xsr.ygs.mybluehost.me Open in urlscan Pro
162.241.218.196 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://static.helpjuice.com/helpjuice_production/uploads/upload/image/19549/4068080/1716210161856-adsan.html
Effective URL:
https://xsr.ygs.mybluehost.me/sunr/owa.php
Submission: On May 27 via automatic, source phishtank (May 27th 2024, 10:24:32 pm UTC) — Scanned from DE

Summary HTTP 12 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 162.241.218.196, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is xsr.ygs.mybluehost.me.
TLS certificate: Issued by R3 on April 18th 2024. Valid for: 3 months.

This is the only time xsr.ygs.mybluehost.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2600:9000:26d... 2600:9000:26db:aa00:f:4a9:64c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
9	162.241.218.196 162.241.218.196	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
12	3

2 2600:9000:26db:aa00:f:4a9:64c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.helpjuice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 162.241.218.196 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5586.bluehost.com

xsr.ygs.mybluehost.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	mybluehost.me xsr.ygs.mybluehost.me	189 KB
2	helpjuice.com static.helpjuice.com — Cisco Umbrella Rank: 103056	2 KB
1	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	28 B
12	3

	Domain	Requested by
9	xsr.ygs.mybluehost.me	static.helpjuice.com xsr.ygs.mybluehost.me
2	static.helpjuice.com
1	googleads.g.doubleclick.net	1 redirects
12	3

This site contains links to these domains. Also see Links.

Domain
wordpress.org

Subject Issuer	Validity	Valid
*.helpjuice.com RapidSSL TLS RSA CA G1	`2023-07-19` - `2024-08-01`	a year	crt.sh
cpanel.xsr.ygs.mybluehost.me R3	`2024-04-18` - `2024-07-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://xsr.ygs.mybluehost.me/sunr/owa.php
Frame ID: ECE0A8C410158EE6DD233D5BF46AD0B0
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found – Welcome

Page URL History Show full URLs

https://static.helpjuice.com/helpjuice_production/uploads/upload/image/19549/4068080/1716210161856-adsan.... Page URL
https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjssUqRrk6Hgh26M0PrPfSLGFtWZySbQEWT7rEs2SA6U7IQkKZ6JcslT6ln... HTTP 302
https://xsr.ygs.mybluehost.me/sunr/owa.php Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

12
Requests

92 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

191 kB
Transfer

564 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://static.helpjuice.com/helpjuice_production/uploads/upload/image/19549/4068080/1716210161856-adsan.html Page URL
https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjssUqRrk6Hgh26M0PrPfSLGFtWZySbQEWT7rEs2SA6U7IQkKZ6JcslT6lndgIVdwmjHlxHhu-ekeDvWr8CeeuREnXHrX78eTfI9VzqD_vEj1lJxiMBfM4Q_9xGQCyI6_e8bzhQAD00ohsgTWFfaOadUYWqZHarIYHLDkjGN8UX3M-6QGVPkgnKy3aodnGd6k63rlYbQn2sPcptL_c7OkG2SEr3uz1I4P_2mk6FUFlQ89MOl9DPxevfYe3UQUqmKWQtk&sai=AMfl-YRUgZaGq1jdp5f3AMvx_VntJje5GuevQqV03MtFU_jwoUcpX-1f8i9sIrB43glH86BDK2AtY7dj7dA7LYBavZb762kJwuoPgEo2dUkxd591-ix0JIP-43SX6G6hkEE&sig=Cg0ArKJSzJ6r_wTn_VJL&adurl=https://xsr.ygs.mybluehost.me/sunr/owa.php HTTP 302
https://xsr.ygs.mybluehost.me/sunr/owa.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 1716210161856-adsan.html Show response
static.helpjuice.com/helpjuice_production/uploads/upload/image/19549/4068080/ 1 KB
1 KB 153ms
43ms Document
text/html 2600:9000:26db:aa00:f:4a9:64c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.helpjuice.com/helpjuice_production/uploads/upload/image/19549/4068080/1716210161856-adsan.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:aa00:f:4a9:64c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10370fd1dbde51bc37f079537e950e8a6aa61e2ab315e39dd7ddbd41ebcbd44d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 619253
cache-control: max-age=31536000
content-length: 1075
date: Mon, 20 May 2024 18:23:35 GMT
etag: "a635a8ff2fd6152a86909f14decbbffc"
last-modified: Mon, 20 May 2024 13:02:50 GMT
server: AmazonS3
via: 1.1 ac174bd7948c4e669be0382ce2c052e8.cloudfront.net (CloudFront)
x-amz-cf-id: R6HF-QJadtjvrIFnPLBnNr9g9BWi3io092_p2oTVTu17hVqP1PJVcQ==
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 favicon.ico
static.helpjuice.com/ 0
815 B 67ms
67ms Other
image/vnd.microsoft.icon 2600:9000:26db:aa00:f:4a9:64c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.helpjuice.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26db:aa00:f:4a9:64c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://static.helpjuice.com/helpjuice_production/uploads/upload/image/19549/4068080/1716210161856-adsan.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 20:33:38 GMT
access-control-request-method: *
via: 1.1 vegur, 1.1 ac174bd7948c4e669be0382ce2c052e8.cloudfront.net (CloudFront)
strict-transport-security: max-age=2592000
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-amz-cf-pop: MUC50-P3
age: 6648
x-cache: Hit from cloudfront
content-length: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1716842019&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=oioCkw%2F9QF6ERuKpaf5BH%2F3ldhZR8G6pyZ2b4zRsl7E%3D
last-modified: Mon, 27 May 2024 12:05:27 GMT
server: Cowboy
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1716842019&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=oioCkw%2F9QF6ERuKpaf5BH%2F3ldhZR8G6pyZ2b4zRsl7E%3D"}]}
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-id: 6y5UI62Yitgvy7Iklr1f9NBTe4ksuEyJiLOzWoTzx-SZhxybPODweQ==
expires: Tue, 27 May 2025 12:24:37 +0000

