green.rwe-twe.com
Open in
urlscan Pro
108.178.23.115
Public Scan
Effective URL: https://green.rwe-twe.com/proc.php?6533567225ad56f8319985a8fa3ca0670c4c71aa
Submission: On September 27 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 25th 2023. Valid for: 3 months.
This is the only time green.rwe-twe.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 66.29.132.160 66.29.132.160 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 185.66.201.42 185.66.201.42 | 201702 (SKHOSTING-EU) (SKHOSTING-EU) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 185.66.201.8 185.66.201.8 | 201702 (SKHOSTING-EU) (SKHOSTING-EU) | |
2 | 108.178.23.115 108.178.23.115 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC) | |
8 | 6 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server341-4.web-hosting.com
url3.site |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
green.rwe-twe.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
rwe-twe.com
green.rwe-twe.com |
3 KB |
2 |
url3.site
1 redirects
url3.site |
817 B |
1 |
q-w-c.click
q-w-c.click |
355 B |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96 |
21 KB |
1 |
qoaaa.com
qoaaa.com — Cisco Umbrella Rank: 504875 |
1007 B |
0 |
qozf.sbs
Failed
v7183.qozf.sbs Failed |
|
8 | 6 |
Domain | Requested by | |
---|---|---|
2 | green.rwe-twe.com |
q-w-c.click
green.rwe-twe.com |
2 | url3.site | 1 redirects |
1 | q-w-c.click |
qoaaa.com
|
1 | www.google-analytics.com |
qoaaa.com
www.google-analytics.com |
1 | qoaaa.com |
url3.site
|
0 | v7183.qozf.sbs Failed |
green.rwe-twe.com
|
8 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
url3.site Sectigo RSA Domain Validation Secure Server CA |
2023-08-01 - 2024-08-01 |
a year | crt.sh |
qoaaa.com R3 |
2023-08-02 - 2023-10-31 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
q-w-c.click R3 |
2023-09-26 - 2023-12-25 |
3 months | crt.sh |
green.rwe-twe.com R3 |
2023-09-25 - 2023-12-24 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://v7183.qozf.sbs/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7283498049874165905&pub=21977&pid=21977-a2927fc0&c=0&app=unknown&br=Chrome&os=[[os]]&d=Google+Chrome&ca=DE+WiFi&a=0
Frame ID: FE924351D5B733FA5F648CAC363381AB
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
Click "Allow" To ContinuePage URL History Show full URLs
-
http://url3.site/ssc/?jo=6977702
HTTP 301
https://url3.site/ssc/?jo=6977702 Page URL
- https://qoaaa.com/7bcdeb18c7204bbf7d66/dbd8ebb4a8/?placementName=default Page URL
- https://q-w-c.click/go.php?go=https%3A%2F%2Fgreen.rwe-twe.com%2F%3Futm_medium%3D1c8a39bdc24f9bf0... Page URL
- https://green.rwe-twe.com/?utm_medium=1c8a39bdc24f9bf01a896823c2517f52e2f1f505&utm_campaign=smart2&1=2... Page URL
- https://green.rwe-twe.com/proc.php?6533567225ad56f8319985a8fa3ca0670c4c71aa Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://url3.site/ssc/?jo=6977702
HTTP 301
https://url3.site/ssc/?jo=6977702 Page URL
- https://qoaaa.com/7bcdeb18c7204bbf7d66/dbd8ebb4a8/?placementName=default Page URL
- https://q-w-c.click/go.php?go=https%3A%2F%2Fgreen.rwe-twe.com%2F%3Futm_medium%3D1c8a39bdc24f9bf01a896823c2517f52e2f1f505%26utm_campaign%3Dsmart2%261%3D29780095%26cid%3D90affC1695821539aff2a4352c777091a273a555%26np%3D1&do=19c66a9a6e2ee7f53a67c776d218a399 Page URL
- https://green.rwe-twe.com/?utm_medium=1c8a39bdc24f9bf01a896823c2517f52e2f1f505&utm_campaign=smart2&1=29780095&cid=90affC1695821539aff2a4352c777091a273a555&np=1 Page URL
- https://green.rwe-twe.com/proc.php?6533567225ad56f8319985a8fa3ca0670c4c71aa Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://url3.site/ssc/?jo=6977702 HTTP 301
- https://url3.site/ssc/?jo=6977702
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
url3.site/ssc/ Redirect Chain
|
864 B 573 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
qoaaa.com/7bcdeb18c7204bbf7d66/dbd8ebb4a8/ |
1 KB 1007 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
go.php
q-w-c.click/ |
649 B 355 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
collect
www.google-analytics.com/j/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
green.rwe-twe.com/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
proc.php
green.rwe-twe.com/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
go.php
v7183.qozf.sbs/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.google-analytics.com
- URL
- https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2086191253&t=pageview&_s=1&dl=https%3A%2F%2Fqoaaa.com%2F7bcdeb18c7204bbf7d66%2Fdbd8ebb4a8%2F%3FplacementName%3Ddefault&dr=https%3A%2F%2Furl3.site%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=783670605&gjid=671272182&cid=1230714134.1695821539&tid=UA-68398243-1&_gid=2117254612.1695821539&_r=1&_slc=1&z=151278601
- Domain
- v7183.qozf.sbs
- URL
- https://v7183.qozf.sbs/go.php?ad=dpmly88mjyqsa7zl6x30&sid=M7283498049874165905&pub=21977&pid=21977-a2927fc0&c=0&app=unknown&br=Chrome&os=[[os]]&d=Google+Chrome&ca=DE+WiFi&a=0
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture string| pm_appKey function| pm_denyAction string| pm_tag function| pm_allowAction6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
qoaaa.com/7bcdeb18c7204bbf7d66/dbd8ebb4a8 | Name: shown1 Value: 0 |
|
qoaaa.com/7bcdeb18c7204bbf7d66/dbd8ebb4a8 | Name: total_impressions Value: 1 |
|
qoaaa.com/ | Name: used_ad2938216 Value: 1 |
|
.qoaaa.com/ | Name: _ga Value: GA1.2.1230714134.1695821539 |
|
.qoaaa.com/ | Name: _gid Value: GA1.2.2117254612.1695821539 |
|
.qoaaa.com/ | Name: _gat Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
green.rwe-twe.com
q-w-c.click
qoaaa.com
url3.site
v7183.qozf.sbs
www.google-analytics.com
v7183.qozf.sbs
www.google-analytics.com
108.178.23.115
185.66.201.42
185.66.201.8
2a00:1450:4001:800::200e
66.29.132.160
72c3cae9c2bc920514f62648dc5b0e34d1df429c7d2971a8fd3b6a51a984b3c4