balance.vanlliagfitaccesses.net
Open in
urlscan Pro
172.67.169.108
Public Scan
Effective URL: https://balance.vanlliagfitaccesses.net/bad.php
Submission Tags: phish.gg anti.fish automated Search All
Submission: On September 04 via api from DE — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on July 25th 2023. Valid for: 3 months.
This is the only time balance.vanlliagfitaccesses.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 185.107.56.208 185.107.56.208 | 43350 (NFORCE) (NFORCE) | |
1 2 | 192.99.158.241 192.99.158.241 | 16276 (OVH) (OVH) | |
1 2 | 52.117.247.211 52.117.247.211 | 36351 (SOFTLAYER) (SOFTLAYER) | |
1 | 52.116.53.146 52.116.53.146 | 36351 (SOFTLAYER) (SOFTLAYER) | |
1 1 | 104.21.22.250 104.21.22.250 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 30 | 172.67.169.108 172.67.169.108 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 104.18.11.207 104.18.11.207 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
34 | 5 |
ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
myckdom.com | |
p274639.myckdom.com |
ASN36351 (SOFTLAYER, US)
PTR: 92.35.7434.ip4.static.sl-reverse.com
clkdeals.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
30 |
vanlliagfitaccesses.net
2 redirects
balance.vanlliagfitaccesses.net |
2 MB |
3 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1033 |
48 KB |
2 |
myckdom.com
1 redirects
myckdom.com — Cisco Umbrella Rank: 126935 p274639.myckdom.com |
2 KB |
2 |
dnavexch.com
1 redirects
dnavexch.com — Cisco Umbrella Rank: 516389 |
8 KB |
1 |
myimaginarymgmtcenter.com
1 redirects
myimaginarymgmtcenter.com |
457 B |
1 |
clkdeals.com
clkdeals.com — Cisco Umbrella Rank: 227803 |
197 B |
1 |
wickes.us
1 redirects
wickes.us |
601 B |
34 | 7 |
Domain | Requested by | |
---|---|---|
30 | balance.vanlliagfitaccesses.net |
2 redirects
p274639.myckdom.com
balance.vanlliagfitaccesses.net |
3 | maxcdn.bootstrapcdn.com |
balance.vanlliagfitaccesses.net
maxcdn.bootstrapcdn.com |
2 | dnavexch.com | 1 redirects |
1 | myimaginarymgmtcenter.com | 1 redirects |
1 | clkdeals.com |
p274639.myckdom.com
|
1 | p274639.myckdom.com | |
1 | myckdom.com | 1 redirects |
1 | wickes.us | 1 redirects |
34 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.myckdom.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-20 - 2024-03-20 |
a year | crt.sh |
www.clkdeals.com Sectigo RSA Domain Validation Secure Server CA |
2022-12-07 - 2023-12-29 |
a year | crt.sh |
vanlliagfitaccesses.net GTS CA 1P5 |
2023-07-25 - 2023-10-23 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-12-30 - 2023-12-30 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://balance.vanlliagfitaccesses.net/bad.php
