www.underlineabuse.sa.com

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 7 HTTP transactions. The main IP is 172.67.211.19, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.underlineabuse.sa.com.
TLS certificate: Issued by GTS CA 1P5 on May 1st 2024. Valid for: 3 months.

This is the only time www.underlineabuse.sa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	172.67.211.19 172.67.211.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
7	4

4 172.67.211.19 (United States)

ASN13335 (CLOUDFLARENET, US)

www.underlineabuse.sa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.adsensecustomsearchads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	sa.com www.underlineabuse.sa.com	16 KB
1	adsensecustomsearchads.com www.adsensecustomsearchads.com — Cisco Umbrella Rank: 3239
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 5354	259 B
1	google.com www.google.com — Cisco Umbrella Rank: 5	72 KB
7	4

	Domain	Requested by
4	www.underlineabuse.sa.com	www.underlineabuse.sa.com
1	www.adsensecustomsearchads.com	www.google.com
1	partner.googleadservices.com	www.google.com
1	www.google.com	www.underlineabuse.sa.com
7	4

This site contains no links.

Subject Issuer	Validity	Valid
underlineabuse.sa.com GTS CA 1P5	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.googleadservices.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
misc-sni.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/ee3ofm1tflf0z-1y-3ymdzso_kqsewxdeh1vv84gpzfjfr5_xc5zlf2iy7cv_gfg
Frame ID: 7B2880C7731F66EF25C23BB4E2E52C63
Requests: 6 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol306%2Cpid-bodis-gcontrol426%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol202&client=dp-bodis31_3ph&r=m&hl=de&ivt=0&rpbu=http%3A%2F%2Fwww.underlineabuse.sa.com%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2495773305495993&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300000%2C17301437%2C17301439%2C17301442%2C17301504%2C17301509&client_gdprApplies=1&format=r3&nocache=1161718260479423&num=0&output=afd_ads&domain_name=www.underlineabuse.sa.com&v=3&bsl=8&pac=0&u_his=2&u_tz=120&dt=1718260479425&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=641883529&rurl=https%3A%2F%2Fwww.underlineabuse.sa.com%2Filiqxioebwc%2Fqand3926knqnvm%2F4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum%2Fee3ofm1tflf0z-1y-3ymdzso_kqsewxdeh1vv84gpzfjfr5_xc5zlf2iy7cv_gfg
Frame ID: 850D134A453B89E40D673D22FE0BF0DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

underlineabuse.sa.com

Page URL History Show full URLs

http://www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/ee3of... HTTP 307
https://www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/ee3of... HTTP 307
https://www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/ee3of... Page URL

Page Statistics

7
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

89 kB
Transfer

226 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/ee3ofm1tflf0z-1y-3ymdzso_kqsewxdeh1vv84gpzfjfr5_xc5zlf2iy7cv_gfg HTTP 307
https://www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/ee3ofm1tflf0z-1y-3ymdzso_kqsewxdeh1vv84gpzfjfr5_xc5zlf2iy7cv_gfg HTTP 307
https://www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/ee3ofm1tflf0z-1y-3ymdzso_kqsewxdeh1vv84gpzfjfr5_xc5zlf2iy7cv_gfg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request ee3ofm1tflf0z-1y-3ymdzso_kqsewxdeh1vv84gpzfjfr5_xc5zlf2iy7cv_gfg Show response
www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/
Redirect Chain

http://www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/ee3ofm1tflf0z-1y-3ymdzso_kqsewxdeh1vv84gpzfjfr5_xc5zlf2iy7cv_gfg
https://www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/ee3ofm1tflf0z-1y-3ymdzso_kqsewxdeh1vv84gpzfjfr5_xc5zlf2iy7cv_gfg
https://www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/ee3ofm1tflf0z-1y-3ymdzso_kqsewxdeh1vv84gpzfjfr5_xc5zlf2iy7cv_gfg

1 KB
2 KB

77ms
77ms

Document
text/html

172.67.211.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/ee3ofm1tflf0z-1y-3ymdzso_kqsewxdeh1vv84gpzfjfr5_xc5zlf2iy7cv_gfg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 227dcbf9cde133681ad1e55c063fd4fb38c3bc124b7b85a247425096f240ba18

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-prefers-color-scheme
alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 89300e5999e33718-FRA
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: sec-ch-prefers-color-scheme
date: Thu, 13 Jun 2024 06:34:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JSiUogkwXN5Z2ttpLMvA3KBrT5ksLBwlTyf1wy3bNG3Rb6sAFLAHecQsBz78RzmaeMYyGPwhqRIKvR34j%2FE6g8%2FMVXf1q5pDNibkZ8pVy7xSYFNXa%2FSJAsJPXmR8Xg%2FBlSoqKTPM47oRVNxO"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: sec-ch-prefers-color-scheme
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_AXrOmMqm0EIVsVVyEV13CMGdEmlcVGYRuvmKp5av2ZyDuG2K+0YAg8sejX6bBq5vB1bhZL4QtlWHC7k43p+UAQ==
x-request-id: 6e37655f-595b-4c15-9148-13a1a85246ce

Redirect headers

Location: https://www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/ee3ofm1tflf0z-1y-3ymdzso_kqsewxdeh1vv84gpzfjfr5_xc5zlf2iy7cv_gfg

GET
H3 200 bGDFPKmsm.js Show response
www.underlineabuse.sa.com/ 33 KB
11 KB 103ms
102ms Script
application/javascript 172.67.211.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.underlineabuse.sa.com/bGDFPKmsm.js
Requested by: Host: www.underlineabuse.sa.com
URL: https://www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/ee3ofm1tflf0z-1y-3ymdzso_kqsewxdeh1vv84gpzfjfr5_xc5zlf2iy7cv_gfg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78feb6ec409aa8ce11bbc8890f01f95c48363a872f87e7c518c872155530211c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/ee3ofm1tflf0z-1y-3ymdzso_kqsewxdeh1vv84gpzfjfr5_xc5zlf2iy7cv_gfg
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
sec-ch-prefers-color-scheme: light
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 06:34:39 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hC8OjKuPNJdLtPBuSvCb%2F9XCKmT4DglU%2FmDUkA%2BgQRSyzpEXsqIjVr2Hf6NVJHMFlnHoyctYS1EMQNCQ6Z6ZbayHM%2BrLFe4RwrU1zSEMe8vLeETL8MJ2vLeTo85YRimQFiuzX6gBZD7H4t7l"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cf-ray: 89300e5a1a5a3718-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: e350f4e9-3559-48b8-9a25-697ccfc05706

POST
H3 200 _fd Show response
www.underlineabuse.sa.com/ 5 KB
3 KB 54ms
54ms Fetch
application/json 172.67.211.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.underlineabuse.sa.com/_fd
Requested by: Host: www.underlineabuse.sa.com
URL: https://www.underlineabuse.sa.com/bGDFPKmsm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75b3d0afc1048a7d11a957641cd4f17d3a1d6dfe6e1f1d78d797e30a160211db

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/ee3ofm1tflf0z-1y-3ymdzso_kqsewxdeh1vv84gpzfjfr5_xc5zlf2iy7cv_gfg
sec-ch-prefers-color-scheme: light
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 06:34:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JbuusNR%2BVdeIKlqkOijNpvGliOUZumTUl9wh0LQy5WZNe9ojGlahJZn926LgmMmVKpM1y0MhOKYGV6wG%2Bl6aZh9igRFtKt0CyGquiVGD7DG3t1yKyA7eNVeqz9GxPovGSH0UXzwqYpR3NcTQ"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 89300e5acb073718-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: 5d1d0dc5-8ebd-444b-bec0-42f03e377349

GET
H3 200 caf.js Show response
www.google.com/adsense/domains/ 186 KB
72 KB 121ms
45ms Script
text/javascript 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true

Requested by

Host: www.underlineabuse.sa.com
URL: https://www.underlineabuse.sa.com/bGDFPKmsm.js

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

sffe /

Resource Hash

faf84e07997e0e88e59bf746ff2059b10026b58df94a4b2569d40abb4596da3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underlineabuse.sa.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 06:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "14548050014658708388"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Thu, 13 Jun 2024 06:34:39 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 366 B
259 B 127ms
81ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.underlineabuse.sa.com&client=partner-dp-bodis31_3ph&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

dbce32502cffb43062f05c9b6232342795577cbf7bac45995c8b956ce2992946

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.underlineabuse.sa.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 06:34:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0

