urlscan.io logo urlscan.io
SecurityTrails logo

blackwaterforllows.ga Open in urlscan Pro
157.245.79.75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kmuz.org/
Effective URL: https://blackwaterforllows.ga/?p=mm4wmnbuge5gi3bpgiydkma&sub1=cireolass&sub2=dir.buy.local
Submission: On August 23 via manual from PH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 157.245.79.75, located in United States and belongs to DIGITALOCEAN-ASN, US. The main domain is blackwaterforllows.ga.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 10th 2020. Valid for: 3 months.
This is the only time blackwaterforllows.ga was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 45.9.148.126 49447 (NICEIT)
1 157.245.79.75 14061 (DIGITALOC...)
16 4
Domain Requested by
3 kmuz.org 1 redirects kmuz.org
2 detect.donatelloflowfirstly.ga js.donatelloflowfirstly.ga
1 blackwaterforllows.ga
1 js.donatelloflowfirstly.ga kmuz.org
0 cdn-images.mailchimp.com Failed kmuz.org
16 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-15 -
2021-07-15		 a year crt.sh
js.donatelloflowfirstly.ga
Let's Encrypt Authority X3		 2020-08-11 -
2020-11-09		 3 months crt.sh
detect.donatelloflowfirstly.ga
Let's Encrypt Authority X3		 2020-08-12 -
2020-11-10		 3 months crt.sh
blackwaterforllows.ga
Let's Encrypt Authority X3		 2020-08-10 -
2020-11-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://blackwaterforllows.ga/?p=mm4wmnbuge5gi3bpgiydkma&sub1=cireolass&sub2=dir.buy.local
Frame ID: 6EB1608D2DC8C9A1CEED4B8960658C5D
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://kmuz.org/ HTTP 301
    https://kmuz.org/ Page URL
  2. https://detect.donatelloflowfirstly.ga/d.html?follow=3&re=1&id=9 Page URL
  3. https://detect.donatelloflowfirstly.ga/d.php?id=64363234-1234-wdfxdg-2366 HTTP 302
    https://blackwaterforllows.ga/?p=mm4wmnbuge5gi3bpgiydkma&sub1=cireolass&sub2=dir.buy.local Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

16
Requests

31 %
HTTPS

33 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

68 kB
Transfer

232 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kmuz.org/ HTTP 301
    https://kmuz.org/ Page URL
  2. https://detect.donatelloflowfirstly.ga/d.html?follow=3&re=1&id=9 Page URL
  3. https://detect.donatelloflowfirstly.ga/d.php?id=64363234-1234-wdfxdg-2366 HTTP 302
    https://blackwaterforllows.ga/?p=mm4wmnbuge5gi3bpgiydkma&sub1=cireolass&sub2=dir.buy.local Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://kmuz.org/ HTTP 301
  • https://kmuz.org/

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
kmuz.org/
Redirect Chain
  • http://kmuz.org/
  • https://kmuz.org/
161 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kmuz.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6818:6b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa0bea347d83a7c4f213db8c4001ec3d9f4171596c06c2e606eb3caf5e6fc834

Request headers

:method
GET
:authority
kmuz.org
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 23 Aug 2020 23:49:08 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9b9c8f68daf1fe0ad6cce0af98c00b9e1598226547; expires=Tue, 22-Sep-20 23:49:07 GMT; path=/; domain=.kmuz.org; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding,User-Agent
last-modified
Sun, 23 Aug 2020 21:47:01 GMT
cache-control
max-age=0
expires
Sun, 23 Aug 2020 23:49:08 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-cache-status
DYNAMIC
cf-request-id
04bf52dbdb000005ccd3894200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5c78ba72fec505cc-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Sun, 23 Aug 2020 23:49:07 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Mon, 24 Aug 2020 00:49:07 GMT
Location
https://kmuz.org/
cf-request-id
04bf52dbb50000bf14e7066200000001
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
5c78ba72bfa9bf14-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
fa-solid-900.woff2
kmuz.org/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		0
0
fa-brands-400.woff2
kmuz.org/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		0
0
fa-regular-400.woff2
kmuz.org/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		0
0
eicons.woff2
kmuz.org/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 		0
0
statistics.js
js.donatelloflowfirstly.ga/ 		447 B
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.donatelloflowfirstly.ga/statistics.js?w=1
Requested by
Host: kmuz.org
URL: https://kmuz.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.9.148.126 , Netherlands, ASN49447 (NICEIT, NL),
Reverse DNS
Software
nginx /
Resource Hash
1612a47c522e849117cd218868604190c57be802737ee3cad28fb2069a636a51

Request headers

Referer
https://kmuz.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 23 Aug 2020 23:49:08 GMT
Last-Modified
Sat, 22 Aug 2020 08:54:51 GMT
Server
nginx
ETag
"5f40dd5b-1bf"
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=60
Content-Length
447
Expires
Thu, 31 Dec 2037 23:55:55 GMT
babad9ac2ed288e2feee251ba5d2fc34.css
kmuz.org/wp-content/cache/min/1/ 		0
0
jquery.js
kmuz.org/wp-includes/js/jquery/ 		0
0
classic-10_7.css
cdn-images.mailchimp.com/embedcode/ 		0
0
email-decode.min.js
kmuz.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
870 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kmuz.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: kmuz.org
URL: https://kmuz.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6818:6b73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://kmuz.org/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 23 Aug 2020 23:49:08 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 17 Aug 2020 17:01:45 GMT
server
cloudflare
etag
W/"5f3ab7f9-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
5c78ba772d7905cc-FRA
cf-request-id
04bf52de7d000005ccd38b7200000001
expires
Tue, 25 Aug 2020 23:49:08 GMT
cacfe9f8a8b5e7370b38a3c520d82a39.js
kmuz.org/wp-content/cache/min/1/ 		0
0
d.html
detect.donatelloflowfirstly.ga/ 		0
0
d.html
detect.donatelloflowfirstly.ga/ 		0
0
d.html
detect.donatelloflowfirstly.ga/ 		0
0
d.html
detect.donatelloflowfirstly.ga/ 		184 B
512 B 		Document
General
Check archive.org
Download Go to
Full URL
https://detect.donatelloflowfirstly.ga/d.html?follow=3&re=1&id=9
Requested by
Host: js.donatelloflowfirstly.ga
URL: https://js.donatelloflowfirstly.ga/statistics.js?w=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.9.148.126 , Netherlands, ASN49447 (NICEIT, NL),
Reverse DNS
Software
nginx /
Resource Hash
1b1101e188541273bb7b2b5fbe480427662c21e4981994ea20d89a18faad1cdb

Request headers

Host
detect.donatelloflowfirstly.ga
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://kmuz.org/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://kmuz.org/

Response headers

Server
nginx
Date
Sun, 23 Aug 2020 23:49:08 GMT
Content-Type
text/html
Content-Length
184
Last-Modified
Wed, 12 Aug 2020 22:30:19 GMT
Connection
keep-alive
Keep-Alive
timeout=60
ETag
"5f346d7b-b8"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Accept-Ranges
bytes
Primary Request /
blackwaterforllows.ga/
Redirect Chain
  • https://detect.donatelloflowfirstly.ga/d.php?id=64363234-1234-wdfxdg-2366
  • https://blackwaterforllows.ga/?p=mm4wmnbuge5gi3bpgiydkma&sub1=cireolass&sub2=dir.buy.local
46 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blackwaterforllows.ga/?p=mm4wmnbuge5gi3bpgiydkma&sub1=cireolass&sub2=dir.buy.local
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.245.79.75 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
806602b77b3abdfb30d1da5898c689e4152ad06b5136e517b60471f30c94faf3
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
blackwaterforllows.ga
:scheme
https
:path
/?p=mm4wmnbuge5gi3bpgiydkma&sub1=cireolass&sub2=dir.buy.local
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://detect.donatelloflowfirstly.ga/d.html?follow=3&re=1&id=9
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://detect.donatelloflowfirstly.ga/d.html?follow=3&re=1&id=9

Response headers

status
200
server
nginx
date
Sun, 23 Aug 2020 23:49:08 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
set-cookie
uuid=22a9e3c6-6d42-42da-91f6-b904598b2a11; expires=Tue, 22-Sep-2020 23:49:08 GMT; Max-Age=2592000; path=/; domain=blackwaterforllows.ga
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests

Redirect headers

Server
nginx
Date
Sun, 23 Aug 2020 23:49:08 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=60
X-Powered-By
PHP/7.2.33
Location
https://blackwaterforllows.ga/?p=mm4wmnbuge5gi3bpgiydkma&sub1=cireolass&sub2=dir.buy.local
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44088b86a3a263b4565ad217e0464af6f93e9e21fb2dff876aaa5c1e7e3143e3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2cb17fbadc557564198499f31927eae3c14beb19d4fb5bcf407f767dbc6bd312

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kmuz.org
URL
https://kmuz.org/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Domain
kmuz.org
URL
https://kmuz.org/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Domain
kmuz.org
URL
https://kmuz.org/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
Domain
kmuz.org
URL
https://kmuz.org/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.7.0
Domain
kmuz.org
URL
https://kmuz.org/wp-content/cache/min/1/babad9ac2ed288e2feee251ba5d2fc34.css
Domain
kmuz.org
URL
https://kmuz.org/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Domain
cdn-images.mailchimp.com
URL
https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Domain
kmuz.org
URL
https://kmuz.org/wp-content/cache/min/1/cacfe9f8a8b5e7370b38a3c520d82a39.js
Domain
detect.donatelloflowfirstly.ga
URL
https://detect.donatelloflowfirstly.ga/d.html?follow=3&re=1&id=9
Domain
detect.donatelloflowfirstly.ga
URL
https://detect.donatelloflowfirstly.ga/d.html?follow=3&re=1&id=9
Domain
detect.donatelloflowfirstly.ga
URL
https://detect.donatelloflowfirstly.ga/d.html?follow=3&re=1&id=9

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes boolean| guardEnabled boolean| isChrome function| compareVersion function| getLanguage object| rootElement boolean| canStart function| text function| textr function| urlB64ToUint8Array function| disableHistory function| disableIncognito function| denied function| getWorkerRegistration function| SubS function| CheckS

1 Cookies

Domain/Path Name / Value
.blackwaterforllows.ga/ Name: uuid
Value: 22a9e3c6-6d42-42da-91f6-b904598b2a11