ams733900389309733.astrofencing.com

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 4 HTTP transactions. The main IP is 80.85.154.183, located in Moscow, Russian Federation and belongs to CHELYABINSK-SIGNAL-AS, RU. The main domain is ams733900389309733.astrofencing.com.
TLS certificate: Issued by R3 on June 7th 2023. Valid for: 3 months.

This is the only time ams733900389309733.astrofencing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	80.85.154.56 80.85.154.56	44493 (CHELYABIN...) (CHELYABINSK-SIGNAL-AS)
2 4	80.85.154.183 80.85.154.183	44493 (CHELYABIN...) (CHELYABINSK-SIGNAL-AS)
4	3

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

mohajer24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.85.154.56 (Moscow, Russian Federation) 1 redirects

ASN44493 (CHELYABINSK-SIGNAL-AS, RU)
PTR: paulmikare2.pserver.space

bgkx0aamzz.todoaudiolibros.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 80.85.154.183 (Moscow, Russian Federation) 2 redirects

ASN44493 (CHELYABINSK-SIGNAL-AS, RU)
PTR: paulmikare3.pserver.space

redirect.merlogba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams733900389309733.astrofencing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	astrofencing.com 1 redirects ams733900389309733.astrofencing.com	57 KB
1	merlogba.com 1 redirects redirect.merlogba.com	671 B
1	todoaudiolibros.com 1 redirects bgkx0aamzz.todoaudiolibros.com	453 B
1	mohajer24.com mohajer24.com	8 KB
4	4

	Domain	Requested by
3	ams733900389309733.astrofencing.com	1 redirects mohajer24.com ams733900389309733.astrofencing.com
1	redirect.merlogba.com	1 redirects
1	bgkx0aamzz.todoaudiolibros.com	1 redirects
1	mohajer24.com	mohajer24.com
4	4

This site contains no links.

Subject Issuer	Validity	Valid
mohajer24.com GTS CA 1P5	`2023-04-23` - `2023-07-22`	3 months	crt.sh
ams733900389309733.astrofencing.com R3	`2023-06-07` - `2023-09-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ams733900389309733.astrofencing.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=u.tcognnc-&sso_reload=true
Frame ID: 16ACD96CD53EE3499F05613C92B93CE0
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mohajer24.com/ssl/?82989c2e99fcbf2aJmltdHM9MTY4NTQwNDgwMCZpZ3VpZD0xNzY4NzQ3MS04YzY4LTY4OTk... Page URL
http://bgkx0aamzz.todoaudiolibros.com/s.ramella- HTTP 301
https://redirect.merlogba.com/?edcw&qrc=s.ramella- HTTP 302
https://ams733900389309733.astrofencing.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2FtczczMzkwM... HTTP 302
https://ams733900389309733.astrofencing.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f9376527... Page URL
https://ams733900389309733.astrofencing.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f9376527... Page URL

Page Statistics

4
Requests

75 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

65 kB
Transfer

308 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mohajer24.com/ssl/?82989c2e99fcbf2aJmltdHM9MTY4NTQwNDgwMCZpZ3VpZD0xNzY4NzQ3MS04YzY4LTY4OTktMTk5Yy02NzZiOGQyZDY5NTYmaW5zaWQ9NTE2MA&ptn=3&hsh=3&fclid=17687471-8c68-6899-199c-676b8d2d6956&u=a1aHR0cHM6Ly93d3cudGVrbm9mb29kLmNvbS8dApO1cL3 Page URL
http://bgkx0aamzz.todoaudiolibros.com/s.ramella- HTTP 301
https://redirect.merlogba.com/?edcw&qrc=s.ramella- HTTP 302
https://ams733900389309733.astrofencing.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2FtczczMzkwMDM4OTMwOTczMy5hc3Ryb2ZlbmNpbmcuY29tIiwiZG9tYWluIjoiYW1zNzMzOTAwMzg5MzA5NzMzLmFzdHJvZmVuY2luZy5jb20iLCJrZXkiOiJnQ0pxeEVwRkoxcWkiLCJxcmMiOiJzLnJhbWVsbGEtIiwiaWF0IjoxNjg2MTU4MTQ4LCJleHAiOjE2ODYxNTgyNjh9.LKsUK8oVwdVnwIrR3GQk4h_5b8CDqCMv5e_owyuvy3I HTTP 302
https://ams733900389309733.astrofencing.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=u.tcognnc- Page URL
https://ams733900389309733.astrofencing.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=u.tcognnc-&sso_reload=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://bgkx0aamzz.todoaudiolibros.com/s.ramella- HTTP 301
https://redirect.merlogba.com/?edcw&qrc=s.ramella- HTTP 302
https://ams733900389309733.astrofencing.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2FtczczMzkwMDM4OTMwOTczMy5hc3Ryb2ZlbmNpbmcuY29tIiwiZG9tYWluIjoiYW1zNzMzOTAwMzg5MzA5NzMzLmFzdHJvZmVuY2luZy5jb20iLCJrZXkiOiJnQ0pxeEVwRkoxcWkiLCJxcmMiOiJzLnJhbWVsbGEtIiwiaWF0IjoxNjg2MTU4MTQ4LCJleHAiOjE2ODYxNTgyNjh9.LKsUK8oVwdVnwIrR3GQk4h_5b8CDqCMv5e_owyuvy3I HTTP 302
https://ams733900389309733.astrofencing.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=u.tcognnc-

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
mohajer24.com/ssl/ 23 KB
8 KB 116ms
57ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mohajer24.com/ssl/?82989c2e99fcbf2aJmltdHM9MTY4NTQwNDgwMCZpZ3VpZD0xNzY4NzQ3MS04YzY4LTY4OTktMTk5Yy02NzZiOGQyZDY5NTYmaW5zaWQ9NTE2MA&ptn=3&hsh=3&fclid=17687471-8c68-6899-199c-676b8d2d6956&u=a1aHR0cHM6Ly93d3cudGVrbm9mb29kLmNvbS8dApO1cL3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / WP Rocket/3.12.3.3
Resource Hash: 9fadb07ecf7c70717e5f41303d3f9591d5b8cd685204252c592512b25d795046

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0,public
cf-cache-status: DYNAMIC
cf-ray: 7d3a89fd9ad61c7e-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 07 Jun 2023 17:15:46 GMT
expires: Wed, 07 Jun 2023 17:15:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ivl%2Bp%2F0g0lUAJAhd2jiS10NXFyXfprtaU4D2M7u5q4MqDoD2LJit5TEuXCJR53%2FlgWn%2FJ%2FtvafJ6VRUYANqhF79sT5o%2BDFN4sTkPJpRJjTFU%2FyxLsTutswN0fVSk%2BEWpz7FenFbG2mVOVCb"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent,Accept-Encoding
x-powered-by: WP Rocket/3.12.3.3
x-turbo-charged-by: LiteSpeed

GET /
mohajer24.com/ssl/ 0
0

GET
H/1.1

200
OK

cwvjqtkbg Show response
ams733900389309733.astrofencing.com/__//eqooqp/qcwvj2/x2.0/
Redirect Chain

http://bgkx0aamzz.todoaudiolibros.com/s.ramella-
https://redirect.merlogba.com/?edcw&qrc=s.ramella-
https://ams733900389309733.astrofencing.com/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2FtczczMzkwMDM4OTMwOTczMy5hc3Ryb2ZlbmNpbmcuY29tIiwiZG9tYWluIjoiYW1zNzMzOTAwMzg5MzA5NzMzLm...
https://ams733900389309733.astrofencing.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%...

154 KB
56 KB

836ms
836ms

Document
text/html

80.85.154.183
CHELYABINSK-SIGNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://ams733900389309733.astrofencing.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=u.tcognnc-

Requested by

Host: mohajer24.com
URL: https://mohajer24.com/ssl/?82989c2e99fcbf2aJmltdHM9MTY4NTQwNDgwMCZpZ3VpZD0xNzY4NzQ3MS04YzY4LTY4OTktMTk5Yy02NzZiOGQyZDY5NTYmaW5zaWQ9NTE2MA&ptn=3&hsh=3&fclid=17687471-8c68-6899-199c-676b8d2d6956&u=a1aHR0cHM6Ly93d3cudGVrbm9mb29kLmNvbS8dApO1cL3

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.85.154.183 Moscow, Russian Federation, ASN44493 (CHELYABINSK-SIGNAL-AS, RU),

Reverse DNS

paulmikare3.pserver.space

Software

/

Resource Hash

7759f9edbc74d5b6cdf1a33b43a8c43b5cd3093c60aecaaf76190e68f8df218e

Security Headers

Name

Value

Content-Security-Policy

default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache
Connection: close
Content-Encoding: gzip
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Jun 2023 17:15:48 GMT
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
content-length: 158022
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+ams1"}]}
x-ms-clitelem: 1,50168,0,,
x-ms-ests-server: 2.1.15482.18 - SEC ProdSlices
x-ms-request-id: df3e135b-b947-4849-923e-c78693ba5300

Redirect headers

Connection: keep-alive
Date: Wed, 07 Jun 2023 17:15:48 GMT
Keep-Alive: timeout=5
Transfer-Encoding: chunked
location: /__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=u.tcognnc-

GET
H/1.1 200
OK Primary Request cwvjqtkbg
ams733900389309733.astrofencing.com/__//eqooqp/qcwvj2/x2.0/ 130 KB
0 1291ms
1093ms Document
text/html 80.85.154.183
CHELYABINSK-SIGNA...

General

Check archive.org

Show headers Download Go to

Full URL

https://ams733900389309733.astrofencing.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=u.tcognnc-&sso_reload=true

Requested by

Host: ams733900389309733.astrofencing.com
URL: https://ams733900389309733.astrofencing.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=u.tcognnc-

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

80.85.154.183 Moscow, Russian Federation, ASN44493 (CHELYABINSK-SIGNAL-AS, RU),

Reverse DNS

paulmikare3.pserver.space

Software

/

Resource Hash

Security Headers

Name

Value

Content-Security-Policy

default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Strict-Transport-Security

max-age=31536000; includeSubDomains

Request headers

Referer: https://ams733900389309733.astrofencing.com/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=u.tcognnc-
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-store, no-cache
Connection: close
Content-Encoding: gzip
Content-Security-Policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; form-action * data: blob: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: filesystem: ; frame-ancestors 'self' * http://* https://* file://* about: javascript: data: blob: filesystem: ; object-src * data: blob: filesystem: 'unsafe-inline' 'unsafe-eval'; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Jun 2023 17:15:50 GMT
Expires: -1
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msauth.net>; rel=dns-prefetch, <https://aadcdn.msftauth.net>; rel=dns-prefetch
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
content-length: 208801
nel: {"report_to":"network-errors","max_age":86400,"success_fraction":0.001,"failure_fraction":1.0}
report-to: {"group":"network-errors","max_age":86400,"endpoints":[{"url":"https://identity.nel.measure.office.net/api/report?catId=GW+estsfd+frc"}]}
x-ms-clitelem: 1,0,0,,
x-ms-ests-server: 2.1.15482.18 - FRC ProdSlices
x-ms-request-id: feb17ab5-43e3-4684-a673-10be86e12900

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mohajer24.com
URL: https://mohajer24.com/ssl/?82989c2e99fcbf2aJmltdHM9MTY4NTQwNDgwMCZpZ3VpZD0xNzY4NzQ3MS04YzY4LTY4OTktMTk5Yy02NzZiOGQyZDY5NTYmaW5zaWQ9NTE2MA&ptn=3&hsh=3&fclid=17687471-8c68-6899-199c-676b8d2d6956&u=a1aHR0cHM6Ly93d3cudGVrbm9mb29kLmNvbS8dApO1cL3

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
redirect.merlogba.com/	1969-12-31 23:59:59	Name: qPdM Value: gCJqxEpFJ1qi
redirect.merlogba.com/	1969-12-31 23:59:59	Name: qPdM.sig Value: 7ma8Z-EdT1fEDjN5DAFwJz0eDE4
ams733900389309733.astrofencing.com/	1969-12-31 23:59:59	Name: qPdM Value: gCJqxEpFJ1qi
ams733900389309733.astrofencing.com/	1969-12-31 23:59:59	Name: qPdM.sig Value: 7ma8Z-EdT1fEDjN5DAFwJz0eDE4
ams733900389309733.astrofencing.com/	1970-01-20 13:05:50	Name: fpc Value: Aqx-Rybc6VFFhvXM8Cew5fI
ams733900389309733.astrofencing.com/	1969-12-31 23:59:59	Name: x-ms-gateway-slice Value: estsfd
ams733900389309733.astrofencing.com/	1969-12-31 23:59:59	Name: stsservicecookie Value: estsfd
.ams733900389309733.astrofencing.com/	1969-12-31 23:59:59	Name: AADSSO Value: NA\|NoExtension
ams733900389309733.astrofencing.com/	1970-01-20 12:22:38	Name: SSOCOOKIEPULLED Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ams733900389309733.astrofencing.com
bgkx0aamzz.todoaudiolibros.com
mohajer24.com
redirect.merlogba.com
mohajer24.com
2a06:98c1:3120::3
80.85.154.183
80.85.154.56
7759f9edbc74d5b6cdf1a33b43a8c43b5cd3093c60aecaaf76190e68f8df218e
9fadb07ecf7c70717e5f41303d3f9591d5b8cd685204252c592512b25d795046

ams733900389309733.astrofencing.com Open in urlscan Pro 80.85.154.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

4 Requests

75 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

65 kBTransfer

308 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

9 Cookies

Indicators

ams733900389309733.astrofencing.com Open in urlscan Pro
80.85.154.183 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

75 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

65 kB
Transfer

308 kB
Size

9
Cookies

4 HTTP transactions
0 data transactions