GET
H2 200 ads
www.adsensecustomsearchads.com/afs/ Frame 850D 0
0 228ms
109ms Document
text/html 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/afs/ads?adtest=off&psid=3113057640&pcsa=false&channel=pid-bodis-gcontrol97%2Cpid-bodis-gcontrol306%2Cpid-bodis-gcontrol426%2Cpid-bodis-gcontrol151%2Cpid-bodis-gcontrol202&client=dp-bodis31_3ph&r=m&hl=de&ivt=0&rpbu=http%3A%2F%2Fwww.underlineabuse.sa.com%2F%3Fcaf%3D1%26bpt%3D345&max_radlink_len=50&type=3&uiopt=false&swp=as-drid-2495773305495993&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300000%2C17301437%2C17301439%2C17301442%2C17301504%2C17301509&client_gdprApplies=1&format=r3&nocache=1161718260479423&num=0&output=afd_ads&domain_name=www.underlineabuse.sa.com&v=3&bsl=8&pac=0&u_his=2&u_tz=120&dt=1718260479425&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=1080&frm=0&uio=-&cont=rs&drt=0&jsid=caf&nfp=1&jsv=641883529&rurl=https%3A%2F%2Fwww.underlineabuse.sa.com%2Filiqxioebwc%2Fqand3926knqnvm%2F4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum%2Fee3ofm1tflf0z-1y-3ymdzso_kqsewxdeh1vv84gpzfjfr5_xc5zlf2iy7cv_gfg

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&bodis=true

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-BTSCbzaIUL6IcEDJYNX-kQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.underlineabuse.sa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 607
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-BTSCbzaIUL6IcEDJYNX-kQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Thu, 13 Jun 2024 06:34:39 GMT
expires: Thu, 13 Jun 2024 06:34:39 GMT
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

POST
H3 200 _tr Show response
www.underlineabuse.sa.com/ 2 B
525 B 63ms
63ms Fetch
application/json 172.67.211.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.underlineabuse.sa.com/_tr
Requested by: Host: www.underlineabuse.sa.com
URL: https://www.underlineabuse.sa.com/bGDFPKmsm.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.211.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum/ee3ofm1tflf0z-1y-3ymdzso_kqsewxdeh1vv84gpzfjfr5_xc5zlf2iy7cv_gfg
sec-ch-prefers-color-scheme: light
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 06:34:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mWBTbpTYNASZkLSU%2BAc2SxHtJOGj6lTeNK07Dmtnbac%2FdjtM8ZmRKoeuM3yIUxiFZp6HIFv2lqJo6TsRBiHwctZOPQr9VEgYzgg3YdWU55aNZDwsrnbvTjU5%2FTLEC6XsDENYCBd9vVTJD%2BEk"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 89300e5ebf083718-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2
x-request-id: 5452e525-7429-498e-897c-359d30a473c7

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.underlineabuse.sa.com/iliqxioebwc/qand3926knqnvm/4ausabij3jx0xucrz5v2dqgjn7a9fxcyw8ulf1solum	1970-01-20 21:17:41	Name: parking_session Value: d7a4b00f-e8e5-4e6f-ae09-3cd861b356a0
			www.underlineabuse.sa.com/	1970-01-20 21:17:41	Name: parking_session Value: d7a4b00f-e8e5-4e6f-ae09-3cd861b356a0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

partner.googleadservices.com
www.adsensecustomsearchads.com
www.google.com
www.underlineabuse.sa.com
142.250.185.196
142.250.186.66
172.67.211.19
2a00:1450:4001:800::200e
227dcbf9cde133681ad1e55c063fd4fb38c3bc124b7b85a247425096f240ba18
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
75b3d0afc1048a7d11a957641cd4f17d3a1d6dfe6e1f1d78d797e30a160211db
78feb6ec409aa8ce11bbc8890f01f95c48363a872f87e7c518c872155530211c
dbce32502cffb43062f05c9b6232342795577cbf7bac45995c8b956ce2992946
faf84e07997e0e88e59bf746ff2059b10026b58df94a4b2569d40abb4596da3a

www.underlineabuse.sa.com Open in urlscan Pro 172.67.211.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

7 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

89 kBTransfer

226 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

2 Cookies

Indicators

www.underlineabuse.sa.com Open in urlscan Pro
172.67.211.19 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

89 kB
Transfer

226 kB
Size

2
Cookies

7 HTTP transactions
0 data transactions