urlscan.io logo urlscan.io
SecurityTrails logo

blackwateeragain.tw Open in urlscan Pro
157.245.79.75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
Effective URL: https://blackwateeragain.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sheep&sub2=Dice
Submission Tags: falconsandbox
Submission: On February 08 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 157.245.79.75, located in United States and belongs to DIGITALOCEAN-ASN, US. The main domain is blackwateeragain.tw.
TLS certificate: Issued by R3 on February 4th 2021. Valid for: 3 months.
This is the only time blackwateeragain.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 160.153.95.197 26496 (AS-26496-...)
8 16 51.195.108.239 16276 (OVH)
1 157.245.79.75 14061 (DIGITALOC...)
24 4
Domain Requested by
7 main.travelfornamewalking.ga rji-sales.com
7 irc.lovegreenpencils.ga rji-sales.com
2 click.travelfornamewalking.ga irc.lovegreenpencils.ga
click.travelfornamewalking.ga
2 rji-sales.com rji-sales.com
1 blackwateeragain.tw click.travelfornamewalking.ga
24 5

This site contains no links.

Subject Issuer Validity Valid
main.travelfornamewalking.ga
R3		 2021-02-02 -
2021-05-03		 3 months crt.sh
click.travelfornamewalking.ga
R3		 2021-02-01 -
2021-05-02		 3 months crt.sh
steplersforsunshine.tw
R3		 2021-02-04 -
2021-05-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://blackwateeragain.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sheep&sub2=Dice
Frame ID: 54A341F4C5B939C6974E28DBB7A734B3
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php Page URL
  2. https://click.travelfornamewalking.ga/zet.php?id=9940839&sid=9982941&uid=3243547 Page URL
  3. https://click.travelfornamewalking.ga/ner.php?v=325&id=524567 HTTP 302
    https://blackwateeragain.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sheep&sub2=Dice Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

24
Requests

38 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

63 kB
Transfer

146 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php Page URL
  2. https://click.travelfornamewalking.ga/zet.php?id=9940839&sid=9982941&uid=3243547 Page URL
  3. https://click.travelfornamewalking.ga/ner.php?v=325&id=524567 HTTP 302
    https://blackwateeragain.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sheep&sub2=Dice Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Fstyle.min.css&ver=5.6 HTTP 301
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Fstyle.min.css&ver=5.6
Request Chain 6
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Ftheme.min.css&ver=5.6 HTTP 301
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Ftheme.min.css&ver=5.6
Request Chain 7
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Fpage-list%2Fcss%2Fpage-list.css&ver=5.2 HTTP 301
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Fpage-list%2Fcss%2Fpage-list.css&ver=5.2
Request Chain 8
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fcss%2Frs6.css&ver=6.3.9 HTTP 301
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fcss%2Frs6.css&ver=6.3.9
Request Chain 9
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Fsymple-shortcodes%2Fincludes%2Fcss%2Fsymple_shortcodes_styles.css&ver=5.6 HTTP 301
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Fsymple-shortcodes%2Fincludes%2Fcss%2Fsymple_shortcodes_styles.css&ver=5.6
Request Chain 10
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fuploads%2Ffusion-styles%2F656c7effb1fa15c26d5302c57df5185b.min.css&ver=3.2.1 HTTP 301
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fuploads%2Ffusion-styles%2F656c7effb1fa15c26d5302c57df5185b.min.css&ver=3.2.1
Request Chain 11
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.min.js&ver=3.5.1 HTTP 301
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.min.js&ver=3.5.1
Request Chain 12
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery-migrate.min.js&ver=3.3.2 HTTP 301
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery-migrate.min.js&ver=3.3.2
Request Chain 13
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fjs%2Frbtools.min.js&ver=6.3.9 HTTP 301
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fjs%2Frbtools.min.js&ver=6.3.9
Request Chain 14
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fjs%2Frs6.min.js&ver=6.3.9 HTTP 301
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fjs%2Frs6.min.js&ver=6.3.9

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
pt4-18-6-14-2aoebvj7cit.php
rji-sales.com/html/ 		35 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
Protocol
HTTP/1.1
Server
160.153.95.197 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-95-197.ip.secureserver.net
Software
Apache / PHP/5.6.40
Resource Hash
e080497e64d80a913bcfe380509f5ef9d5bc9f2bb12c828e5f2de016a284e38a

Request headers

Host
rji-sales.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 08 Feb 2021 03:04:39 GMT
Server
Apache
X-Powered-By
PHP/5.6.40
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control
no-cache, must-revalidate, max-age=0
Link
<https://irc.lovegreenpencils.ga/loc.php?id=mt11134-22-4366/wp-json/>; rel="https://api.w.org/"
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
7961
Keep-Alive
timeout=5
Content-Type
text/html; charset=UTF-8
det.php
irc.lovegreenpencils.ga/ 		0
0
fa-brands-400.woff2
rji-sales.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 		51 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
http://rji-sales.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2
Requested by
Host: rji-sales.com
URL: http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
Protocol
HTTP/1.1
Server
160.153.95.197 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-160-153-95-197.ip.secureserver.net
Software
Apache /
Resource Hash

Request headers

Origin
http://rji-sales.com
Referer
http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 08 Feb 2021 03:04:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Jan 2021 19:59:24 GMT
Server
Apache
ETag
"2821523-132c4-5b8a557b54f33-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
font/woff2
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
fa-regular-400.woff2
rji-sales.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 		0
0
fa-solid-900.woff2
rji-sales.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 		0
0
det.php
main.travelfornamewalking.ga/
Redirect Chain
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Fstyle.min.css&ver=5.6
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Fstyle.min.css&ver=5.6
4 B
206 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Fstyle.min.css&ver=5.6
Requested by
Host: rji-sales.com
URL: http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS
cloud.msk.network
Software
nginx / PHP/5.4.16
Resource Hash
70a63889decd52e077c6a1b4f11f382d2c27a481cdff0f95ced293a4e572556f

Request headers

Referer
http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 08 Feb 2021 03:04:41 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Content-Length
4
Keep-Alive
timeout=60
Content-Type
application/javascript

Redirect headers

Location
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Fstyle.min.css&ver=5.6
Date
Mon, 08 Feb 2021 03:04:40 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
342
Content-Type
text/html; charset=iso-8859-1
det.php
main.travelfornamewalking.ga/
Redirect Chain
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Ftheme.min.css&ver=5.6
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Ftheme.min.css&ver=5.6
4 B
206 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Ftheme.min.css&ver=5.6
Requested by
Host: rji-sales.com
URL: http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS
cloud.msk.network
Software
nginx / PHP/5.4.16
Resource Hash
70a63889decd52e077c6a1b4f11f382d2c27a481cdff0f95ced293a4e572556f

Request headers

Referer
http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 08 Feb 2021 03:04:41 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Content-Length
4
Keep-Alive
timeout=60
Content-Type
application/javascript

Redirect headers

Location
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Ftheme.min.css&ver=5.6
Date
Mon, 08 Feb 2021 03:04:40 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
342
Content-Type
text/html; charset=iso-8859-1
det.php
main.travelfornamewalking.ga/
Redirect Chain
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Fpage-list%2Fcss%2Fpage-list.css&ver=5.2
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Fpage-list%2Fcss%2Fpage-list.css&ver=5.2
4 B
206 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Fpage-list%2Fcss%2Fpage-list.css&ver=5.2
Requested by
Host: rji-sales.com
URL: http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS
cloud.msk.network
Software
nginx / PHP/5.4.16
Resource Hash

Request headers

Referer
http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 08 Feb 2021 03:04:41 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Content-Length
4
Keep-Alive
timeout=60
Content-Type
application/javascript

Redirect headers

Location
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Fpage-list%2Fcss%2Fpage-list.css&ver=5.2
Date
Mon, 08 Feb 2021 03:04:40 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
340
Content-Type
text/html; charset=iso-8859-1
det.php
main.travelfornamewalking.ga/
Redirect Chain
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fcss%2Frs6.css&ver=6.3.9
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fcss%2Frs6.css&ver=6.3.9
4 B
206 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fcss%2Frs6.css&ver=6.3.9
Requested by
Host: rji-sales.com
URL: http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS
cloud.msk.network
Software
nginx / PHP/5.4.16
Resource Hash
70a63889decd52e077c6a1b4f11f382d2c27a481cdff0f95ced293a4e572556f

Request headers

Referer
http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 08 Feb 2021 03:04:41 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Content-Length
4
Keep-Alive
timeout=60
Content-Type
application/javascript

Redirect headers

Location
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fcss%2Frs6.css&ver=6.3.9
Date
Mon, 08 Feb 2021 03:04:40 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
354
Content-Type
text/html; charset=iso-8859-1
det.php
main.travelfornamewalking.ga/
Redirect Chain
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Fsymple-shortcodes%2Fincludes%2Fcss%2Fsymple_shortcodes_styles.css&ver=5.6
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Fsymple-shortcodes%2Fincludes%2Fcss%2Fsymple_shortcodes_styles.css&ver=5.6
4 B
206 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Fsymple-shortcodes%2Fincludes%2Fcss%2Fsymple_shortcodes_styles.css&ver=5.6
Requested by
Host: rji-sales.com
URL: http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS
cloud.msk.network
Software
nginx / PHP/5.4.16
Resource Hash
70a63889decd52e077c6a1b4f11f382d2c27a481cdff0f95ced293a4e572556f

Request headers

Referer
http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 08 Feb 2021 03:04:41 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Content-Length
4
Keep-Alive
timeout=60
Content-Type
application/javascript

Redirect headers

Location
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Fsymple-shortcodes%2Fincludes%2Fcss%2Fsymple_shortcodes_styles.css&ver=5.6
Date
Mon, 08 Feb 2021 03:04:40 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
374
Content-Type
text/html; charset=iso-8859-1
det.php
main.travelfornamewalking.ga/
Redirect Chain
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fuploads%2Ffusion-styles%2F656c7effb1fa15c26d5302c57df5185b.min.css&ver=3.2.1
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fuploads%2Ffusion-styles%2F656c7effb1fa15c26d5302c57df5185b.min.css&ver=3.2.1
4 B
206 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fuploads%2Ffusion-styles%2F656c7effb1fa15c26d5302c57df5185b.min.css&ver=3.2.1
Requested by
Host: rji-sales.com
URL: http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS
cloud.msk.network
Software
nginx / PHP/5.4.16
Resource Hash
70a63889decd52e077c6a1b4f11f382d2c27a481cdff0f95ced293a4e572556f

Request headers

Referer
http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 08 Feb 2021 03:04:41 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Content-Length
4
Keep-Alive
timeout=60
Content-Type
application/javascript

Redirect headers

Location
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fuploads%2Ffusion-styles%2F656c7effb1fa15c26d5302c57df5185b.min.css&ver=3.2.1
Date
Mon, 08 Feb 2021 03:04:40 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
367
Content-Type
text/html; charset=iso-8859-1
det.php
main.travelfornamewalking.ga/
Redirect Chain
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.min.js&ver=3.5.1
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.min.js&ver=3.5.1
170 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.min.js&ver=3.5.1
Requested by
Host: rji-sales.com
URL: http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS
cloud.msk.network
Software
nginx / PHP/5.4.16
Resource Hash
50f5ee9daa790851157af25f6b1450e4c2914633df720b1cf7ab991fe9795cd2

Request headers

Referer
http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 08 Feb 2021 03:04:41 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Content-Length
170
Keep-Alive
timeout=60
Content-Type
application/javascript

Redirect headers

Location
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.min.js&ver=3.5.1
Date
Mon, 08 Feb 2021 03:04:41 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
329
Content-Type
text/html; charset=iso-8859-1
det.php
main.travelfornamewalking.ga/
Redirect Chain
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery-migrate.min.js&ver=3.3.2
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery-migrate.min.js&ver=3.3.2
0
0
det.php
main.travelfornamewalking.ga/
Redirect Chain
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fjs%2Frbtools.min.js&ver=6.3.9
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fjs%2Frbtools.min.js&ver=6.3.9
0
0
det.php
main.travelfornamewalking.ga/
Redirect Chain
  • http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fjs%2Frs6.min.js&ver=6.3.9
  • https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fjs%2Frs6.min.js&ver=6.3.9
0
0
loc.php
irc.lovegreenpencils.ga/ 		0
0
logo1.png
rji-sales.com/wp-content/uploads/2013/12/ 		0
0
det.php
irc.lovegreenpencils.ga/ 		0
0
det.php
irc.lovegreenpencils.ga/ 		0
0
det.php
irc.lovegreenpencils.ga/ 		0
0
zet.php
click.travelfornamewalking.ga/ 		0
0
zet.php
click.travelfornamewalking.ga/ 		470 B
676 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click.travelfornamewalking.ga/zet.php?id=9940839&sid=9982941&uid=3243547
Requested by
Host: irc.lovegreenpencils.ga
URL: http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.min.js&ver=3.5.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS
cloud.msk.network
Software
nginx / PHP/5.4.16
Resource Hash
9ffada0249a2361453e1b9bfa9b3cae69f59c558dde1cce9952dfe79bc2fa27d

Request headers

Host
click.travelfornamewalking.ga
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php

Response headers

Server
nginx
Date
Mon, 08 Feb 2021 03:04:41 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
470
Connection
keep-alive
Keep-Alive
timeout=60
X-Powered-By
PHP/5.4.16
ner.php
click.travelfornamewalking.ga/ 		0
0
Primary Request /
blackwateeragain.tw/
Redirect Chain
  • https://click.travelfornamewalking.ga/ner.php?v=325&id=524567
  • https://blackwateeragain.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sheep&sub2=Dice
52 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blackwateeragain.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sheep&sub2=Dice
Requested by
Host: click.travelfornamewalking.ga
URL: https://click.travelfornamewalking.ga/zet.php?id=9940839&sid=9982941&uid=3243547
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.245.79.75 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
70e4ee9e7b7b7536ec1e939d176a47925a95186e7149a4086415a9c2536df86c
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
blackwateeragain.tw
:scheme
https
:path
/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sheep&sub2=Dice
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://click.travelfornamewalking.ga/zet.php?id=9940839&sid=9982941&uid=3243547
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://click.travelfornamewalking.ga/zet.php?id=9940839&sid=9982941&uid=3243547

Response headers

server
nginx
date
Mon, 08 Feb 2021 03:04:41 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
set-cookie
uuid=d7042c71-8c2d-4ff0-ad00-8a47ae4bbd1e; expires=Wed, 10-Mar-2021 03:04:41 GMT; Max-Age=2592000; path=/; domain=blackwateeragain.tw
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests

Redirect headers

Server
nginx
Date
Mon, 08 Feb 2021 03:04:41 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=60
X-Powered-By
PHP/5.4.16
Location
https://blackwateeragain.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sheep&sub2=Dice
truncated
/ 		7 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
irc.lovegreenpencils.ga
URL
http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
Domain
rji-sales.com
URL
http://rji-sales.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
Domain
rji-sales.com
URL
http://rji-sales.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Domain
main.travelfornamewalking.ga
URL
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery-migrate.min.js&ver=3.3.2
Domain
main.travelfornamewalking.ga
URL
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fjs%2Frbtools.min.js&ver=6.3.9
Domain
main.travelfornamewalking.ga
URL
https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fjs%2Frs6.min.js&ver=6.3.9
Domain
irc.lovegreenpencils.ga
URL
http://irc.lovegreenpencils.ga/loc.php?id=mt11134-22-4366/?wordfence_syncAttackData=1612753480.53
Domain
rji-sales.com
URL
http://rji-sales.com/wp-content/uploads/2013/12/logo1.png
Domain
irc.lovegreenpencils.ga
URL
http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451/wp-includes/js/wp-emoji-release.min.js?ver=5.6
Domain
irc.lovegreenpencils.ga
URL
http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fwp-embed.min.js&ver=5.6
Domain
irc.lovegreenpencils.ga
URL
http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fuploads%2Ffusion-scripts%2Fa093e9ed07733b207d5b71c82e8fe8ad.min.js&ver=3.2.1
Domain
click.travelfornamewalking.ga
URL
https://click.travelfornamewalking.ga/zet.php?id=9940839&sid=9982941&uid=3243547
Domain
click.travelfornamewalking.ga
URL
https://click.travelfornamewalking.ga/ner.php?v=325&id=524567

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| languages function| text string| relevanteLang string| lang boolean| guardEnabled boolean| isChrome function| compareVersion function| getLanguage object| rootElement boolean| canStart function| textr function| disableHistory function| disableIncognito function| denied function| getWorkerRegistration function| SubS function| CheckS function| urlB64ToUint8Array function| j4ee function| L0zz boolean| j string| title string| holder function| before_redirect_block

1 Cookies

Domain/Path Name / Value
.blackwateeragain.tw/ Name: uuid
Value: d7042c71-8c2d-4ff0-ad00-8a47ae4bbd1e