Frame ID: AB9F35298574ED6F76FE38ACD611C6CE
Requests: 32 HTTP requests in this frame
Frame:
https://balance.vanlliagfitaccesses.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
Frame ID: D39E4CDE7FBDB5391B8B3C08D63D3736
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
MyGift Visa Gift CardPage URL History Show full URLs
-
http://wickes.us/
HTTP 302
http://dnavexch.com/click?data=TmxjQks4T3RuNmpnd2NPODJ3TC1pT2NMRmxXanNWblRnNWlkeUNhT3c2dm91M3ZWN... Page URL
-
http://dnavexch.com/Redirect/
HTTP 302
https://myckdom.com/aS/feedclick?s=ULvdn1uz3febt1xI3YONt7YUp7aBBDBgXQaiCg3BLRuzbOwltOcHjH5XPU-DA... HTTP 302
https://p274639.myckdom.com/adServe/domainClick?ai=8t_YSst-khR5fJD9dE4XGpD1bEyEOireHMBkS1RnhihgdcxMTC_77... Page URL
-
https://myimaginarymgmtcenter.com/?click=90664213766&source=446919085&sub=SAPF&v=0.11
HTTP 302
https://balance.vanlliagfitaccesses.net/?c=90664213766 HTTP 302
https://balance.vanlliagfitaccesses.net/bad.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://wickes.us/
HTTP 302
http://dnavexch.com/click?data=TmxjQks4T3RuNmpnd2NPODJ3TC1pT2NMRmxXanNWblRnNWlkeUNhT3c2dm91M3ZWNHFYM0hGSDExZExzdGdMaHVBcF81ZEp6R0RFNmdyeVBSQW5wUDgtUzQ1Q0U2bkF4QThhbjZKa3BmTGk5MkVVMFRMeGRQaGczdVNDWS0ycWVhVlZBYjFkZTFGdUNYNXFHaVZkRlBBMg2&id=0756ac2d-2f1d-4aca-8e04-b140826ca2c2 Page URL
-
http://dnavexch.com/Redirect/
HTTP 302
https://myckdom.com/aS/feedclick?s=ULvdn1uz3febt1xI3YONt7YUp7aBBDBgXQaiCg3BLRuzbOwltOcHjH5XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZg570qmhSob9iTdYYEA44WYlJzChtcb99a-hz6nOf0-V35hDWF21szTZekRk7AUpJuEGLaVG8NJmXLnDLd-tFcTIqHaxObetc1oLHZ067gnxnYZCHtpBYsO9hbL7uLV8VifrnAUOX9vHUDnqOdlPSYYfx8qhHZNizFyjAY-SFzjWVJJrKhmG1AHkWeoweiN2I86mw93xwXGOxmnhCizDL4v75zb8pgHrGBVeJV_vVmQQ1VWLs-U1gUz2FnK9PqGSLi9SpgzgKkQTsef7fzHHdRa5UUp4xCf6N2NNwXXZwCrb2LQ9-9GMjKz9MiubikoGNvdKsnciD6ByxnxVvRgqnjJGidsvEf3NvUANtXWSmRDyHAEx6sAEIz_eGeJzRg8_DKJZKWOK5M2qGIcYZm3_Aj5kS1F1KH_mjJoDE0_Xwxubk96i1vmPVUu-uspMrEVJHq8Vsov6rfyackSgIn8kUJdQ3dJFgpOYNj1DLRvnqoJ4tN5gZQJWABvBRDlLnp4NADzCVPC8ASYnB5u8P53Brb9Bkm0dhI6peuOzWN-841DnhUPMMocDS0kfEgkbz625qQqeUAmDpg_94Rv-zrh8cBadWFBDk69nksVTw98xuUdVHOR9B7SxwSa6lfE691OBOvQ1LvBRnAbmG-z0HkKRMQ2PguehXBajeftIwLVTbcZQ7Jx0kiDBvZHVKP2XhSKvWPnWIbrAcGchKZnHCtlJqexDXqil5PlK-r488hILamtbJsKtuzMSWJCPyY4Dtb-qyTGNukGC32LBQcz4bFZki7Gr9A_2HcQiK9QgdCLp-dCNZDJnZtZiwvizTNCCi_1inEnXUALW7Bu6r_9Te8R0Ipw17I52regNsmERACmm9d1B5Zomt-_Cawpnl25oY5s9TgZH83wiszWH2fC7GrymtpLMLAgpVlA41DykXlRwFap00WWhP4PNBWueYOiaAAqt6eXinuDGa9GMyMNyo0Qi1fI1cU0aoJtZiZ6ZXaN8_B_rzdnHRAtpz56VpL3A1bp2all5L4XEv68ibNLUmC5GizgEZftNtarDOG5o1sPzZ5CspaVYc0hePltGWALpgIhy1p23oJKWJ2mxq6_Sa2eHiCA3T4aQC37hUuM14wm_OVfH07D0TqYmm2uA4uH5wie2wSIn7Sx5SfBZNebTgl_nuUdz6NA97oTfkyOI_WjEirYIWTEp_-S-dqCNsWnoACTpQbBcf1Iky73F1IKHiIA6NVtNIEgSmqr7IIQVSeP-wCxL0kOEvJ_ur_oM2FppmEuUOrhEXSYaUFA2imajhTIF7jxLuSjDtFy53SEhO5r8sZqriGCzpeYCnSAB6rRT5ryDn1Q3MPaSNCo9ZvfzFGT9lPqqBiaP--x1sPIZCWjByYL_p_ior3gIiFkwSMi7OM76LlMTIGlyHvSjWz_pI3_0G3iZJ7oUoyrlfmWpQ72bc4t3Hx47DhhZ146qPnfQWoodQ1iSnaG39La6iVkSlR8KVKDWV5tso2d63P3kquTyvbhVMU9I7aPk7NKCeAD1IvhNaP8sUppB90IhXvMYORdOEXp_FHNfEhKooIbr4ScI-uON36n1-VC-CuKifHwHvWXoIxb8tkShtl8myBJmW7EcHPTumAeTpY7x42mqi9EcDwDmFCjhA5kocz4dfzLroTowgOMWmM7434rpt1MTjmFH9Mw6FZBAh1-_Fi2L-4COsWdTlIP5ptT_pYkIAHi3_wSjrANX07v6saMijraNl66F-P1TNjyt1ncZ4iUqYl9Si94mfHb5OmfX5vmyF20HWW_L-PXBdrLbigrT1ys1hOH9WUxjPW1rx_nl-nxtAIHFWJkJlvy55s6Gi2RSzW6_A32gDSxA4FRjTqs0h6-yE-Gt6zcanF5juWxD4Xp46MNtPa4gZnk547BHwUzDffQpdJWdEh6Bm0-9Ux9pTjhgCC-_JLEamKPgsGH2jHE-E6NGOzsIOmP-fh2ZBo6zvEEyVHBW-IATk8IyXyLE7MRCw2iDeXmDoxRofkCVe3fluPd58CgwrURPy62_68L9E1DM5lwEqZds_BpipfYzzQ-16HIWXc8Fp9h11G3M0L_uTceS_ATcfo_kX-PMVITMauPDHliX8w6DFJBp_EKSjBEUucKa0S9bXXemDInDdxQpf-ylliHaNdMbkp-P1ahUaICvJ4cZdOKy-FrD9-eGhfFV3lnxMm2k5oVXiKpQrqlcKdp-BdTjTrAProoQ5FyRZ2zw3EgLEc_1EkUPyLI8krhGTSdWRmZ9FiCq7N2wkxcencAHLgQklO7oBdjPsrhSzW6_A32gDpaj6eHjFT3_PY5rWQaP2ByU9tkJ9s1OqqESm6G7jU0jgcm6cqkr2IYcW4nD_UNrqsoe88VPwkctlkkLEB146pQ HTTP 302
https://p274639.myckdom.com/adServe/domainClick?ai=8t_YSst-khR5fJD9dE4XGpD1bEyEOireHMBkS1RnhihgdcxMTC_77YmBbjdrRV8lOWw1ExPQwoclHrl1k_0_ol-rUMhnE8BfZzT_XXk8zbLYMpRzwgJ_XWz-_QgCIH-e_Um1DHULjs9jJf14907DhcFc2MPW0O-qAwwDRrpWZMOxj0PwWlfnFfLvVmpjHpNcaqAbIFDsUJSMKYfHg7Y2fA9d8LOfDfIwUsHcUmOeTOTs_YQqk8IZrcsVDOsvpryM68VsiSX-FhPIDSzUszxAi0kmadw6N4EQBmn-NR6QZt5Yzq10NtvSy_-ksmVOdTqFIy_4NaNO0OKUYALmW9khi-LPl4YV0sb4Q7Ge21nDntFO5YROiW87Xk642Q_uDWBGsfLS3eez5-DPr7BVFqfg_i4pba7jOYHnDseHgR2yYasiz84u93LAtTp1T_f4NC24GNhkGX0W1WEDgwDsRKusVoS7Ocyk9FII2O0y16yCsseHK8tEBM7hr-Qxm3fyDPT0AqM8rzIb-PiTtjegZs_yEsPZEguvhzLXntvpDL1rWYdOIs3E02P7faY0kMzWSjRebmcEoQHKaiRiVnQIGgxQDiU7ugF2M-yuFLNbr8DfaAPfU1FdfCYQtWc6G2VcJWi50Vd72cJKvyK8pZyDwONmkt347mfhgNbxZuDK-Dk20eQlVRFEktQBWBaf4XymfSdAQOGScGtJTvTwrHjoweW6kBTRhJTr31T6sz6E4fJKdEtrKCtj0Ed3D281oaJh9pZt1A3LQQeWyuAM6cRdns6hCaZd0oS6zOUCFtGHlaE3QDF6P_CYCJRt6hYEa7djHvbY9hg2BfAA_PZrKjH7AtpTCkHZ0-1ZdaXKlNKykvgARudlkkLEB146pQ&ui=ULvdn1uz3febt1xI3YONt_bWwvziNp_1xLgNeF8Zj-jo3_TEmQA4Td535fyvzw7WP6WSLdVzkFSKjbPwuNd5DojvmotfTdW06dp7VJFDYmOyGwLEmcj8tQ&si=1&oref=849f468308e2fd2ca5be96d7a870fa70&optunit=FLNbr8DfaAM1ksAx6i4xhw&rb=lklr6Bsrz6o&rr=1&abtg=0 Page URL
-
https://myimaginarymgmtcenter.com/?click=90664213766&source=446919085&sub=SAPF&v=0.11
HTTP 302
