urlscan.io logo urlscan.io
SecurityTrails logo

whiteforwardlines.com Open in urlscan Pro
134.209.192.77  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://acg-sa.com/
Effective URL: https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=681373
Submission Tags: falconsandbox
Submission: On March 25 via api from US — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 12 HTTP transactions. The main IP is 134.209.192.77, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is whiteforwardlines.com. The Cisco Umbrella rank of the primary domain is 824419.
TLS certificate: Issued by R3 on March 11th 2023. Valid for: 3 months.
This is the only time whiteforwardlines.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 43.255.154.106 26496 (AS-26496-...)
1 5 162.55.76.206 24940 (HETZNER-AS)
1 134.209.192.77 14061 (DIGITALOC...)
12 4
Apex Domain
Subdomains		 Transfer
4 statisticline.com
stock.statisticline.com — Cisco Umbrella Rank: 727370
cdn.statisticline.com Failed
stats.statisticline.com — Cisco Umbrella Rank: 224967
far.statisticline.com — Cisco Umbrella Rank: 437994 Failed
7 KB
1 whiteforwardlines.com
whiteforwardlines.com — Cisco Umbrella Rank: 824419 Failed
0.whiteforwardlines.com Failed
52 KB
1 sortyellowapples.com
come.sortyellowapples.com — Cisco Umbrella Rank: 490249
669 B
1 acg-sa.com
acg-sa.com
2 KB
12 4
Domain Requested by
2 stock.statisticline.com acg-sa.com
stats.statisticline.com
1 whiteforwardlines.com come.sortyellowapples.com
1 come.sortyellowapples.com stock.statisticline.com
1 far.statisticline.com stock.statisticline.com
1 stats.statisticline.com stock.statisticline.com
1 acg-sa.com
0 0.whiteforwardlines.com Failed acg-sa.com
0 cdn.statisticline.com Failed acg-sa.com
12 8

This site contains no links.

Subject Issuer Validity Valid
stock.statisticline.com
R3		 2023-03-11 -
2023-06-09		 3 months crt.sh
stats.statisticline.com
R3		 2023-03-11 -
2023-06-09		 3 months crt.sh
come.sortyellowapples.com
R3		 2023-03-11 -
2023-06-09		 3 months crt.sh
whiteforwardlines.com
R3		 2023-03-11 -
2023-06-09		 3 months crt.sh

This page contains 1 frames:

Frame: https://0.whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=681373
Frame ID: 34D4597B9C9A92B85557DA2682912AD2
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

## Confirm notifications ##

Page URL History Show full URLs

  1. http://acg-sa.com/ Page URL
  2. https://far.statisticline.com/away/back.php?id=64785e55-66-45776433 HTTP 302
    https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=681373 Page URL
  3. https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=681373 Page URL

Page Statistics

12
Requests

42 %
HTTPS

0 %
IPv6

4
Domains

8
Subdomains

4
IPs

3
Countries

62 kB
Transfer

73 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://acg-sa.com/ Page URL
  2. https://far.statisticline.com/away/back.php?id=64785e55-66-45776433 HTTP 302
    https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=681373 Page URL
  3. https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=681373 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://far.statisticline.com/away/back.php?id=64785e55-66-45776433 HTTP 302
  • https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=681373

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
acg-sa.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://acg-sa.com/
Protocol
HTTP/1.1
Server
43.255.154.106 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
106.154.255.43.host.secureserver.net
Software
Apache / PHP/7.4.33
Resource Hash
46b01d69edf0db29974d9bdab8691d24eb9da99205ffc99524b068614e173e7a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Connection
Upgrade, close
Content-Type
text/html; charset=utf-8
Date
Sat, 25 Mar 2023 13:30:14 GMT
Server
Apache
Transfer-Encoding
chunked
Upgrade
h2,h2c
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.33
trick.js
stock.statisticline.com/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stock.statisticline.com/scripts/trick.js
Requested by
Host: acg-sa.com
URL: http://acg-sa.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.76.55.162.clients.your-server.de
Software
nginx /
Resource Hash
457151a58df3b35b928c930be326d6fe3678e482555c2524e0775a04f4dec63f

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://acg-sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Sat, 25 Mar 2023 13:30:14 GMT
Last-Modified
Sun, 12 Mar 2023 09:19:37 GMT
Server
nginx
ETag
"640d9929-707"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1799
Expires
Tue, 04 Apr 2023 13:30:14 GMT
sway.js
cdn.statisticline.com/scripts/ 		0
0
9BVf71
stats.statisticline.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.statisticline.com/9BVf71?&se_referrer=&default_keyword=&&_cid=7e0a7028-da53-2ffd-87fc-f42bdf819637
Requested by
Host: stock.statisticline.com
URL: https://stock.statisticline.com/scripts/trick.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.76.55.162.clients.your-server.de
Software
nginx /
Resource Hash
804916a811fb1c9663917b0c1967e70b3ce13a5a032b83b2d22bf6a4d7d843c1

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://acg-sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 25 Mar 2023 13:30:15 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
1306
Expires
0
swaytrick.js
stock.statisticline.com/scripts/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stock.statisticline.com/scripts/swaytrick.js
Requested by
Host: stats.statisticline.com
URL: https://stats.statisticline.com/9BVf71?&se_referrer=&default_keyword=&&_cid=7e0a7028-da53-2ffd-87fc-f42bdf819637
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.76.55.162.clients.your-server.de
Software
nginx /
Resource Hash
5d8f04969ad7e1a70d53cca8f35f91d3a4f6bddbe86f32ca29ec0fa5ab6d6777

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://acg-sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Sat, 25 Mar 2023 13:30:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Mar 2023 15:51:50 GMT
Server
nginx
ETag
W/"64148c96-170a"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Expires
Tue, 04 Apr 2023 13:30:15 GMT
back.php
far.statisticline.com/away/ 		0
0
go.php
come.sortyellowapples.com/away/
Redirect Chain
  • https://far.statisticline.com/away/back.php?id=64785e55-66-45776433
  • https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=681373
849 B
669 B 		Document
General
Check archive.org
Download Go to
Full URL
https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=681373
Requested by
Host: stock.statisticline.com
URL: https://stock.statisticline.com/scripts/swaytrick.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.76.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.206.76.55.162.clients.your-server.de
Software
nginx /
Resource Hash

Request headers

Referer
http://acg-sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 25 Mar 2023 13:30:16 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 25 Mar 2023 13:30:15 GMT
Location
https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=681373
Server
nginx
Transfer-Encoding
chunked
/
whiteforwardlines.com/ 		0
0
/
whiteforwardlines.com/ 		0
0
/
whiteforwardlines.com/ 		0
0
Primary Request /
whiteforwardlines.com/ 		52 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=681373
Requested by
Host: come.sortyellowapples.com
URL: https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=681373
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
134.209.192.77 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
36cec002e96128ef1cc9c17992f45d998e2a5ae6407029aad9a4e2918b4fadba
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://come.sortyellowapples.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

access-control-allow-origin
*
content-security-policy
img-src https: data:; upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 25 Mar 2023 13:30:17 GMT
server
nginx
strict-transport-security
max-age=31536000
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/gif
/
0.whiteforwardlines.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.statisticline.com
URL
https://cdn.statisticline.com/scripts/sway.js?v=2
Domain
far.statisticline.com
URL
https://far.statisticline.com/away/back.php?id=64785e55-66-45776433
Domain
whiteforwardlines.com
URL
https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=681373
Domain
whiteforwardlines.com
URL
https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=681373
Domain
whiteforwardlines.com
URL
https://whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=681373
Domain
0.whiteforwardlines.com
URL
https://0.whiteforwardlines.com/?p=ha4tcolcmu5gi3bphaydcmq&sub2=681373

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| languages undefined| text string| relevanteLang string| lang function| urlB64ToUint8Array function| j4ee function| L0zz boolean| j string| title string| holder function| before_redirect_block

2 Cookies

Domain/Path Name / Value
acg-sa.com/ Name: wp-simple-duser
Value: 1
.whiteforwardlines.com/ Name: uuid
Value: 135b691a-8d35-4754-bb0b-b1819a3b4e5c

1 Console Messages

Source Level URL
Text
network error URL: http://acg-sa.com/
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)