w.rationalunwaveringclick.buzz
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Submitted URL: https://548981.top/b7395ed6ea53a96cd28d/39c2664af1/?placementName=2024SmartMain_2fedabbc-cc19-4928-8abb-afec90523f4...
Effective URL: https://w.rationalunwaveringclick.buzz/wbpage2/forge-of-empire-gaming/index-de-1.html?td=merterpazar.com&cep=ZbAq8Js9W_dTc7-DjHr-vf8acv...
Submission: On February 20 via api from LU — Scanned from DE
Effective URL: https://w.rationalunwaveringclick.buzz/wbpage2/forge-of-empire-gaming/index-de-1.html?td=merterpazar.com&cep=ZbAq8Js9W_dTc7-DjHr-vf8acv...
Submission: On February 20 via api from LU — Scanned from DE
Summary
This website contacted 8 IPs
in 5 countries
across 10 domains to perform 23 HTTP transactions.
The main IP is 2a06:98c1:3120::3, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is w.rationalunwaveringclick.buzz.
TLS certificate: Issued by GTS CA 1P5 on February 19th 2024. Valid for: 3 months.
This is the only time w.rationalunwaveringclick.buzz was scanned on urlscan.io!
TLS certificate: Issued by GTS CA 1P5 on February 19th 2024. Valid for: 3 months.
This is the only time w.rationalunwaveringclick.buzz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 185.66.201.43 185.66.201.43 | 201702 (SKHOSTING-EU) (SKHOSTING-EU) | |
| 1 | 185.66.201.8 185.66.201.8 | 201702 (SKHOSTING-EU) (SKHOSTING-EU) | |
| 2 | 173.236.118.101 173.236.118.101 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC) | |
| 1 1 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 4 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:81c::200a | 15169 (GOOGLE) (GOOGLE) | |
| 12 | 139.45.197.251 139.45.197.251 | 9002 (RETN-AS) (RETN-AS) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:830::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
| 23 | 8 |
2
173.236.118.101
(United States)
ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
| c.c-c-c.world |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 9 |
jouteetu.net
jouteetu.net — Cisco Umbrella Rank: 24293 |
|
| 4 |
rationalunwaveringclick.buzz
w.rationalunwaveringclick.buzz |
3 MB |
| 3 |
gauvaiho.net
gauvaiho.net — Cisco Umbrella Rank: 280065 |
15 KB |
| 2 |
c-c-c.world
c.c-c-c.world |
4 KB |
| 1 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 9876 |
555 B |
| 1 |
gstatic.com
fonts.gstatic.com |
20 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48 |
805 B |
| 1 |
merterpazar.com
1 redirects
merterpazar.com |
2 KB |
| 1 |
95488.space
95488.space |
350 B |
| 1 |
548981.top
548981.top |
786 B |
| 23 | 10 |
| Domain | Requested by | |
|---|---|---|
| 9 | jouteetu.net |
gauvaiho.net
|
| 4 | w.rationalunwaveringclick.buzz |
c.c-c-c.world
w.rationalunwaveringclick.buzz gauvaiho.net |
| 3 | gauvaiho.net |
w.rationalunwaveringclick.buzz
gauvaiho.net |
| 2 | c.c-c-c.world |
95488.space
c.c-c-c.world |
| 1 | my.rtmark.net |
gauvaiho.net
|
| 1 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | fonts.googleapis.com |
w.rationalunwaveringclick.buzz
|
| 1 | merterpazar.com | 1 redirects |
| 1 | 95488.space |
548981.top
|
| 1 | 548981.top | |
| 23 | 10 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| 548981.top R3 |
2023-12-26 - 2024-03-25 |
3 months | crt.sh |
| 95488.space R3 |
2024-02-07 - 2024-05-07 |
3 months | crt.sh |
| c.c-c-c.world R3 |
2024-01-18 - 2024-04-17 |
3 months | crt.sh |
| rationalunwaveringclick.buzz GTS CA 1P5 |
2024-02-19 - 2024-05-19 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
| gauvaiho.net R3 |
2024-01-30 - 2024-04-29 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2024-01-29 - 2024-04-22 |
3 months | crt.sh |
| jouteetu.net R3 |
2023-12-06 - 2024-03-05 |
3 months | crt.sh |
| rtmark.net R3 |
2023-12-23 - 2024-03-22 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://w.rationalunwaveringclick.buzz/wbpage2/forge-of-empire-gaming/index-de-1.html?td=merterpazar.com&cep=ZbAq8Js9W_dTc7-DjHr-vf8acvzNpGFGcJSBH6bQiBNhkpGXRTJUzpPRJp3wyVSpX0qs4TCImFAO_LGOAuCLxZt0TE4aR25IoEFaEBmYmIRnRSPp0lpuCeHhTrj17UjOf495BlSWu3ItU-wSpz98DPHvHdX41cL2VjUd40yoGwv2X35Fhg69zz9xiSYZXLhWBIhglysuYWPFqMWJcl-gDPAwqNz16h5e_RwlMcUKJfl3cAcChbWwdHAeqZTYW5SADyHnDZLc8eUJpitYOK4s5JRXuM-zCMPvSs225obQnhiSXLs58MCXOBVw6liExbcN6GFUpS3MSSQm5rxM81J1TwW9RBwJleKoJNKPsstgIq80Lbv-s9yIMNOX5gBNfENIVZH1Myrn7NV68jI_rcbJNXAA69xG_WdBfjSlQ0Fc-kRC-v-vgbIhFu3VrT5GH5r472wukroO6x9MzHqwGIJOlw&lptoken=177c089040eb73322513&2=26050&3=26050-2ac49209&1=M7337545853902520419
Frame ID: B7E66A66A266DB4A3A73446BA152227B
Requests: 23 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://548981.top/b7395ed6ea53a96cd28d/39c2664af1/?placementName=2024SmartMain_2fedabbc-cc19-4... Page URL
- https://95488.space/go.php?go=https%3A%2F%2Fc.c-c-c.world%2F%3Futm_medium%3Dde356a2fb80ba5e2e3b9... Page URL
- https://c.c-c-c.world/?utm_medium=de356a2fb80ba5e2e3b94ebe402de41ad3d6f6c5&utm_campaign=smart1repl... Page URL
- https://c.c-c-c.world/proc.php?49ba8de992d170b68a76370ccd6cf3396b0f6859 Page URL
-
https://merterpazar.com/8476910a-8c24-4232-8242-1df534545aea?2=26050&3=26050-2ac49209&1=M73375458539...
HTTP 302
https://w.rationalunwaveringclick.buzz/wbpage2/forge-of-empire-gaming/index-de-1.html?td=merterpazar.com&cep=ZbAq8J... Page URL
Detected technologies
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://548981.top/b7395ed6ea53a96cd28d/39c2664af1/?placementName=2024SmartMain_2fedabbc-cc19-4928-8abb-afec90523f4a_9269&cv=wfnd6cnu2959i1fu29i8i4am Page URL
- https://95488.space/go.php?go=https%3A%2F%2Fc.c-c-c.world%2F%3Futm_medium%3Dde356a2fb80ba5e2e3b94ebe402de41ad3d6f6c5%26utm_campaign%3Dsmart1replaced%261%3D29610565%26cid%3D90affC1708405524afff4e70bd151867a345a158&do=20aa7d969fa78b31b11026b5ce1fb4f8 Page URL
- https://c.c-c-c.world/?utm_medium=de356a2fb80ba5e2e3b94ebe402de41ad3d6f6c5&utm_campaign=smart1replaced&1=29610565&cid=90affC1708405524afff4e70bd151867a345a158 Page URL
- https://c.c-c-c.world/proc.php?49ba8de992d170b68a76370ccd6cf3396b0f6859 Page URL
-
https://merterpazar.com/8476910a-8c24-4232-8242-1df534545aea?2=26050&3=26050-2ac49209&1=M7337545853902520419
HTTP 302
https://w.rationalunwaveringclick.buzz/wbpage2/forge-of-empire-gaming/index-de-1.html?td=merterpazar.com&cep=ZbAq8Js9W_dTc7-DjHr-vf8acvzNpGFGcJSBH6bQiBNhkpGXRTJUzpPRJp3wyVSpX0qs4TCImFAO_LGOAuCLxZt0TE4aR25IoEFaEBmYmIRnRSPp0lpuCeHhTrj17UjOf495BlSWu3ItU-wSpz98DPHvHdX41cL2VjUd40yoGwv2X35Fhg69zz9xiSYZXLhWBIhglysuYWPFqMWJcl-gDPAwqNz16h5e_RwlMcUKJfl3cAcChbWwdHAeqZTYW5SADyHnDZLc8eUJpitYOK4s5JRXuM-zCMPvSs225obQnhiSXLs58MCXOBVw6liExbcN6GFUpS3MSSQm5rxM81J1TwW9RBwJleKoJNKPsstgIq80Lbv-s9yIMNOX5gBNfENIVZH1Myrn7NV68jI_rcbJNXAA69xG_WdBfjSlQ0Fc-kRC-v-vgbIhFu3VrT5GH5r472wukroO6x9MzHqwGIJOlw&lptoken=177c089040eb73322513&2=26050&3=26050-2ac49209&1=M7337545853902520419 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
/
548981.top/b7395ed6ea53a96cd28d/39c2664af1/ |
700 B 786 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
go.php
95488.space/ |
647 B 350 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
c.c-c-c.world/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
proc.php
c.c-c-c.world/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
index-de-1.html
w.rationalunwaveringclick.buzz/wbpage2/forge-of-empire-gaming/ Redirect Chain
|
14 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
807 B 805 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
micro.tag.min.js
gauvaiho.net/pfe/current/ |
33 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bg.png
w.rationalunwaveringclick.buzz/wbpage2/forge-of-empire-gaming/ |
854 KB 856 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
3y9n6bI8ejDo_3MfCDSL_Lx0A31gng.woff2
fonts.gstatic.com/s/belanosima/v3/ |
19 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
vids.mp4
w.rationalunwaveringclick.buzz/wbpage2/forge-of-empire-gaming/ |
3 MB 3 MB |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
sw-check-permissions-4eee0.js
w.rationalunwaveringclick.buzz/ |
0 877 B |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
zone
gauvaiho.net/ |
0 269 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gid.js
my.rtmark.net/ |
65 B 555 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zone
gauvaiho.net/ |
830 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
custom
jouteetu.net/ |
0 0 |
Ping
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| s function| get_url_params function| get_url_param function| get_browser_locale function| get_browser_short_locale function| get_available_locale function| translate function| fetch_elements function| on_dom_load object| locales string| language function| go function| getParam object| zfgformats6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| 548981.top/b7395ed6ea53a96cd28d/39c2664af1 | Name: shown1 Value: 0 |
|
| 548981.top/b7395ed6ea53a96cd28d/39c2664af1 | Name: total_impressions Value: 1 |
|
| 548981.top/ | Name: used_ad2969437 Value: 1 |
|
| .merterpazar.com/ | Name: 8476910a-8c24-4232-8242-1df534545aea-v4 Value: 3Oy7oVmc_ceSi6Xtv_udyOwCKHj2Q__arbHBqENS-H0 |
|
| .merterpazar.com/ | Name: cep-v4 Value: XZn9ciDv-UctvqIqxqkPx2n92GWX64RlnpoObSC9eA06TqsUlKr82hAtsj5Kr9KG1R1TqXRDY726Xy6wnw-4-og7vx9j735NJ1CUbh-cpx8tgkoK3KRa0qcdtNgUF5CZ2Ev_FI1Q9o8P0YloECEsIMhRcwjyeA2KIKJMvsP9LoKAnE2pn71eFgWLMF9fHQtv-JGE4htXE6tNSbxqe-xQg2bNzUmqkRFcpzsrylKJ5x8VZ-enXpovrej0XhFAsQeNyzQ-kgRQHBHCWnoWvXVrKYAx_HUGQCCcCHLLECBcnXizXfimNRRBFPC4NM1ZXydYHaN-1i1pTQO24g1anKunhDyA1bPkNBIiwiVoDhNkgtHuV_B9VsuYuEeHCRm9VyQBDaE0w2jM1iagt1mxV5pFig7lrRayTzq3meIdwa5p-koag2gcyFUe18wHMuKZp_UNyzoBgftL9Tm7F1wV3j9Mug |
|
| my.rtmark.net/ | Name: ID Value: accb47517ba74e41bb36c5dcfd5adb41 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubDomains |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
548981.top
95488.space
c.c-c-c.world
fonts.googleapis.com
fonts.gstatic.com
gauvaiho.net
jouteetu.net
merterpazar.com
my.rtmark.net
w.rationalunwaveringclick.buzz
139.45.195.8
139.45.197.251
173.236.118.101
185.66.201.43
185.66.201.8
188.114.97.3
2a00:1450:4001:81c::200a
2a00:1450:4001:830::2003
2a06:98c1:3120::3
0654599e7c6eab013b8f746ecd8fbf1358a58b74c57f2090cd76fdfea136b580
1d8d30904da48c215b91bf09732e5a6b3804c1083988860882d29ba124cba90e
60ebe5cb93cff6fe752b8447253bf6dd3773bb5ee4b92fb2c6b8ad6e3c6770b6
79d57b7dab525f3f97d04e8792be0f6544af200df1c86e4189ec654c3c8d146f
a4603a52fdbbd45b7231c5d8d0a8b7dbb0dd1f64d818389d066f3576c973ad67
b35b3d67269d2e7bbe1df0c851a425c31c07e4b693cc445e77303c47b836af52
c888f9e4002475379d8b14c4e602bd58ae33b918f16dc6ceb002c0cd1b5db36c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5eba3c42e02f1d1100be74b7a62ebd5928030c8a055f705cff28dd8914aa7fa
ff05eea32eec0450b3114298bf0d6096625f5d4d0e85b1d81b0e19706b1f5b9a