message.okaynotification.com Open in urlscan Pro
172.67.197.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.otherfortheagis.wiki/?sl=5738007-c0b0d&data1=track1&data2=track2&tag=m7352021512892710949&website=15494-99ed32fc&plac...
Effective URL:
https://message.okaynotification.com/js2/v/mandaloriann/index.html
Submission: On March 30 via api (March 30th 2024, 11:42:39 pm UTC) from US — Scanned from US

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 13 HTTP transactions. The main IP is 172.67.197.41, located in United States and belongs to CLOUDFLARENET, US. The main domain is message.okaynotification.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 26th 2023. Valid for: a year.

This is the only time message.okaynotification.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	51.68.81.31 51.68.81.31	16276 (OVH) (OVH)
3	172.67.157.143 172.67.157.143	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	116.202.159.170 116.202.159.170	24940 (HETZNER-AS) (HETZNER-AS)
7	172.67.197.41 172.67.197.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	46.4.25.9 46.4.25.9	24940 (HETZNER-AS) (HETZNER-AS)
13	5

1 51.68.81.31 (France) 1 redirects

ASN16276 (OVH, FR)

www.otherfortheagis.wiki	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.157.143 (United States)

ASN13335 (CLOUDFLARENET, US)

t.bl-fastcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.159.170 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.170.159.202.116.clients.your-server.de

4758355.catchtheclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.197.41 (United States)

ASN13335 (CLOUDFLARENET, US)

message.okaynotification.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.25.9 (Bad Muenstereifel, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.25.4.46.clients.your-server.de

specializedlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	okaynotification.com message.okaynotification.com	947 KB
3	bl-fastcdn.com t.bl-fastcdn.com	10 KB
1	specializedlink.com specializedlink.com — Cisco Umbrella Rank: 339466	527 B
1	catchtheclick.com 4758355.catchtheclick.com	1 KB
1	otherfortheagis.wiki 1 redirects www.otherfortheagis.wiki	238 B
0	netflowcorp.com Failed bonga.netflowcorp.com Failed
13	6

	Domain	Requested by
7	message.okaynotification.com	4758355.catchtheclick.com message.okaynotification.com
3	t.bl-fastcdn.com
1	specializedlink.com	message.okaynotification.com
1	4758355.catchtheclick.com	t.bl-fastcdn.com
1	www.otherfortheagis.wiki	1 redirects
0	bonga.netflowcorp.com Failed	message.okaynotification.com
13	6

This site contains no links.

Subject Issuer	Validity	Valid
bl-fastcdn.com GTS CA 1P5	`2024-02-06` - `2024-05-06`	3 months	crt.sh
*.catchtheclick.com R3	`2024-01-08` - `2024-04-07`	3 months	crt.sh
okaynotification.com Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
specializedlink.com R3	`2024-01-15` - `2024-04-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://message.okaynotification.com/js2/v/mandaloriann/index.html
Frame ID: 2CECF0358E929ADE6326C2C92DC30693
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Video

Page URL History Show full URLs

http://www.otherfortheagis.wiki/?sl=5738007-c0b0d&data1=track1&data2=track2&tag=m7352021512892710949&website... HTTP 307
https://www.otherfortheagis.wiki/?sl=5738007-c0b0d&data1=track1&data2=track2&tag=m7352021512892710949&website... HTTP 302
https://t.bl-fastcdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=4364417613938057698 Page URL
https://4758355.catchtheclick.com/?mob=OwBMQ-4JTCuFWH5hmz81odsvVQhLzMZF5lR_BYBSy8leNoLvIPFc9UQ3pcGoTw_YwHAfnxO... Page URL
https://message.okaynotification.com/js2/v/mandaloriann/index.html Page URL

Page Statistics

13
Requests

92 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

959 kB
Transfer

987 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.otherfortheagis.wiki/?sl=5738007-c0b0d&data1=track1&data2=track2&tag=m7352021512892710949&website=15494-99ed32fc&placement=15494&eyeg=1 HTTP 307
https://www.otherfortheagis.wiki/?sl=5738007-c0b0d&data1=track1&data2=track2&tag=m7352021512892710949&website=15494-99ed32fc&placement=15494&eyeg=1 HTTP 302
https://t.bl-fastcdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=4364417613938057698 Page URL
https://4758355.catchtheclick.com/?mob=OwBMQ-4JTCuFWH5hmz81odsvVQhLzMZF5lR_BYBSy8leNoLvIPFc9UQ3pcGoTw_YwHAfnxOf8N3uVaD42x5zHg&tid=24033100_01_371812_eb34c30477157&subid=a371812s&affe=fo Page URL
https://message.okaynotification.com/js2/v/mandaloriann/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.otherfortheagis.wiki/?sl=5738007-c0b0d&data1=track1&data2=track2&tag=m7352021512892710949&website=15494-99ed32fc&placement=15494&eyeg=1 HTTP 307
https://www.otherfortheagis.wiki/?sl=5738007-c0b0d&data1=track1&data2=track2&tag=m7352021512892710949&website=15494-99ed32fc&placement=15494&eyeg=1 HTTP 302
https://t.bl-fastcdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=4364417613938057698

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	/ t.bl-fastcdn.com/directclick/ Redirect Chain http://www.otherfortheagis.wiki/?sl=5738007-c0b0d&data1=track1&data2=track2&tag=m7352021512892710949&website=15494-99ed32fc&placement=15494&eyeg=1 https://www.otherfortheagis.wiki/?sl=5738007-c0b0d&data1=track1&data2=track2&tag=m7352021512892710949&website=15494-99ed32fc&placement=15494&eyeg=1 https://t.bl-fastcdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=4364417613938057698	25 KB 9 KB	681ms 581ms	Document text/html	172.67.157.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.bl-fastcdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=4364417613938057698 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.157.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 86cbf4e7ebc74bcc-BUF content-encoding gzip content-type text/html; charset=utf-8 date Sat, 30 Mar 2024 23:42:32 GMT expires Sat, 26 Jul 1997 05:00:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NNruxX3HzZRAVPAry4EyKmp5213DZtQBBJpdwe3du16t%2BRmXGdZkrwnj4%2F7TgaYGzQmvjThBotdRIRWsm%2BXmFVEtWdCX93RsXqdAoorsB0eznpnK8jBVq%2BnqPNmuUTNW6jkZ"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers Cache-Control no-transform Connection keep-alive Content-Length 0 Date Sat, 30 Mar 2024 23:42:31 GMT Location https://t.bl-fastcdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=4364417613938057698
GET H3	404	favicon.ico t.bl-fastcdn.com/	108 B 540 B	245ms 244ms	Other text/html	172.67.157.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.bl-fastcdn.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.157.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 30 Mar 2024 23:42:32 GMT content-encoding gzip cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1fs6L0VhcmQTQQqKotWX8BriBTEWHbxOyKubhZmfQZSwmFwfZfMO9%2Bc27Iu9ggbncwfHC9%2BUI6LOXWN%2BNLo01Q8Ma%2B5gzgLDzbPQBI%2Fd%2F3op9H%2F8ro6WmqIsMS6%2BU%2F6Ur4X3"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 86cbf4ebed124bcc-BUF alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	/ 4758355.catchtheclick.com/	3 KB 1 KB	428ms 163ms	Document text/html	116.202.159.170 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://4758355.catchtheclick.com/?mob=OwBMQ-4JTCuFWH5hmz81odsvVQhLzMZF5lR_BYBSy8leNoLvIPFc9UQ3pcGoTw_YwHAfnxOf8N3uVaD42x5zHg&tid=24033100_01_371812_eb34c30477157&subid=a371812s&affe=fo Requested by Host: t.bl-fastcdn.com URL: https://t.bl-fastcdn.com/directclick/?pid=CLBghSztLMxKnP7sw-K3orR0VUY1&wsid=4364417613938057698 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 116.202.159.170 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.170.159.202.116.clients.your-server.de Software nginx/1.16.1 (Ubuntu) / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 30 Mar 2024 23:42:32 GMT Server nginx/1.16.1 (Ubuntu) Transfer-Encoding chunked
GET H3	404	favicon.ico t.bl-fastcdn.com/	108 B 530 B	234ms 233ms	Other text/html	172.67.157.143 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.bl-fastcdn.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.157.143 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 30 Mar 2024 23:42:32 GMT content-encoding gzip cf-cache-status EXPIRED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eqb5hVOcDVnwo8EGnOE%2BnsOHFGil7SG9XRzkpkqj9jZMe8YwSGsfjK2OQ6fJMKWnF0DvwIwHi9gFn4vBSmlkfpBZlp5pYQKRiOyWptmkum4vDUjVAWnYh0z8y6HiLl7aILVI"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control max-age=14400 cf-ray 86cbf4ebfd174bcc-BUF alt-svc h3=":443"; ma=86400
GET H3	200	Primary Request index.html Show response message.okaynotification.com/js2/v/mandaloriann/	8 KB 3 KB	363ms 307ms	Document text/html	172.67.197.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://message.okaynotification.com/js2/v/mandaloriann/index.html Requested by Host: 4758355.catchtheclick.com URL: https://4758355.catchtheclick.com/?mob=OwBMQ-4JTCuFWH5hmz81odsvVQhLzMZF5lR_BYBSy8leNoLvIPFc9UQ3pcGoTw_YwHAfnxOf8N3uVaD42x5zHg&tid=24033100_01_371812_eb34c30477157&subid=a371812s&affe=fo Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `15b817a4a7ccea3faff1cae71261d767950ca93c508b644407a1bb9c98b9f6fa` Request headers Referer https://4758355.catchtheclick.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language en-US,en;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=31536000 cf-cache-status DYNAMIC cf-ray 86cbf4ef6ea8a1f0-YYZ content-encoding br content-type text/html date Sat, 30 Mar 2024 23:42:33 GMT expires Sun, 30 Mar 2025 23:42:33 GMT last-modified Thu, 21 May 2020 16:38:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XxHvMgudVKMkfKU%2Fu54wTPG154ExMMnriLg7urSTZ5zTU4b3D8iatL%2B3zF8Rrlm5fb7G%2FMxjsJh%2BUMBSZG2xfv%2FrKqMnqB%2BneYr%2FBTxSRFp7lURkhnUPD4JNzVk3U9TvTRFcgSopI84fgfmy5EES"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	inc.js Show response message.okaynotification.com/js2/v/mandaloriann/	13 KB 4 KB	279ms 278ms	Script application/javascript	172.67.197.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://message.okaynotification.com/js2/v/mandaloriann/inc.js Requested by Host: message.okaynotification.com URL: https://message.okaynotification.com/js2/v/mandaloriann/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2ddf117c0bdd9df9cfe9776bdbcb7146341023d6959360705437d8ffbf7e43ed` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 30 Mar 2024 23:42:33 GMT content-encoding br cf-cache-status MISS last-modified Mon, 16 Aug 2021 15:15:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"611a8128-3385" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7141mfGwISvz8DsjDk8HboPXNbH4Bb9olN9%2BRMmKz9GPqZUWJzEgMn3zzrYDjwTERL6zhvWCundbclWNMa5zJIymx1fSt9MAvc76Z1IaHxYv66bglzvA%2BubnI5Y2pMrTVU3ulj%2BqwMYeDhXn%2BzLO"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=31536000 cf-ray 86cbf4f18a34a1f0-YYZ alt-svc h3=":443"; ma=86400 expires Sun, 30 Mar 2025 23:42:33 GMT
GET H3	200	play-01.png message.okaynotification.com/js2/v/mandaloriann/imgs/	4 KB 5 KB	283ms 282ms	Image image/png	172.67.197.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://message.okaynotification.com/js2/v/mandaloriann/imgs/play-01.png Requested by Host: message.okaynotification.com URL: https://message.okaynotification.com/js2/v/mandaloriann/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ce1e2904e2420b0e093cc7b8fb15070e5cb912e4a74fe4a45967aa10d7ad34ff` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 30 Mar 2024 23:42:33 GMT cf-cache-status MISS last-modified Thu, 21 May 2020 16:38:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5ec6ae9d-11b7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hHN6%2BWC%2BKBLRAm%2FSDa1clq2xgW4gsuO%2Bg14jaxjbQCKMy%2BbjJuNBEGqctoLlqhsuUz5mr2Y5y9ZiLJvaUa0gpIhyvC4K%2F1E95QvWwlgkccUYKfhQ2OMBlQH5PR9b8DHMmvyyGCXsiY5O08mkxwDq"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 86cbf4f18a36a1f0-YYZ alt-svc h3=":443"; ma=86400 content-length 4535 expires Sun, 30 Mar 2025 23:42:33 GMT
GET H3	200	logo.png message.okaynotification.com/js2/v/mandaloriann/imgs/	43 KB 44 KB	495ms 495ms	Image image/png	172.67.197.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://message.okaynotification.com/js2/v/mandaloriann/imgs/logo.png Requested by Host: message.okaynotification.com URL: https://message.okaynotification.com/js2/v/mandaloriann/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c94a761a93c6a9a50d845f9330241ceff781bb591d5e8cd8325beadd5d8b7a17` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 30 Mar 2024 23:42:33 GMT cf-cache-status MISS last-modified Thu, 21 May 2020 16:38:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5ec6ae9d-acbc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w2cMdRPz8qpidCdV9avaw0FPHaZnCAlOo6xfXRNBWRvJElcBiS6C2cba%2FhfwanvP8%2FftgHeym6P3cWoz2kP6%2FOEDhLClFN%2FlE4YNc2bSLFPZBgd2U%2F9wR%2FSNjrkQZe%2BShMFmDpRcwaLCJSLWDy5H"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 86cbf4f18a39a1f0-YYZ alt-svc h3=":443"; ma=86400 content-length 44220 expires Sun, 30 Mar 2025 23:42:33 GMT
GET H3	200	3.png message.okaynotification.com/js2/v/mandaloriann/imgs/	57 KB 57 KB	512ms 512ms	Image image/png	172.67.197.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://message.okaynotification.com/js2/v/mandaloriann/imgs/3.png Requested by Host: message.okaynotification.com URL: https://message.okaynotification.com/js2/v/mandaloriann/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dc6eef988f9e97279b19c7eba0734cb30938d07f5006d73f10f7e70f70d579b5` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 30 Mar 2024 23:42:33 GMT cf-cache-status MISS last-modified Thu, 21 May 2020 16:38:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5ec6ae9d-e2c6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9DybyzxWA90IbT%2BhVcZw6EqkD4%2FmsrFGvQY5NYRfNSPrbF%2BOZ9F78rGAy5kpZEJ0FjwrqMQfZyOLa4F3pMCmJkOm4JYBcvixtTOODv0FTvvRWLJNOfhKASS4OJzqA3DePWg8ONQpKlzUMTNLbzs3"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 86cbf4f34d56a1f0-YYZ alt-svc h3=":443"; ma=86400 content-length 58054 expires Sun, 30 Mar 2025 23:42:33 GMT
GET H/1.1	200 OK	c.php Show response specializedlink.com/	0 527 B	387ms 126ms	Fetch text/html	46.4.25.9 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://specializedlink.com/c.php Requested by Host: message.okaynotification.com URL: https://message.okaynotification.com/js2/v/mandaloriann/inc.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 46.4.25.9 Bad Muenstereifel, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.9.25.4.46.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sat, 30 Mar 2024 23:42:33 GMT Server nginx/1.18.0 (Ubuntu) Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type application/octet-stream, text/html Access-Control-Allow-Origin https://message.okaynotification.com Access-Control-Expose-Headers Content-Length,Content-Range Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Content-Length 0
GET H3	200	back.png message.okaynotification.com/js2/v/mandaloriann/imgs/	834 KB 834 KB	534ms 533ms	Image image/png	172.67.197.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://message.okaynotification.com/js2/v/mandaloriann/imgs/back.png Requested by Host: message.okaynotification.com URL: https://message.okaynotification.com/js2/v/mandaloriann/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c60f200896b179e08d650d5ffb507fde0797f6a666425060ce8ab22372f5517e` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://message.okaynotification.com/js2/v/mandaloriann/index.html accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 30 Mar 2024 23:42:33 GMT cf-cache-status MISS last-modified Thu, 21 May 2020 16:38:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5ec6ae9d-d0689" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EF8MPj3mekfzdOXQWXgvc2UzN6NZ5EKLPjO%2FTy0P22KZRLXEOSMMadOZSIF7lTEvZ5kebDMlNH78Xsw1WVc4V%2F9fnymRvoeasxryr10a563LzyOc8xfI748TyW7K6aEHnN4q5nx82HyAgXkSkWY1"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=31536000 accept-ranges bytes cf-ray 86cbf4f35d5ba1f0-YYZ alt-svc h3=":443"; ma=86400 content-length 853641 expires Sun, 30 Mar 2025 23:42:33 GMT
GET		c.php bonga.netflowcorp.com/	0 0

GET H3	200	favicon.ico message.okaynotification.com/	1 B 472 B	45ms 45ms	Other image/x-icon	172.67.197.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://message.okaynotification.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.41 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b` Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer accept-language en-US,en;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 30 Mar 2024 23:42:34 GMT cf-cache-status HIT last-modified Wed, 22 May 2019 17:07:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 5791 etag "5ce581b9-1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=29jsEqW3NXF4%2FnmN7kwpkK09kRZtjPq1arUkFoZ%2F3i0RgC6J8tC2hSl2QNxSAhpyX2nPMILc13bV4IZb6DyBI2Q2bSZfW5tWYZOB0Cg5e%2FY2EhI9TatQkTZPD9snoRVZEyQcYS%2F8h7NEgvfXnJEY"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 accept-ranges bytes cf-ray 86cbf4f91f26a1f0-YYZ alt-svc h3=":443"; ma=86400 content-length 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bonga.netflowcorp.com
URL: https://bonga.netflowcorp.com/c.php?v1=2&va=2

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bl-fastcdn.com/	1970-01-21 04:16:18	Name: checkkeks Value: 1
.bl-fastcdn.com/	1970-01-20 19:32:08	Name: eTag Value: 392717ef308f54815ed1f489b4b54b02
.bl-fastcdn.com/	1970-01-21 04:16:18	Name: ck_uniques Value: 1711928550%3A24589-115227
.bl-fastcdn.com/	1970-01-21 04:16:18	Name: ck_uniquesPa Value: 1711928550%3A91721
.bl-fastcdn.com/	1970-01-20 19:32:08	Name: ck_sys_uniques_3 Value: 1
.bl-fastcdn.com/	1970-01-20 19:32:08	Name: u_current_ads_view Value: 91721----
.okaynotification.com/	1970-01-21 05:06:42	Name: jjj Value: 0
.okaynotification.com/	1970-01-21 04:15:42	Name: u Value: 31x1287x15436608a368a1a62

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://t.bl-fastcdn.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://t.bl-fastcdn.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bonga.netflowcorp.com/c.php?v1=2&va=2 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4758355.catchtheclick.com
bonga.netflowcorp.com
message.okaynotification.com
specializedlink.com
t.bl-fastcdn.com
www.otherfortheagis.wiki
bonga.netflowcorp.com
116.202.159.170
172.67.157.143
172.67.197.41
46.4.25.9
51.68.81.31
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
15b817a4a7ccea3faff1cae71261d767950ca93c508b644407a1bb9c98b9f6fa
2ddf117c0bdd9df9cfe9776bdbcb7146341023d6959360705437d8ffbf7e43ed
c60f200896b179e08d650d5ffb507fde0797f6a666425060ce8ab22372f5517e
c94a761a93c6a9a50d845f9330241ceff781bb591d5e8cd8325beadd5d8b7a17
ce1e2904e2420b0e093cc7b8fb15070e5cb912e4a74fe4a45967aa10d7ad34ff
dc6eef988f9e97279b19c7eba0734cb30938d07f5006d73f10f7e70f70d579b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

message.okaynotification.com Open in urlscan Pro 172.67.197.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

13 Requests

92 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

959 kBTransfer

987 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

8 Cookies

3 Console Messages

Indicators

message.okaynotification.com Open in urlscan Pro
172.67.197.41 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

959 kB
Transfer

987 kB
Size

8
Cookies

13 HTTP transactions
0 data transactions