urlscan.io logo urlscan.io
SecurityTrails logo

r4wj.com Open in urlscan Pro
54.88.9.139  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lmgreen.xyz/api/track/go?bounce&offer_link=https%3a%2f%2fr4wj.com%2fc%2f97181%2f62474%2f%3fsid%3d194%2f
Effective URL: https://r4wj.com/c/97181/62474/?sid=194/
Submission: On August 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 10 HTTP transactions. The main IP is 54.88.9.139, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is r4wj.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 4th 2023. Valid for: a year.
This is the only time r4wj.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 162.0.209.235 22612 (NAMECHEAP...)
2 54.88.9.139 14618 (AMAZON-AES)
2 3.223.193.48 14618 (AMAZON-AES)
1 108.139.29.96 16509 (AMAZON-02)
10 5
Apex Domain
Subdomains		 Transfer
3 anura.io
script.anura.io — Cisco Umbrella Rank: 64799
ads.anura.io — Cisco Umbrella Rank: 79849
26 KB
2 r4wj.com
r4wj.com
5 KB
2 lmgreen.xyz
lmgreen.xyz
682 B
0 nationalhomequotes.com Failed
www.nationalhomequotes.com Failed
10 4
Domain Requested by
2 script.anura.io r4wj.com
script.anura.io
2 r4wj.com
2 lmgreen.xyz
1 ads.anura.io script.anura.io
0 www.nationalhomequotes.com Failed r4wj.com
10 5

This site contains no links.

Subject Issuer Validity Valid
lmgreen.xyz
Sectigo RSA Domain Validation Secure Server CA		 2023-10-14 -
2024-09-30		 a year crt.sh
dmclix.com
Amazon RSA 2048 M01		 2023-10-04 -
2024-10-30		 a year crt.sh
script.anura.io
Amazon RSA 2048 M03		 2023-10-16 -
2024-11-13		 a year crt.sh
ads.anura.io
Amazon RSA 2048 M03		 2024-04-29 -
2025-05-27		 a year crt.sh

This page contains 1 frames:

Frame: https://www.nationalhomequotes.com/quotes?Eref=OJS2NCV1QD&Subreferrer=62474_194%2F&Subid=c9286ef30b-497803311-51a7e5a334
Frame ID: A792D1772FEF61AD6BE954D8ED0B215F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://lmgreen.xyz/api/track/go?bounce&offer_link=https%3a%2f%2fr4wj.com%2fc%2f97181%2f62474%2f... HTTP 307
    https://lmgreen.xyz/api/track/go?bounce&offer_link=https%3a%2f%2fr4wj.com%2fc%2f97181%2f62474%2f... Page URL
  2. https://r4wj.com/c/97181/62474/?sid=194/ Page URL

Page Statistics

10
Requests

70 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

32 kB
Transfer

81 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lmgreen.xyz/api/track/go?bounce&offer_link=https%3a%2f%2fr4wj.com%2fc%2f97181%2f62474%2f%3fsid%3d194%2f HTTP 307
    https://lmgreen.xyz/api/track/go?bounce&offer_link=https%3a%2f%2fr4wj.com%2fc%2f97181%2f62474%2f%3fsid%3d194%2f Page URL
  2. https://r4wj.com/c/97181/62474/?sid=194/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://lmgreen.xyz/api/track/go?bounce&offer_link=https%3a%2f%2fr4wj.com%2fc%2f97181%2f62474%2f%3fsid%3d194%2f HTTP 307
  • https://lmgreen.xyz/api/track/go?bounce&offer_link=https%3a%2f%2fr4wj.com%2fc%2f97181%2f62474%2f%3fsid%3d194%2f

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
go
lmgreen.xyz/api/track/
Redirect Chain
  • http://lmgreen.xyz/api/track/go?bounce&offer_link=https%3a%2f%2fr4wj.com%2fc%2f97181%2f62474%2f%3fsid%3d194%2f
  • https://lmgreen.xyz/api/track/go?bounce&offer_link=https%3a%2f%2fr4wj.com%2fc%2f97181%2f62474%2f%3fsid%3d194%2f
128 B
490 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lmgreen.xyz/api/track/go?bounce&offer_link=https%3a%2f%2fr4wj.com%2fc%2f97181%2f62474%2f%3fsid%3d194%2f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.235 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business98-5.web-hosting.com
Software
LiteSpeed / PHP/7.4.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
cache-control
no-cache, private
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
date
Fri, 30 Aug 2024 23:14:37 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
x-ratelimit-limit
60
x-ratelimit-remaining
59
x-turbo-charged-by
LiteSpeed

Redirect headers

Location
https://lmgreen.xyz/api/track/go?bounce&offer_link=https%3a%2f%2fr4wj.com%2fc%2f97181%2f62474%2f%3fsid%3d194%2f
Non-Authoritative-Reason
HttpsUpgrades
Primary Request /
r4wj.com/c/97181/62474/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r4wj.com/c/97181/62474/?sid=194/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.88.9.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-9-139.compute-1.amazonaws.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
a472a2a1ed0ac778120c769b8494ca923ad7333ab36ca431af7773889d2051ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
3768
content-type
text/html; charset=UTF-8
date
Fri, 30 Aug 2024 23:14:38 GMT
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
server
Apache/2.4.38 (Debian)
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
favicon.ico
lmgreen.xyz/ 		0
192 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lmgreen.xyz/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.0.209.235 Lebanon, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
business98-5.web-hosting.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:14:37 GMT
last-modified
Wed, 29 Sep 2021 20:59:51 GMT
server
LiteSpeed
content-type
image/x-icon
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
content-length
0
expires
Fri, 06 Sep 2024 23:14:37 GMT
request.js
script.anura.io/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/request.js?instance=1220929572&source=62474&campaign=9842&exid=497803311&additional=%7B%221%22%3A%22194%5C%2F%22%7D&callback=_dmanracallback&139405043398
Requested by
Host: r4wj.com
URL: https://r4wj.com/c/97181/62474/?sid=194/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.193.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-193-48.compute-1.amazonaws.com
Software
nginx /
Resource Hash
88676fa31c1f866b40c154bdc988552c99256045ab4cfed815cf999242c1adac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://r4wj.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:14:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
showads.js
ads.anura.io/ 		0
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.anura.io/showads.js?959405490976
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=1220929572&source=62474&campaign=9842&exid=497803311&additional=%7B%221%22%3A%22194%5C%2F%22%7D&callback=_dmanracallback&139405043398
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-96.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://r4wj.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 15:54:43 GMT
content-encoding
gzip
via
1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
JFK50-P2
age
26396
vary
Accept-Encoding
x-cache
Hit from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
x-amz-cf-id
eSL1eLekRXfeofty2Vu5QvWgl9aY5FLUXrZXGeH6KHqNQLr1I541Dw==
a4c75661-7486-401b-9d0c-65626969d5d0
https://r4wj.com/ 		0
0
favicon.ico
r4wj.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://r4wj.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.88.9.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-9-139.compute-1.amazonaws.com
Software
Apache/2.4.38 (Debian) /
Resource Hash
262f93442b997acae6c34240764fe5d03fde600f68321238ad199859df5337f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://r4wj.com/c/97181/62474/?sid=194/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Fri, 30 Aug 2024 23:14:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 27 Mar 2024 23:02:19 GMT
server
Apache/2.4.38 (Debian)
etag
"47e-614ac660814c0"
content-type
image/vnd.microsoft.icon
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
accept-ranges
bytes
content-length
1150
response.json
script.anura.io/ 		20 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/response.json?528612293989
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=1220929572&source=62474&campaign=9842&exid=497803311&additional=%7B%221%22%3A%22194%5C%2F%22%7D&callback=_dmanracallback&139405043398
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.223.193.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-193-48.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cfe7dbcd0ddccd6fb44dfd7d7bcaee6548c035f8628ab38eaa613a139d44313e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://r4wj.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 30 Aug 2024 23:14:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
quotes
www.nationalhomequotes.com/ 		0
0
quotes
www.nationalhomequotes.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
r4wj.com
URL
blob:https://r4wj.com/a4c75661-7486-401b-9d0c-65626969d5d0
Domain
www.nationalhomequotes.com
URL
https://www.nationalhomequotes.com/quotes?Eref=OJS2NCV1QD&Subreferrer=62474_194%2F&Subid=c9286ef30b-497803311-51a7e5a334
Domain
www.nationalhomequotes.com
URL
https://www.nationalhomequotes.com/quotes?Eref=OJS2NCV1QD&Subreferrer=62474_194%2F&Subid=c9286ef30b-497803311-51a7e5a334

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _dmanrasuccess object| _dmanra function| _dmanracallback object| Bugsnag object| Anura

2 Cookies

Domain/Path Name / Value
lmgreen.xyz/ Name: track_my_result_session
Value: k6LSC6Fdrno7HWLG1xtokdgpy6nuA1zIAFHXiKXV
.r4wj.com/ Name: DIABLO-9842
Value: c9286ef30b-497803311-51a7e5a334