szqxvo.com Open in urlscan Pro
185.56.234.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://oceanergy.in/
Effective URL:
https://szqxvo.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=zcli...
Submission: On March 01 via manual (March 1st 2023, 9:14:50 am UTC) from AE — Scanned from SG

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 6 domains to perform 23 HTTP transactions. The main IP is 185.56.234.205, located in Netherlands and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is szqxvo.com.
TLS certificate: Issued by R3 on February 17th 2023. Valid for: 3 months.

This is the only time szqxvo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	166.62.30.158 166.62.30.158	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1 4	194.135.30.210 194.135.30.210	50321 (BYTES-AS) (BYTES-AS)
1 2	185.56.234.205 185.56.234.205	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
23	4

16 166.62.30.158 (Singapore) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 158.30.62.166.host.secureserver.net

oceanergy.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 194.135.30.210 (Czech Republic) 1 redirects

ASN50321 (BYTES-AS, UA)

for.firstblackphase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
step.firstblackphase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
come.sortyellowapples.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
goaway.dofollowgreenline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.56.234.205 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

shbzek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
szqxvo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	oceanergy.in 1 redirects oceanergy.in	188 KB
2	firstblackphase.com for.firstblackphase.com — Cisco Umbrella Rank: 599011 step.firstblackphase.com — Cisco Umbrella Rank: 322582	4 KB
1	szqxvo.com szqxvo.com	12 KB
1	shbzek.com shbzek.com — Cisco Umbrella Rank: 690379 Failed	214 B
1	dofollowgreenline.com goaway.dofollowgreenline.com — Cisco Umbrella Rank: 346352	701 B
1	sortyellowapples.com come.sortyellowapples.com — Cisco Umbrella Rank: 259207 Failed	330 B
23	6

	Domain	Requested by
16	oceanergy.in	1 redirects oceanergy.in
1	szqxvo.com	goaway.dofollowgreenline.com
1	shbzek.com	goaway.dofollowgreenline.com
1	goaway.dofollowgreenline.com	for.firstblackphase.com
1	come.sortyellowapples.com	for.firstblackphase.com
1	step.firstblackphase.com	oceanergy.in
1	for.firstblackphase.com	oceanergy.in
23	7

This site contains no links.

Subject Issuer	Validity	Valid
oceanergy.in Go Daddy Secure Certificate Authority - G2	`2022-10-12` - `2023-10-12`	a year	crt.sh
for.firstblackphase.com R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
step.firstblackphase.com R3	`2023-01-31` - `2023-05-01`	3 months	crt.sh
goaway.dofollowgreenline.com R3	`2023-02-01` - `2023-05-02`	3 months	crt.sh
szqxvo.com R3	`2023-02-17` - `2023-05-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://szqxvo.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=zclick001&si2=
Frame ID: 536F6D510D6606771A13E38FB40B17CA
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checking your browser

Page URL History Show full URLs

http://oceanergy.in/ HTTP 301
https://oceanergy.in/ Page URL
https://come.sortyellowapples.com/follow/finish.php?id=64785e55-66-45776433 HTTP 302
https://goaway.dofollowgreenline.com/follow/finish.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&sui... Page URL
https://shbzek.com/gosl/InNpZCI6MTE4NDYwMiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=zc... HTTP 302
https://szqxvo.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNy... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

23
Requests

83 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

4
IPs

3
Countries

204 kB
Transfer

563 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://oceanergy.in/ HTTP 301
https://oceanergy.in/ Page URL
https://come.sortyellowapples.com/follow/finish.php?id=64785e55-66-45776433 HTTP 302
https://goaway.dofollowgreenline.com/follow/finish.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=35557 Page URL
https://shbzek.com/gosl/InNpZCI6MTE4NDYwMiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=zclick001 HTTP 302
https://szqxvo.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=zclick001&si2= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://oceanergy.in/ HTTP 301
https://oceanergy.in/

Request Chain 18

https://come.sortyellowapples.com/follow/finish.php?id=64785e55-66-45776433 HTTP 302
https://goaway.dofollowgreenline.com/follow/finish.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=35557

23 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	500	/ Show response oceanergy.in/ Redirect Chain http://oceanergy.in/ https://oceanergy.in/	45 KB 9 KB	878ms 861ms	Document text/html	166.62.30.158 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://oceanergy.in/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 166.62.30.158 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 158.30.62.166.host.secureserver.net Software Apache / PHP/7.4.33 Resource Hash `cfcc4a8670b71f7facb4ef9cf871aa7ad1c0a36a8e826263877c5eacbbc99747` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers cache-control no-cache, must-revalidate, max-age=0 content-encoding br content-length 9220 content-type text/html; charset=UTF-8 date Wed, 01 Mar 2023 09:14:38 GMT expires Wed, 11 Jan 1984 05:00:00 GMT link <https://oceanergy.in/wp-json/>; rel="https://api.w.org/", <https://oceanergy.in/wp-json/wp/v2/pages/9>; rel="alternate"; type="application/json", <https://oceanergy.in/>; rel=shortlink server Apache vary Accept-Encoding x-powered-by PHP/7.4.33 Redirect headers Connection Upgrade, Keep-Alive Content-Type text/html; charset=UTF-8 Date Wed, 01 Mar 2023 09:14:37 GMT Keep-Alive timeout=5 Location https://oceanergy.in/ Server Apache Transfer-Encoding chunked Upgrade h2,h2c Vary Accept-Encoding X-Powered-By PHP/7.4.33 X-Redirect-By WordPress
GET H/1.1	200 OK	trbbbbb0 Show response for.firstblackphase.com/	3 KB 2 KB	1140ms 389ms	Script text/plain	194.135.30.210 BYTES-AS
General Check archive.org Show headers Download Go to Full URL https://for.firstblackphase.com/trbbbbb0 Requested by Host: oceanergy.in URL: https://oceanergy.in/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.135.30.210 , Czech Republic, ASN50321 (BYTES-AS, UA), Reverse DNS Software nginx / Resource Hash `e00193640c329750496613201eca610495dc1ae2bfc272bf9a79580536034818` Request headers accept-language zh-SG,zh;q=0.9 Referer https://oceanergy.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Mar 2023 09:14:40 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 1297 Expires 0
GET H2	200	jquery-migrate.min.js Show response oceanergy.in/wp-includes/js/jquery/	16 KB 5 KB	96ms 90ms	Script application/javascript	166.62.30.158 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://oceanergy.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Requested by Host: oceanergy.in URL: https://oceanergy.in/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 166.62.30.158 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 158.30.62.166.host.secureserver.net Software Apache / Resource Hash `04bbe3de2d93b261f29d64a7d82d4f13641a5e6c1fbb96ffbd498f6db58e5f06` Request headers accept-language zh-SG,zh;q=0.9 Referer https://oceanergy.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 09:14:39 GMT content-encoding br last-modified Tue, 31 Jan 2023 10:52:41 GMT server Apache etag "c001526-414d-5f38d217921e9-br" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 5533
GET H2	200	facebook.js Show response oceanergy.in/wp-content/plugins/add-facebook/public/scripts/	171 KB 41 KB	171ms 165ms	Script application/javascript	166.62.30.158 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://oceanergy.in/wp-content/plugins/add-facebook/public/scripts/facebook.js?ver=6.0.3 Requested by Host: oceanergy.in URL: https://oceanergy.in/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 166.62.30.158 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 158.30.62.166.host.secureserver.net Software Apache / Resource Hash `7a26ef6bab7f672440dc69287922a26fa13790666b0a30fda8c85b8742e6b934` Request headers accept-language zh-SG,zh;q=0.9 Referer https://oceanergy.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 09:14:39 GMT content-encoding br last-modified Thu, 02 Jun 2022 10:57:48 GMT server Apache etag "c000a98-2aae9-5e074e0544300-br" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 42300
GET H2	200	admin.js Show response oceanergy.in/wp-content/plugins/feed-them-social/admin/js/	4 KB 2 KB	60ms 54ms	Script application/javascript	166.62.30.158 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://oceanergy.in/wp-content/plugins/feed-them-social/admin/js/admin.js?ver=3.0.1 Requested by Host: oceanergy.in URL: https://oceanergy.in/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 166.62.30.158 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 158.30.62.166.host.secureserver.net Software Apache / Resource Hash `870a92c045c9aced828d1b4609575c60f54a704517ee1fae3436c056372468da` Request headers accept-language zh-SG,zh;q=0.9 Referer https://oceanergy.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 09:14:39 GMT content-encoding br last-modified Tue, 20 Sep 2022 11:06:53 GMT server Apache etag "c000344-10d6-5e919d35b8d40-br" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1530
GET H2	200	encrypt.js Show response oceanergy.in/wp-content/plugins/feed-them-social/admin/js/	8 KB 2 KB	65ms 60ms	Script application/javascript	166.62.30.158 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://oceanergy.in/wp-content/plugins/feed-them-social/admin/js/encrypt.js?ver=3.0.1 Requested by Host: oceanergy.in URL: https://oceanergy.in/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 166.62.30.158 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 158.30.62.166.host.secureserver.net Software Apache / Resource Hash `f5df53e594939619238a60284a63ddbf1c5b42f00c825e883e39a31c9d2f5699` Request headers accept-language zh-SG,zh;q=0.9 Referer https://oceanergy.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 09:14:39 GMT content-encoding br last-modified Tue, 20 Sep 2022 11:06:53 GMT server Apache etag "c000345-2086-5e919d35b8d40-br" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 2157
GET H2	200	powered-by.js Show response oceanergy.in/wp-content/plugins/feed-them-social/feeds/js/	4 KB 1 KB	70ms 65ms	Script application/javascript	166.62.30.158 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://oceanergy.in/wp-content/plugins/feed-them-social/feeds/js/powered-by.js?ver=3.0.1 Requested by Host: oceanergy.in URL: https://oceanergy.in/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 166.62.30.158 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 158.30.62.166.host.secureserver.net Software Apache / Resource Hash `d609843c6ebed8a6f608f6d50dcc7163e59c3f072474f7b30d5f8ff3b0bf71c3` Request headers accept-language zh-SG,zh;q=0.9 Referer https://oceanergy.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 09:14:39 GMT content-encoding br last-modified Tue, 20 Sep 2022 11:06:55 GMT server Apache etag "c000a4a-fb7-5e919d37a11c0-br" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1442
GET H2	200	fts-global.js Show response oceanergy.in/wp-content/plugins/feed-them-social/feeds/js/	26 KB 5 KB	70ms 66ms	Script application/javascript	166.62.30.158 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://oceanergy.in/wp-content/plugins/feed-them-social/feeds/js/fts-global.js?ver=3.0.1 Requested by Host: oceanergy.in URL: https://oceanergy.in/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 166.62.30.158 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 158.30.62.166.host.secureserver.net Software Apache / Resource Hash `34d567d1717ee5439aee035606c16ff226e9f30127cc74458683b938b5e50007` Request headers accept-language zh-SG,zh;q=0.9 Referer https://oceanergy.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 09:14:39 GMT content-encoding br last-modified Tue, 20 Sep 2022 11:06:55 GMT server Apache etag "c000a4c-6604-5e919d37a11c0-br" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 5223
GET H2	200	crp-main-front.js Show response oceanergy.in/wp-content/plugins/portfolio-wp/js/	4 KB 1 KB	135ms 131ms	Script application/javascript	166.62.30.158 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://oceanergy.in/wp-content/plugins/portfolio-wp/js/crp-main-front.js?ver=6.0.3 Requested by Host: oceanergy.in URL: https://oceanergy.in/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 166.62.30.158 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 158.30.62.166.host.secureserver.net Software Apache / Resource Hash `d932fdda59173ef3a4c7fe71dd67f8b34cdb59a7e64cb2bab9fd6e268396293a` Request headers accept-language zh-SG,zh;q=0.9 Referer https://oceanergy.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 09:14:39 GMT content-encoding br last-modified Thu, 02 Jun 2022 10:57:23 GMT server Apache etag "c000320-e9b-5e074ded6cac0-br" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 1304
GET H2	404	crp-helper.js oceanergy.in/wp-content/plugins/portfolio-wp/js/	0 0	1244ms 1241ms	Script text/html	166.62.30.158 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://oceanergy.in/wp-content/plugins/portfolio-wp/js/crp-helper.js?ver=6.0.3 Requested by Host: oceanergy.in URL: https://oceanergy.in/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 166.62.30.158 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 158.30.62.166.host.secureserver.net Software Apache / PHP/7.4.33 Resource Hash Request headers accept-language zh-SG,zh;q=0.9 Referer https://oceanergy.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 09:14:39 GMT content-encoding br server Apache x-powered-by PHP/7.4.33 vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 link <https://oceanergy.in/wp-json/>; rel="https://api.w.org/" content-length 9732 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	jquery.modernizr.js Show response oceanergy.in/wp-content/plugins/portfolio-wp/js/jquery/	27 KB 8 KB	105ms 101ms	Script application/javascript	166.62.30.158 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://oceanergy.in/wp-content/plugins/portfolio-wp/js/jquery/jquery.modernizr.js?ver=6.0.3 Requested by Host: oceanergy.in URL: https://oceanergy.in/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 166.62.30.158 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 158.30.62.166.host.secureserver.net Software Apache / Resource Hash `d90fad6312982df5e78681e1d6a90955d20081534c55809cf0ff9e2f761435a8` Request headers accept-language zh-SG,zh;q=0.9 Referer https://oceanergy.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 09:14:39 GMT content-encoding br last-modified Thu, 02 Jun 2022 10:57:23 GMT server Apache etag "c000316-6dfd-5e074ded6cac0-br" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 7860
GET H2	200	crp-tiled-layer.js Show response oceanergy.in/wp-content/plugins/portfolio-wp/js/	18 KB 4 KB	139ms 136ms	Script application/javascript	166.62.30.158 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://oceanergy.in/wp-content/plugins/portfolio-wp/js/crp-tiled-layer.js?ver=6.0.3 Requested by Host: oceanergy.in URL: https://oceanergy.in/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 166.62.30.158 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 158.30.62.166.host.secureserver.net Software Apache / Resource Hash `63f589b334f2032d01cac84a82582418d061724260fb3cb45f6674b435012a6a` Request headers accept-language zh-SG,zh;q=0.9 Referer https://oceanergy.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 09:14:39 GMT content-encoding br last-modified Thu, 02 Jun 2022 10:57:23 GMT server Apache etag "c000321-47ad-5e074ded6cac0-br" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 4141
GET H2	200	jquery.lightgallery.js Show response oceanergy.in/wp-content/plugins/portfolio-wp/js/jquery/	41 KB 7 KB	140ms 137ms	Script application/javascript	166.62.30.158 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://oceanergy.in/wp-content/plugins/portfolio-wp/js/jquery/jquery.lightgallery.js?ver=6.0.3 Requested by Host: oceanergy.in URL: https://oceanergy.in/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 166.62.30.158 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 158.30.62.166.host.secureserver.net Software Apache / Resource Hash `19a1f81213a27a95d0f5746aa8b4fd64fb8a1bdf7fadf3fe6014b5c052c4db78` Request headers accept-language zh-SG,zh;q=0.9 Referer https://oceanergy.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 09:14:39 GMT content-encoding br last-modified Thu, 02 Jun 2022 10:57:23 GMT server Apache etag "c00031b-a27a-5e074ded6cac0-br" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 7243
GET H2	200	owl.carousel.js Show response oceanergy.in/wp-content/plugins/portfolio-wp/js/owl-carousel/	91 KB 20 KB	141ms 139ms	Script application/javascript	166.62.30.158 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://oceanergy.in/wp-content/plugins/portfolio-wp/js/owl-carousel/owl.carousel.js?ver=6.0.3 Requested by Host: oceanergy.in URL: https://oceanergy.in/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 166.62.30.158 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 158.30.62.166.host.secureserver.net Software Apache / Resource Hash `e1e3365df1e6a07384a35549eba76682179d7af4711248c1d623cb2b1d4a1729` Request headers accept-language zh-SG,zh;q=0.9 Referer https://oceanergy.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 09:14:39 GMT content-encoding br last-modified Thu, 02 Jun 2022 10:57:23 GMT server Apache etag "c0002fb-16c3a-5e074ded6cac0-br" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 20515
GET H/1.1	200 OK	source.js step.firstblackphase.com/scripts/	1 KB 2 KB	1197ms 387ms	Script application/javascript	194.135.30.210 BYTES-AS
General Check archive.org Show headers Download Go to Full URL https://step.firstblackphase.com/scripts/source.js Requested by Host: oceanergy.in URL: https://oceanergy.in/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.135.30.210 , Czech Republic, ASN50321 (BYTES-AS, UA), Reverse DNS Software nginx / Resource Hash Request headers accept-language zh-SG,zh;q=0.9 Referer https://oceanergy.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers Date Wed, 01 Mar 2023 09:14:41 GMT Last-Modified Tue, 21 Feb 2023 15:45:51 GMT Server nginx ETag "63f4e72f-5b5" Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=864000 Connection keep-alive Accept-Ranges bytes Content-Length 1461 Expires Sat, 11 Mar 2023 09:14:41 GMT
GET H2	200	oceanergy_logo-1.png oceanergy.in/wp-content/uploads/2022/11/	54 KB 54 KB	54ms 54ms	Image image/png	166.62.30.158 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://oceanergy.in/wp-content/uploads/2022/11/oceanergy_logo-1.png Requested by Host: oceanergy.in URL: https://oceanergy.in/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 166.62.30.158 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 158.30.62.166.host.secureserver.net Software Apache / Resource Hash Request headers accept-language zh-SG,zh;q=0.9 Referer https://oceanergy.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 09:14:40 GMT last-modified Mon, 21 Nov 2022 13:14:54 GMT server Apache accept-ranges bytes etag "c02076a-d8a9-5edfad764372a" content-length 55465 content-type image/png
GET H2	200	Oceanergy-without-bg-Logo.png oceanergy.in/wp-content/uploads/2020/02/	26 KB 26 KB	24ms 24ms	Image image/png	166.62.30.158 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL https://oceanergy.in/wp-content/uploads/2020/02/Oceanergy-without-bg-Logo.png Requested by Host: oceanergy.in URL: https://oceanergy.in/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 166.62.30.158 , Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS 158.30.62.166.host.secureserver.net Software Apache / Resource Hash Request headers accept-language zh-SG,zh;q=0.9 Referer https://oceanergy.in/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Wed, 01 Mar 2023 09:14:40 GMT last-modified Fri, 24 Jul 2020 21:02:59 GMT server Apache accept-ranges bytes etag "c0224cb-67e4-5ab364c42e384" content-length 26596 content-type image/png
GET		finish.php come.sortyellowapples.com/follow/	0 0

GET H/1.1	200 OK	finish.php goaway.dofollowgreenline.com/follow/ Redirect Chain https://come.sortyellowapples.com/follow/finish.php?id=64785e55-66-45776433 https://goaway.dofollowgreenline.com/follow/finish.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=35557	951 B 701 B	1200ms 389ms	Document text/html	194.135.30.210 BYTES-AS
General Check archive.org Show headers Download Go to Full URL https://goaway.dofollowgreenline.com/follow/finish.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=35557 Requested by Host: for.firstblackphase.com URL: https://for.firstblackphase.com/trbbbbb0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.135.30.210 , Czech Republic, ASN50321 (BYTES-AS, UA), Reverse DNS Software nginx / Resource Hash Request headers Referer https://oceanergy.in/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers Access-Control-Allow-Origin * Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Wed, 01 Mar 2023 09:14:42 GMT Server nginx Transfer-Encoding chunked Redirect headers Access-Control-Allow-Origin * Connection keep-alive Content-Type text/html; charset=UTF-8 Date Wed, 01 Mar 2023 09:14:41 GMT Location https://goaway.dofollowgreenline.com/follow/finish.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=35557 Server nginx Transfer-Encoding chunked
GET		InNpZCI6MTE4NDYwMiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs shbzek.com/gosl/	0 0

GET		InNpZCI6MTE4NDYwMiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs shbzek.com/gosl/	0 0

GET		InNpZCI6MTE4NDYwMiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs shbzek.com/gosl/	0 0

GET H2	200	Primary Request checking-browser Show response szqxvo.com/ Redirect Chain https://shbzek.com/gosl/InNpZCI6MTE4NDYwMiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=zclick001 https://szqxvo.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=zclick001&si2=	23 KB 12 KB	673ms 172ms	Document text/html	185.56.234.205 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://szqxvo.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=zclick001&si2= Requested by Host: goaway.dofollowgreenline.com URL: https://goaway.dofollowgreenline.com/follow/finish.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=35557 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.56.234.205 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.21.1 / Resource Hash `f296230851c0de142345c50fc04ec8d855bb51e51e7601031dfe21807d9b3dd8` Request headers Referer https://goaway.dofollowgreenline.com/follow/finish.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=35557 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 01 Mar 2023 09:14:44 GMT server nginx/1.21.1 vary Accept-Encoding x-zone eu3 Redirect headers cache-control no-cache content-type text/html; charset=UTF-8 date Wed, 01 Mar 2023 09:14:43 GMT location https://szqxvo.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTE4NDYwMiwid2lkIjo0MjI2MTQsInNyYyI6Mn0=eyJ&si1=zclick001&si2= max-age 0 server nginx/1.21.1 x-zone eu4

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: come.sortyellowapples.com
URL: https://come.sortyellowapples.com/follow/finish.php?id=64785e55-66-45776433

Domain: shbzek.com
URL: https://shbzek.com/gosl/InNpZCI6MTE4NDYwMiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=zclick001

Domain: shbzek.com
URL: https://shbzek.com/gosl/InNpZCI6MTE4NDYwMiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=zclick001

Domain: shbzek.com
URL: https://shbzek.com/gosl/InNpZCI6MTE4NDYwMiwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=zclick001

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| edPushSDK

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.szqxvo.com/	1970-01-20 10:02:28	Name: truniq Value: 1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://oceanergy.in/ Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://oceanergy.in/wp-content/plugins/portfolio-wp/js/crp-helper.js?ver=6.0.3 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

come.sortyellowapples.com
for.firstblackphase.com
goaway.dofollowgreenline.com
oceanergy.in
shbzek.com
step.firstblackphase.com
szqxvo.com
come.sortyellowapples.com
shbzek.com
166.62.30.158
185.56.234.205
194.135.30.210
04bbe3de2d93b261f29d64a7d82d4f13641a5e6c1fbb96ffbd498f6db58e5f06
19a1f81213a27a95d0f5746aa8b4fd64fb8a1bdf7fadf3fe6014b5c052c4db78
34d567d1717ee5439aee035606c16ff226e9f30127cc74458683b938b5e50007
63f589b334f2032d01cac84a82582418d061724260fb3cb45f6674b435012a6a
7a26ef6bab7f672440dc69287922a26fa13790666b0a30fda8c85b8742e6b934
870a92c045c9aced828d1b4609575c60f54a704517ee1fae3436c056372468da
cfcc4a8670b71f7facb4ef9cf871aa7ad1c0a36a8e826263877c5eacbbc99747
d609843c6ebed8a6f608f6d50dcc7163e59c3f072474f7b30d5f8ff3b0bf71c3
d90fad6312982df5e78681e1d6a90955d20081534c55809cf0ff9e2f761435a8
d932fdda59173ef3a4c7fe71dd67f8b34cdb59a7e64cb2bab9fd6e268396293a
e00193640c329750496613201eca610495dc1ae2bfc272bf9a79580536034818
e1e3365df1e6a07384a35549eba76682179d7af4711248c1d623cb2b1d4a1729
f296230851c0de142345c50fc04ec8d855bb51e51e7601031dfe21807d9b3dd8
f5df53e594939619238a60284a63ddbf1c5b42f00c825e883e39a31c9d2f5699

szqxvo.com Open in urlscan Pro 185.56.234.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

83 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

4 IPs

3 Countries

204 kBTransfer

563 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

2 Console Messages

Indicators

szqxvo.com Open in urlscan Pro
185.56.234.205 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

83 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

4
IPs

3
Countries

204 kB
Transfer

563 kB
Size

1
Cookies

23 HTTP transactions
0 data transactions