debtrebuild.xyz
Open in
urlscan Pro
188.114.96.3
Public Scan
Effective URL: https://debtrebuild.xyz/d1/?subid=ekmwpdty_5_5745&clcsr=1
Submission: On July 07 via api from BE — Scanned from AT
Summary
TLS certificate: Issued by E6 on June 28th 2024. Valid for: 3 months.
This is the only time debtrebuild.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 15 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 3 | 52.208.223.47 52.208.223.47 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 142.250.181.227 142.250.181.227 | 15169 (GOOGLE) (GOOGLE) | |
20 | 3 |
ASN13335 (CLOUDFLARENET, US)
codesconsolida.lat | |
debtrebuild.xyz |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-223-47.eu-west-1.compute.amazonaws.com
ghouasfe.xyz |
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
debtrebuild.xyz
debtrebuild.xyz |
92 KB |
4 |
gstatic.com
fonts.gstatic.com |
140 KB |
3 |
ghouasfe.xyz
1 redirects
ghouasfe.xyz |
3 KB |
1 |
codesconsolida.lat
1 redirects
codesconsolida.lat |
436 B |
20 | 4 |
Domain | Requested by | |
---|---|---|
14 | debtrebuild.xyz |
debtrebuild.xyz
|
4 | fonts.gstatic.com |
debtrebuild.xyz
|
3 | ghouasfe.xyz |
1 redirects
debtrebuild.xyz
|
1 | codesconsolida.lat | 1 redirects |
20 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
debtrebuild.xyz E6 |
2024-06-28 - 2024-09-26 |
3 months | crt.sh |
ghouasfe.xyz R11 |
2024-06-29 - 2024-09-27 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://debtrebuild.xyz/d1/?subid=ekmwpdty_5_5745&clcsr=1
Frame ID: 95CA87384EADFA7321B73A5EDE24B1F4
Requests: 20 HTTP requests in this frame
Screenshot
Page Title
Private "Debt Program"Page URL History Show full URLs
-
https://codesconsolida.lat/
HTTP 302
https://debtrebuild.xyz/r/ Page URL
-
https://ghouasfe.xyz/base.php?c=5&key=f71662ca1fc02b3dc015f440ddb7e645
HTTP 302
https://debtrebuild.xyz/d1/?subid=ekmwpdty_5_5745&clcsr=1 Page URL
Detected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://codesconsolida.lat/
HTTP 302
https://debtrebuild.xyz/r/ Page URL
-
https://ghouasfe.xyz/base.php?c=5&key=f71662ca1fc02b3dc015f440ddb7e645
HTTP 302
https://debtrebuild.xyz/d1/?subid=ekmwpdty_5_5745&clcsr=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://codesconsolida.lat/ HTTP 302
- https://debtrebuild.xyz/r/
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
/
debtrebuild.xyz/r/ Redirect Chain
|
246 B 656 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
/
debtrebuild.xyz/d1/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
debtrebuild.xyz/d1/src/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles.css
debtrebuild.xyz/d1/src/ |
41 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
debtrebuild.xyz/d1/src/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cnbc.avif
debtrebuild.xyz/d1/src/ |
1 KB 2 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
forbes.avif
debtrebuild.xyz/d1/src/ |
2 KB 2 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
brands.avif
debtrebuild.xyz/d1/src/ |
2 KB 2 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sftfgate.avif
debtrebuild.xyz/d1/src/ |
2 KB 2 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.avif
debtrebuild.xyz/d1/src/ |
57 KB 57 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
BBC-logo.avif
debtrebuild.xyz/d1/src/ |
2 KB 2 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rating.avif
debtrebuild.xyz/d1/src/ |
2 KB 3 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
digi.avif
debtrebuild.xyz/d1/src/ |
2 KB 3 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
email-decode.min.js
debtrebuild.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
landing.js
ghouasfe.xyz/ |
4 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ |
47 KB 47 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v15/ |
61 KB 61 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adck.php
ghouasfe.xyz/ |
43 B 367 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| startTimer object| clpconfig string| queryEngSec string| queryCaptureResolution number| clpaddesktimer object| hidLocation string| clroot function| getQueryUrl string| keyStr function| trim function| encode64 function| trackEngage function| ClTrackEngage function| ClTrackSub function| CpvTrackToken function| checkdirect function| desktopDetails function| resetCookie function| fbCapiTrack function| appendParamToLink function| appendParamToLinkID function| WriteImagePixel function| get_cookie string| hu object| gy object| ft string| requestUrl object| h object| m object| s number| hours4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ghouasfe.xyz/ | Name: PHPSESSID Value: b715fd2789b81f22ed92443a8635af1f |
|
.ghouasfe.xyz/ | Name: cpvlabclick Value: ZWttd3BkdHlfNV83XzhfNTc0NV84 |
|
.ghouasfe.xyz/ | Name: cpvlabsubid Value: ekmwpdty_5_5745 |
|
.ghouasfe.xyz/ | Name: cpvlablevel Value: 1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
codesconsolida.lat
debtrebuild.xyz
fonts.gstatic.com
ghouasfe.xyz
142.250.181.227
188.114.96.3
52.208.223.47
165d89e2ba1a2a47c45e2fd5f9168e90b6b23c4b92cef0777aede45bbad312a9
177628e7287755e9c42cb9adcee0d7b59183e2c1c9480a047005b39d806089c2
1798eb8cde962b77d8d8c2a840971df3b887e73f89c23f8d0c297376f9afab13
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
39825a99e693f7fb8fd6fa7798c92fdea684e42078c517f0d27b43786c21ac11
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
5abf25f346448d84cdadb216f28c524ed2e7d9a2fa1c57da4d3f232287aa2e42
7ff7c0ad81db134270f94e2658b6383c0deb5d3acf36367fdc56c48a41471f65
837154f16047b34355158ec455e7cf457c9c2e01a0ca9c5e4ae88c6b4ee14d8c
a58e20b3b0ebe4bab14a86341fa7b0deb591837d1a19b5082174c8e21c0c5e69
c0c7e92d9f698fbe1bc10f3bc31c2a7e91113da29f2dedc481b39f587343655b
c45b4fe632a356a31ef77bad65d461c3b60430dddb4e06dc1711139a649128ea
c8731c4df9556f6b59131a0b1c956c76ef037f8d9a86dcdc42d65edfd668a282
dd1f03bbe6f7c17fe6bf53beaf77349aa019f4e762015c3a5221483eefdb24b1
de97c3a6ce1953947f8f7648d6d54e5af7f28b1d67f7b265e94bb6a29130d08e
f491e47088bfcc184ef3a66f100194a564dd27d766063361d4d89e39fb4db94a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff11de8dd53431deb0047e022373452b60b0b432a9be16ee04121a7ced084337