![](/screenshots/19dfb811-d043-4d57-9fd1-a8242ad53a57.png)
ms4.wdnews.fr
Open in
urlscan Pro
195.154.61.148
Public Scan
Effective URL: https://ms4.wdnews.fr/uc/muc/rs/36i/xr/nkv/rs/rt.html
Submission: On May 28 via api from BE
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on March 30th 2019. Valid for: 3 months.
This is the only time ms4.wdnews.fr was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 3 | 195.154.61.148 195.154.61.148 | 12876 (AS12876) (AS12876) | |
2 | 2606:4700::68... 2606:4700::6811:ad3e | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2606:4700:30:... 2606:4700:30::6812:3747 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 35.190.64.167 35.190.64.167 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
6 | 4 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
velocecdn.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ufpcdn.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 167.64.190.35.bc.googleusercontent.com
onclickmega.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
wdnews.fr
1 redirects
ms4.wdnews.fr |
9 KB |
2 |
velocecdn.com
velocecdn.com |
17 KB |
1 |
onclickmega.com
onclickmega.com |
93 B |
1 |
ufpcdn.com
ufpcdn.com |
|
6 | 4 |
Domain | Requested by | |
---|---|---|
3 | ms4.wdnews.fr |
1 redirects
ms4.wdnews.fr
|
2 | velocecdn.com |
ms4.wdnews.fr
|
1 | onclickmega.com |
ms4.wdnews.fr
|
1 | ufpcdn.com |
ms4.wdnews.fr
|
6 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
ms4.wdnews.fr Let's Encrypt Authority X3 |
2019-03-30 - 2019-06-28 |
3 months | crt.sh |
ssl478245.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-01-18 - 2019-07-27 |
6 months | crt.sh |
sni110177.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-05-06 - 2019-11-12 |
6 months | crt.sh |
www.onclickmega.com COMODO RSA Domain Validation Secure Server CA |
2017-10-18 - 2020-10-17 |
3 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://ms4.wdnews.fr/uc/muc/rs/36i/xr/nkv/rs/rt.html
Frame ID: EE88D92AF82D1BD489A184C3E48B3DA6
Requests: 5 HTTP requests in this frame
Frame:
https://ufpcdn.com/script/identify.html?frmt=0
Frame ID: D73808C995787FDADAA9081E8949CEEF
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/19dfb811-d043-4d57-9fd1-a8242ad53a57.png)
Page URL History Show full URLs
-
https://ms4.wdnews.fr/u/muc/rs/36i/xr/nkv/rs/rt.html
HTTP 302
https://ms4.wdnews.fr/uc/muc/rs/36i/xr/nkv/rs/rt.html Page URL
Detected technologies
![](/vendor/wappa/icons/Debian.png)
Detected patterns
- headers server /Debian/i
![](/vendor/wappa/icons/Pure CSS.png)
Detected patterns
- html /<link[^>]+(?:([\d.])+\/)?pure(?:-min)?\.css/i
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ms4.wdnews.fr/u/muc/rs/36i/xr/nkv/rs/rt.html
HTTP 302
https://ms4.wdnews.fr/uc/muc/rs/36i/xr/nkv/rs/rt.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
rt.html
ms4.wdnews.fr/uc/muc/rs/36i/xr/nkv/rs/ Redirect Chain
|
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pure-min.css
ms4.wdnews.fr/assets/ |
19 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
compatibility.js
velocecdn.com/script/ |
12 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identify.html
ufpcdn.com/script/ Frame D738 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suurl.php
onclickmega.com/script/ |
0 93 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chrome.js
velocecdn.com/script/ |
19 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| adcashMacros object| zoneSett object| urls object| _0x8317 function| acPrefetch object| CTABPu object| _0xd365 function| ufpAttach object| CTAMAT object| adcashUfp object| _0x5000 object| Cnac object| stamat function| NqPnfu7185592874891631 function| NqPnfu object| NqpnfuVfNOrggreArgjbex boolean| _0x90aa2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
ufpcdn.com/ | Name: adcashufpv3 Value: 39625236165497313411602038 |
|
.ufpcdn.com/ | Name: __cfduid Value: d0c5eee83bf5f65403e1825b2150597cb1559021127 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ms4.wdnews.fr
onclickmega.com
ufpcdn.com
velocecdn.com
195.154.61.148
2606:4700:30::6812:3747
2606:4700::6811:ad3e
35.190.64.167
01c5a7b2a3e6f87828b3b9753860d4c5f2ab3b45a8828b73d9456272e3ab5b05
054ef4eebe17bfde26b48bd2f7f351507c298ef43c65628588a25bdd450fdf43
553d81471d64aa72b787ed8fe90063adba6f06c8550fd971dbcbf31b0154ee87
e0e7b83da1eb991b1821e46b66091385ab5d43117c45ba9d0866c7d99fab6317
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855