euujbqcd-d175-v9.sigaretopt.ru Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://euujbqcd-d175-v9.sigaretopt.ru/
Effective URL:
https://euujbqcd-d175-v9.sigaretopt.ru/
Submission: On July 04 via manual (July 4th 2023, 8:35:11 am UTC) from GB — Scanned from NL

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 11 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is euujbqcd-d175-v9.sigaretopt.ru.
TLS certificate: Issued by GTS CA 1P5 on June 22nd 2023. Valid for: 3 months.

This is the only time euujbqcd-d175-v9.sigaretopt.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.21.39.40 104.21.39.40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	45.133.44.52 45.133.44.52	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	88.198.209.34 88.198.209.34	24940 (HETZNER-AS) (HETZNER-AS)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-AS) (HETZNER-AS)
1	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
11	6

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

euujbqcd-d175-v9.sigaretopt.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

euujbqcd-d175-v9.sigaretopt.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.39.40 (None, )

ASN13335 (CLOUDFLARENET, US)

js.nextpsh.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

a68a4c6a6a.3034f47ff3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpshsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.209.34 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-209-34.clients.your-server.de

notification.tubecup.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

290f73bb5a.0c09748660.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	3034f47ff3.com a68a4c6a6a.3034f47ff3.com	178 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 32064	417 B
2	wpshsdk.com js.wpshsdk.com — Cisco Umbrella Rank: 12548	28 KB
2	sigaretopt.ru 1 redirects euujbqcd-d175-v9.sigaretopt.ru	18 KB
1	0c09748660.com 290f73bb5a.0c09748660.com	207 B
1	tubecup.net notification.tubecup.net — Cisco Umbrella Rank: 12036	198 B
1	nextpsh.top js.nextpsh.top — Cisco Umbrella Rank: 129515	622 B
11	7

	Domain	Requested by
3	a68a4c6a6a.3034f47ff3.com	euujbqcd-d175-v9.sigaretopt.ru a68a4c6a6a.3034f47ff3.com
2	fp.metricswpsh.com	a68a4c6a6a.3034f47ff3.com
2	js.wpshsdk.com	a68a4c6a6a.3034f47ff3.com
2	euujbqcd-d175-v9.sigaretopt.ru	1 redirects
1	290f73bb5a.0c09748660.com	a68a4c6a6a.3034f47ff3.com
1	notification.tubecup.net	a68a4c6a6a.3034f47ff3.com
1	js.nextpsh.top	euujbqcd-d175-v9.sigaretopt.ru
11	7

This site contains no links.

Subject Issuer	Validity	Valid
sigaretopt.ru GTS CA 1P5	`2023-06-22` - `2023-09-20`	3 months	crt.sh
nextpsh.top GTS CA 1P5	`2023-06-08` - `2023-09-06`	3 months	crt.sh
a68a4c6a6a.3034f47ff3.com R3	`2023-07-01` - `2023-09-29`	3 months	crt.sh
js.wpshsdk.com R3	`2023-05-26` - `2023-08-24`	3 months	crt.sh
notification.tubecup.net R3	`2023-04-28` - `2023-07-27`	3 months	crt.sh
290f73bb5a.0c09748660.com R3	`2023-07-01` - `2023-09-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://euujbqcd-d175-v9.sigaretopt.ru/
Frame ID: 10EB4727364040E5224ACCB6D76344D7
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checking your browser

Page URL History Show full URLs

http://euujbqcd-d175-v9.sigaretopt.ru/ HTTP 301
https://euujbqcd-d175-v9.sigaretopt.ru/ Page URL

Page Statistics

11
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

225 kB
Transfer

762 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://euujbqcd-d175-v9.sigaretopt.ru/ HTTP 301
https://euujbqcd-d175-v9.sigaretopt.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response euujbqcd-d175-v9.sigaretopt.ru/ Redirect Chain http://euujbqcd-d175-v9.sigaretopt.ru/ https://euujbqcd-d175-v9.sigaretopt.ru/	39 KB 17 KB	121ms 61ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://euujbqcd-d175-v9.sigaretopt.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/8.0.19 Resource Hash `02659675504833c2944df8999af4346ac1e88c37a4768128a899829bb473c8fb` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7e160870dec6286a-AMS content-encoding br content-type text/html; charset=UTF-8 date Tue, 04 Jul 2023 08:35:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=emWnpSI0dGYeOSKtal%2BQu2qY3kFL0oasCASsB75iKkVjMFIGUz37sXOmUzl%2FuEPzXO4BWGQVd%2B0Tf1lcXnuD03asFrxrmQpNvu%2BuY102JetC6oiCAFvP%2Bo8ECVh2Lg%2B5yFvr5fGdqiWUhL7GR3%2FUE%2FRcQv9XGq3LBRzeAQs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/8.0.19 Redirect headers CF-RAY 7e1608704ce5b8fc-AMS Cache-Control max-age=3600 Connection keep-alive Date Tue, 04 Jul 2023 08:35:06 GMT Expires Tue, 04 Jul 2023 09:35:06 GMT Location https://euujbqcd-d175-v9.sigaretopt.ru/ NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipMdyn2Riftd7CAtJA556Mw53JNGQ6sHYH9s6h2TURq7VTei4sqt4vuqgPGshzw9fihXG5vp31zPfQKs41XE0GZ3pgqldCpHIT0%2Bw2PqoMta%2FW2EVRgYWHaqkWRnxmjo7DEsci5rmTyAQJE8gH%2FoBQiZvMLapcyyJVn%2BEBI%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400
GET H2	200	ps.js Show response js.nextpsh.top/ps/	82 B 622 B	132ms 61ms	Script application/javascript	104.21.39.40 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.nextpsh.top/ps/ps.js?id=jIHmFzR1xUmCiE0pRxf_YQ Requested by Host: euujbqcd-d175-v9.sigaretopt.ru URL: https://euujbqcd-d175-v9.sigaretopt.ru/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.39.40 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f41597e9109254c277334ce27b4dd5a1b823f2b988b602f3295fc2e8cdfd54a3` Request headers accept-language nl-NL,nl;q=0.9 Referer https://euujbqcd-d175-v9.sigaretopt.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Tue, 04 Jul 2023 08:35:07 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x9%2FYAKKPdLWzLTswsa9OaIxTnJxKwRFUyLEKb7LF4EaaPeEiJ%2Bsb0AOjeOpXb339FxDQvKJbn1MdyyPIGh8CzwONE6nsWw35cxidl8WmoBY43EJ1ar36UG%2F%2BFr5m2%2F%2F4dw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=0, no-cache, no-store, must-revalidate cf-ray 7e160871ca48b722-AMS alt-svc h3=":443"; ma=86400
GET H2	200	5d711cc3a5fbe6e8f73b77cc7a4136cd.js Show response a68a4c6a6a.3034f47ff3.com/	162 KB 57 KB	125ms 48ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://a68a4c6a6a.3034f47ff3.com/5d711cc3a5fbe6e8f73b77cc7a4136cd.js Requested by Host: euujbqcd-d175-v9.sigaretopt.ru URL: https://euujbqcd-d175-v9.sigaretopt.ru/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash `d3d0843c5b63c937660fc9fb5f57c6c729a761e06aab8b6ef84ecf3351ec6c75` Request headers Referer https://euujbqcd-d175-v9.sigaretopt.ru/ Origin https://euujbqcd-d175-v9.sigaretopt.ru accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers expires Tue, 04 Jul 2023 08:40:07 GMT date Tue, 04 Jul 2023 08:35:07 GMT content-encoding gzip last-modified Mon, 03 Jul 2023 11:20:35 GMT server nginx/1.18.0 etag W/"64a2af03-28696" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	43957 Show response a68a4c6a6a.3034f47ff3.com/08dda5e592f95642d2e5d756bb356a67/	1 KB 2 KB	25ms 25ms	XHR application/json	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://a68a4c6a6a.3034f47ff3.com/08dda5e592f95642d2e5d756bb356a67/43957?version_name=d Requested by Host: a68a4c6a6a.3034f47ff3.com URL: https://a68a4c6a6a.3034f47ff3.com/5d711cc3a5fbe6e8f73b77cc7a4136cd.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash `736dc02c8c6141c54bdfa937145891d3164d1261d120c2ed2c7fba08ed35e28a` Request headers accept-language nl-NL,nl;q=0.9 Referer https://euujbqcd-d175-v9.sigaretopt.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers expires Tue, 04 Jul 2023 08:40:07 GMT date Tue, 04 Jul 2023 08:35:07 GMT server nginx/1.18.0 content-type application/json access-control-allow-origin * cache-control max-age=300 content-length 1529 x-proxy-cache HIT
GET H2	200	wp-banners.js Show response js.wpshsdk.com/npc/sdk/	0 238 B	92ms 24ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpshsdk.com/npc/sdk/wp-banners.js Requested by Host: a68a4c6a6a.3034f47ff3.com URL: https://a68a4c6a6a.3034f47ff3.com/5d711cc3a5fbe6e8f73b77cc7a4136cd.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language nl-NL,nl;q=0.9 Referer https://euujbqcd-d175-v9.sigaretopt.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers expires Tue, 04 Jul 2023 08:40:07 GMT date Tue, 04 Jul 2023 08:35:07 GMT last-modified Fri, 20 Aug 2021 15:14:31 GMT server nginx/1.18.0 etag "611fc6d7-0" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 accept-ranges bytes content-length 0 x-proxy-cache HIT
GET H2	204	tags Show response notification.tubecup.net/	0 198 B	150ms 44ms	XHR text/plain	88.198.209.34 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://notification.tubecup.net/tags?tag_id=43957&timezone_olson=Etc/Unknown&version_name=d Requested by Host: a68a4c6a6a.3034f47ff3.com URL: https://a68a4c6a6a.3034f47ff3.com/5d711cc3a5fbe6e8f73b77cc7a4136cd.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.198.209.34 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.88-198-209-34.clients.your-server.de Software nginx/1.18.0 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language nl-NL,nl;q=0.9 Referer https://euujbqcd-d175-v9.sigaretopt.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 04 Jul 2023 08:35:07 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type
OPTIONS H/1.1	204 No Content	fp fp.metricswpsh.com/	0 0	147ms 46ms	Preflight	157.90.84.242 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=43957 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://euujbqcd-d175-v9.sigaretopt.ru Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin https://euujbqcd-d175-v9.sigaretopt.ru Connection keep-alive Date Tue, 04 Jul 2023 08:35:07 GMT Server nginx/1.20.1 Vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H/1.1	200 OK	fp Show response fp.metricswpsh.com/	28 B 417 B	227ms 135ms	XHR application/json	157.90.84.242 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://fp.metricswpsh.com/fp?tag_id=43957 Requested by Host: a68a4c6a6a.3034f47ff3.com URL: https://a68a4c6a6a.3034f47ff3.com/5d711cc3a5fbe6e8f73b77cc7a4136cd.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.242.84.90.157.clients.your-server.de Software nginx/1.20.1 / Resource Hash `3f6db53c68a44cbaef8e4bbbb6c64ddbd4d92d212dfbf3b90064022a2598eb89` Request headers Referer https://euujbqcd-d175-v9.sigaretopt.ru/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Content-Type application/json;charset=UTF-8 Response headers Date Tue, 04 Jul 2023 08:35:07 GMT Server nginx/1.20.1 Vary Origin Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://euujbqcd-d175-v9.sigaretopt.ru Access-Control-Allow-Credentials true Connection keep-alive Content-Length 28
GET H2	200	track Show response 290f73bb5a.0c09748660.com/in/	0 207 B	136ms 60ms	XHR text/plain	45.133.44.53 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://290f73bb5a.0c09748660.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTU5MDI5MDcyMTgwODAwMzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjYwLjYiLCJ0YWdfaWQiOjQzOTU3LCJzY3JlZW5fcmVzb2x1dGlvbiI6IjE2MDB4MTIwMCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiRXRjL1Vua25vd24iLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC4yNywiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjowLCJ1c2VyX2tleXdvcmRzIjoiQ2hlY2tpbmclMkN5b3VyJTJDYnJvd3NlciJ9 Requested by Host: a68a4c6a6a.3034f47ff3.com URL: https://a68a4c6a6a.3034f47ff3.com/5d711cc3a5fbe6e8f73b77cc7a4136cd.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language nl-NL,nl;q=0.9 Referer https://euujbqcd-d175-v9.sigaretopt.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers pragma no-cache date Tue, 04 Jul 2023 08:35:07 GMT server nginx/1.18.0 vary Origin access-control-allow-methods * access-control-allow-origin * cache-control no-transform, no-cache, no-store, must-revalidate access-control-allow-headers Content-Type content-length 0
GET H2	200	push.m.js Show response js.wpshsdk.com/npc/sdk/	69 KB 28 KB	35ms 35ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://js.wpshsdk.com/npc/sdk/push.m.js?v=1 Requested by Host: a68a4c6a6a.3034f47ff3.com URL: https://a68a4c6a6a.3034f47ff3.com/5d711cc3a5fbe6e8f73b77cc7a4136cd.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash `42c63349bc457df550830839f4eb0f07feb7d5833af1ede3dbcdd4049a98cd34` Request headers accept-language nl-NL,nl;q=0.9 Referer https://euujbqcd-d175-v9.sigaretopt.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers expires Tue, 04 Jul 2023 08:40:07 GMT date Tue, 04 Jul 2023 08:35:07 GMT content-encoding gzip last-modified Mon, 03 Jul 2023 15:48:03 GMT server nginx/1.18.0 etag W/"64a2edb3-115eb" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT
GET H2	200	8afc8ec5a8b7b545277bef9db1081c19.js Show response a68a4c6a6a.3034f47ff3.com/	490 KB 119 KB	75ms 25ms	Script application/javascript	45.133.44.52 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://a68a4c6a6a.3034f47ff3.com/8afc8ec5a8b7b545277bef9db1081c19.js Requested by Host: a68a4c6a6a.3034f47ff3.com URL: https://a68a4c6a6a.3034f47ff3.com/5d711cc3a5fbe6e8f73b77cc7a4136cd.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash `b894087f1e0c38eae4bbd75f7643ceae4d373c35d9012b6e480d7f3a70818fd6` Request headers accept-language nl-NL,nl;q=0.9 Referer https://euujbqcd-d175-v9.sigaretopt.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers expires Tue, 04 Jul 2023 08:40:07 GMT date Tue, 04 Jul 2023 08:35:07 GMT content-encoding gzip last-modified Fri, 30 Jun 2023 13:06:24 GMT server nginx/1.18.0 etag W/"649ed350-7a8c3" content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=300 x-proxy-cache HIT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			js.nextpsh.top/	1970-01-20 22:36:59	Name: __psu Value: 44d57a33-76ee-4741-9b67-d102e519ebb9
			fp.metricswpsh.com/	1970-01-20 21:46:35	Name: id Value: 642772651897015846

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

290f73bb5a.0c09748660.com
a68a4c6a6a.3034f47ff3.com
euujbqcd-d175-v9.sigaretopt.ru
fp.metricswpsh.com
js.nextpsh.top
js.wpshsdk.com
notification.tubecup.net
104.21.39.40
157.90.84.242
2a06:98c1:3120::3
2a06:98c1:3121::3
45.133.44.52
45.133.44.53
88.198.209.34
02659675504833c2944df8999af4346ac1e88c37a4768128a899829bb473c8fb
3f6db53c68a44cbaef8e4bbbb6c64ddbd4d92d212dfbf3b90064022a2598eb89
42c63349bc457df550830839f4eb0f07feb7d5833af1ede3dbcdd4049a98cd34
736dc02c8c6141c54bdfa937145891d3164d1261d120c2ed2c7fba08ed35e28a
b894087f1e0c38eae4bbd75f7643ceae4d373c35d9012b6e480d7f3a70818fd6
d3d0843c5b63c937660fc9fb5f57c6c729a761e06aab8b6ef84ecf3351ec6c75
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f41597e9109254c277334ce27b4dd5a1b823f2b988b602f3295fc2e8cdfd54a3

euujbqcd-d175-v9.sigaretopt.ru Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

100 %HTTPS

29 %IPv6

7 Domains

7 Subdomains

6 IPs

3 Countries

225 kBTransfer

762 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

2 Cookies

Indicators

euujbqcd-d175-v9.sigaretopt.ru Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

29 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

225 kB
Transfer

762 kB
Size

2
Cookies

11 HTTP transactions
0 data transactions