blackwateeragain.tw
Open in
urlscan Pro
157.245.79.75
Public Scan
Effective URL: https://blackwateeragain.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sheep&sub2=Dice
Submission Tags: falconsandbox
Submission: On February 08 via api from US
Summary
TLS certificate: Issued by R3 on February 4th 2021. Valid for: 3 months.
This is the only time blackwateeragain.tw was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 160.153.95.197 160.153.95.197 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC) | |
8 16 | 51.195.108.239 51.195.108.239 | 16276 (OVH) (OVH) | |
1 | 157.245.79.75 157.245.79.75 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
24 | 4 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-160-153-95-197.ip.secureserver.net
rji-sales.com |
ASN16276 (OVH, FR)
PTR: cloud.msk.network
irc.lovegreenpencils.ga | |
main.travelfornamewalking.ga | |
click.travelfornamewalking.ga |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
travelfornamewalking.ga
1 redirects
main.travelfornamewalking.ga click.travelfornamewalking.ga Failed |
3 KB |
7 |
lovegreenpencils.ga
irc.lovegreenpencils.ga Failed |
2 KB |
2 |
rji-sales.com
rji-sales.com |
8 KB |
1 |
blackwateeragain.tw
blackwateeragain.tw |
53 KB |
24 | 4 |
Domain | Requested by | |
---|---|---|
7 | main.travelfornamewalking.ga |
rji-sales.com
|
7 | irc.lovegreenpencils.ga |
rji-sales.com
|
2 | click.travelfornamewalking.ga |
irc.lovegreenpencils.ga
click.travelfornamewalking.ga |
2 | rji-sales.com |
rji-sales.com
|
1 | blackwateeragain.tw |
click.travelfornamewalking.ga
|
24 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
main.travelfornamewalking.ga R3 |
2021-02-02 - 2021-05-03 |
3 months | crt.sh |
click.travelfornamewalking.ga R3 |
2021-02-01 - 2021-05-02 |
3 months | crt.sh |
steplersforsunshine.tw R3 |
2021-02-04 - 2021-05-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://blackwateeragain.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sheep&sub2=Dice
Frame ID: 54A341F4C5B939C6974E28DBB7A734B3
Requests: 25 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php Page URL
- https://click.travelfornamewalking.ga/zet.php?id=9940839&sid=9982941&uid=3243547 Page URL
-
https://click.travelfornamewalking.ga/ner.php?v=325&id=524567
HTTP 302
https://blackwateeragain.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sheep&sub2=Dice Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
PHP (Programming Languages) Expand
Detected patterns
- url /\.php(?:$|\?)/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
MySQL (Databases) Expand
Detected patterns
- headers link /rel="https:\/\/api\.w\.org\/"/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://rji-sales.com/html/pt4-18-6-14-2aoebvj7cit.php Page URL
- https://click.travelfornamewalking.ga/zet.php?id=9940839&sid=9982941&uid=3243547 Page URL
-
https://click.travelfornamewalking.ga/ner.php?v=325&id=524567
HTTP 302
https://blackwateeragain.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sheep&sub2=Dice Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Fstyle.min.css&ver=5.6 HTTP 301
- https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Fstyle.min.css&ver=5.6
- http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Ftheme.min.css&ver=5.6 HTTP 301
- https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fcss%2Fdist%2Fblock-library%2Ftheme.min.css&ver=5.6
- http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Fpage-list%2Fcss%2Fpage-list.css&ver=5.2 HTTP 301
- https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Fpage-list%2Fcss%2Fpage-list.css&ver=5.2
- http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fcss%2Frs6.css&ver=6.3.9 HTTP 301
- https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fcss%2Frs6.css&ver=6.3.9
- http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Fsymple-shortcodes%2Fincludes%2Fcss%2Fsymple_shortcodes_styles.css&ver=5.6 HTTP 301
- https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Fsymple-shortcodes%2Fincludes%2Fcss%2Fsymple_shortcodes_styles.css&ver=5.6
- http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fuploads%2Ffusion-styles%2F656c7effb1fa15c26d5302c57df5185b.min.css&ver=3.2.1 HTTP 301
- https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fuploads%2Ffusion-styles%2F656c7effb1fa15c26d5302c57df5185b.min.css&ver=3.2.1
- http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.min.js&ver=3.5.1 HTTP 301
- https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery.min.js&ver=3.5.1
- http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery-migrate.min.js&ver=3.3.2 HTTP 301
- https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery-migrate.min.js&ver=3.3.2
- http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fjs%2Frbtools.min.js&ver=6.3.9 HTTP 301
- https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fjs%2Frbtools.min.js&ver=6.3.9
- http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fjs%2Frs6.min.js&ver=6.3.9 HTTP 301
- https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fjs%2Frs6.min.js&ver=6.3.9
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
pt4-18-6-14-2aoebvj7cit.php
rji-sales.com/html/ |
35 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
irc.lovegreenpencils.ga/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fa-brands-400.woff2
rji-sales.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ |
51 KB 0 |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fa-regular-400.woff2
rji-sales.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fa-solid-900.woff2
rji-sales.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
det.php
main.travelfornamewalking.ga/ Redirect Chain
|
4 B 206 B |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
det.php
main.travelfornamewalking.ga/ Redirect Chain
|
4 B 206 B |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
det.php
main.travelfornamewalking.ga/ Redirect Chain
|
4 B 206 B |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
det.php
main.travelfornamewalking.ga/ Redirect Chain
|
4 B 206 B |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
det.php
main.travelfornamewalking.ga/ Redirect Chain
|
4 B 206 B |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
det.php
main.travelfornamewalking.ga/ Redirect Chain
|
4 B 206 B |
Stylesheet
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
det.php
main.travelfornamewalking.ga/ Redirect Chain
|
170 B 374 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
main.travelfornamewalking.ga/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
main.travelfornamewalking.ga/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
main.travelfornamewalking.ga/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
loc.php
irc.lovegreenpencils.ga/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
logo1.png
rji-sales.com/wp-content/uploads/2013/12/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
irc.lovegreenpencils.ga/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
irc.lovegreenpencils.ga/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
det.php
irc.lovegreenpencils.ga/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
zet.php
click.travelfornamewalking.ga/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
zet.php
click.travelfornamewalking.ga/ |
470 B 676 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ner.php
click.travelfornamewalking.ga/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
blackwateeragain.tw/ Redirect Chain
|
52 KB 53 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- irc.lovegreenpencils.ga
- URL
- http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
- Domain
- rji-sales.com
- URL
- http://rji-sales.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
- Domain
- rji-sales.com
- URL
- http://rji-sales.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
- Domain
- main.travelfornamewalking.ga
- URL
- https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fjquery%2Fjquery-migrate.min.js&ver=3.3.2
- Domain
- main.travelfornamewalking.ga
- URL
- https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fjs%2Frbtools.min.js&ver=6.3.9
- Domain
- main.travelfornamewalking.ga
- URL
- https://main.travelfornamewalking.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fplugins%2Frevslider%2Fpublic%2Fassets%2Fjs%2Frs6.min.js&ver=6.3.9
- Domain
- irc.lovegreenpencils.ga
- URL
- http://irc.lovegreenpencils.ga/loc.php?id=mt11134-22-4366/?wordfence_syncAttackData=1612753480.53
- Domain
- rji-sales.com
- URL
- http://rji-sales.com/wp-content/uploads/2013/12/logo1.png
- Domain
- irc.lovegreenpencils.ga
- URL
- http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451/wp-includes/js/wp-emoji-release.min.js?ver=5.6
- Domain
- irc.lovegreenpencils.ga
- URL
- http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-includes%2Fjs%2Fwp-embed.min.js&ver=5.6
- Domain
- irc.lovegreenpencils.ga
- URL
- http://irc.lovegreenpencils.ga/det.php?id=tm77734-33-2451%2Fwp-content%2Fuploads%2Ffusion-scripts%2Fa093e9ed07733b207d5b71c82e8fe8ad.min.js&ver=3.2.1
- Domain
- click.travelfornamewalking.ga
- URL
- https://click.travelfornamewalking.ga/zet.php?id=9940839&sid=9982941&uid=3243547
- Domain
- click.travelfornamewalking.ga
- URL
- https://click.travelfornamewalking.ga/ner.php?v=325&id=524567
Verdicts & Comments Add Verdict or Comment
33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| languages function| text string| relevanteLang string| lang boolean| guardEnabled boolean| isChrome function| compareVersion function| getLanguage object| rootElement boolean| canStart function| textr function| disableHistory function| disableIncognito function| denied function| getWorkerRegistration function| SubS function| CheckS function| urlB64ToUint8Array function| j4ee function| L0zz boolean| j string| title string| holder function| before_redirect_block1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.blackwateeragain.tw/ | Name: uuid Value: d7042c71-8c2d-4ff0-ad00-8a47ae4bbd1e |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
blackwateeragain.tw
click.travelfornamewalking.ga
irc.lovegreenpencils.ga
main.travelfornamewalking.ga
rji-sales.com
click.travelfornamewalking.ga
irc.lovegreenpencils.ga
main.travelfornamewalking.ga
rji-sales.com
157.245.79.75
160.153.95.197
51.195.108.239
50f5ee9daa790851157af25f6b1450e4c2914633df720b1cf7ab991fe9795cd2
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
70a63889decd52e077c6a1b4f11f382d2c27a481cdff0f95ced293a4e572556f
70e4ee9e7b7b7536ec1e939d176a47925a95186e7149a4086415a9c2536df86c
9ffada0249a2361453e1b9bfa9b3cae69f59c558dde1cce9952dfe79bc2fa27d
e080497e64d80a913bcfe380509f5ef9d5bc9f2bb12c828e5f2de016a284e38a