![](/screenshots/04c4770e-9ef7-4d20-88ce-99ce0b9b8fbe.png)
tonic.eygenci.com
Open in
urlscan Pro
188.114.96.3
Public Scan
Effective URL: https://tonic.eygenci.com/rc/a91581ead4?affclick=64890cf8cbd35600013e525b&pubid=503
Submission: On June 14 via api from JP — Scanned from PL
Summary
TLS certificate: Issued by E1 on May 21st 2023. Valid for: 3 months.
This is the only time tonic.eygenci.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 5.187.52.246 5.187.52.246 | 197155 (ARTNET) (ARTNET) | |
1 | 155.94.219.251 155.94.219.251 | 8100 (ASN-QUADR...) (ASN-QUADRANET-GLOBAL) | |
1 4 | 172.67.146.238 172.67.146.238 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 172.67.158.251 172.67.158.251 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 67.212.184.146 67.212.184.146 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC) | |
2 3 | 51.68.85.158 51.68.85.158 | 16276 (OVH) (OVH) | |
1 1 | 34.90.46.36 34.90.46.36 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 5 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
14 | 6 |
ASN197155 (ARTNET, PL)
PTR: d52246.artnet.gda.pl
track.health.healthlink-test.ch |
ASN8100 (ASN-QUADRANET-GLOBAL, US)
PTR: ns1.miami-servers.com
theshiningtree.com |
ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
rezi.turetou.com |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 36.46.90.34.bc.googleusercontent.com
admoustache.media-412.com |
ASN13335 (CLOUDFLARENET, US)
tonic.eygenci.com | |
armorads.aftrad-visit.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
eygenci.com
1 redirects
tonic.eygenci.com |
6 KB |
4 |
jukminung.com
1 redirects
lynku.jukminung.com |
6 KB |
3 |
turbotrck.art
2 redirects
www.turbotrck.art |
5 KB |
3 |
turetou.com
rezi.turetou.com |
5 KB |
2 |
addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 446257 |
2 KB |
1 |
aftrad-visit.com
armorads.aftrad-visit.com — Cisco Umbrella Rank: 211873 |
397 B |
1 |
media-412.com
1 redirects
admoustache.media-412.com |
271 B |
1 |
theshiningtree.com
theshiningtree.com |
450 B |
1 |
healthlink-test.ch
1 redirects
track.health.healthlink-test.ch |
320 B |
14 | 9 |
Domain | Requested by | |
---|---|---|
4 | tonic.eygenci.com |
1 redirects
www.turbotrck.art
tonic.eygenci.com |
4 | lynku.jukminung.com |
1 redirects
theshiningtree.com
lynku.jukminung.com |
3 | www.turbotrck.art |
2 redirects
rezi.turetou.com
|
3 | rezi.turetou.com |
lynku.jukminung.com
rezi.turetou.com |
2 | cdn.addlnk.com |
lynku.jukminung.com
tonic.eygenci.com |
1 | armorads.aftrad-visit.com |
tonic.eygenci.com
|
1 | admoustache.media-412.com | 1 redirects |
1 | theshiningtree.com | |
1 | track.health.healthlink-test.ch | 1 redirects |
14 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
theshiningtree.com Sectigo RSA Domain Validation Secure Server CA |
2022-11-16 - 2023-12-16 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-03-20 - 2024-03-18 |
a year | crt.sh |
addlnk.com GTS CA 1P5 |
2023-06-13 - 2023-09-11 |
3 months | crt.sh |
rezi.turetou.com R3 |
2023-04-17 - 2023-07-16 |
3 months | crt.sh |
www.turbotrck.art R3 |
2023-04-29 - 2023-07-28 |
3 months | crt.sh |
eygenci.com E1 |
2023-05-21 - 2023-08-19 |
3 months | crt.sh |
aftrad-visit.com GTS CA 1P5 |
2023-04-16 - 2023-07-15 |
3 months | crt.sh |
This page contains 3 frames:
Frame:
https://armorads.aftrad-visit.com/track/smartlink?smartlink_id=6&publisher_id=22&network_id=1&click_id=pub8e178feb63b6452ca278fa333579500d&sub_source=503
Frame ID: 3CF0B1A65289A087E962AA7AAA77FB47
Requests: 10 HTTP requests in this frame
Frame:
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
Frame ID: C3E144603B427C16C83E1A60EE0DBB6B
Requests: 2 HTTP requests in this frame
Frame:
https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
Frame ID: 3A2CF4900BF47C629F30D05DBC30D4A0
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/04c4770e-9ef7-4d20-88ce-99ce0b9b8fbe.png)
Page URL History Show full URLs
-
http://track.health.healthlink-test.ch/t/eqk75x08e/r5c2a471051x478x84579x45871703x1265555x7082228119x6494019
HTTP 302
https://theshiningtree.com/176468423b34feb3800/946_150174_97548_874/9104946_5555621/53346740 Page URL
- https://lynku.jukminung.com/rc/9e8aef8068?affclick=1351292228&pubid=690416 Page URL
- https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream... Page URL
- https://rezi.turetou.com/?utm_term=7244335730615386154 Page URL
- https://rezi.turetou.com/proc.php?0466c2b07ebc2946e857dbb962e422fdf3ea592e Page URL
- https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7244335730615386154&website... Page URL
-
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7244335730615386154&website...
HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7244335730615386154&website... HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000d3f4d7805da81f7f9e207b16380... HTTP 302
https://tonic.eygenci.com/rc/a91581ead4?affclick=64890cf8cbd35600013e525b&pubid=503 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://track.health.healthlink-test.ch/t/eqk75x08e/r5c2a471051x478x84579x45871703x1265555x7082228119x6494019
HTTP 302
https://theshiningtree.com/176468423b34feb3800/946_150174_97548_874/9104946_5555621/53346740 Page URL
- https://lynku.jukminung.com/rc/9e8aef8068?affclick=1351292228&pubid=690416 Page URL
- https://rezi.turetou.com/?utm_medium=a2cfa69ba839c785a0b2d69b87f85a6e6ca0d8bb&utm_campaign=mainstream_redirect&1=caf2c4c2&cid=pube098ae42db8a4b1db1402526af4f67ce&2=690416 Page URL
- https://rezi.turetou.com/?utm_term=7244335730615386154 Page URL
- https://rezi.turetou.com/proc.php?0466c2b07ebc2946e857dbb962e422fdf3ea592e Page URL
- https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7244335730615386154&website=13260-d1f8b31e-d82d53ee&placement=13260 Page URL
-
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7244335730615386154&website=13260-d1f8b31e-d82d53ee&placement=13260&eyeg=76da1e2dc0d18d3bbf899ce4ff0f1ffa&eyer=0.12124178313391609&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com
HTTP 302
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7244335730615386154&website=13260-d1f8b31e-d82d53ee&placement=13260&eyeg=3&eyer=0.12124178313391609&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=rezi.turetou.com HTTP 302
https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=33000d3f4d7805da81f7f9e207b163802e82a0614-202306-flb*5564921-b2be6*M7244335730615386154*sl_5564921-b2be6*6da431c25ce6fb2ad69be4cbecd05a2916603018*13260-d1f8b31e-d82d53ee*13260 HTTP 302
https://tonic.eygenci.com/rc/a91581ead4?affclick=64890cf8cbd35600013e525b&pubid=503 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://track.health.healthlink-test.ch/t/eqk75x08e/r5c2a471051x478x84579x45871703x1265555x7082228119x6494019 HTTP 302
- https://theshiningtree.com/176468423b34feb3800/946_150174_97548_874/9104946_5555621/53346740
- https://lynku.jukminung.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
- https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
- https://tonic.eygenci.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
- https://tonic.eygenci.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/invisible.js
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
53346740
theshiningtree.com/176468423b34feb3800/946_150174_97548_874/9104946_5555621/ Redirect Chain
|
137 B 450 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9e8aef8068
lynku.jukminung.com/rc/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redirect.css
cdn.addlnk.com/ |
1 KB 1019 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/ Frame C3E1 Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
7d6e88a50c1434c8
lynku.jukminung.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame C3E1 |
0 565 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
rezi.turetou.com/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
rezi.turetou.com/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proc.php
rezi.turetou.com/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.turbotrck.art/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
a91581ead4
tonic.eygenci.com/rc/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
redirect.css
cdn.addlnk.com/ |
1 KB 701 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invisible.js
tonic.eygenci.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/6cdb09c9/ Frame 3A2C Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
7d6e88b23af1bf60
tonic.eygenci.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 3A2C |
0 600 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smartlink
armorads.aftrad-visit.com/track/ |
0 397 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
theshiningtree.com/ | Name: uid15295 Value: 1351292228-20230613204230-80d84a77d8dcfb4279ed48830cf573d2- |
|
lynku.jukminung.com/ | Name: AWSALB Value: UzMl1LqftdQ8nJCD2mPBWWRSsj23FSwN4mRirUn+oQXPWsguaukpmYBnojfgohSt/pbm8ryIJw4X1OvVcTdGz/c9WxuyQhORntZthxXNjF5nbpCKaxQaI47FqJNU |
|
.jukminung.com/ | Name: __cf_bm Value: K3RG4.tZ77PEbcdzTkNTDE2daMFJPg9YlFwL9PEjHc8-1686703351-0-AaChRuj8RmHxWy0y2s0bAvp9XTJspW+H6uV5rzGI7xtVU2QfIonv99QzvxXE1KCd1g== |
|
rezi.turetou.com/ | Name: u Value: 7be68267a622c64007f844ede585826d |
|
rezi.turetou.com/ | Name: split Value: b |
|
admoustache.media-412.com/ | Name: afclick Value: 64890cf8cbd35600013e525b |
|
tonic.eygenci.com/ | Name: AWSALB Value: eOIwYOEX5rUg7Eoz5G57jLQ69o/UHvxSEJeE1eYvFwdmdjGoLpEppnlOi/OT8xOUd/3linIiOghExpll2R5nJJr4PEXkUPHmVes+e7EGF9+ar0uhJy4vnRDmrmrB |
|
.eygenci.com/ | Name: __cf_bm Value: 5SiUfcj8Z.LFk0nepup0x04E0VunOp8OxszJYJmEgkg-1686703353-0-AY+EqiAluyzgt0WbZeq1ibtpmR9C005Iys4mm8baKEt7/bkN/RBhLuaABP2kya5OGg== |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
admoustache.media-412.com
armorads.aftrad-visit.com
cdn.addlnk.com
lynku.jukminung.com
rezi.turetou.com
theshiningtree.com
tonic.eygenci.com
track.health.healthlink-test.ch
www.turbotrck.art
155.94.219.251
172.67.146.238
172.67.158.251
188.114.96.3
34.90.46.36
5.187.52.246
51.68.85.158
67.212.184.146
36aacf67080aa2fc13f4f2cb0e2c6c774cf61fc83a5de58cf2ac02b0a9a84997
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
c5806eb1df84909451dfbe3037b03d5df5b119ad93cca7809226b3383f404226
cd28106cf52882c8d9c753625a5cda107dc47fb0313b5f862677fb2f575418d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f870b389b26b893a8850d461f8bc032574e41f8086c7d3c8e46fece1334a2987
fe5a2e012ec7898469cb1fa7ce801a9abb1a9b4875ea201c06504dced46af189