urlscan.io logo urlscan.io
SecurityTrails logo

country-bear-wood.com Open in urlscan Pro
192.99.19.188  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://api-01.moengage.com/v1/emailclick?em=joaquim.brites%40sma-europe.eu&user_id=%40%24xy%2A%40%21hYs%C2%B7%3A%C3%A7%C3%A...
Effective URL: https://country-bear-wood.com/djdb/jhsb/
Submission: On February 09 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 192.99.19.188, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is country-bear-wood.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 31st 2023. Valid for: 3 months.
This is the only time country-bear-wood.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.221.246.55 14618 (AMAZON-AES)
2 142.44.136.29 16276 (OVH)
1 2 192.99.19.188 16276 (OVH)
3 2
Apex Domain
Subdomains		 Transfer
2 country-bear-wood.com
country-bear-wood.com
611 B
2 lahorimela.com
lahorimela.com
2 KB
1 moengage.com
api-01.moengage.com — Cisco Umbrella Rank: 136510
369 B
3 3
Domain Requested by
2 country-bear-wood.com 1 redirects lahorimela.com
2 lahorimela.com lahorimela.com
1 api-01.moengage.com 1 redirects
3 3

This site contains no links.

Subject Issuer Validity Valid
lahorimela.com
cPanel, Inc. Certification Authority		 2022-12-05 -
2023-03-05		 3 months crt.sh
country-bear-wood.com
cPanel, Inc. Certification Authority		 2023-01-31 -
2023-05-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://country-bear-wood.com/djdb/jhsb/
Frame ID: 38DF926C2F9829E0212C8FC173A0BFF8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://api-01.moengage.com/v1/emailclick?em=joaquim.brites%40sma-europe.eu&user_id=%40%24xy%2A%40%21hYs... HTTP 302
    https://lahorimela.com/dks/fKa5mo/andrew.koepke@sectorfinancial.com Page URL
  2. https://country-bear-wood.com/djdb/jhsb HTTP 301
    https://country-bear-wood.com/djdb/jhsb/ Page URL

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

2 kB
Transfer

3 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://api-01.moengage.com/v1/emailclick?em=joaquim.brites%40sma-europe.eu&user_id=%40%24xy%2A%40%21hYs%C2%B7%3A%C3%A7%C3%A8Z+%C3%98%15ll%C2%B8%C2%9C%C3%8A%C3%9A2%C2%8E%C2%AE+%C2%BD%C3%95h%C2%8A%C2%A4A%0A%C3%B3%00.5%1F&d=%40%24xy%2A%40%21hn%C2%8E%3C%60f%3B%24%5CoR%1B%C2%97+%C2%87cm&cid=%40%24xy%2A%40%21h%C2%BA%C2%A7M%C2%9E%C2%9E%14%24%0FD%C2%90%C2%BF%C3%AEZf%08%C3%B9%17%C3%B9%C3%B4b%C2%92l%C2%81%03%C2%89rxvM%C2%92V%28%C2%91%C3%91%00%C3%AF%1Ds%C2%A7%C2%86V%C3%A4%3F%0D%C3%91%C2%9BOt%C2%B3J%C2%BE%C3%87%C2%ACvs%1B%C3%BE%C3%81%C3%91%C2%AAiqD%C3%B8%C3%B3%7F%2C%16+%3E%5C%C3%88%C3%88%C3%97o%21%07%C2%AA%C3%A1%25%0B%C2%BF%00%10&ut=l&moeclickid=61b35f5997223f7c61e6625a_F_T_EM_AB_0_P_0_TIME_2021-12-10+14%3A09%3A02.859891_L_0ecli27&rlink=%68%74%74%70%73%3A%2F%2F%6C%61%68%6F%72%69%6D%65%6C%61%2E%63%6F%6D%2F%64%6B%73%2F%66%4B%61%35%6D%6F%2F%61%6E%64%72%65%77%2E%6B%6F%65%70%6B%65%40%73%65%63%74%6F%72%66%69%6E%61%6E%63%69%61%6C%2E%63%6F%6D HTTP 302
    https://lahorimela.com/dks/fKa5mo/andrew.koepke@sectorfinancial.com Page URL
  2. https://country-bear-wood.com/djdb/jhsb HTTP 301
    https://country-bear-wood.com/djdb/jhsb/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://api-01.moengage.com/v1/emailclick?em=joaquim.brites%40sma-europe.eu&user_id=%40%24xy%2A%40%21hYs%C2%B7%3A%C3%A7%C3%A8Z+%C3%98%15ll%C2%B8%C2%9C%C3%8A%C3%9A2%C2%8E%C2%AE+%C2%BD%C3%95h%C2%8A%C2%A4A%0A%C3%B3%00.5%1F&d=%40%24xy%2A%40%21hn%C2%8E%3C%60f%3B%24%5CoR%1B%C2%97+%C2%87cm&cid=%40%24xy%2A%40%21h%C2%BA%C2%A7M%C2%9E%C2%9E%14%24%0FD%C2%90%C2%BF%C3%AEZf%08%C3%B9%17%C3%B9%C3%B4b%C2%92l%C2%81%03%C2%89rxvM%C2%92V%28%C2%91%C3%91%00%C3%AF%1Ds%C2%A7%C2%86V%C3%A4%3F%0D%C3%91%C2%9BOt%C2%B3J%C2%BE%C3%87%C2%ACvs%1B%C3%BE%C3%81%C3%91%C2%AAiqD%C3%B8%C3%B3%7F%2C%16+%3E%5C%C3%88%C3%88%C3%97o%21%07%C2%AA%C3%A1%25%0B%C2%BF%00%10&ut=l&moeclickid=61b35f5997223f7c61e6625a_F_T_EM_AB_0_P_0_TIME_2021-12-10+14%3A09%3A02.859891_L_0ecli27&rlink=%68%74%74%70%73%3A%2F%2F%6C%61%68%6F%72%69%6D%65%6C%61%2E%63%6F%6D%2F%64%6B%73%2F%66%4B%61%35%6D%6F%2F%61%6E%64%72%65%77%2E%6B%6F%65%70%6B%65%40%73%65%63%74%6F%72%66%69%6E%61%6E%63%69%61%6C%2E%63%6F%6D HTTP 302
  • https://lahorimela.com/dks/fKa5mo/andrew.koepke@sectorfinancial.com

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
andrew.koepke@sectorfinancial.com
lahorimela.com/dks/fKa5mo/
Redirect Chain
  • https://api-01.moengage.com/v1/emailclick?em=joaquim.brites%40sma-europe.eu&user_id=%40%24xy%2A%40%21hYs%C2%B7%3A%C3%A7%C3%A8Z+%C3%98%15ll%C2%B8%C2%9C%C3%8A%C3%9A2%C2%8E%C2%AE+%C2%BD%C3%95h%C2%8A%C...
  • https://lahorimela.com/dks/fKa5mo/andrew.koepke@sectorfinancial.com
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lahorimela.com/dks/fKa5mo/andrew.koepke@sectorfinancial.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.44.136.29 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns549175.ip-142-44-136.net
Software
nginx /
Resource Hash
93069eabe6929ad1e1c685301e64a088ad5fe9be04f04461cd7e2f60cbf32e86

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
936
content-type
text/html;charset=UTF-8
date
Thu, 09 Feb 2023 19:49:39 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-proxy-cache
MISS

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
33956
content-type
text/html; charset=UTF-8
date
Thu, 09 Feb 2023 19:49:36 GMT
expires
Thu, 09 Feb 2023 19:49:35 GMT
location
https://lahorimela.com/dks/fKa5mo/andrew.koepke@sectorfinancial.com
server
nginx
site.js
lahorimela.com/dks/fKa5mo/ 		166 B
520 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lahorimela.com/dks/fKa5mo/site.js
Requested by
Host: lahorimela.com
URL: https://lahorimela.com/dks/fKa5mo/andrew.koepke@sectorfinancial.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
142.44.136.29 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns549175.ip-142-44-136.net
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lahorimela.com/dks/fKa5mo/andrew.koepke@sectorfinancial.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Feb 2023 19:49:41 GMT
content-encoding
gzip
server
nginx
x-microcachable
0
vary
Accept-Encoding
content-type
text/html;charset=UTF-8
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
cache-control
no-store, no-cache, must-revalidate
content-length
148
expires
Thu, 19 Nov 1981 08:52:00 GMT
Primary Request /
country-bear-wood.com/djdb/jhsb/
Redirect Chain
  • https://country-bear-wood.com/djdb/jhsb
  • https://country-bear-wood.com/djdb/jhsb/
349 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://country-bear-wood.com/djdb/jhsb/
Requested by
Host: lahorimela.com
URL: https://lahorimela.com/dks/fKa5mo/andrew.koepke@sectorfinancial.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.99.19.188 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
wh01.khost.ca
Software
LiteSpeed / PHP/5.6.40
Resource Hash
ad78d015aa1e92b5ea481b1096bd420f293a691083ddf0e1258078930d0f2133

Request headers

Referer
https://lahorimela.com/dks/fKa5mo/andrew.koepke@sectorfinancial.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=31536000
content-encoding
br
content-length
235
content-type
text/html; charset=UTF-8
date
Thu, 09 Feb 2023 19:49:41 GMT
expires
Fri, 09 Feb 2024 19:49:41 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/5.6.40

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
707
content-type
text/html
date
Thu, 09 Feb 2023 19:49:41 GMT
location
https://country-bear-wood.com/djdb/jhsb/
server
LiteSpeed

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

1 Cookies

Domain/Path Name / Value
lahorimela.com/ Name: PHPSESSID
Value: 80a4071a5cd5b5bcb426588b3702aa89

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-01.moengage.com
country-bear-wood.com
lahorimela.com
142.44.136.29
192.99.19.188
54.221.246.55
93069eabe6929ad1e1c685301e64a088ad5fe9be04f04461cd7e2f60cbf32e86
ad78d015aa1e92b5ea481b1096bd420f293a691083ddf0e1258078930d0f2133