urlscan.io logo urlscan.io
SecurityTrails logo

eu-sa1983.gways.org Open in urlscan Pro
34.251.149.206  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dcb.premium-gw.com/mm/0/service/142/user/72745534
Effective URL: https://eu-sa1983.gways.org/detection-back?detection_session_id=202209141606411c498694e56fa1aeb09398771ec7c56e6321dfcz&integ...
Submission: On September 17 via manual from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 3 countries across 3 domains to perform 1 HTTP transactions. The main IP is 34.251.149.206, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is eu-sa1983.gways.org.
TLS certificate: Issued by Amazon on June 14th 2022. Valid for: a year.
This is the only time eu-sa1983.gways.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.49.221.53 59905 (NTH)
1 1 160.218.160.162 5610 (O2-CZECH-...)
1 34.251.149.206 16509 (AMAZON-02)
1 1
Apex Domain
Subdomains		 Transfer
1 gways.org
eu-sa1983.gways.org
71 B
1 o2platba.cz
acr.o2platba.cz
613 B
1 premium-gw.com
dcb.premium-gw.com
323 B
1 3
Domain Requested by
1 eu-sa1983.gways.org
1 acr.o2platba.cz 1 redirects
1 dcb.premium-gw.com 1 redirects
1 3

This site contains no links.

Subject Issuer Validity Valid
*.gways.org
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://eu-sa1983.gways.org/detection-back?detection_session_id=202209141606411c498694e56fa1aeb09398771ec7c56e6321dfcz&integrator=&country=cz&cfg_sessionid=20220914160641CZ2146321dff155bbf&website_id=&cfg_landing_id=158725&uid=72745534
Frame ID: 92A5E03B43101182F3981ED327D83D51
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

1
IPs

3
Countries

0 kB
Transfer

0 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request detection-back
eu-sa1983.gways.org/
Redirect Chain
  • http://dcb.premium-gw.com/mm/0/service/142/user/72745534
  • http://acr.o2platba.cz/BDE9862B4A94D61B97EA993A00A38C69A8401D94?uid=72745534
  • https://eu-sa1983.gways.org/detection-back?detection_session_id=202209141606411c498694e56fa1aeb09398771ec7c56e6321dfcz&integrator=&country=cz&cfg_sessionid=20220914160641CZ2146321dff155bbf&website_...
0
71 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-sa1983.gways.org/detection-back?detection_session_id=202209141606411c498694e56fa1aeb09398771ec7c56e6321dfcz&integrator=&country=cz&cfg_sessionid=20220914160641CZ2146321dff155bbf&website_id=&cfg_landing_id=158725&uid=72745534
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.149.206 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-149-206.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 17 Sep 2022 07:11:31 GMT
server
Apache

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 17 Sep 2022 07:11:31 GMT
Location
https://eu-sa1983.gways.org/detection-back?detection_session_id=202209141606411c498694e56fa1aeb09398771ec7c56e6321dfcz&integrator=&country=cz&cfg_sessionid=20220914160641CZ2146321dff155bbf&website_id=&cfg_landing_id=158725&uid=72745534
Via
1.1 riil2 (squid/4.15)
X-Cache
MISS from riil2
X-Cache-Lookup
MISS from riil2:8080

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

4 Cookies

Domain/Path Name / Value
dcb.premium-gw.com/ Name: MPG.UserIdentity
Value: da16fc3b-b0b5-4314-bdd1-dae2421c1883
dcb.premium-gw.com/ Name: SERVERID
Value: B
acr.o2platba.cz/ Name: SERVERID
Value: A
acr.o2platba.cz/ Name: TS011d6c9e
Value: 0139c1083e6a8acb526b72e7d4a1dad0464c4d61e8df8068a188beaa4f6799445634f797919ec0932d1673481eb1ac808254d3b47b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acr.o2platba.cz
dcb.premium-gw.com
eu-sa1983.gways.org
160.218.160.162
185.49.221.53
34.251.149.206
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855