GET
H2

404

Primary Request owa.php Show response
xsr.ygs.mybluehost.me/sunr/
Redirect Chain

https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjssUqRrk6Hgh26M0PrPfSLGFtWZySbQEWT7rEs2SA6U7IQkKZ6JcslT6lndgIVdwmjHlxHhu-ekeDvWr8CeeuREnXHrX78eTfI9VzqD_vEj1lJxiMBfM4Q_9xGQCyI6_e8bzhQAD00ohsgT...
https://xsr.ygs.mybluehost.me/sunr/owa.php

57 KB
15 KB

1192ms
773ms

Document
text/html

162.241.218.196
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://xsr.ygs.mybluehost.me/sunr/owa.php
Requested by: Host: static.helpjuice.com
URL: https://static.helpjuice.com/helpjuice_production/uploads/upload/image/19549/4068080/1716210161856-adsan.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.218.196 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5586.bluehost.com
Software: nginx/1.21.6 /
Resource Hash: 9ae9d7295c716487ac1d45d2ea58c1ac85bb9dfaba2c225591dff4147f3086fb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://static.helpjuice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-length: 15260
content-type: text/html; charset=UTF-8
date: Mon, 27 May 2024 22:24:31 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
link: <https://xsr.ygs.mybluehost.me/wp-json/>; rel="https://api.w.org/"
server: nginx/1.21.6
vary: Accept-Encoding
x-newfold-cache-level: 2

Redirect headers

accept-ch: Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version Sec-CH-UA-Full-Version-List Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 May 2024 22:24:30 GMT
location: https://xsr.ygs.mybluehost.me/sunr/owa.php
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 style.min.css
xsr.ygs.mybluehost.me/wp-includes/blocks/navigation/ 16 KB
3 KB 215ms
214ms Stylesheet
text/css 162.241.218.196
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://xsr.ygs.mybluehost.me/wp-includes/blocks/navigation/style.min.css?ver=6.5.3
Requested by: Host: xsr.ygs.mybluehost.me
URL: https://xsr.ygs.mybluehost.me/sunr/owa.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.218.196 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5586.bluehost.com
Software: Apache /
Resource Hash: e2af3d1fbe48af4fa4e2294de3661b895af5c489a7d2ce5888cd14d5f070e78b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://xsr.ygs.mybluehost.me/sunr/owa.php
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 22:24:31 GMT
content-encoding: gzip
last-modified: Thu, 18 Apr 2024 08:34:30 GMT
server: Apache
vary: Accept-Encoding
x-newfold-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3258
expires: Tue, 28 May 2024 22:24:31 GMT

GET
H2 200 utilities.css
xsr.ygs.mybluehost.me/wp-content/plugins/bluehost-wordpress-plugin/vendor/newfold-labs/wp-module-patterns/assets/build/ 51 KB
11 KB 408ms
408ms Stylesheet
text/css 162.241.218.196
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://xsr.ygs.mybluehost.me/wp-content/plugins/bluehost-wordpress-plugin/vendor/newfold-labs/wp-module-patterns/assets/build/utilities.css?ver=1.0.0
Requested by: Host: xsr.ygs.mybluehost.me
URL: https://xsr.ygs.mybluehost.me/sunr/owa.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.218.196 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5586.bluehost.com
Software: Apache /
Resource Hash: 9d643106b9b9e217dcd2024e6f73cdd831292b6cf40b749b6f2fb9affd0fc1db

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://xsr.ygs.mybluehost.me/sunr/owa.php
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 22:24:31 GMT
content-encoding: gzip
last-modified: Fri, 17 May 2024 05:41:30 GMT
server: Apache
vary: Accept-Encoding
x-newfold-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 10764
expires: Tue, 28 May 2024 22:24:31 GMT

GET
H2 200 utilities.js Show response
xsr.ygs.mybluehost.me/wp-content/plugins/bluehost-wordpress-plugin/vendor/newfold-labs/wp-module-patterns/assets/build/ 2 KB
972 B 211ms
211ms Script
application/javascript 162.241.218.196
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://xsr.ygs.mybluehost.me/wp-content/plugins/bluehost-wordpress-plugin/vendor/newfold-labs/wp-module-patterns/assets/build/utilities.js?ver=1.0.0
Requested by: Host: xsr.ygs.mybluehost.me
URL: https://xsr.ygs.mybluehost.me/sunr/owa.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.218.196 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5586.bluehost.com
Software: Apache /
Resource Hash: 9b378afba028328f899c6e4ca77c1e54de6814c5b412f299d193b331ab098083

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://xsr.ygs.mybluehost.me/sunr/owa.php
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 22:24:31 GMT
content-encoding: gzip
last-modified: Fri, 17 May 2024 05:41:30 GMT
server: Apache
vary: Accept-Encoding
x-newfold-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 913
expires: Tue, 28 May 2024 22:24:31 GMT

GET
H2 200 view.min.js Show response
xsr.ygs.mybluehost.me/wp-includes/blocks/navigation/ 3 KB
1 KB 209ms
209ms Script
application/javascript 162.241.218.196
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://xsr.ygs.mybluehost.me/wp-includes/blocks/navigation/view.min.js?ver=6.5.3
Requested by: Host: xsr.ygs.mybluehost.me
URL: https://xsr.ygs.mybluehost.me/sunr/owa.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.218.196 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5586.bluehost.com
Software: Apache /
Resource Hash: cef72ad53596109595c152da16e28c2799d53b4c151274c7b28c0324e7230f24

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://xsr.ygs.mybluehost.me/sunr/owa.php
Origin: https://xsr.ygs.mybluehost.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 22:24:31 GMT
content-encoding: gzip
last-modified: Thu, 18 Apr 2024 08:34:30 GMT
server: Apache
vary: Accept-Encoding
x-newfold-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1166
expires: Tue, 28 May 2024 22:24:31 GMT

GET
H2 200 interactivity.min.js Show response
xsr.ygs.mybluehost.me/wp-includes/js/dist/ 34 KB
15 KB 215ms
214ms Script
application/javascript 162.241.218.196
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://xsr.ygs.mybluehost.me/wp-includes/js/dist/interactivity.min.js?ver=6.5.3
Requested by: Host: xsr.ygs.mybluehost.me
URL: https://xsr.ygs.mybluehost.me/sunr/owa.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.218.196 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5586.bluehost.com
Software: Apache /
Resource Hash: df8d3d01743dad99fb13e9a7f1e1d1705e403eab0576dd1a81c45fcc42086a5b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://xsr.ygs.mybluehost.me/sunr/owa.php
Origin: https://xsr.ygs.mybluehost.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 22:24:31 GMT
content-encoding: gzip
last-modified: Tue, 07 May 2024 22:09:26 GMT
server: Apache
vary: Accept-Encoding
x-newfold-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 15320
expires: Tue, 28 May 2024 22:24:31 GMT

GET
BLOB 200
OK b91c7a0b-dfe3-475a-94de-252e10b0d9a3
https://xsr.ygs.mybluehost.me/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://xsr.ygs.mybluehost.me/b91c7a0b-dfe3-475a-94de-252e10b0d9a3
Requested by: Host: xsr.ygs.mybluehost.me
URL: https://xsr.ygs.mybluehost.me/sunr/owa.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 Inter-VariableFont_slnt,wght.woff2
xsr.ygs.mybluehost.me/wp-content/themes/twentytwentyfour/assets/fonts/inter/ 256 KB
0 408ms
408ms Font
font/woff2 162.241.218.196
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://xsr.ygs.mybluehost.me/wp-content/themes/twentytwentyfour/assets/fonts/inter/Inter-VariableFont_slnt,wght.woff2
Requested by: Host: xsr.ygs.mybluehost.me
URL: https://xsr.ygs.mybluehost.me/sunr/owa.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.218.196 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5586.bluehost.com
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://xsr.ygs.mybluehost.me/sunr/owa.php
Origin: https://xsr.ygs.mybluehost.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 22:24:32 GMT
last-modified: Thu, 18 Apr 2024 08:34:30 GMT
server: Apache
x-newfold-cache-level: 2
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 326628
expires: Tue, 28 May 2024 22:24:32 GMT

GET
H2 200 cardo_normal_400.woff2
xsr.ygs.mybluehost.me/wp-content/themes/twentytwentyfour/assets/fonts/cardo/ 143 KB
143 KB 209ms
209ms Font
font/woff2 162.241.218.196
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://xsr.ygs.mybluehost.me/wp-content/themes/twentytwentyfour/assets/fonts/cardo/cardo_normal_400.woff2
Requested by: Host: xsr.ygs.mybluehost.me
URL: https://xsr.ygs.mybluehost.me/sunr/owa.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.218.196 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5586.bluehost.com
Software: Apache /
Resource Hash: aa8042a77500cfe4a4893e2b7edbd54dded92768e40418fa0665bec8aae9ae18

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://xsr.ygs.mybluehost.me/sunr/owa.php
Origin: https://xsr.ygs.mybluehost.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 22:24:32 GMT
last-modified: Thu, 18 Apr 2024 08:34:30 GMT
server: Apache
x-newfold-cache-level: 2
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 146060
expires: Tue, 28 May 2024 22:24:32 GMT

GET
H2 200 wp-emoji-release.min.js
xsr.ygs.mybluehost.me/wp-includes/js/ 0
0 407ms
407ms Script
application/javascript 162.241.218.196
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://xsr.ygs.mybluehost.me/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3
Requested by: Host: xsr.ygs.mybluehost.me
URL: https://xsr.ygs.mybluehost.me/sunr/owa.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.218.196 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5586.bluehost.com
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://xsr.ygs.mybluehost.me/sunr/owa.php
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 22:24:32 GMT
content-encoding: gzip
last-modified: Thu, 18 Apr 2024 08:34:31 GMT
server: Apache
vary: Accept-Encoding
x-newfold-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5365
expires: Tue, 28 May 2024 22:24:32 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _wpemojiSettings

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-21 06:15:44	Name: IDE Value: AHWqTUmCU4Zs7ifDIovpjl4Xe5l9P2eNzpw8Kb1qE2VmGzuITqT8lIOjrMbQWKsF5zo

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://xsr.ygs.mybluehost.me/sunr/owa.php Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

googleads.g.doubleclick.net
static.helpjuice.com
xsr.ygs.mybluehost.me
142.250.185.226
162.241.218.196
2600:9000:26db:aa00:f:4a9:64c0:93a1
10370fd1dbde51bc37f079537e950e8a6aa61e2ab315e39dd7ddbd41ebcbd44d
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
9ae9d7295c716487ac1d45d2ea58c1ac85bb9dfaba2c225591dff4147f3086fb
9b378afba028328f899c6e4ca77c1e54de6814c5b412f299d193b331ab098083
9d643106b9b9e217dcd2024e6f73cdd831292b6cf40b749b6f2fb9affd0fc1db
aa8042a77500cfe4a4893e2b7edbd54dded92768e40418fa0665bec8aae9ae18
cef72ad53596109595c152da16e28c2799d53b4c151274c7b28c0324e7230f24
df8d3d01743dad99fb13e9a7f1e1d1705e403eab0576dd1a81c45fcc42086a5b
e2af3d1fbe48af4fa4e2294de3661b895af5c489a7d2ce5888cd14d5f070e78b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

xsr.ygs.mybluehost.me Open in urlscan Pro 162.241.218.196 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

191 kBTransfer

564 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

xsr.ygs.mybluehost.me Open in urlscan Pro
162.241.218.196 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

191 kB
Transfer

564 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions