lukoil-promotion.online Open in urlscan Pro
92.119.160.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://glorytours-eg.com/santa/home/index
Effective URL:
http://lukoil-promotion.online//?u=bt1k60t&o=xqt63qn&t=cid:7065&cid=7065-9817-20220923122410880200
Submission: On September 23 via manual (September 23rd 2022, 9:24:11 am UTC) from IN — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 24 HTTP transactions. The main IP is 92.119.160.54, located in and belongs to . The main domain is lukoil-promotion.online.

This is the only time lukoil-promotion.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	192.254.235.44 192.254.235.44	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	91.211.91.114 91.211.91.114	206638 (HOSTFORY) (HOSTFORY)
1	91.211.91.104 91.211.91.104	206638 (HOSTFORY) (HOSTFORY)
1 1	2606:4700:303... 2606:4700:3035::ac43:9f7c	() ()
2	92.119.160.54 92.119.160.54	() ()
24	5

18 192.254.235.44 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-235-44.unifiedlayer.com

glorytours-eg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.211.91.114 (Ukraine)

ASN206638 (HOSTFORY, UA)

cdn.weatherplllatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.211.91.104 (Ukraine)

ASN206638 (HOSTFORY, UA)

away.bettershitecolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:9f7c (None, ) 1 redirects

ASN- ()

southbfamanmaa.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.119.160.54 (None, )

ASN- ()

lukoil-promotion.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	glorytours-eg.com glorytours-eg.com	141 KB
2	lukoil-promotion.online lukoil-promotion.online	89 KB
1	southbfamanmaa.tk southbfamanmaa.tk Failed	779 B
1	bettershitecolumn.com away.bettershitecolumn.com — Cisco Umbrella Rank: 594404 Failed	882 B
1	weatherplllatform.com cdn.weatherplllatform.com — Cisco Umbrella Rank: 584511	2 KB
24	5

	Domain	Requested by
18	glorytours-eg.com	glorytours-eg.com
2	lukoil-promotion.online	away.bettershitecolumn.com lukoil-promotion.online
1	southbfamanmaa.tk	away.bettershitecolumn.com
1	away.bettershitecolumn.com	cdn.weatherplllatform.com
1	cdn.weatherplllatform.com	glorytours-eg.com
24	5

This site contains no links.

Subject Issuer	Validity	Valid
itc-africa.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
cdn.weatherplllatform.com R3	`2022-09-14` - `2022-12-13`	3 months	crt.sh
away.bettershitecolumn.com R3	`2022-08-31` - `2022-11-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://lukoil-promotion.online//?u=bt1k60t&o=xqt63qn&t=cid:7065&cid=7065-9817-20220923122410880200
Frame ID: 14B3807BC8C09F194D8F34900FBEC2A8
Requests: 27 HTTP requests in this frame

Frame: http://lukoil-promotion.online/media/mainstream/frame.html
Frame ID: F85C8B38C36D00E7E67BB866A5FC92CA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://glorytours-eg.com/santa/home/index Page URL
https://away.bettershitecolumn.com/hit.php?tid=1311&lid=334-1166-567334-46 Page URL
https://southbfamanmaa.tk/help/?23071650902120 HTTP 302
http://lukoil-promotion.online//?u=bt1k60t&o=xqt63qn&t=cid:7065&cid=7065-9817-20220923122410880200 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

24
Requests

83 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

233 kB
Transfer

534 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://glorytours-eg.com/santa/home/index Page URL
https://away.bettershitecolumn.com/hit.php?tid=1311&lid=334-1166-567334-46 Page URL
https://southbfamanmaa.tk/help/?23071650902120 HTTP 302
http://lukoil-promotion.online//?u=bt1k60t&o=xqt63qn&t=cid:7065&cid=7065-9817-20220923122410880200 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 index Show response
glorytours-eg.com/santa/home/ 113 KB
30 KB 1940ms
1084ms Document
text/html 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: 503249ac33eb7a84a0dd4f62d74ea6f77f6f18e7031827661de37d59293df91a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 09:24:03 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://glorytours-eg.com/wp-json/>; rel="https://api.w.org/"
server: Apache
vary: Accept-Encoding

GET
H2 200 main.min.css
glorytours-eg.com/wp-content/themes/astra/assets/css/minified/ 40 KB
12 KB 330ms
329ms Stylesheet
text/css 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.7.10
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: f9a3812a011f3184175ef3e2df449ceb55662cb3f2858b591fd3ee5588232a79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:04 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 11:50:18 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 11826

GET
H2 200 wp-emoji-release.min.js Show response
glorytours-eg.com/wp-includes/js/ 18 KB
5 KB 286ms
286ms Script
application/javascript 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:04 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 01:04:39 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5321

GET
H2 200 style.min.css
glorytours-eg.com/wp-includes/css/dist/block-library/ 87 KB
16 KB 179ms
178ms Stylesheet
text/css 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:05 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 12:41:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 16594

GET
H2 200 index.css
glorytours-eg.com/wp-content/plugins/wp-call-button/assets/block/build/ 770 B
412 B 175ms
174ms Stylesheet
text/css 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/wp-content/plugins/wp-call-button/assets/block/build/index.css?ver=a1dbfd3fcfcfb0740ca8c4771bbdc4c3
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: b2d7e882f077a663edbb0dd5c5e671fe607364624dffd64d3c6007907396acc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:05 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 12:03:44 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 334

GET
H2 200 styles.css
glorytours-eg.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 343ms
342ms Stylesheet
text/css 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:05 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 12:09:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 1010

GET
H2 200 contact-form-7-main.min.css
glorytours-eg.com/wp-content/themes/astra/assets/css/minified/compatibility/ 850 B
447 B 343ms
342ms Stylesheet
text/css 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/wp-content/themes/astra/assets/css/minified/compatibility/contact-form-7-main.min.css?ver=3.7.10
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: 41c7e05e604e0bc6b8814d00221eac3e3db342d996362a2cfa1cd057ad2c809b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:05 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 11:50:18 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 415

GET
H2 200 joinchat-btn.min.css
glorytours-eg.com/wp-content/plugins/creame-whatsapp-me/public/css/ 6 KB
2 KB 174ms
173ms Stylesheet
text/css 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/wp-content/plugins/creame-whatsapp-me/public/css/joinchat-btn.min.css?ver=4.4.2
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: 01e8096bc04f210dc1e2ab17904ace23e31382bc160fb6475e61944d596f3920

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:05 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 11:59:19 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 2430

GET
H2 200 jquery.min.js Show response
glorytours-eg.com/wp-includes/js/jquery/ 87 KB
38 KB 179ms
178ms Script
application/javascript 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:05 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 02:37:24 GMT
server: Apache
accept-ranges: bytes
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
glorytours-eg.com/wp-includes/js/jquery/ 14 KB
5 KB 173ms
173ms Script
application/javascript 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: f7e755339fedc4d779eec71de9fa9807b8efe368d9ed501a4fd978aac39f19fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:05 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 11:58:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5314

GET
H2 200 cropped-logo-header.png
glorytours-eg.com/wp-content/uploads/2022/04/ 3 KB
3 KB 181ms
173ms Image
image/png 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://glorytours-eg.com/wp-content/uploads/2022/04/cropped-logo-header.png
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: db2639f89467dc553d2fafe9442459bb1a05bee85eb3ba8962e9cb5998017ce2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:05 GMT
last-modified: Tue, 19 Apr 2022 12:01:14 GMT
server: Apache
accept-ranges: bytes
content-length: 3221
content-type: image/png

GET
H2 200 frontend.min.js Show response
glorytours-eg.com/wp-content/themes/astra/assets/js/minified/ 16 KB
5 KB 178ms
174ms Script
application/javascript 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.7.10
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: 6de026295dcce0702131280e771bce028a6d63d74b025b3595291dafd8e36e69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:05 GMT
content-encoding: gzip
last-modified: Tue, 19 Apr 2022 11:50:18 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 5457

GET
H2 200 regenerator-runtime.min.js Show response
glorytours-eg.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 177ms
173ms Script
application/javascript 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:05 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 01:04:39 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 2675

GET
H2 200 wp-polyfill.min.js Show response
glorytours-eg.com/wp-includes/js/dist/vendor/ 19 KB
8 KB 354ms
344ms Script
application/javascript 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:05 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 01:04:39 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 8254

GET
H2 200 index.js Show response
glorytours-eg.com/wp-content/plugins/contact-form-7/includes/js/ 9 KB
4 KB 355ms
346ms Script
application/javascript 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: 679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:05 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 12:09:54 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3984

GET
H2 200 detectmobilebrowser.js Show response
glorytours-eg.com/wp-content/plugins/mystickymenu/js/ 2 KB
1 KB 183ms
173ms Script
application/javascript 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/wp-content/plugins/mystickymenu/js/detectmobilebrowser.js?ver=2.5.8
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: a258fa2108c7a4579876f75154378f19e3ee8af7753499bad8bfb18b56cb6dfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:05 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 12:47:38 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1385

GET
H2 200 mystickymenu.min.js Show response
glorytours-eg.com/wp-content/plugins/mystickymenu/js/ 4 KB
2 KB 182ms
174ms Script
application/javascript 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/wp-content/plugins/mystickymenu/js/mystickymenu.min.js?ver=2.5.8
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: 65b978e80fdf031da25da84fd0f3e56d5d3282a2c3c07d1436e8cf1bfce4c449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:05 GMT
content-encoding: gzip
last-modified: Wed, 20 Apr 2022 12:47:38 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1584

GET
H2 200 joinchat.min.js Show response
glorytours-eg.com/wp-content/plugins/creame-whatsapp-me/public/js/ 7 KB
3 KB 183ms
174ms Script
application/javascript 192.254.235.44
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://glorytours-eg.com/wp-content/plugins/creame-whatsapp-me/public/js/joinchat.min.js?ver=4.4.2
Requested by: Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.235.44 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-44.unifiedlayer.com
Software: Apache /
Resource Hash: 7aa120c84d2bdf203352b783aa24025d2f0dc67310b2c1bd2adf68a0e044bc23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/santa/home/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:05 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 11:59:19 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3024

GET
H2 200 events.js Show response
cdn.weatherplllatform.com/ 6 KB
2 KB 862ms
163ms Script
application/javascript 91.211.91.114
HOSTFORY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.weatherplllatform.com/events.js?v=2.141

Requested by

Host: glorytours-eg.com
URL: https://glorytours-eg.com/santa/home/index

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.211.91.114 , Ukraine, ASN206638 (HOSTFORY, UA),

Reverse DNS

Software

nginx /

Resource Hash

e2c05792ce858259c97be43a42b64568257ff89a30fde7d227852e6f84dbb0a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://glorytours-eg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:24:06 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 11:09:30 GMT
server: nginx
etag: W/"632c426a-183e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 350 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bdc4fd1b52f88617553782da88299fc8551f6921d5a30c5a29b96cb8b4c3eae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 483d00baed198f04a74b324eb15de1d469277c959e42fbbb88f91a5b4cbf3a9b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 618 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53a5fd76cab490e0c4a4f847c2cf9a4ec8598d22ecaabaeff19d34ce9e76c3ca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET hit.php
away.bettershitecolumn.com/ 0
0

GET
H2 200 hit.php
away.bettershitecolumn.com/ 736 B
882 B 2920ms
330ms Document
text/html 91.211.91.104
HOSTFORY

General

Check archive.org

Show headers Download Go to

Full URL

https://away.bettershitecolumn.com/hit.php?tid=1311&lid=334-1166-567334-46

Requested by

Host: cdn.weatherplllatform.com
URL: https://cdn.weatherplllatform.com/events.js?v=2.141

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

91.211.91.104 , Ukraine, ASN206638 (HOSTFORY, UA),

Reverse DNS

Software

nginx / PHP/7.3.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000;

Request headers

Referer: https://glorytours-eg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 736
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 09:24:09 GMT
server: nginx
strict-transport-security: max-age=15768000;
vary: Accept-Encoding
x-powered-by: PHP/7.3.33

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET /
southbfamanmaa.tk/help/ 0
0

GET
H/1.1

200
OK

Primary Request / Show response
lukoil-promotion.online//
Redirect Chain

https://southbfamanmaa.tk/help/?23071650902120
http://lukoil-promotion.online//?u=bt1k60t&o=xqt63qn&t=cid:7065&cid=7065-9817-20220923122410880200

88 KB
88 KB

228ms
173ms

Document
text/html

92.119.160.54

General

Check archive.org

Show headers Download Go to

Full URL: http://lukoil-promotion.online//?u=bt1k60t&o=xqt63qn&t=cid:7065&cid=7065-9817-20220923122410880200
Requested by: Host: away.bettershitecolumn.com
URL: https://away.bettershitecolumn.com/hit.php?tid=1311&lid=334-1166-567334-46
Protocol: HTTP/1.1
Server: 92.119.160.54 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 142c7b018f72465f2c122349e869ac8df2a1623f4bf0a7da99c5dca540ffb55a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-transform
Connection: keep-alive
Content-Length: 90087
Content-Type: text/html
Date: Fri, 23 Sep 2022 09:24:11 GMT
Server: nginx
cache-control: private

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 74f239ccd8018f0a-IAD
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 09:24:11 GMT
expires: Thu, 21 Jul 1977 07:30:00 GMT
last-modified: Fri, 23 Sep 2022 09:24:10 GMT
location: http://lukoil-promotion.online//?u=bt1k60t&o=xqt63qn&t=cid:7065&cid=7065-9817-20220923122410880200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQHK8S7xZdCp%2BSQe%2F2ZD%2FYpzsUld8zbA%2BNQRY4Yf6z2oZ2aFP7azIS3EfGQqmCRt42EqlzSUkJPf%2FM9ON1icUSvdxqOt5%2BJei3Ss5VUmStOHa%2B1e34BBqazRmjWQKYks1KzpUoWR6FTTPKCI4yKP6A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.0.33

GET
H/1.1 200
OK frame.html Show response
lukoil-promotion.online/media/mainstream/ Frame F85C 39 B
320 B 98ms
49ms Document
text/html 92.119.160.54

General

Check archive.org

Show headers Download Go to

Full URL: http://lukoil-promotion.online/media/mainstream/frame.html
Requested by: Host: lukoil-promotion.online
URL: http://lukoil-promotion.online//?u=bt1k60t&o=xqt63qn&t=cid:7065&cid=7065-9817-20220923122410880200
Protocol: HTTP/1.1
Server: 92.119.160.54 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e

Request headers

Referer: http://lukoil-promotion.online//?u=bt1k60t&o=xqt63qn&t=cid:7065&cid=7065-9817-20220923122410880200
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-transform
Connection: keep-alive
Content-Length: 39
Content-Type: text/html
Date: Fri, 23 Sep 2022 09:24:11 GMT
ETag: "60a5fcce-27"
Last-Modified: Thu, 20 May 2021 06:08:14 GMT
Server: nginx
Vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: away.bettershitecolumn.com
URL: https://away.bettershitecolumn.com/hit.php?tid=1311&lid=334-1166-567334-46

Domain: southbfamanmaa.tk
URL: https://southbfamanmaa.tk/help/?23071650902120

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://glorytours-eg.com/santa/home/index Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

away.bettershitecolumn.com
cdn.weatherplllatform.com
glorytours-eg.com
lukoil-promotion.online
southbfamanmaa.tk
away.bettershitecolumn.com
southbfamanmaa.tk
192.254.235.44
2606:4700:3035::ac43:9f7c
91.211.91.104
91.211.91.114
92.119.160.54
01e8096bc04f210dc1e2ab17904ace23e31382bc160fb6475e61944d596f3920
142c7b018f72465f2c122349e869ac8df2a1623f4bf0a7da99c5dca540ffb55a
41c7e05e604e0bc6b8814d00221eac3e3db342d996362a2cfa1cd057ad2c809b
483d00baed198f04a74b324eb15de1d469277c959e42fbbb88f91a5b4cbf3a9b
503249ac33eb7a84a0dd4f62d74ea6f77f6f18e7031827661de37d59293df91a
53a5fd76cab490e0c4a4f847c2cf9a4ec8598d22ecaabaeff19d34ce9e76c3ca
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
65b978e80fdf031da25da84fd0f3e56d5d3282a2c3c07d1436e8cf1bfce4c449
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
6de026295dcce0702131280e771bce028a6d63d74b025b3595291dafd8e36e69
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
7aa120c84d2bdf203352b783aa24025d2f0dc67310b2c1bd2adf68a0e044bc23
7bdc4fd1b52f88617553782da88299fc8551f6921d5a30c5a29b96cb8b4c3eae
a258fa2108c7a4579876f75154378f19e3ee8af7753499bad8bfb18b56cb6dfc
a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e
b2d7e882f077a663edbb0dd5c5e671fe607364624dffd64d3c6007907396acc7
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
db2639f89467dc553d2fafe9442459bb1a05bee85eb3ba8962e9cb5998017ce2
e2c05792ce858259c97be43a42b64568257ff89a30fde7d227852e6f84dbb0a0
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f7e755339fedc4d779eec71de9fa9807b8efe368d9ed501a4fd978aac39f19fc
f9a3812a011f3184175ef3e2df449ceb55662cb3f2858b591fd3ee5588232a79

lukoil-promotion.online Open in urlscan Pro 92.119.160.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

83 %HTTPS

20 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

233 kBTransfer

534 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

1 Console Messages

lukoil-promotion.online Open in urlscan Pro
92.119.160.54 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

83 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

233 kB
Transfer

534 kB
Size

0
Cookies

24 HTTP transactions
4 data transactions