ucgdj.djpjwf.com Open in urlscan Pro
185.56.234.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://newyear2019.picnicresort.in/
Effective URL:
https://ucgdj.djpjwf.com/video-9?h=waWQiOjEwMjg0ODcsInNpZCI6MTE2OTExMywid2lkIjozOTcwODEsInNyYyI6Mn0=eyJ&si1=ph_new&i=2
Submission Tags: phishingrod
Submission: On April 23 via api (April 23rd 2023, 7:39:45 am UTC) from DE — Scanned from DE

Summary HTTP 118 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 24 domains to perform 118 HTTP transactions. The main IP is 185.56.234.205, located in Netherlands and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is ucgdj.djpjwf.com.
TLS certificate: Issued by R3 on April 10th 2023. Valid for: 3 months.

This is the only time ucgdj.djpjwf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	68.178.230.62 68.178.230.62	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
4	162.55.76.206 162.55.76.206	24940 (HETZNER-AS) (HETZNER-AS)
2	45.9.148.27 45.9.148.27	49447 (NICEIT) (NICEIT)
1	194.135.30.42 194.135.30.42	50321 (BYTES-AS) (BYTES-AS)
1 3	2.59.222.113 2.59.222.113	209155 (ONEHOSTPL...) (ONEHOSTPLANET)
1 14	185.56.234.205 185.56.234.205	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	2a02:b4a:1:7:... 2a02:b4a:1:7::9168:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
15	2606:4700:303... 2606:4700:3033::ac43:dd04	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::5647:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	138.68.123.185 138.68.123.185	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	18.158.88.249 18.158.88.249	16509 (AMAZON-02) (AMAZON-02)
1	192.133.142.177 192.133.142.177	15317 (SERVEREL-AS) (SERVEREL-AS)
1	199.182.164.165 199.182.164.165	15317 (SERVEREL-AS) (SERVEREL-AS)
1 1	173.214.244.181 173.214.244.181	15317 (SERVEREL-AS) (SERVEREL-AS)
1 1	46.148.125.182 46.148.125.182	35277 (LLHOST-IN...) (LLHOST-INC-SRL)
1 13	193.108.118.14 193.108.118.14	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
3	144.76.158.184 144.76.158.184	24940 (HETZNER-AS) (HETZNER-AS)
3	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
118	17

37 68.178.230.62 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 62.230.178.68.host.secureserver.net

newyear2019.picnicresort.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.55.76.206 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.206.76.55.162.clients.your-server.de

stock.statisticline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
back.firstblackphase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.statisticline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.9.148.27 (Amsterdam, Netherlands)

ASN49447 (NICEIT, DM)

cdn.statisticline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.135.30.42 (Czech Republic)

ASN50321 (BYTES-AS, UA)

new.weatherplllatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.59.222.113 (Kyiv, Ukraine) 1 redirects

ASN209155 (ONEHOSTPLANET, CZ)

line.beatylines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fire.descriptionscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.56.234.205 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

shbzek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zhtpd.shbzek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4davs.shbzek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2x9c5.shbzek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pv7ou.shbzek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i4gnj.shbzek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ug51o.shbzek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g756z.shbzek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vpjib.shbzek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beud3.shbzek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
djpjwf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3z12b.djpjwf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ucgdj.djpjwf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:b4a:1:7::9168:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

azkcqs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3033::ac43:dd04 (United States)

ASN13335 (CLOUDFLARENET, US)

ulmoyc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::5647:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ecrwqu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.68.123.185 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

tratbc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.88.249 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-88-249.eu-central-1.compute.amazonaws.com

track.wbdpnz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.133.142.177 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 177.142.133.192.serverel.net

bstnwswrldg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.182.164.165 (United States)

ASN15317 (SERVEREL-AS, US)
PTR: 165.164.182.199.serverel.net

rexpush.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.214.244.181 (United States) 1 redirects

ASN15317 (SERVEREL-AS, US)
PTR: 173.214.244.181.serverel.net

gpshtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.148.125.182 (Haarlem, Netherlands) 1 redirects

ASN35277 (LLHOST-INC-SRL, RO)
PTR: har57.srv.llhost-inc.com

new-psh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 193.108.118.14 (Frankfurt am Main, Germany) 1 redirects

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 14-118-108-193.clients.gthost.com

news-pewuce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1.news-pewuce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.news-pewuce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 144.76.158.184 (Sankt Augustin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.184.158.76.144.clients.your-server.de

errors.house	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	picnicresort.in newyear2019.picnicresort.in	358 KB
15	ulmoyc.com ulmoyc.com — Cisco Umbrella Rank: 32485	68 KB
13	news-pewuce.com 1 redirects news-pewuce.com — Cisco Umbrella Rank: 504188 1.news-pewuce.com — Cisco Umbrella Rank: 739890 2.news-pewuce.com — Cisco Umbrella Rank: 812103	205 KB
11	shbzek.com shbzek.com — Cisco Umbrella Rank: 510621 Failed zhtpd.shbzek.com 4davs.shbzek.com 2x9c5.shbzek.com pv7ou.shbzek.com i4gnj.shbzek.com ug51o.shbzek.com g756z.shbzek.com vpjib.shbzek.com beud3.shbzek.com	113 KB
5	statisticline.com stock.statisticline.com — Cisco Umbrella Rank: 622647 cdn.statisticline.com — Cisco Umbrella Rank: 596702 stats.statisticline.com far.statisticline.com — Cisco Umbrella Rank: 558087 Failed	8 KB
4	gstatic.com fonts.gstatic.com	32 KB
3	djpjwf.com djpjwf.com 3z12b.djpjwf.com ucgdj.djpjwf.com	241 KB
3	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 5119	59 KB
3	errors.house errors.house — Cisco Umbrella Rank: 176092	7 KB
3	azkcqs.com azkcqs.com — Cisco Umbrella Rank: 19313	303 B
2	descriptionscripts.com fire.descriptionscripts.com Failed	779 B
1	new-psh.com 1 redirects new-psh.com	210 B
1	gpshtb.com 1 redirects gpshtb.com	112 B
1	rexpush.pro rexpush.pro — Cisco Umbrella Rank: 257990	30 KB
1	bstnwswrldg.com bstnwswrldg.com — Cisco Umbrella Rank: 227538	167 KB
1	wbdpnz.com 1 redirects track.wbdpnz.com — Cisco Umbrella Rank: 353150	645 B
1	tratbc.com 1 redirects tratbc.com — Cisco Umbrella Rank: 419707	404 B
1	ecrwqu.com ecrwqu.com — Cisco Umbrella Rank: 227591	101 B
1	firstblackphase.com back.firstblackphase.com	1 KB
1	beatylines.com line.beatylines.com	1 KB
1	weatherplllatform.com new.weatherplllatform.com	841 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119	965 B
0	sortyellowapples.com Failed come.sortyellowapples.com Failed
0	violetlovelines.com Failed track.violetlovelines.com Failed
118	24

	Domain	Requested by
37	newyear2019.picnicresort.in	newyear2019.picnicresort.in
15	ulmoyc.com	shbzek.com ulmoyc.com zhtpd.shbzek.com 4davs.shbzek.com 2x9c5.shbzek.com pv7ou.shbzek.com i4gnj.shbzek.com ug51o.shbzek.com g756z.shbzek.com vpjib.shbzek.com beud3.shbzek.com djpjwf.com 3z12b.djpjwf.com ucgdj.djpjwf.com
5	news-pewuce.com	1 redirects rexpush.pro news-pewuce.com
4	2.news-pewuce.com	1.news-pewuce.com 2.news-pewuce.com
4	1.news-pewuce.com	news-pewuce.com 1.news-pewuce.com
4	fonts.gstatic.com	fonts.googleapis.com
3	browser.sentry-cdn.com	errors.house
3	errors.house	news-pewuce.com browser.sentry-cdn.com 1.news-pewuce.com 2.news-pewuce.com
3	azkcqs.com	shbzek.com beud3.shbzek.com djpjwf.com
2	shbzek.com	fire.descriptionscripts.com
2	fire.descriptionscripts.com	line.beatylines.com
2	cdn.statisticline.com	newyear2019.picnicresort.in back.firstblackphase.com
2	stock.statisticline.com	newyear2019.picnicresort.in stats.statisticline.com
1	ucgdj.djpjwf.com	3z12b.djpjwf.com
1	3z12b.djpjwf.com	djpjwf.com
1	djpjwf.com	2.news-pewuce.com
1	new-psh.com	1 redirects
1	gpshtb.com	1 redirects
1	rexpush.pro	bstnwswrldg.com
1	bstnwswrldg.com	beud3.shbzek.com
1	track.wbdpnz.com	1 redirects
1	tratbc.com	1 redirects
1	ecrwqu.com	beud3.shbzek.com
1	beud3.shbzek.com	vpjib.shbzek.com
1	vpjib.shbzek.com	g756z.shbzek.com
1	g756z.shbzek.com	ug51o.shbzek.com
1	ug51o.shbzek.com	i4gnj.shbzek.com
1	i4gnj.shbzek.com	pv7ou.shbzek.com
1	pv7ou.shbzek.com	2x9c5.shbzek.com
1	2x9c5.shbzek.com	4davs.shbzek.com
1	4davs.shbzek.com	zhtpd.shbzek.com
1	zhtpd.shbzek.com	shbzek.com
1	stats.statisticline.com	stock.statisticline.com
1	back.firstblackphase.com	new.weatherplllatform.com
1	line.beatylines.com	cdn.statisticline.com
1	new.weatherplllatform.com	newyear2019.picnicresort.in
1	fonts.googleapis.com	newyear2019.picnicresort.in
0	come.sortyellowapples.com Failed	stock.statisticline.com
0	far.statisticline.com Failed	stock.statisticline.com
0	track.violetlovelines.com Failed	newyear2019.picnicresort.in
118	40

This site contains no links.

Subject Issuer	Validity	Valid
newyear2019.picnicresort.in cPanel, Inc. Certification Authority	`2022-12-24` - `2023-03-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
stock.statisticline.com R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
cdn.statisticline.com R3	`2023-04-20` - `2023-07-19`	3 months	crt.sh
new.weatherplllatform.com R3	`2023-03-12` - `2023-06-10`	3 months	crt.sh
line.beatylines.com R3	`2023-04-20` - `2023-07-19`	3 months	crt.sh
back.firstblackphase.com R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
stats.statisticline.com R3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
fire.descriptionscripts.com R3	`2023-04-21` - `2023-07-20`	3 months	crt.sh
shbzek.com R3	`2023-02-03` - `2023-05-04`	3 months	crt.sh
azkcqs.com R3	`2023-02-19` - `2023-05-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-01-29` - `2024-01-28`	a year	crt.sh
ecrwqu.com R3	`2023-03-16` - `2023-06-14`	3 months	crt.sh
rplnd35.com R3	`2023-03-09` - `2023-06-07`	3 months	crt.sh
*.druzya-push.com R3	`2023-04-08` - `2023-07-07`	3 months	crt.sh
news-pewuce.com ZeroSSL ECC Domain Secure Site CA	`2023-03-18` - `2023-06-16`	3 months	crt.sh
errors.house R3	`2023-03-12` - `2023-06-10`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
djpjwf.com R3	`2023-04-10` - `2023-07-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ucgdj.djpjwf.com/video-9?h=waWQiOjEwMjg0ODcsInNpZCI6MTE2OTExMywid2lkIjozOTcwODEsInNyYyI6Mn0=eyJ&si1=ph_new&i=2
Frame ID: D92D8592B4B4452D64C275D97C70092E
Requests: 145 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://newyear2019.picnicresort.in/ Page URL
https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463 HTTP 302
https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463&kid=tiny Page URL
https://shbzek.com/gosl/InNpZCI6MTE5NjU2OSwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=&si2= HTTP 302
https://shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ... Page URL
https://zhtpd.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ... Page URL
https://4davs.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ... Page URL
https://2x9c5.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ... Page URL
https://pv7ou.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ... Page URL
https://i4gnj.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ... Page URL
https://ug51o.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ... Page URL
https://g756z.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ... Page URL
https://vpjib.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ... Page URL
https://beud3.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ... Page URL
https://tratbc.com/tb?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ&i=9 HTTP 302
https://track.wbdpnz.com/0f72aceb-1686-4bca-a918-ff82f889bf8f?source_id=a440287&campaign_id=&country=... HTTP 302
https://bstnwswrldg.com/adult_video_3/980/3a523b7d2337d3ebf4e22913adc6606d/?click_id=w7ke88d92qbvp77... Page URL
https://gpshtb.com/go/708?source=980 HTTP 302
https://new-psh.com/?pl=YC0GOkWFo0Wz8n7UhRmi1w&sub_id=980 HTTP 302
https://news-pewuce.com/tds.php?sid=8055503&p1=tk_adult&fullscreen=1&domain=news-pewuce.com HTTP 302
https://news-pewuce.com/lands/37/?site=8055503&sub1=tk_adult&sub2=&sub3=&sub4= Page URL
https://1.news-pewuce.com/lands/37/?site=8055503&sub1=tk_adult&sub2=&sub3=&sub4= Page URL
https://2.news-pewuce.com/lands/37/?site=8055503&sub1=tk_adult&sub2=&sub3=&sub4= Page URL
https://djpjwf.com/video-9?h=waWQiOjEwMjg0ODcsInNpZCI6MTE2OTExMywid2lkIjozOTcwODEsInNyYyI6Mn0=e... Page URL
https://3z12b.djpjwf.com/video-9?h=waWQiOjEwMjg0ODcsInNpZCI6MTE2OTExMywid2lkIjozOTcwODEsInNyYyI6Mn0=e... Page URL
https://ucgdj.djpjwf.com/video-9?h=waWQiOjEwMjg0ODcsInNpZCI6MTE2OTExMywid2lkIjozOTcwODEsInNyYyI6Mn0=e... Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

118
Requests

56 %
HTTPS

30 %
IPv6

24
Domains

40
Subdomains

17
IPs

5
Countries

1293 kB
Transfer

2893 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://newyear2019.picnicresort.in/ Page URL
https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463 HTTP 302
https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463&kid=tiny Page URL
https://shbzek.com/gosl/InNpZCI6MTE5NjU2OSwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=&si2= HTTP 302
https://shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ&si1=&si2= Page URL
https://zhtpd.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ&i=1 Page URL
https://4davs.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ&i=2 Page URL
https://2x9c5.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ&i=3 Page URL
https://pv7ou.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ&i=4 Page URL
https://i4gnj.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ&i=5 Page URL
https://ug51o.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ&i=6 Page URL
https://g756z.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ&i=7 Page URL
https://vpjib.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ&i=8 Page URL
https://beud3.shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ&i=9 Page URL
https://tratbc.com/tb?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ&i=9 HTTP 302
https://track.wbdpnz.com/0f72aceb-1686-4bca-a918-ff82f889bf8f?source_id=a440287&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1054030&sub_period=&cost=&click_id=dmVLKmPqkRdZBF7S HTTP 302
https://bstnwswrldg.com/adult_video_3/980/3a523b7d2337d3ebf4e22913adc6606d/?click_id=w7ke88d92qbvp77oior0pm2q&sub1=a440287&fullscreen=1 Page URL
https://gpshtb.com/go/708?source=980 HTTP 302
https://new-psh.com/?pl=YC0GOkWFo0Wz8n7UhRmi1w&sub_id=980 HTTP 302
https://news-pewuce.com/tds.php?sid=8055503&p1=tk_adult&fullscreen=1&domain=news-pewuce.com HTTP 302
https://news-pewuce.com/lands/37/?site=8055503&sub1=tk_adult&sub2=&sub3=&sub4= Page URL
https://1.news-pewuce.com/lands/37/?site=8055503&sub1=tk_adult&sub2=&sub3=&sub4= Page URL
https://2.news-pewuce.com/lands/37/?site=8055503&sub1=tk_adult&sub2=&sub3=&sub4= Page URL
https://djpjwf.com/video-9?h=waWQiOjEwMjg0ODcsInNpZCI6MTE2OTExMywid2lkIjozOTcwODEsInNyYyI6Mn0=eyJ&si1=ph_new Page URL
https://3z12b.djpjwf.com/video-9?h=waWQiOjEwMjg0ODcsInNpZCI6MTE2OTExMywid2lkIjozOTcwODEsInNyYyI6Mn0=eyJ&si1=ph_new&i=1 Page URL
https://ucgdj.djpjwf.com/video-9?h=waWQiOjEwMjg0ODcsInNpZCI6MTE2OTExMywid2lkIjozOTcwODEsInNyYyI6Mn0=eyJ&si1=ph_new&i=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://far.statisticline.com/away/back.php?id=64785e55-66-45776433 HTTP 302
https://come.sortyellowapples.com/away/go.php?id=6436345-33-5734523&qid=8568&wid=76538&kid=863843534&suid=7958197689

Request Chain 55

https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463 HTTP 302
https://fire.descriptionscripts.com/get.php?wid=215315&sid=32463463&gid=24563463&kid=tiny

Request Chain 61

https://shbzek.com/gosl/InNpZCI6MTE5NjU2OSwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwNTQwMzAs?si1=&si2= HTTP 302
https://shbzek.com/great?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ&si1=&si2=

Request Chain 85

https://tratbc.com/tb?h=waWQiOjEwNTQwMzAsInNpZCI6MTE5NjU2OSwid2lkIjo0NDAyODcsInNyYyI6Mn0=eyJ&i=9 HTTP 302
https://track.wbdpnz.com/0f72aceb-1686-4bca-a918-ff82f889bf8f?source_id=a440287&campaign_id=&country=&browser=&zone_id=&creative_id=&format=&os=&partner_id=1054030&sub_period=&cost=&click_id=dmVLKmPqkRdZBF7S HTTP 302
https://bstnwswrldg.com/adult_video_3/980/3a523b7d2337d3ebf4e22913adc6606d/?click_id=w7ke88d92qbvp77oior0pm2q&sub1=a440287&fullscreen=1

Request Chain 108

https://gpshtb.com/go/708?source=980 HTTP 302
https://new-psh.com/?pl=YC0GOkWFo0Wz8n7UhRmi1w&sub_id=980 HTTP 302
https://news-pewuce.com/tds.php?sid=8055503&p1=tk_adult&fullscreen=1&domain=news-pewuce.com HTTP 302
https://news-pewuce.com/lands/37/?site=8055503&sub1=tk_adult&sub2=&sub3=&sub4=

118 HTTP transactions
27 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
newyear2019.picnicresort.in/ 11 KB
2 KB 1088ms
359ms Document
text/html 68.178.230.62
AS-26496-GO-DADDY...

General

Domain/Path	Expires	Name / Value
newyear2019.picnicresort.in/	1970-01-20 11:17:44	Name: wp-simple-duser Value: 1
newyear2019.picnicresort.in/	1970-01-20 11:17:44	Name: wpcurrentimes Value: 1
.shbzek.com/	1970-01-20 11:18:41	Name: truniq Value: 1
.shbzek.com/	1970-01-20 20:02:51	Name: prompt Value: 1
.shbzek.com/	1970-01-20 11:27:20	Name: ufp2 Value: 3dc0cdef99d347500d545b8efa3f31739533e036
.shbzek.com/	1970-01-20 11:18:41	Name: tracking Value: 1
.track.wbdpnz.com/	1970-01-20 11:18:41	Name: 0f72aceb-1686-4bca-a918-ff82f889bf8f-v4 Value: b1VpQMVYbRd5DlIET-0PLh0hbRcb3ihtNRbP8p5uzxY
.track.wbdpnz.com/	1970-01-20 20:02:51	Name: cc-v4 Value: tqUcUCveqgbEItbUOH2gnJMfakYmEiEgkdD3Wf%2FLvmXYKSH1P6aRoDk65cI%2FWNMPbVeSgpJacCaQh8Ew%2FC82P33hd4HME5%2F4llFtXZAKulAaEv1Xf9MFdSh9gfs2NtGvrjtBOprE5Y4zRq6bkC%2FoDg%3D%3D
.rexpush.pro/	1970-01-20 20:53:15	Name: _f_30d9ff6106b5fe28d448dd5186c64932 Value: 2
new-psh.com/	1970-01-20 11:17:19	Name: __cap Value: 1
news-pewuce.com/	1970-01-20 11:17:19	Name: clickdata Value: ODA1NTUwM3w6fDM3fDp8dGtfYWR1bHR8Onx8Onx8Onw%3D
1.news-pewuce.com/	1970-01-20 11:17:19	Name: clickdata Value: ODA1NTUwM3w6fDM3fDp8dGtfYWR1bHR8Onx8Onx8Onw%3D
2.news-pewuce.com/	1970-01-20 11:17:19	Name: clickdata Value: ODA1NTUwM3w6fDM3fDp8dGtfYWR1bHR8Onx8Onx8Onw%3D

Source	Level	URL Text
network	error	URL: https://newyear2019.picnicresort.in/images/e5.png Message: Failed to load resource: the server responded with a status of 403 ()
other	error	URL: https://news-pewuce.com/lands/37/?site=8055503&sub1=tk_adult&sub2=&sub3=&sub4= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://1.news-pewuce.com/lands/37/?site=8055503&sub1=tk_adult&sub2=&sub3=&sub4= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
javascript	error	URL: https://1.news-pewuce.com/lands/37/?site=8055503&sub1=tk_adult&sub2=&sub3=&sub4= Message: Access to fetch at 'https://errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0' from origin 'https://1.news-pewuce.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 Message: Failed to load resource: net::ERR_FAILED
other	error	URL: https://2.news-pewuce.com/lands/37/?site=8055503&sub1=tk_adult&sub2=&sub3=&sub4= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
javascript	error	URL: https://2.news-pewuce.com/lands/37/?site=8055503&sub1=tk_adult&sub2=&sub3=&sub4= Message: Access to fetch at 'https://errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0' from origin 'https://2.news-pewuce.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://errors.house/api/3/envelope/?sentry_key=f1c7cfc107e94764b41b7a2b50de5ae0&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.15.0 Message: Failed to load resource: net::ERR_FAILED

ucgdj.djpjwf.com Open in urlscan Pro 185.56.234.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

118 Requests

56 %HTTPS

30 %IPv6

24 Domains

40 Subdomains

17 IPs

5 Countries

1293 kBTransfer

2893 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 27 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ucgdj.djpjwf.com Open in urlscan Pro
185.56.234.205 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

56 %
HTTPS

30 %
IPv6

24
Domains

40
Subdomains

17
IPs

5
Countries

1293 kB
Transfer

2893 kB
Size

13
Cookies

118 HTTP transactions
27 data transactions