 4 | 2a00:1450:400... 2a00:1450:4001:806::200d | 15169 (GOOGLE) (GOOGLE) | |
7 | 4 |
ASN13335 (CLOUDFLARENET, US)
uaw.cbcnvbkjfhgfj324hjhjetrjhkt454.pw |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-104.prg50.r.cloudfront.net
reukandthis.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-137-121.compute-1.amazonaws.com
oapdw.sihighlyrecom.xyz |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-29.vie50.r.cloudfront.net
oulukdliketo.shop |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
google.com
2 redirects
accounts.google.com — Cisco Umbrella Rank: 126 |
2 KB |
3 |
sihighlyrecom.xyz
oapdw.sihighlyrecom.xyz |
32 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 111 |
|
1 |
oulukdliketo.shop
oulukdliketo.shop |
496 B |
1 |
reukandthis.com
1 redirects
reukandthis.com — Cisco Umbrella Rank: 263146 |
897 B |
1 |
rtb-assess-1.com
1 redirects
rtb-assess-1.com |
570 B |
1 |
cbcnvbkjfhgfj324hjhjetrjhkt454.pw
1 redirects
uaw.cbcnvbkjfhgfj324hjhjetrjhkt454.pw — Cisco Umbrella Rank: 612321 |
1 KB |
7 | 7 |
Domain | Requested by | |
---|---|---|
4 | accounts.google.com |
2 redirects
oapdw.sihighlyrecom.xyz
|
3 | oapdw.sihighlyrecom.xyz |
oapdw.sihighlyrecom.xyz
|
1 | www.facebook.com |
oapdw.sihighlyrecom.xyz
|
1 | oulukdliketo.shop |
oapdw.sihighlyrecom.xyz
|
1 | reukandthis.com | 1 redirects |
1 | rtb-assess-1.com | 1 redirects |
1 | uaw.cbcnvbkjfhgfj324hjhjetrjhkt454.pw | 1 redirects |
7 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sihighlyrecom.xyz R3 |
2022-08-17 - 2022-11-15 |
3 months | crt.sh |
oulukdliketo.shop Amazon |
2022-08-21 - 2023-09-19 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-06-21 - 2022-09-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f0f38553&lp=movie-allow-2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freukandthis.com%2F%3Ftid%3D939758%26noocp%3D1&hop=7&geo=NL
Frame ID: 8335259A036AA7F55AC8B01BC8F4A490
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://uaw.cbcnvbkjfhgfj324hjhjetrjhkt454.pw/
HTTP 302
https://rtb-assess-1.com/?i=7diOD0sNjNL2awVvOt2p%2FQ%3D%3D&d=aHR0cDovL3JldWthbmR0aGlzLmNvbS9yZWRpcmVj... HTTP 302
http://reukandthis.com/redirect?tid=939758&ref=android-traffic.com HTTP 302
https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://uaw.cbcnvbkjfhgfj324hjhjetrjhkt454.pw/
HTTP 302
https://rtb-assess-1.com/?i=7diOD0sNjNL2awVvOt2p%2FQ%3D%3D&d=aHR0cDovL3JldWthbmR0aGlzLmNvbS9yZWRpcmVjdD90aWQ9OTM5NzU4JnJlZj1hbmRyb2lkLXRyYWZmaWPELA%3D%3D HTTP 302
http://reukandthis.com/redirect?tid=939758&ref=android-traffic.com HTTP 302
https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f0f38553&lp=movie-allow-2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freukandthis.com%2F%3Ftid%3D939758%26noocp%3D1&hop=7&geo=NL Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
- https://accounts.google.com/v3/signin/identifier?dsh=S-888804531%3A1662974561229087&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpA-oIn-Wj1Fzt-0B-g69l8G4whfoSiXmmTPVfuOfW82mNsNhQ41C3FsvEOY3OY76819nrW
- https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
- https://accounts.google.com/v3/signin/identifier?dsh=S873380496%3A1662974561266540&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpgXcrXR6oG1LkjLHCaJgL_5ZETqOhleG8rgmsHwebfPzhdzFw5S36e4KRTpCB1xUsTOaYbWg
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
EKCLE
oapdw.sihighlyrecom.xyz/ Redirect Chain
|
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dlp
oapdw.sihighlyrecom.xyz/ |
72 KB 27 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utx
oulukdliketo.shop/ |
0 496 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.php
www.facebook.com/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identifier
accounts.google.com/v3/signin/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identifier
accounts.google.com/v3/signin/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
oapdw.sihighlyrecom.xyz/ |
0 36 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
uaw.cbcnvbkjfhgfj324hjhjetrjhkt454.pw/ | Name: _ctid Value: 3948174827 |
|
reukandthis.com/ | Name: csu Value: ee0b7165-7a7c-49f1-9e3c-b303f0f38553 |
|
.google.com/ | Name: NID Value: 511=GqDp3-JXJV3vWDqRul4mmnDF_4v1L_08KLgy5l3K-Kf2Lu73Bwn287F8y4ThIf-Q5WJfg_pH3PEnLtNXRgy8QPV-TbfY5ACepT8yb6c-x6CgwRYgVXPr73x44yWvCrgFV5qdGFtVALdAsNG9g1vV4gszsYjFdSDXSImGZK_VUlQ |
|
oapdw.sihighlyrecom.xyz/ | Name: ce23127dde7dd7bbeb8e01220ae5fb96 Value: 1 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
oapdw.sihighlyrecom.xyz
oulukdliketo.shop
reukandthis.com
rtb-assess-1.com
uaw.cbcnvbkjfhgfj324hjhjetrjhkt454.pw
www.facebook.com
13.32.110.29
188.114.97.12
2606:4700:3033::6815:5ce6
2a00:1450:4001:806::200d
2a03:2880:f107:83:face:b00c:0:25de
44.195.137.121
65.9.95.104
e36cb9b7253b10bcd271203cd2d16d34fac884dc101e54f2d0e88410caccf189
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7e1afed9a58d1e3d534acb689922c27cc0732e6643e1668fee746df54d0cdbd