urlscan.io logo urlscan.io
SecurityTrails logo

mwejues.bncf290lj9p.com Open in urlscan Pro
99.84.9.17  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://2026bbb2.com/
Effective URL: https://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7
Submission: On January 26 via api from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 99.84.9.17, located in United States and belongs to AMAZON-02, US. The main domain is mwejues.bncf290lj9p.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 31st 2023. Valid for: a year.
This is the only time mwejues.bncf290lj9p.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.96.3 13335 (CLOUDFLAR...)
1 1 99.84.9.97 16509 (AMAZON-02)
8 99.84.9.17 16509 (AMAZON-02)
5 75.2.42.240 16509 (AMAZON-02)
13 2
Apex Domain
Subdomains		 Transfer
9 bncf290lj9p.com
mwejues.bncf290lj9p.com
304 KB
5 uuie34661.com
09i32g.uuie34661.com — Cisco Umbrella Rank: 859082
14 KB
1 2026bbb2.com
2026bbb2.com
758 B
13 3
Domain Requested by
9 mwejues.bncf290lj9p.com 1 redirects mwejues.bncf290lj9p.com
5 09i32g.uuie34661.com mwejues.bncf290lj9p.com
1 2026bbb2.com 1 redirects
13 3

This site contains no links.

Subject Issuer Validity Valid
*.he14ao9pyng.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-29		 a year crt.sh
*.livehelp100service.com
Amazon RSA 2048 M01		 2023-08-11 -
2024-09-08		 a year crt.sh

This page contains 2 frames:

Primary Page: https://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7
Frame ID: E8D8B4AAD20C99245472307856A51C21
Requests: 5 HTTP requests in this frame

Frame: https://mwejues.bncf290lj9p.com/visitorside/js/common.16337153.js
Frame ID: DC6E708ECAD020141087318189BBF5BA
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

在线客服star提交成功

Page URL History Show full URLs

  1. http://2026bbb2.com/ HTTP 301
    http://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f09... HTTP 301
    https://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f09... Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

317 kB
Transfer

862 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://2026bbb2.com/ HTTP 301
    http://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7 HTTP 301
    https://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7
mwejues.bncf290lj9p.com/
Redirect Chain
  • http://2026bbb2.com/
  • http://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7
  • https://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7
18 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.9.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-9-17.lhr62.r.cloudfront.net
Software
CloudFront /
Resource Hash
b40d9090ebd01752c2c45252ced3d1bcc91fc6359aea7c88bbc1097fdc1e5078
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 26 Jan 2024 20:12:37 GMT
server
CloudFront
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 5e9462d78e1fd171400e24a377935ad0.cloudfront.net (CloudFront)
x-amz-cf-id
NaPfkXMGPesuVeBKKS1n8vEs-Mcf8M9lR5_zGkZOGoanKSOZQO0kCg==
x-amz-cf-pop
LHR62-C2
x-cache
Miss from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Fri, 26 Jan 2024 20:12:36 GMT
Location
https://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7
Server
CloudFront
Via
1.1 e8e3e4a0596538784f828169a2baf0c2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
n0m_3JRvenorICOhRt7Mg5v8Njo8VeTh_TofNOn3l-euyiMHYaV0CQ==
X-Amz-Cf-Pop
LHR62-C2
X-Cache
Redirect from cloudfront
livechat.ashx
mwejues.bncf290lj9p.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mwejues.bncf290lj9p.com/livechat.ashx?siteId=5001415
Requested by
Host: mwejues.bncf290lj9p.com
URL: https://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.9.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-9-17.lhr62.r.cloudfront.net
Software
Kestrel /
Resource Hash
2a2f8b8c69c8ccbee799ea5c2d74fa4ed95c2f66a0b31b00a839e3baf20b58a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 20:12:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 5e9462d78e1fd171400e24a377935ad0.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
LHR62-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/x-javascript; charset=utf-8
x-amz-cf-id
n9KDfsxYGEFyMs7DlaU47GZeZ5KFD9T7wFzLsQgDniOUWw3e7W1sRg==
common.16337153.js
mwejues.bncf290lj9p.com/visitorside/js/ Frame DC6E 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mwejues.bncf290lj9p.com/visitorside/js/common.16337153.js
Requested by
Host: mwejues.bncf290lj9p.com
URL: https://mwejues.bncf290lj9p.com/livechat.ashx?siteId=5001415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.9.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-9-17.lhr62.r.cloudfront.net
Software
/
Resource Hash
f24598343451bf9efd45851084e65d200c7b3c0bb22dc894af559088d43ccef2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7
Origin
https://mwejues.bncf290lj9p.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 03:36:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
via
1.1 5e9462d78e1fd171400e24a377935ad0.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C2
age
59767
x-cache
Hit from cloudfront
last-modified
Tue, 09 Jan 2024 06:16:38 GMT
etag
W/"659ce4c6-136e4"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id
IcmyTZRrTOPqxKgGLhP1VIRDm2nC7-X9D13khhv9ExswUXmANfhBjw==
vendor.9a7e2f22.js
mwejues.bncf290lj9p.com/visitorside/js/ Frame DC6E 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mwejues.bncf290lj9p.com/visitorside/js/vendor.9a7e2f22.js
Requested by
Host: mwejues.bncf290lj9p.com
URL: https://mwejues.bncf290lj9p.com/livechat.ashx?siteId=5001415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.9.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-9-17.lhr62.r.cloudfront.net
Software
/
Resource Hash
e560d449190fceca3894b4c9f226b5d41fb7b3fe729febbbc30250fdec703c1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7
Origin
https://mwejues.bncf290lj9p.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 03:36:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
via
1.1 5e9462d78e1fd171400e24a377935ad0.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C2
age
59767
x-cache
Hit from cloudfront
last-modified
Tue, 09 Jan 2024 06:16:38 GMT
etag
W/"659ce4c6-159c2"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id
Xi2yWlArCksw0QwLlnMZyFNZvm3mg_T4k1z4lrbE5Sg0yb8YquqNlg==
bundle.ad1c96aa.js
mwejues.bncf290lj9p.com/visitorside/js/ Frame DC6E 		560 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mwejues.bncf290lj9p.com/visitorside/js/bundle.ad1c96aa.js
Requested by
Host: mwejues.bncf290lj9p.com
URL: https://mwejues.bncf290lj9p.com/livechat.ashx?siteId=5001415
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.9.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-9-17.lhr62.r.cloudfront.net
Software
/
Resource Hash
739f0650831765f6bf637ec4cfa9ee3ceddad0af4f7d8c5eee5be1a7c63f7359
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7
Origin
https://mwejues.bncf290lj9p.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 25 Jan 2024 23:47:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
via
1.1 5e9462d78e1fd171400e24a377935ad0.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C2
age
73519
x-cache
Hit from cloudfront
last-modified
Tue, 09 Jan 2024 06:16:38 GMT
etag
W/"659ce4c6-8c0e7"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id
wlOUpYRuRyTRmOxloUnfVga579KkRdMxB2wlP7RCz1W326BJ5DbHPg==
visitor.ashx
09i32g.uuie34661.com/ Frame DC6E 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://09i32g.uuie34661.com/visitor.ashx?siteId=5001415
Requested by
Host: mwejues.bncf290lj9p.com
URL: https://mwejues.bncf290lj9p.com/visitorside/js/bundle.ad1c96aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.42.240 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a48d7a3baeaba2a67.awsglobalaccelerator.com
Software
/
Resource Hash
3c166cd4b2773a4f93fa363c7d33744e7876d27be330e081aec4cc4313dcd9fb
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mwejues.bncf290lj9p.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 26 Jan 2024 20:12:39 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
arrserver
chatserver1
x-frame-options
SAMEORIGIN
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
access-control-allow-origin
https://mwejues.bncf290lj9p.com
content-type
text/json
access-control-allow-credentials
true
x-xss-protection
1; mode=block
visitor.ashx
09i32g.uuie34661.com/ Frame DC6E 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://09i32g.uuie34661.com/visitor.ashx?siteId=5001415
Requested by
Host: mwejues.bncf290lj9p.com
URL: https://mwejues.bncf290lj9p.com/visitorside/js/bundle.ad1c96aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.42.240 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a48d7a3baeaba2a67.awsglobalaccelerator.com
Software
/
Resource Hash
51eefc118494c1df62d373c3f45816e83c10eaf4960fe594e58654281fa914df
