Submitted URL: http://uaw.cbcnvbkjfhgfj324hjhjetrjhkt454.pw/
Effective URL: https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f...
Submission Tags: falconsandbox
Submission: On September 12 via api from US — Scanned from NL

Summary

This website contacted 4 IPs in 4 countries across 7 domains to perform 7 HTTP transactions. The main IP is 44.195.137.121, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is oapdw.sihighlyrecom.xyz.
TLS certificate: Issued by R3 on August 17th 2022. Valid for: 3 months.
This is the only time oapdw.sihighlyrecom.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.97.12 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 65.9.95.104 16509 (AMAZON-02)
3 44.195.137.121 14618 (AMAZON-AES)
1 13.32.110.29 16509 (AMAZON-02)
1 2a03:2880:f10... 32934 (FACEBOOK)
2 4 2a00:1450:400... 15169 (GOOGLE)
7 4
Apex Domain
Subdomains
Transfer
4 google.com
accounts.google.com — Cisco Umbrella Rank: 126
2 KB
3 sihighlyrecom.xyz
oapdw.sihighlyrecom.xyz
32 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
1 oulukdliketo.shop
oulukdliketo.shop
496 B
1 reukandthis.com
reukandthis.com — Cisco Umbrella Rank: 263146
897 B
1 rtb-assess-1.com
rtb-assess-1.com
570 B
1 cbcnvbkjfhgfj324hjhjetrjhkt454.pw
uaw.cbcnvbkjfhgfj324hjhjetrjhkt454.pw — Cisco Umbrella Rank: 612321
1 KB
7 7
Domain Requested by
4 accounts.google.com 2 redirects oapdw.sihighlyrecom.xyz
3 oapdw.sihighlyrecom.xyz oapdw.sihighlyrecom.xyz
1 www.facebook.com oapdw.sihighlyrecom.xyz
1 oulukdliketo.shop oapdw.sihighlyrecom.xyz
1 reukandthis.com 1 redirects
1 rtb-assess-1.com 1 redirects
1 uaw.cbcnvbkjfhgfj324hjhjetrjhkt454.pw 1 redirects
7 7

This site contains no links.

Subject Issuer Validity Valid
sihighlyrecom.xyz
R3
2022-08-17 -
2022-11-15
3 months crt.sh
oulukdliketo.shop
Amazon
2022-08-21 -
2023-09-19
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-06-21 -
2022-09-19
3 months crt.sh

This page contains 1 frames:

Primary Page: https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f0f38553&lp=movie-allow-2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freukandthis.com%2F%3Ftid%3D939758%26noocp%3D1&hop=7&geo=NL
Frame ID: 8335259A036AA7F55AC8B01BC8F4A490
Requests: 7 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://uaw.cbcnvbkjfhgfj324hjhjetrjhkt454.pw/ HTTP 302
    https://rtb-assess-1.com/?i=7diOD0sNjNL2awVvOt2p%2FQ%3D%3D&d=aHR0cDovL3JldWthbmR0aGlzLmNvbS9yZWRpcmVj... HTTP 302
    http://reukandthis.com/redirect?tid=939758&ref=android-traffic.com HTTP 302
    https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-... Page URL

Page Statistics

7
Requests

71 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

4
IPs

4
Countries

32 kB
Transfer

84 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://uaw.cbcnvbkjfhgfj324hjhjetrjhkt454.pw/ HTTP 302
    https://rtb-assess-1.com/?i=7diOD0sNjNL2awVvOt2p%2FQ%3D%3D&d=aHR0cDovL3JldWthbmR0aGlzLmNvbS9yZWRpcmVjdD90aWQ9OTM5NzU4JnJlZj1hbmRyb2lkLXRyYWZmaWPELA%3D%3D HTTP 302
    http://reukandthis.com/redirect?tid=939758&ref=android-traffic.com HTTP 302
    https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f0f38553&lp=movie-allow-2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freukandthis.com%2F%3Ftid%3D939758%26noocp%3D1&hop=7&geo=NL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S-888804531%3A1662974561229087&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpA-oIn-Wj1Fzt-0B-g69l8G4whfoSiXmmTPVfuOfW82mNsNhQ41C3FsvEOY3OY76819nrW
Request Chain 4
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/v3/signin/identifier?dsh=S873380496%3A1662974561266540&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpgXcrXR6oG1LkjLHCaJgL_5ZETqOhleG8rgmsHwebfPzhdzFw5S36e4KRTpCB1xUsTOaYbWg

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request EKCLE
oapdw.sihighlyrecom.xyz/
Redirect Chain
  • http://uaw.cbcnvbkjfhgfj324hjhjetrjhkt454.pw/
  • https://rtb-assess-1.com/?i=7diOD0sNjNL2awVvOt2p%2FQ%3D%3D&d=aHR0cDovL3JldWthbmR0aGlzLmNvbS9yZWRpcmVjdD90aWQ9OTM5NzU4JnJlZj1hbmRyb2lkLXRyYWZmaWPELA%3D%3D
  • http://reukandthis.com/redirect?tid=939758&ref=android-traffic.com
  • https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f0f38553&lp=movie-allow-2&tb=redirect&allb=redirect&ob=redirect&href=h...
13 KB
5 KB
Document
General
Full URL
https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f0f38553&lp=movie-allow-2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freukandthis.com%2F%3Ftid%3D939758%26noocp%3D1&hop=7&geo=NL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-137-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
f7e1afed9a58d1e3d534acb689922c27cc0732e6643e1668fee746df54d0cdbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

access-control-allow-headers
X-Requested-With,content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
etag
W/"326a-+uOpnNnLB/HHHgLxAkNgr+DiTFM"
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

Accept-CH
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Mon, 12 Sep 2022 09:22:40 GMT
Location
https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f0f38553&lp=movie-allow-2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freukandthis.com%2F%3Ftid%3D939758%26noocp%3D1&hop=7&geo=NL
P3P
CP="NID DSP ALL COR"
Pragma
no-cache
Server
openresty/1.17.8.2
Via
1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
X-Amz-Cf-Id
egykeiVGlBtbFz9X8_ELcer_KAwDsPNBn4Ck9OmHdUwum1bd5MKqrA==
X-Amz-Cf-Pop
PRG50-C1
X-Cache
Miss from cloudfront
cache-control
no-store, no-cache, must-revalidate, no-transform
dlp
oapdw.sihighlyrecom.xyz/
72 KB
27 KB
XHR
General
Full URL
https://oapdw.sihighlyrecom.xyz/dlp?st=1&lp=movie-allow-2&geo=NL
Requested by
Host: oapdw.sihighlyrecom.xyz
URL: https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f0f38553&lp=movie-allow-2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freukandthis.com%2F%3Ftid%3D939758%26noocp%3D1&hop=7&geo=NL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-137-121.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e36cb9b7253b10bcd271203cd2d16d34fac884dc101e54f2d0e88410caccf189

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f0f38553&lp=movie-allow-2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freukandthis.com%2F%3Ftid%3D939758%26noocp%3D1&hop=7&geo=NL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-encoding
gzip
etag
W/"11e10-sml3y6CCBNKyKEVG0Z3mxo1AaOQ"
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
X-Requested-With,content-type
utx
oulukdliketo.shop/
0
496 B
XHR
General
Full URL
https://oulukdliketo.shop/utx?tid=939758&top=oapdw.sihighlyrecom.xyz&cb=gWwD2BYMmaNA
Requested by
Host: oapdw.sihighlyrecom.xyz
URL: https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f0f38553&lp=movie-allow-2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freukandthis.com%2F%3Ftid%3D939758%26noocp%3D1&hop=7&geo=NL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-29.vie50.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oapdw.sihighlyrecom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Sep 2022 09:22:41 GMT
via
1.1 2acbf12c17a7f7f2ed99463cb4024586.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://oapdw.sihighlyrecom.xyz
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-amz-cf-id
oHA63H1pm8dw3UzfeSiSJulG5RDUVsMHk2jRIaHiB6oVe9Xquzb1PQ==
login.php
www.facebook.com/
0
0
Image
General
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: oapdw.sihighlyrecom.xyz
URL: https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f0f38553&lp=movie-allow-2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freukandthis.com%2F%3Ftid%3D939758%26noocp%3D1&hop=7&geo=NL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oapdw.sihighlyrecom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/v3/signin/identifier?dsh=S-888804531%3A1662974561229087&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignI...
0
0
Image
General
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S-888804531%3A1662974561229087&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpA-oIn-Wj1Fzt-0B-g69l8G4whfoSiXmmTPVfuOfW82mNsNhQ41C3FsvEOY3OY76819nrW
Requested by
Host: oapdw.sihighlyrecom.xyz
URL: https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f0f38553&lp=movie-allow-2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freukandthis.com%2F%3Ftid%3D939758%26noocp%3D1&hop=7&geo=NL
Protocol
H2
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oapdw.sihighlyrecom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
390
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
date
Mon, 12 Sep 2022 09:22:41 GMT
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S-888804531%3A1662974561229087&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpA-oIn-Wj1Fzt-0B-g69l8G4whfoSiXmmTPVfuOfW82mNsNhQ41C3FsvEOY3OY76819nrW
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-fYGcShM-QDhBh4fwSdWsMA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/v3/signin/identifier?dsh=S873380496%3A1662974561266540&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSi...
0
0
Image
General
Full URL
https://accounts.google.com/v3/signin/identifier?dsh=S873380496%3A1662974561266540&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpgXcrXR6oG1LkjLHCaJgL_5ZETqOhleG8rgmsHwebfPzhdzFw5S36e4KRTpCB1xUsTOaYbWg
Requested by
Host: oapdw.sihighlyrecom.xyz
URL: https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f0f38553&lp=movie-allow-2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freukandthis.com%2F%3Ftid%3D939758%26noocp%3D1&hop=7&geo=NL
Protocol
H2
Server
2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://oapdw.sihighlyrecom.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
398
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
date
Mon, 12 Sep 2022 09:22:41 GMT
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?dsh=S873380496%3A1662974561266540&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpgXcrXR6oG1LkjLHCaJgL_5ZETqOhleG8rgmsHwebfPzhdzFw5S36e4KRTpCB1xUsTOaYbWg
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-8e85AEevxpWH9G9SVDTrSA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
oapdw.sihighlyrecom.xyz/
0
36 B
XHR
General
Full URL
https://oapdw.sihighlyrecom.xyz/
Requested by
Host: oapdw.sihighlyrecom.xyz
URL: https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f0f38553&lp=movie-allow-2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freukandthis.com%2F%3Ftid%3D939758%26noocp%3D1&hop=7&geo=NL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.195.137.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-195-137-121.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://oapdw.sihighlyrecom.xyz/EKCLE?tag_id=939758&sub_id1=&sub_id2=4207264656701597982&cookie_id=ee0b7165-7a7c-49f1-9e3c-b303f0f38553&lp=movie-allow-2&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Freukandthis.com%2F%3Ftid%3D939758%26noocp%3D1&hop=7&geo=NL
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
content-length
0

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

4 Cookies

Domain/Path Name / Value
uaw.cbcnvbkjfhgfj324hjhjetrjhkt454.pw/ Name: _ctid
Value: 3948174827
reukandthis.com/ Name: csu
Value: ee0b7165-7a7c-49f1-9e3c-b303f0f38553
.google.com/ Name: NID
Value: 511=GqDp3-JXJV3vWDqRul4mmnDF_4v1L_08KLgy5l3K-Kf2Lu73Bwn287F8y4ThIf-Q5WJfg_pH3PEnLtNXRgy8QPV-TbfY5ACepT8yb6c-x6CgwRYgVXPr73x44yWvCrgFV5qdGFtVALdAsNG9g1vV4gszsYjFdSDXSImGZK_VUlQ
oapdw.sihighlyrecom.xyz/ Name: ce23127dde7dd7bbeb8e01220ae5fb96
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S-888804531%3A1662974561229087&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpA-oIn-Wj1Fzt-0B-g69l8G4whfoSiXmmTPVfuOfW82mNsNhQ41C3FsvEOY3OY76819nrW
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?dsh=S873380496%3A1662974561266540&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpgXcrXR6oG1LkjLHCaJgL_5ZETqOhleG8rgmsHwebfPzhdzFw5S36e4KRTpCB1xUsTOaYbWg
Message:
Failed to load resource: the server responded with a status of 403 ()