urlscan.io logo urlscan.io
SecurityTrails logo

sharerigs-99-rig-87t8t.ondigitalocean.app Open in urlscan Pro
2606:4700::6810:f34e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wlckp.sacrificegamers.xyz/?jhd=15Y2F0aGVyaW5lX2FfcGVkcmV0dGlAdWhjLmNvbQ==
Effective URL: https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&....
Submission: On September 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 10 domains to perform 19 HTTP transactions. The main IP is 2606:4700::6810:f34e, located in United States and belongs to CLOUDFLARENET, US. The main domain is sharerigs-99-rig-87t8t.ondigitalocean.app.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 7th 2022. Valid for: a year.
This is the only time sharerigs-99-rig-87t8t.ondigitalocean.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18.216.77.99 16509 (AMAZON-02)
1 5 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
19 6
1    18.216.77.99 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-216-77-99.us-east-2.compute.amazonaws.com
wlckp.sacrificegamers.xyz
5    2606:4700::6810:f34e (United States)

ASN13335 (CLOUDFLARENET, US)
sharerigs-99-rig-87t8t.ondigitalocean.app
6    2606:4700:10::6816:4951 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jotfor.ms
2    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
Apex Domain
Subdomains		 Transfer
6 jotfor.ms
cdn.jotfor.ms — Cisco Umbrella Rank: 20511
34 KB
5 ondigitalocean.app
sharerigs-99-rig-87t8t.ondigitalocean.app
16 KB
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
2 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 293
51 KB
1 sacrificegamers.xyz
wlckp.sacrificegamers.xyz
625 B
0 cors.io Failed
cors.io Failed
0 uhc.com Failed
uhc.com Failed
0 adcash.com Failed
adcash.com Failed
0 as.com Failed
as.com Failed
0 tradeadexchange.com Failed
tradeadexchange.com Failed
19 10
Domain Requested by
6 cdn.jotfor.ms sharerigs-99-rig-87t8t.ondigitalocean.app
cdn.jotfor.ms
5 sharerigs-99-rig-87t8t.ondigitalocean.app 1 redirects sharerigs-99-rig-87t8t.ondigitalocean.app
3 unpkg.com 2 redirects sharerigs-99-rig-87t8t.ondigitalocean.app
2 ajax.googleapis.com sharerigs-99-rig-87t8t.ondigitalocean.app
1 wlckp.sacrificegamers.xyz
0 cors.io Failed sharerigs-99-rig-87t8t.ondigitalocean.app
0 uhc.com Failed sharerigs-99-rig-87t8t.ondigitalocean.app
0 adcash.com Failed sharerigs-99-rig-87t8t.ondigitalocean.app
0 as.com Failed sharerigs-99-rig-87t8t.ondigitalocean.app
0 tradeadexchange.com Failed sharerigs-99-rig-87t8t.ondigitalocean.app
19 10

This site contains no links.

Subject Issuer Validity Valid
*.sacrificegamers.xyz
R3		 2022-09-12 -
2022-12-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-07 -
2023-04-07		 a year crt.sh
*.jotfor.ms
E1		 2022-08-16 -
2022-11-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.
Frame ID: 2C1ECF30942F19AF260EA92F7F5CC33B
Requests: 21 HTTP requests in this frame

Frame: https://uhc.com/
Frame ID: 8A7FE00E575CCCAED8C6C7A7B6201B5D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Authenticate uhc.com

Page URL History Show full URLs

  1. https://wlckp.sacrificegamers.xyz/?jhd=15Y2F0aGVyaW5lX2FfcGVkcmV0dGlAdWhjLmNvbQ== Page URL
  2. https://sharerigs-99-rig-87t8t.ondigitalocean.app/ Page URL
  3. https://sharerigs-99-rig-87t8t.ondigitalocean.app/yl0FqNnBo2.php HTTP 302
    https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/load.php?token=66Y2F0aGVyaW5lX2FfcGVkcmV0dG... Page URL
  4. https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=ca... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

68 %
HTTPS

80 %
IPv6

10
Domains

10
Subdomains

6
IPs

2
Countries

103 kB
Transfer

327 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wlckp.sacrificegamers.xyz/?jhd=15Y2F0aGVyaW5lX2FfcGVkcmV0dGlAdWhjLmNvbQ== Page URL
  2. https://sharerigs-99-rig-87t8t.ondigitalocean.app/ Page URL
  3. https://sharerigs-99-rig-87t8t.ondigitalocean.app/yl0FqNnBo2.php HTTP 302
    https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/load.php?token=66Y2F0aGVyaW5lX2FfcGVkcmV0dGlAdWhjLmNvbQ%3D%3D Page URL
  4. https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&. Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://sharerigs-99-rig-87t8t.ondigitalocean.app/yl0FqNnBo2.php HTTP 302
  • https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/load.php?token=66Y2F0aGVyaW5lX2FfcGVkcmV0dGlAdWhjLmNvbQ%3D%3D
Request Chain 13
  • https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/resources/js/flyoutmenu.css?1001088 HTTP 0
  • http://tradeadexchange.com/
Request Chain 14
  • https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/resources/js/flyoutmenu.js?1001088 HTTP 0
  • http://as.com/
Request Chain 15
  • https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/resources/css/global.css?1001088 HTTP 0
  • http://adcash.com/
Request Chain 16
  • https://unpkg.com/@ungap/custom-elements-builtin HTTP 302
  • https://unpkg.com/@ungap/custom-elements-builtin@0.6.5 HTTP 302
  • https://unpkg.com/@ungap/custom-elements-builtin@0.6.5/min.js

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
wlckp.sacrificegamers.xyz/ 		372 B
625 B 		Document
General
Check archive.org
Download Go to
Full URL
https://wlckp.sacrificegamers.xyz/?jhd=15Y2F0aGVyaW5lX2FfcGVkcmV0dGlAdWhjLmNvbQ==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.216.77.99 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-216-77-99.us-east-2.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 14:04:13 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
/
sharerigs-99-rig-87t8t.ondigitalocean.app/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sharerigs-99-rig-87t8t.ondigitalocean.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://wlckp.sacrificegamers.xyz
Referer
https://wlckp.sacrificegamers.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
74d2de88bf0c8fdc-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 14:04:14 GMT
server
cloudflare
x-do-app-origin
26c3092d-d731-45b7-a486-bd4d92e9cb0d
x-do-orig-status
200
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/gif
load.php
sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/
Redirect Chain
  • https://sharerigs-99-rig-87t8t.ondigitalocean.app/yl0FqNnBo2.php
  • https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/load.php?token=66Y2F0aGVyaW5lX2FfcGVkcmV0dGlAdWhjLmNvbQ%3D%3D
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/load.php?token=66Y2F0aGVyaW5lX2FfcGVkcmV0dGlAdWhjLmNvbQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://sharerigs-99-rig-87t8t.ondigitalocean.app
Referer
https://sharerigs-99-rig-87t8t.ondigitalocean.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
MISS
cf-ray
74d2deb7e96c8fdc-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 14:04:21 GMT
last-modified
Mon, 19 Sep 2022 14:04:21 GMT
server
cloudflare
vary
Accept-Encoding
x-do-app-origin
26c3092d-d731-45b7-a486-bd4d92e9cb0d
x-do-orig-status
200

Redirect headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
74d2de904c8a8fdc-FRA
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 14:04:21 GMT
location
c4dbfc7ea6a105308ac0bb3d73fa26a0/load.php?token=66Y2F0aGVyaW5lX2FfcGVkcmV0dGlAdWhjLmNvbQ%3D%3D
server
cloudflare
x-do-app-origin
26c3092d-d731-45b7-a486-bd4d92e9cb0d
x-do-orig-status
302
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/gif
Primary Request gfroceysgz8qvjbbbl23bb7ansfbez.php
sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/ 		34 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9afdd2bc4c8222357d9330e98d446ee4bfc06d9bfcb56c5050f5a87b91169f5

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://sharerigs-99-rig-87t8t.ondigitalocean.app
Referer
https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/load.php?token=66Y2F0aGVyaW5lX2FfcGVkcmV0dGlAdWhjLmNvbQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
74d2debaceed8fdc-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 14:04:21 GMT
server
cloudflare
x-do-app-origin
26c3092d-d731-45b7-a486-bd4d92e9cb0d
x-do-orig-status
200
formCss.css
cdn.jotfor.ms/static/ 		62 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jotfor.ms/static/formCss.css?3.3.16036
Requested by
Host: sharerigs-99-rig-87t8t.ondigitalocean.app
URL: https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7fd54092a241bf514156416a4f1b80da4e9061d24a6e27b553750c9b88330bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sharerigs-99-rig-87t8t.ondigitalocean.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:04:21 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 19 Sep 2022 13:26:52 GMT
server
cloudflare
etag
W/"63286e1c-f7a0"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
cache-control
public, max-age=315360000
cf-ray
74d2debc083f9a0c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
nova.css
cdn.jotfor.ms/css/styles/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jotfor.ms/css/styles/nova.css?3.3.16036
Requested by
Host: sharerigs-99-rig-87t8t.ondigitalocean.app
URL: https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
422e1865e93b550753acd435129307bae16bee797feb38c0c9fbffb0ab235d22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sharerigs-99-rig-87t8t.ondigitalocean.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:04:21 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 26 Aug 2022 07:17:11 GMT
server
cloudflare
etag
W/"63087377-93e5"
vary
Accept-Encoding
content-type
text/css
via
1.1 google
expires
Thu, 01 Jan 1970 00:00:01 GMT
cache-control
max-age=3600
cf-ray
74d2debc08429a0c-FRA
x-static
2
566a91c2977cdfcd478b4567.css
cdn.jotfor.ms/themes/CSS/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jotfor.ms/themes/CSS/566a91c2977cdfcd478b4567.css?
Requested by
Host: sharerigs-99-rig-87t8t.ondigitalocean.app
URL: https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
100cf77f80be7c21407ac34937ca0dd63b667b6106d63961208c846b54da5f73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sharerigs-99-rig-87t8t.ondigitalocean.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:04:21 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2172187
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /opt/csp-violation-report.php
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma
no-cache
last-modified
Thu, 24 Sep 2020 07:36:35 GMT
server
cloudflare
etag
W/"cbc5f2f3554f28da655f17836110d89a"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
via
1.1 google
cache-control
max-age=3600
x-form-cache
MISS-APP
cf-ray
74d2debc08449a0c-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.4.2/ 		18 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.4.2/webfont.js
Requested by
Host: sharerigs-99-rig-87t8t.ondigitalocean.app
URL: https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52ed15904751d037ad3a0835c1df150485c6d1b815355bbad1ccad6fda5f4e9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sharerigs-99-rig-87t8t.ondigitalocean.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:11:15 GMT
x-content-type-options
nosniff
age
13986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18365
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 10:11:15 GMT
printForm.css
cdn.jotfor.ms/css/ 		456 B
394 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jotfor.ms/css/printForm.css?3.3.16036
Requested by
Host: sharerigs-99-rig-87t8t.ondigitalocean.app
URL: https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b23b22d37aabecfaf4922f97f2b1fa93da87fd0a284624f7f8fa00bf40b37cb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sharerigs-99-rig-87t8t.ondigitalocean.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d2debcfa629a0c-FRA
date
Mon, 19 Sep 2022 14:04:22 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Tue, 09 Aug 2022 12:43:12 GMT
server
cloudflare
etag
W/"62f25660-1c8"
vary
Accept-Encoding
content-type
text/css
expires
Thu, 01 Jan 1970 00:00:01 GMT
cache-control
max-age=3600
content-encoding
gzip
x-static
2
control_appointment.css
cdn.jotfor.ms/form-resources/dist/styles/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jotfor.ms/form-resources/dist/styles/control_appointment.css
Requested by
Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/css/styles/nova.css?3.3.16036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdfe364cd8bda6d9d2dba385c70d758d7b7317c455e333e3b1de7812ffd0fe6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jotfor.ms/css/styles/nova.css?3.3.16036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:04:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 May 2022 06:06:03 GMT
server
cloudflare
age
2172652
etag
W/"628c75cb-4514"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
74d2debcfa689a0c-FRA
via
1.1 google
expires
Thu, 01 Jan 1970 00:00:01 GMT
control_inline.css
cdn.jotfor.ms/form-resources/dist/styles/ 		29 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jotfor.ms/form-resources/dist/styles/control_inline.css
Requested by
Host: cdn.jotfor.ms
URL: https://cdn.jotfor.ms/css/styles/nova.css?3.3.16036
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4951 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf43df854e10c43526b7ea380ca4d72453020e56c544cf2d2f3c1878822bf8c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jotfor.ms/css/styles/nova.css?3.3.16036
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:04:21 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 24 May 2022 06:06:03 GMT
server
cloudflare
age
2172702
etag
W/"628c75cb-75bf"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
74d2debcfa699a0c-FRA
via
1.1 google
expires
Thu, 01 Jan 1970 00:00:01 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
Requested by
Host: sharerigs-99-rig-87t8t.ondigitalocean.app
URL: https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sharerigs-99-rig-87t8t.ondigitalocean.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 13:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33434
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 13:30:11 GMT
/
tradeadexchange.com/
Redirect Chain
  • https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/resources/js/flyoutmenu.css?1001088
  • http://tradeadexchange.com/
0
0
/
as.com/
Redirect Chain
  • https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/resources/js/flyoutmenu.js?1001088
  • http://as.com/
0
0
/
adcash.com/
Redirect Chain
  • https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/resources/css/global.css?1001088
  • http://adcash.com/
0
0
min.js
unpkg.com/@ungap/custom-elements-builtin@0.6.5/
Redirect Chain
  • https://unpkg.com/@ungap/custom-elements-builtin
  • https://unpkg.com/@ungap/custom-elements-builtin@0.6.5
  • https://unpkg.com/@ungap/custom-elements-builtin@0.6.5/min.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@ungap/custom-elements-builtin@0.6.5/min.js
Requested by
Host: sharerigs-99-rig-87t8t.ondigitalocean.app
URL: https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.
Protocol
H2
Server
2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c226073a8935761439e5638028b49d180f072e1936f639daed65c9f6accc1b07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sharerigs-99-rig-87t8t.ondigitalocean.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:04:22 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
22231288
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"c21-bikpPrGKFSa63gUSdMjSFgcBrCk"
fly-request-id
01FRMFKT6CA7Y0D1KR9VGVNPQX
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
74d2debf1999693f-FRA

Redirect headers

date
Mon, 19 Sep 2022 14:04:22 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FT5C3E9T2HFGWD1NQ3HR3ZX5
server
cloudflare
age
20590801
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/@ungap/custom-elements-builtin@0.6.5/min.js
cache-control
public, max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
74d2debef94a693f-FRA
access-control-allow-origin
*
x-frame-bypass.js
sharerigs-99-rig-87t8t.ondigitalocean.app/engine/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sharerigs-99-rig-87t8t.ondigitalocean.app/engine/x-frame-bypass.js
Requested by
Host: sharerigs-99-rig-87t8t.ondigitalocean.app
URL: https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f34e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2a786229d4e76551baac6ab56e6374769828a414f02955863ea098d5886309a

Request headers

Referer
https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.
Origin
https://sharerigs-99-rig-87t8t.ondigitalocean.app
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:04:22 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
cloudflare
x-do-app-origin
26c3092d-d731-45b7-a486-bd4d92e9cb0d
x-do-orig-status
200
etag
W/"9c1-11ef9b484c240"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private
cf-ray
74d2debebe6b8fdc-FRA
/
uhc.com/ Frame 8A7F 		0
0
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5f9727f30790bdbdf19d0e89815e3dae518aff97390c25e02c562568abf2ddd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/jpeg
/
cors.io/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tradeadexchange.com
URL
http://tradeadexchange.com/
Domain
as.com
URL
http://as.com/
Domain
adcash.com
URL
http://adcash.com/
Domain
uhc.com
URL
https://uhc.com/
Domain
cors.io
URL
https://cors.io/?https://uhc.com/

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation boolean| Ha object| webfont object| WebFont function| $ function| jQuery object| swRegisterManager function| swPostRegister

2 Cookies

Domain/Path Name / Value
sharerigs-99-rig-87t8t.ondigitalocean.app/ Name: xlogin
Value: Y2F0aGVyaW5lX2FfcGVkcmV0dGlAdWhjLmNvbQ%3D%3D
sharerigs-99-rig-87t8t.ondigitalocean.app/ Name: ip
Value: MzcuNTguNTcuMg%3D%3D

3 Console Messages

Source Level URL
Text
security error URL: https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.#n=1252899642&fid=1
Message:
Mixed Content: The page at 'https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.#n=1252899642&fid=1' was loaded over HTTPS, but requested an insecure stylesheet 'http://tradeadexchange.com/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.#n=1252899642&fid=1
Message:
Mixed Content: The page at 'https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.#n=1252899642&fid=1' was loaded over HTTPS, but requested an insecure script 'http://as.com/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.#n=1252899642&fid=1
Message:
Mixed Content: The page at 'https://sharerigs-99-rig-87t8t.ondigitalocean.app/c4dbfc7ea6a105308ac0bb3d73fa26a0/gfroceysgz8qvjbbbl23bb7ansfbez.php?login=catherine_a_pedretti&.verify?service=fav=1&mail&data:text/html;charset=utf-8;base64,PGh0bWw+DgPC9zdHlsZT4NCiAgPGlmcmFt=catherine_a_pedretti&loginID=catherine_a_pedretti&.#n=1252899642&fid=1' was loaded over HTTPS, but requested an insecure stylesheet 'http://adcash.com/'. This request has been blocked; the content must be served over HTTPS.