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mwejues.bncf290lj9p.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 26 Jan 2024 20:12:39 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
arrserver
chatserver1
x-frame-options
SAMEORIGIN
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
access-control-allow-origin
https://mwejues.bncf290lj9p.com
content-type
text/json
access-control-allow-credentials
true
x-xss-protection
1; mode=block
campaign.ashx
09i32g.uuie34661.com/ Frame DC6E 		8 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://09i32g.uuie34661.com/campaign.ashx?siteId=5001415&campaignId=c2010000-0000-0000-0000-008e004c50c7&lastUpdateTime=261B14E8
Requested by
Host: mwejues.bncf290lj9p.com
URL: https://mwejues.bncf290lj9p.com/visitorside/js/bundle.ad1c96aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.42.240 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a48d7a3baeaba2a67.awsglobalaccelerator.com
Software
/
Resource Hash
aaf0d39b130e616e77da0b2d3af69ca73ce80eedce6b8fd3c2a1acaedd550d4b
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mwejues.bncf290lj9p.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 20:12:40 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
arrserver
chatserver1
x-frame-options
SAMEORIGIN
content-type
text/json
access-control-allow-origin
*
cache-control
max-age=31536000
x-xss-protection
1; mode=block
background3.png
mwejues.bncf290lj9p.com/visitorside/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwejues.bncf290lj9p.com/visitorside/images/background3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.9.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-9-17.lhr62.r.cloudfront.net
Software
/
Resource Hash
6684c77e6fea57fc538b5a459ccbc92f95733ddf0497b7348c604e6ef1aa65f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 09:26:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 5e9462d78e1fd171400e24a377935ad0.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C2
age
38788
x-cache
Hit from cloudfront
content-length
20712
last-modified
Tue, 09 Jan 2024 06:16:38 GMT
etag
"659ce4c6-50e8"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id
rFuMQlasJlkNaX7Ee2rld4OXZaN_T8wtlrB_tD-d5wUJngBGS8kQeg==
sourcesanspro-regular.woff
mwejues.bncf290lj9p.com/visitorside/fonts/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mwejues.bncf290lj9p.com/visitorside/fonts/sourcesanspro-regular.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.9.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-9-17.lhr62.r.cloudfront.net
Software
/
Resource Hash
e626366becf63ad185965f8d124fb9f8451ab62c8999b3dfb701540be9dd2bf5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7
Origin
https://mwejues.bncf290lj9p.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 26 Jan 2024 02:56:06 GMT
via
1.1 5e9462d78e1fd171400e24a377935ad0.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C2
age
62194
x-cache
Hit from cloudfront
content-length
43820
last-modified
Tue, 09 Jan 2024 06:16:38 GMT
etag
"659ce4c6-ab2c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id
dzHsuL1Kd3XjEUs7VuRT2SY8UVahnUWudiTRCdjIgawRDMTlMUMvdg==
visitor.ashx
09i32g.uuie34661.com/ Frame DC6E 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://09i32g.uuie34661.com/visitor.ashx?siteId=5001415&visitorGuid=b3921771-a08e-4f04-9287-53b78b6cec64
Requested by
Host: mwejues.bncf290lj9p.com
URL: https://mwejues.bncf290lj9p.com/visitorside/js/bundle.ad1c96aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.42.240 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a48d7a3baeaba2a67.awsglobalaccelerator.com
Software
/
Resource Hash
60c41d513b9d81874687b7e902ed7e888e6518e197550c63487dd8edd758a4fb
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mwejues.bncf290lj9p.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 26 Jan 2024 20:12:40 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
arrserver
chatserver1
x-frame-options
SAMEORIGIN
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
access-control-allow-origin
https://mwejues.bncf290lj9p.com
content-type
text/json
access-control-allow-credentials
true
x-xss-protection
1; mode=block
sourcesanspro-semibold.woff
mwejues.bncf290lj9p.com/visitorside/fonts/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mwejues.bncf290lj9p.com/visitorside/fonts/sourcesanspro-semibold.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.9.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-9-17.lhr62.r.cloudfront.net
Software
/
Resource Hash
c7c0bb0b9b474fc13b57e44b83aaf839c1f261e7728c3c443d9cd7c8603b472f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://mwejues.bncf290lj9p.com/043c2590ac87fjkfle-keli3c2290a180f0a0e09020a0104030c03090d0202040c0c81e90f0948c65a06cd7
Origin
https://mwejues.bncf290lj9p.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 26 Jan 2024 11:56:28 GMT
via
1.1 5e9462d78e1fd171400e24a377935ad0.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C2
age
29772
x-cache
Hit from cloudfront
content-length
43584
last-modified
Tue, 09 Jan 2024 06:16:38 GMT
etag
"659ce4c6-aa40"
access-control-allow-methods
GET, POST, OPTIONS
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
x-amz-cf-id
WFPNUB3OiF4uuKICmyPJCRR2_yxNyuFfVKnD5bQ9ksExz3wei9znsg==
visitor.ashx
09i32g.uuie34661.com/ Frame DC6E 		29 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://09i32g.uuie34661.com/visitor.ashx?siteId=5001415&visitorGuid=b3921771-a08e-4f04-9287-53b78b6cec64
Requested by
Host: mwejues.bncf290lj9p.com
URL: https://mwejues.bncf290lj9p.com/visitorside/js/bundle.ad1c96aa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.42.240 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a48d7a3baeaba2a67.awsglobalaccelerator.com
Software
/
Resource Hash
be60180c0aed0469e228febaea642e05d251bd373f37f802bc0af021f3143227
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mwejues.bncf290lj9p.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 26 Jan 2024 20:12:40 GMT
content-security-policy
default-src 'self'
x-content-type-options
nosniff
referrer-policy
no-referrer
strict-transport-security
max-age=31536000; includeSubDomains
arrserver
chatserver1
x-frame-options
SAMEORIGIN
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
access-control-allow-origin
https://mwejues.bncf290lj9p.com
content-type
text/json
access-control-allow-credentials
true
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| __core-js_shared__ object| core object| params function| chatWindowInit object| OnlineHelpAPI string| brandingNameLowerCase string| brandingName

2 Cookies

Domain/Path Name / Value
09i32g.uuie34661.com/ Name: visitorGuid_5001415
Value: b3921771-a08e-4f04-9287-53b78b6cec64
mwejues.bncf290lj9p.com/ Name: onlinehelp_visitorguid_5001415
Value: b3921771-a08e-4f04-9287-53b78b6cec64

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload