Submitted URL: http://vexacion.com/afu.php?zoneid=1320852&var=757235&ymid=-530637205415601349
Effective URL: https://oovaufty.com/?b=17058554&ba=1&campid=6722056&did=2&dm=1&ep=1&g=GB&l=eW9ssenrCwppvWd&oaid=432543d9848f423c904a...
Submission Tags: falconsandbox
Submission: On March 22 via api from US — Scanned from GB

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 15 HTTP transactions. The main IP is 139.45.197.153, located in United Kingdom and belongs to RETN-AS, GB. The main domain is oovaufty.com. The Cisco Umbrella rank of the primary domain is 851286.
TLS certificate: Issued by R3 on March 9th 2023. Valid for: 3 months.
This is the only time oovaufty.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 139.45.197.236 9002 (RETN-AS)
2 139.45.195.8 9002 (RETN-AS)
2 139.45.197.153 9002 (RETN-AS)
3 139.45.197.250 9002 (RETN-AS)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
15 6
Apex Domain
Subdomains
Transfer
4 unphionetor.com
unphionetor.com — Cisco Umbrella Rank: 46339
4 KB
3 littlecdn.com
littlecdn.com — Cisco Umbrella Rank: 17266
93 KB
3 stoomawy.net
stoomawy.net — Cisco Umbrella Rank: 72955
16 KB
2 oovaufty.com
oovaufty.com — Cisco Umbrella Rank: 851286
14 KB
2 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 12628
1 KB
1 vexacion.com
vexacion.com
2 KB
15 6
Domain Requested by
4 unphionetor.com oovaufty.com
unphionetor.com
3 littlecdn.com oovaufty.com
littlecdn.com
3 stoomawy.net oovaufty.com
stoomawy.net
2 oovaufty.com vexacion.com
oovaufty.com
2 my.rtmark.net vexacion.com
stoomawy.net
1 vexacion.com
15 6

This site contains links to these domains. Also see Links.

Domain
glugreez.com
Subject Issuer Validity Valid
rtmark.net
R3
2023-02-15 -
2023-05-16
3 months crt.sh
oovaufty.com
R3
2023-03-09 -
2023-06-07
3 months crt.sh
unphionetor.com
R3
2023-03-18 -
2023-06-16
3 months crt.sh
stoomawy.net
R3
2023-03-12 -
2023-06-10
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-11 -
2023-05-11
a year crt.sh

This page contains 1 frames:

Primary Page: https://oovaufty.com/?b=17058554&ba=1&campid=6722056&did=2&dm=1&ep=1&g=GB&l=eW9ssenrCwppvWd&oaid=432543d9848f423c904a2413cfa61385&s=662498137805689545&ssk=d7865c2accde943b3a8519ed143fe2b3&svar=1679515384&vi=1&vo=1&z=1320852&tr=default&rdk=rk1
Frame ID: 46E88F0CB5C906DBCAD0C5FF5D7C3CCE
Requests: 18 HTTP requests in this frame

Screenshot

Page Title

Security notification!

Page URL History Show full URLs

  1. http://vexacion.com/afu.php?zoneid=1320852&var=757235&ymid=-530637205415601349 Page URL
  2. https://oovaufty.com/?b=17058554&ba=1&campid=6722056&did=2&dm=1&ep=1&g=GB&l=eW9ssenrCwppvWd&oaid=... Page URL

Page Statistics

15
Requests

93 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

129 kB
Transfer

273 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vexacion.com/afu.php?zoneid=1320852&var=757235&ymid=-530637205415601349 Page URL
  2. https://oovaufty.com/?b=17058554&ba=1&campid=6722056&did=2&dm=1&ep=1&g=GB&l=eW9ssenrCwppvWd&oaid=432543d9848f423c904a2413cfa61385&s=662498137805689545&ssk=d7865c2accde943b3a8519ed143fe2b3&svar=1679515384&vi=1&vo=1&z=1320852&tr=default&rdk=rk1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
afu.php
vexacion.com/
2 KB
2 KB
Document
General
Full URL
http://vexacion.com/afu.php?zoneid=1320852&var=757235&ymid=-530637205415601349
Protocol
HTTP/1.1
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
no-transform, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf8
Date
Wed, 22 Mar 2023 20:03:04 GMT
Expires
Tue, 11 Jan 1994 10:00:00 GMT
Link
<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch" <https://oovaufty.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=1
Timing-Allow-Origin
* *
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Trace-Id
d2a0506a8edd6ae0998cc309b200afe7
img.gif
my.rtmark.net/
43 B
504 B
Ping
General
Full URL
https://my.rtmark.net/img.gif?f=merge&userId=432543d9848f423c904a2413cfa61385
Requested by
Host: vexacion.com
URL: http://vexacion.com/afu.php?zoneid=1320852&var=757235&ymid=-530637205415601349
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 20:03:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
image/gif
access-control-allow-origin
http://vexacion.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
43
Primary Request /
oovaufty.com/
27 KB
13 KB
Document
General
Full URL
https://oovaufty.com/?b=17058554&ba=1&campid=6722056&did=2&dm=1&ep=1&g=GB&l=eW9ssenrCwppvWd&oaid=432543d9848f423c904a2413cfa61385&s=662498137805689545&ssk=d7865c2accde943b3a8519ed143fe2b3&svar=1679515384&vi=1&vo=1&z=1320852&tr=default&rdk=rk1
Requested by
Host: vexacion.com
URL: http://vexacion.com/afu.php?zoneid=1320852&var=757235&ymid=-530637205415601349
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.153 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.25
Resource Hash
d0ffa33d28eb5c3e576b44f1d69d933ddcd8113e4ad638e4f0bacb289dfdc6a9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS, HEAD
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 22 Mar 2023 20:03:04 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.25
fv.js
unphionetor.com/
5 KB
3 KB
Script
General
Full URL
https://unphionetor.com/fv.js?t=56193&cb=1642599368
Requested by
Host: oovaufty.com
URL: https://oovaufty.com/?b=17058554&ba=1&campid=6722056&did=2&dm=1&ep=1&g=GB&l=eW9ssenrCwppvWd&oaid=432543d9848f423c904a2413cfa61385&s=662498137805689545&ssk=d7865c2accde943b3a8519ed143fe2b3&svar=1679515384&vi=1&vo=1&z=1320852&tr=default&rdk=rk1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0f467a48a494f7f63968707dc43785b728d0c17f93c12937c1e5b12798f3a98a
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://oovaufty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 20:03:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
e96aaaef527bb9effed5566d884f1b4f
pragma
no-cache
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/javascript; charset=utf8
access-control-allow-origin
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
micro.tag.min.js
stoomawy.net/pfe/current/
40 KB
14 KB
Script
General
Full URL
https://stoomawy.net/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=eW9ssenrCwppvWd&z=3683319
Requested by
Host: oovaufty.com
URL: https://oovaufty.com/?b=17058554&ba=1&campid=6722056&did=2&dm=1&ep=1&g=GB&l=eW9ssenrCwppvWd&oaid=432543d9848f423c904a2413cfa61385&s=662498137805689545&ssk=d7865c2accde943b3a8519ed143fe2b3&svar=1679515384&vi=1&vo=1&z=1320852&tr=default&rdk=rk1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
986b86e6675d511be045876f03623f7c3d7fd944fe2c5b75e2edc2bcd88a8b4a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://oovaufty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Mar 2023 20:03:04 GMT
content-encoding
gzip
last-modified
Thu, 16 Mar 2023 15:32:57 GMT
server
nginx
etag
W/"641336a9-a161"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
style.css
littlecdn.com/cd-templates-landings/alert-custom/notification-bg-blur/build/css/
126 KB
92 KB
Stylesheet
General
Full URL
https://littlecdn.com/cd-templates-landings/alert-custom/notification-bg-blur/build/css/style.css?v=1589890397081
Requested by
Host: oovaufty.com
URL: https://oovaufty.com/?b=17058554&ba=1&campid=6722056&did=2&dm=1&ep=1&g=GB&l=eW9ssenrCwppvWd&oaid=432543d9848f423c904a2413cfa61385&s=662498137805689545&ssk=d7865c2accde943b3a8519ed143fe2b3&svar=1679515384&vi=1&vo=1&z=1320852&tr=default&rdk=rk1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dd8cb78f50d82c3158c760dd5106cd04737dd341f69ae064c035201b64c1281

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://oovaufty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 20:03:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 16:09:03 GMT
server
cloudflare
age
3003
etag
W/"63f63e1f-1f8b6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
cf-ray
7ac109330b0675a1-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
main.js
littlecdn.com/cd-templates-landings/alert-custom/notification-bg-blur/build/js/
376 B
308 B
Script
General
Full URL
https://littlecdn.com/cd-templates-landings/alert-custom/notification-bg-blur/build/js/main.js?v=1589890397081
Requested by
Host: oovaufty.com
URL: https://oovaufty.com/?b=17058554&ba=1&campid=6722056&did=2&dm=1&ep=1&g=GB&l=eW9ssenrCwppvWd&oaid=432543d9848f423c904a2413cfa61385&s=662498137805689545&ssk=d7865c2accde943b3a8519ed143fe2b3&svar=1679515384&vi=1&vo=1&z=1320852&tr=default&rdk=rk1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b11185e716f5525e03c01094f7697a16a43e94b11ac36b16251ea9eb1ed0c92

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://oovaufty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 20:03:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 16:09:03 GMT
server
cloudflare
age
297
etag
W/"63f63e1f-178"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
cf-ray
7ac109330b0975a1-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
truncated
/
284 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb98049f7bfbbbd18c7a9099d7672040518d1caa2ee71a0307f9c68beb7fef24

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
184 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
35acacf19fb86edb7381cfadb67d58343db6db111e1e6f002e4206e89d3a846d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
vctx
unphionetor.com/
75 B
648 B
XHR
General
Full URL
https://unphionetor.com/vctx?t=56193
Requested by
Host: unphionetor.com
URL: https://unphionetor.com/fv.js?t=56193&cb=1642599368
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e65d6cfcbc418ebebcf5b0798ebd2f16a17d017d5427dcdb34564e631ebf88db
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://oovaufty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 20:03:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-length
75
x-trace-id
fc7b768ef34f0db29e9cbc7e1f0756ac
pragma
no-cache
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://oovaufty.com
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
zone
stoomawy.net/
0
250 B
Ping
General
Full URL
https://stoomawy.net/zone?&pub=0&zone_id=3683319&is_mobile=false&domain=oovaufty.com&var=eW9ssenrCwppvWd&ymid=&var_3=&var_4=&dsig=&action=prerequest
Requested by
Host: stoomawy.net
URL: https://stoomawy.net/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=eW9ssenrCwppvWd&z=3683319
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://oovaufty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-trace-id
adbb8ecd07dac64138fedfd16a8c01ff
date
Wed, 22 Mar 2023 20:03:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-origin
https://oovaufty.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
0
truncated
/
70 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10fc2d6bbbc0b54c6f3daa108984acc9a6f92c8b72609a57753fdae421bf6c53

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type
image/png
stop1.svg
littlecdn.com/cd-templates-landings/alert-custom/notification-bg-blur/build/images/
413 B
305 B
Image
General
Full URL
https://littlecdn.com/cd-templates-landings/alert-custom/notification-bg-blur/build/images/stop1.svg
Requested by
Host: littlecdn.com
URL: https://littlecdn.com/cd-templates-landings/alert-custom/notification-bg-blur/build/css/style.css?v=1589890397081
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1874 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b733f17c96d194c3a5d38a08bed8ce41182da0528901627eb0c5cc202de3221

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://littlecdn.com/cd-templates-landings/alert-custom/notification-bg-blur/build/css/style.css?v=1589890397081
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 20:03:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 16:09:03 GMT
server
cloudflare
age
3003
etag
W/"63f63e1f-19d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=3600
cf-ray
7ac109339bc775a1-LHR
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
/
oovaufty.com/
2 B
307 B
XHR
General
Full URL
https://oovaufty.com/?b=17058554&ba=1&campid=6722056&did=2&dm=1&ep=1&g=GB&l=eW9ssenrCwppvWd&oaid=432543d9848f423c904a2413cfa61385&s=662498137805689545&ssk=d7865c2accde943b3a8519ed143fe2b3&svar=1679515384&vi=1&vo=1&z=1320852&tr=default&rdk=rk1&mprtr=1
Requested by
Host: oovaufty.com
URL: https://oovaufty.com/?b=17058554&ba=1&campid=6722056&did=2&dm=1&ep=1&g=GB&l=eW9ssenrCwppvWd&oaid=432543d9848f423c904a2413cfa61385&s=662498137805689545&ssk=d7865c2accde943b3a8519ed143fe2b3&svar=1679515384&vi=1&vo=1&z=1320852&tr=default&rdk=rk1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.153 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.26
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://oovaufty.com/?b=17058554&ba=1&campid=6722056&did=2&dm=1&ep=1&g=GB&l=eW9ssenrCwppvWd&oaid=432543d9848f423c904a2413cfa61385&s=662498137805689545&ssk=d7865c2accde943b3a8519ed143fe2b3&svar=1679515384&vi=1&vo=1&z=1320852&tr=default&rdk=rk1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 20:03:04 GMT
content-encoding
br
server
nginx
x-powered-by
PHP/7.4.26
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
gid.js
my.rtmark.net/
65 B
541 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=3683319&checkDuplicate=true&ymid=&var=eW9ssenrCwppvWd
Requested by
Host: stoomawy.net
URL: https://stoomawy.net/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=eW9ssenrCwppvWd&z=3683319
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
0d81e8d3464a0e5a9ee92cf4b62ec0cb3c2e97616cece4cd2e43d10e8395d443
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://oovaufty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 20:03:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oovaufty.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
zone
stoomawy.net/
901 B
1 KB
Fetch
General
Full URL
https://stoomawy.net/zone?&pub=0&zone_id=3683319&is_mobile=false&domain=oovaufty.com&var=eW9ssenrCwppvWd&ymid=&var_3=&var_4=&dsig=&action=settings
Requested by
Host: stoomawy.net
URL: https://stoomawy.net/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=eW9ssenrCwppvWd&z=3683319
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
8d388bcf5b5db1925c86dd3e316b05bc9cbadfed5dc6b5f228ed230ecf004662
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://oovaufty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-trace-id
485b51cfe4a5a09329f20dfc8e560751
date
Wed, 22 Mar 2023 20:03:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://oovaufty.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
901
vbl
unphionetor.com/
0
490 B
Ping
General
Full URL
https://unphionetor.com/vbl?t=56193&bid=17058554&aid=662498137805689545
Requested by
Host: unphionetor.com
URL: https://unphionetor.com/fv.js?t=56193&cb=1642599368
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://oovaufty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-trace-id
6c75e34af38c0cae484b021b71917eba
pragma
no-cache
date
Wed, 22 Mar 2023 20:03:04 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://oovaufty.com
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT
vbri
unphionetor.com/
0
489 B
Ping
General
Full URL
https://unphionetor.com/vbri?t=56193&bid=17058554&aid=662498137805689545&tp=2377.1000003814697
Requested by
Host: unphionetor.com
URL: https://unphionetor.com/fv.js?t=56193&cb=1642599368
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://oovaufty.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-trace-id
1e4c1b41128f1e9ad81b22808deed3fb
pragma
no-cache
date
Wed, 22 Mar 2023 20:03:06 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://oovaufty.com
access-control-expose-headers
Authorization
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
expires
Tue, 11 Jan 1994 10:00:00 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| osVerUA object| zfgformats function| timer

4 Cookies

Domain/Path Name / Value
vexacion.com/ Name: OAID
Value: 432543d9848f423c904a2413cfa61385
vexacion.com/ Name: oaidts
Value: 1679515384
my.rtmark.net/ Name: ID
Value: 432543d9848f423c904a2413cfa61385
oovaufty.com/ Name: reverse
Value: 44Xug7Hgm0yZMH-Ukb-QKfhNOF6SqLR7Wu7LgMJdT3k

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff