Submitted URL: http://protectionuser418.0hi.me/
Effective URL: http://protectionuser418.0hi.me/?i=1
Submission: On December 11 via manual from IN — Scanned from GB

Summary

This website contacted 2 IPs in 2 countries across 1 domains to perform 8 HTTP transactions. The main IP is 185.27.134.160, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is protectionuser418.0hi.me.
This is the only time protectionuser418.0hi.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 185.27.134.160 34119 (WILDCARD-...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
8 2
Apex Domain
Subdomains
Transfer
8 0hi.me
protectionuser418.0hi.me
0hi.me
30 KB
8 1
Domain Requested by
7 protectionuser418.0hi.me protectionuser418.0hi.me
1 0hi.me protectionuser418.0hi.me
8 2

This site contains links to these domains. Also see Links.

Domain
0hi.me
Subject Issuer Validity Valid
0hi.me
WE1
2024-11-02 -
2025-01-31
3 months crt.sh

This page contains 1 frames:

Primary Page: http://protectionuser418.0hi.me/?i=1
Frame ID: A56609AB5B17FF76D23D37444CA7D243
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Iniciar

Page URL History Show full URLs

  1. http://protectionuser418.0hi.me/ HTTP 307
    https://protectionuser418.0hi.me/ HTTP 307
    http://protectionuser418.0hi.me/ Page URL
  2. http://protectionuser418.0hi.me/?i=1 Page URL

Page Statistics

8
Requests

13 %
HTTPS

50 %
IPv6

1
Domains

2
Subdomains

2
IPs

2
Countries

30 kB
Transfer

36 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://protectionuser418.0hi.me/ HTTP 307
    https://protectionuser418.0hi.me/ HTTP 307
    http://protectionuser418.0hi.me/ Page URL
  2. http://protectionuser418.0hi.me/?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://protectionuser418.0hi.me/ HTTP 307
  • https://protectionuser418.0hi.me/ HTTP 307
  • http://protectionuser418.0hi.me/

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
protectionuser418.0hi.me/
Redirect Chain
  • http://protectionuser418.0hi.me/
  • https://protectionuser418.0hi.me/
  • http://protectionuser418.0hi.me/
835 B
1 KB
Document
General
Full URL
http://protectionuser418.0hi.me/
Protocol
HTTP/1.1
Server
185.27.134.160 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
f9d99b0f5809c96b8dddb3a1b09526a39d831d687115ed9db8a9f62dafe765cb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
835
Content-Type
text/html
Date
Wed, 11 Dec 2024 09:53:11 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Server
nginx

Redirect headers

Location
http://protectionuser418.0hi.me/
Non-Authoritative-Reason
HttpsUpgrades
aes.js
protectionuser418.0hi.me/
13 KB
14 KB
Script
General
Full URL
http://protectionuser418.0hi.me/aes.js
Requested by
Host: protectionuser418.0hi.me
URL: http://protectionuser418.0hi.me/
Protocol
HTTP/1.1
Server
185.27.134.160 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://protectionuser418.0hi.me/

Response headers

ETag
"652c1483-35a5"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13733
Date
Wed, 11 Dec 2024 09:53:11 GMT
Content-Type
application/javascript
Last-Modified
Sun, 15 Oct 2023 16:34:11 GMT
Server
nginx
Primary Request /
protectionuser418.0hi.me/
1 KB
2 KB
Document
General
Full URL
http://protectionuser418.0hi.me/?i=1
Requested by
Host: protectionuser418.0hi.me
URL: http://protectionuser418.0hi.me/
Protocol
HTTP/1.1
Server
185.27.134.160 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
a3efa040d3ea8734e6ab14f261b18b2ddd8aea6af66154c3c9692e37c16b068c

Request headers

Referer
http://protectionuser418.0hi.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=2592000, public, proxy-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 11 Dec 2024 09:53:11 GMT
ETag
"3d6-6075d840c79b8"
Expires
Fri, 10 Jan 2025 09:53:11 GMT
Last-Modified
Tue, 10 Oct 2023 14:28:09 GMT
Server
nginx
Transfer-Encoding
chunked
styles.css
protectionuser418.0hi.me/
2 KB
3 KB
Stylesheet
General
Full URL
http://protectionuser418.0hi.me/styles.css
Requested by
Host: protectionuser418.0hi.me
URL: http://protectionuser418.0hi.me/?i=1
Protocol
HTTP/1.1
Server
185.27.134.160 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
5b8090d69070cab838c2fd3e14cda64456bf9000acbdb5f0992b6a01f4f3e1b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://protectionuser418.0hi.me/?i=1

Response headers

Cache-Control
max-age=2592000, public, proxy-revalidate, must-revalidate
ETag
"8a5-6075d842a8138"
Connection
keep-alive
Expires
Fri, 10 Jan 2025 09:53:11 GMT
Accept-Ranges
bytes
Content-Length
2213
Date
Wed, 11 Dec 2024 09:53:11 GMT
Content-Type
text/css
Last-Modified
Tue, 10 Oct 2023 14:28:10 GMT
Server
nginx
og.png
protectionuser418.0hi.me/
1 KB
2 KB
Image
General
Full URL
http://protectionuser418.0hi.me/og.png
Requested by
Host: protectionuser418.0hi.me
URL: http://protectionuser418.0hi.me/?i=1
Protocol
HTTP/1.1
Server
185.27.134.160 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
0268dfa7fe8087f128d440c90568ec97f58a8106a75a873e95c99ade6f782f94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://protectionuser418.0hi.me/?i=1

Response headers

Cache-Control
max-age=2592000, public, proxy-revalidate
ETag
"55b-6075d841f7518"
Connection
keep-alive
Expires
Fri, 10 Jan 2025 09:53:11 GMT
Accept-Ranges
bytes
Content-Length
1371
Date
Wed, 11 Dec 2024 09:53:11 GMT
Content-Type
image/png
Last-Modified
Tue, 10 Oct 2023 14:28:10 GMT
Server
nginx
nomb.png
protectionuser418.0hi.me/
2 KB
2 KB
Image
General
Full URL
http://protectionuser418.0hi.me/nomb.png
Requested by
Host: protectionuser418.0hi.me
URL: http://protectionuser418.0hi.me/?i=1
Protocol
HTTP/1.1
Server
185.27.134.160 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
4adeae689791fbf61801dfcde89414519ba1333c6e92afce56d22f95a8d868bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://protectionuser418.0hi.me/?i=1

Response headers

Cache-Control
max-age=2592000, public, proxy-revalidate
ETag
"60a-6075d8417dfb0"
Connection
keep-alive
Expires
Fri, 10 Jan 2025 09:53:11 GMT
Accept-Ranges
bytes
Content-Length
1546
Date
Wed, 11 Dec 2024 09:53:11 GMT
Content-Type
image/png
Last-Modified
Tue, 10 Oct 2023 14:28:09 GMT
Server
nginx
franzlab-antipishing.js
0hi.me/js/
15 KB
6 KB
Script
General
Full URL
https://0hi.me/js/franzlab-antipishing.js
Requested by
Host: protectionuser418.0hi.me
URL: http://protectionuser418.0hi.me/?i=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:c898 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e318a84aa4511f9e4c7389b96e3bd5e0a31c360ab6d5544e7df6d8ae94a182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://protectionuser418.0hi.me/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
6361
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EqhrWR1J3bN8wBdqJAbxU%2BsHPW%2BUe4Y%2Fb84o%2BvNEIZrvEie5QtP4s4mM%2BSNPiy%2FWoiBGixqwN1tfmFHORadhrpHQOxfKNBZidkjWmHMGZeuF5iTHDSUvYaHXpSeoi5Q8dHWiYT0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=42106&min_rtt=42083&rtt_var=8913&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3977&recv_bytes=2213&delivery_rate=92282&cwnd=188&unsent_bytes=0&cid=124069258431ffcd&ts=78&x=0"
date
Wed, 11 Dec 2024 09:53:12 GMT
content-type
application/javascript
last-modified
Wed, 14 Aug 2024 22:46:46 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; preload
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f049611eeac94ae-LHR
access-control-allow-origin
*
server
cloudflare
favicon.ico
protectionuser418.0hi.me/
1 KB
1 KB
Other
General
Full URL
http://protectionuser418.0hi.me/favicon.ico
Protocol
HTTP/1.1
Server
185.27.134.160 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
2b7ea8dd60889f75129a486330728ccbdbbf6f85b923d7805534cdaffa1beaa8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
http://protectionuser418.0hi.me/?i=1

Response headers

Content-Length
1182
Date
Wed, 11 Dec 2024 09:53:12 GMT
Content-Type
text/html; charset=iso-8859-1
Server
nginx
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| franzlab_f_1

1 Cookies

Domain/Path Name / Value
protectionuser418.0hi.me/ Name: __test
Value: 4ac4e27e36a537b969d70be4a9d97310

2 Console Messages

Source Level URL
Text
rendering warning URL: http://protectionuser418.0hi.me/?i=1(Line 6)
Message:
The key "minimun-sacale" is not recognized and ignored.
network error URL: http://protectionuser418.0hi.me/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)