https://balance.vanlliagfitaccesses.net/?c=90664213766 HTTP 302
https://balance.vanlliagfitaccesses.net/bad.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://wickes.us/ HTTP 302
- http://dnavexch.com/click?data=TmxjQks4T3RuNmpnd2NPODJ3TC1pT2NMRmxXanNWblRnNWlkeUNhT3c2dm91M3ZWNHFYM0hGSDExZExzdGdMaHVBcF81ZEp6R0RFNmdyeVBSQW5wUDgtUzQ1Q0U2bkF4QThhbjZKa3BmTGk5MkVVMFRMeGRQaGczdVNDWS0ycWVhVlZBYjFkZTFGdUNYNXFHaVZkRlBBMg2&id=0756ac2d-2f1d-4aca-8e04-b140826ca2c2
- http://dnavexch.com/Redirect/ HTTP 302
- https://myckdom.com/aS/feedclick?s=ULvdn1uz3febt1xI3YONt7YUp7aBBDBgXQaiCg3BLRuzbOwltOcHjH5XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZg570qmhSob9iTdYYEA44WYlJzChtcb99a-hz6nOf0-V35hDWF21szTZekRk7AUpJuEGLaVG8NJmXLnDLd-tFcTIqHaxObetc1oLHZ067gnxnYZCHtpBYsO9hbL7uLV8VifrnAUOX9vHUDnqOdlPSYYfx8qhHZNizFyjAY-SFzjWVJJrKhmG1AHkWeoweiN2I86mw93xwXGOxmnhCizDL4v75zb8pgHrGBVeJV_vVmQQ1VWLs-U1gUz2FnK9PqGSLi9SpgzgKkQTsef7fzHHdRa5UUp4xCf6N2NNwXXZwCrb2LQ9-9GMjKz9MiubikoGNvdKsnciD6ByxnxVvRgqnjJGidsvEf3NvUANtXWSmRDyHAEx6sAEIz_eGeJzRg8_DKJZKWOK5M2qGIcYZm3_Aj5kS1F1KH_mjJoDE0_Xwxubk96i1vmPVUu-uspMrEVJHq8Vsov6rfyackSgIn8kUJdQ3dJFgpOYNj1DLRvnqoJ4tN5gZQJWABvBRDlLnp4NADzCVPC8ASYnB5u8P53Brb9Bkm0dhI6peuOzWN-841DnhUPMMocDS0kfEgkbz625qQqeUAmDpg_94Rv-zrh8cBadWFBDk69nksVTw98xuUdVHOR9B7SxwSa6lfE691OBOvQ1LvBRnAbmG-z0HkKRMQ2PguehXBajeftIwLVTbcZQ7Jx0kiDBvZHVKP2XhSKvWPnWIbrAcGchKZnHCtlJqexDXqil5PlK-r488hILamtbJsKtuzMSWJCPyY4Dtb-qyTGNukGC32LBQcz4bFZki7Gr9A_2HcQiK9QgdCLp-dCNZDJnZtZiwvizTNCCi_1inEnXUALW7Bu6r_9Te8R0Ipw17I52regNsmERACmm9d1B5Zomt-_Cawpnl25oY5s9TgZH83wiszWH2fC7GrymtpLMLAgpVlA41DykXlRwFap00WWhP4PNBWueYOiaAAqt6eXinuDGa9GMyMNyo0Qi1fI1cU0aoJtZiZ6ZXaN8_B_rzdnHRAtpz56VpL3A1bp2all5L4XEv68ibNLUmC5GizgEZftNtarDOG5o1sPzZ5CspaVYc0hePltGWALpgIhy1p23oJKWJ2mxq6_Sa2eHiCA3T4aQC37hUuM14wm_OVfH07D0TqYmm2uA4uH5wie2wSIn7Sx5SfBZNebTgl_nuUdz6NA97oTfkyOI_WjEirYIWTEp_-S-dqCNsWnoACTpQbBcf1Iky73F1IKHiIA6NVtNIEgSmqr7IIQVSeP-wCxL0kOEvJ_ur_oM2FppmEuUOrhEXSYaUFA2imajhTIF7jxLuSjDtFy53SEhO5r8sZqriGCzpeYCnSAB6rRT5ryDn1Q3MPaSNCo9ZvfzFGT9lPqqBiaP--x1sPIZCWjByYL_p_ior3gIiFkwSMi7OM76LlMTIGlyHvSjWz_pI3_0G3iZJ7oUoyrlfmWpQ72bc4t3Hx47DhhZ146qPnfQWoodQ1iSnaG39La6iVkSlR8KVKDWV5tso2d63P3kquTyvbhVMU9I7aPk7NKCeAD1IvhNaP8sUppB90IhXvMYORdOEXp_FHNfEhKooIbr4ScI-uON36n1-VC-CuKifHwHvWXoIxb8tkShtl8myBJmW7EcHPTumAeTpY7x42mqi9EcDwDmFCjhA5kocz4dfzLroTowgOMWmM7434rpt1MTjmFH9Mw6FZBAh1-_Fi2L-4COsWdTlIP5ptT_pYkIAHi3_wSjrANX07v6saMijraNl66F-P1TNjyt1ncZ4iUqYl9Si94mfHb5OmfX5vmyF20HWW_L-PXBdrLbigrT1ys1hOH9WUxjPW1rx_nl-nxtAIHFWJkJlvy55s6Gi2RSzW6_A32gDSxA4FRjTqs0h6-yE-Gt6zcanF5juWxD4Xp46MNtPa4gZnk547BHwUzDffQpdJWdEh6Bm0-9Ux9pTjhgCC-_JLEamKPgsGH2jHE-E6NGOzsIOmP-fh2ZBo6zvEEyVHBW-IATk8IyXyLE7MRCw2iDeXmDoxRofkCVe3fluPd58CgwrURPy62_68L9E1DM5lwEqZds_BpipfYzzQ-16HIWXc8Fp9h11G3M0L_uTceS_ATcfo_kX-PMVITMauPDHliX8w6DFJBp_EKSjBEUucKa0S9bXXemDInDdxQpf-ylliHaNdMbkp-P1ahUaICvJ4cZdOKy-FrD9-eGhfFV3lnxMm2k5oVXiKpQrqlcKdp-BdTjTrAProoQ5FyRZ2zw3EgLEc_1EkUPyLI8krhGTSdWRmZ9FiCq7N2wkxcencAHLgQklO7oBdjPsrhSzW6_A32gDpaj6eHjFT3_PY5rWQaP2ByU9tkJ9s1OqqESm6G7jU0jgcm6cqkr2IYcW4nD_UNrqsoe88VPwkctlkkLEB146pQ HTTP 302
- https://p274639.myckdom.com/adServe/domainClick?ai=8t_YSst-khR5fJD9dE4XGpD1bEyEOireHMBkS1RnhihgdcxMTC_77YmBbjdrRV8lOWw1ExPQwoclHrl1k_0_ol-rUMhnE8BfZzT_XXk8zbLYMpRzwgJ_XWz-_QgCIH-e_Um1DHULjs9jJf14907DhcFc2MPW0O-qAwwDRrpWZMOxj0PwWlfnFfLvVmpjHpNcaqAbIFDsUJSMKYfHg7Y2fA9d8LOfDfIwUsHcUmOeTOTs_YQqk8IZrcsVDOsvpryM68VsiSX-FhPIDSzUszxAi0kmadw6N4EQBmn-NR6QZt5Yzq10NtvSy_-ksmVOdTqFIy_4NaNO0OKUYALmW9khi-LPl4YV0sb4Q7Ge21nDntFO5YROiW87Xk642Q_uDWBGsfLS3eez5-DPr7BVFqfg_i4pba7jOYHnDseHgR2yYasiz84u93LAtTp1T_f4NC24GNhkGX0W1WEDgwDsRKusVoS7Ocyk9FII2O0y16yCsseHK8tEBM7hr-Qxm3fyDPT0AqM8rzIb-PiTtjegZs_yEsPZEguvhzLXntvpDL1rWYdOIs3E02P7faY0kMzWSjRebmcEoQHKaiRiVnQIGgxQDiU7ugF2M-yuFLNbr8DfaAPfU1FdfCYQtWc6G2VcJWi50Vd72cJKvyK8pZyDwONmkt347mfhgNbxZuDK-Dk20eQlVRFEktQBWBaf4XymfSdAQOGScGtJTvTwrHjoweW6kBTRhJTr31T6sz6E4fJKdEtrKCtj0Ed3D281oaJh9pZt1A3LQQeWyuAM6cRdns6hCaZd0oS6zOUCFtGHlaE3QDF6P_CYCJRt6hYEa7djHvbY9hg2BfAA_PZrKjH7AtpTCkHZ0-1ZdaXKlNKykvgARudlkkLEB146pQ&ui=ULvdn1uz3febt1xI3YONt_bWwvziNp_1xLgNeF8Zj-jo3_TEmQA4Td535fyvzw7WP6WSLdVzkFSKjbPwuNd5DojvmotfTdW06dp7VJFDYmOyGwLEmcj8tQ&si=1&oref=849f468308e2fd2ca5be96d7a870fa70&optunit=FLNbr8DfaAM1ksAx6i4xhw&rb=lklr6Bsrz6o&rr=1&abtg=0
- https://balance.vanlliagfitaccesses.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://balance.vanlliagfitaccesses.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
34 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
click
dnavexch.com/ Redirect Chain
|
5 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
domainClick
p274639.myckdom.com/adServe/ Redirect Chain
|
627 B 723 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track
clkdeals.com/adServe/ |
49 B 197 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
bad.php
balance.vanlliagfitaccesses.net/ Redirect Chain
|
39 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
balance.vanlliagfitaccesses.net/index_files/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
stylesheet.css
balance.vanlliagfitaccesses.net/index_files/ |
72 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/ |
115 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
balance.vanlliagfitaccesses.net/index_files/ |
130 KB 46 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ |
36 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-visa.png
balance.vanlliagfitaccesses.net/index_files/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
other-gcm-cards-vertical.png
balance.vanlliagfitaccesses.net/index_files/ |
750 KB 751 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
other-gcm-cards-horizontal.png
balance.vanlliagfitaccesses.net/index_files/ |
679 KB 680 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-card-visa-sparkle.png
balance.vanlliagfitaccesses.net/index_files/ |
67 KB 67 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visa-egift.png
balance.vanlliagfitaccesses.net/index_files/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-card-visa-everwhere.png
balance.vanlliagfitaccesses.net/index_files/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-card-visa-fiveback.png
balance.vanlliagfitaccesses.net/index_files/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main-card-visa-bestbuy.png
balance.vanlliagfitaccesses.net/index_files/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
close-icon.png
balance.vanlliagfitaccesses.net/index_files/ |
285 B 631 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visa-silver-403446-2x.png
balance.vanlliagfitaccesses.net/index_files/ |
63 KB 63 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visa-silver-435880-2x.png
balance.vanlliagfitaccesses.net/index_files/ |
63 KB 63 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visa-silver-451129-2x.png
balance.vanlliagfitaccesses.net/index_files/ |
86 KB 86 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visa-silver-454316-2x.png
balance.vanlliagfitaccesses.net/index_files/ |
63 KB 63 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
visa-silver-491277-2x.png
balance.vanlliagfitaccesses.net/index_files/ |
62 KB 63 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Dining-Everywhere.png
balance.vanlliagfitaccesses.net/index_files/ |
37 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Fuel-Everywhere.png
balance.vanlliagfitaccesses.net/index_files/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Style-Everywhere.png
balance.vanlliagfitaccesses.net/index_files/ |
36 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Movies-Everywhere.png
balance.vanlliagfitaccesses.net/index_files/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Grocery-Everywhere.png
balance.vanlliagfitaccesses.net/index_files/ |
42 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Home-Everywhere.png
balance.vanlliagfitaccesses.net/index_files/ |
36 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Explore-Everywhere.png
balance.vanlliagfitaccesses.net/index_files/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
help-icon.png
balance.vanlliagfitaccesses.net/index_files/content/images/ |
474 B 817 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
glyphicons-halflings-regular.woff2
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/fonts/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
balance.vanlliagfitaccesses.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/ Frame D39E Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
80173f422819422f
balance.vanlliagfitaccesses.net/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame D39E |
0 579 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture function| $ function| jQuery object| html5 object| Modernizr object| jQuery11020064280661092394056 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.wickes.us/ | Name: sid Value: 4f616a9a-4b37-11ee-8c17-6e73999c7453 |
|
dnavexch.com/ | Name: cMEszOsUjTfdveI Value: cMEszOsUjTfdveI |
|
.myckdom.com/ | Name: rhid Value: 83604889600 |
|
.myckdom.com/ | Name: loi Value: ad_1427683_off_870620_aff_90840_cid_274639-584136950-WICKES.US_ts_1693841143 |
|
balance.vanlliagfitaccesses.net/ | Name: PHPSESSID Value: rnril9bc0dag17vaj03u7404kn |
|
.vanlliagfitaccesses.net/ | Name: cf_clearance Value: kq41d4hCdZOtlQNAvVZKQeZNDCoIecZV.2iKhxElpes-1693841148-0-1-32474010.cc936940.65461ff0-0.2.1693841148 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
balance.vanlliagfitaccesses.net
clkdeals.com
dnavexch.com
maxcdn.bootstrapcdn.com
myckdom.com
myimaginarymgmtcenter.com
p274639.myckdom.com
wickes.us
104.18.11.207
104.21.22.250
172.67.169.108
185.107.56.208
192.99.158.241
52.116.53.146
52.117.247.211
01a2901c8cdb0efc2e2e23604a4eb21c3377f3c93f1895d6f55aee9081d67e38
0c259e78005905b6b36fa4fa51bf81770739ce701699743e613d1c902e3c3761
1a1cf6512abc9d8f1e59907c9e9449061bcdd2b9897da041fe0f8f0ef13107b6
1b3685b60f13fb66e4edbc1652a3ceff2315a6f769ac99065c37d215050b1259
1d5111bf01593fdf6392dc07249b59f7e2bcc231b4d3b9b7abce8d9818378336
2428d47709d6eeeecffdf9f9c85cd09e608d6e9d301879b419d3a9508f74931f
465ccf0d11c1358a4408b796651b2028537974daa911af3acd516c68dbf72ad9
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4de47a4053bf4a3fb03f3d687306a5dbc0b980ca9fe4acf9dac72c0b5b15ce0b
5383eb12bb947c10ee3eb28cc095d5b6ca8bd1c2af36ab963ef9936bf7a18fb6
60209d124b9e7598b70c79bb9d79d2ed1f610f49bbb2a840216d93b5fc951154
620dc71a1fafadff8d414b200555cf01cff9558bc7eb0f93106057bb188c65e8
65112204dd363474b4a54814f97fa7bc210b559e81201927079e4b756a67dad1
6797f25cebbc43c7ee5e6bdf84b8ec83fbf02c788c0b384bd42e0da71bed068b
67e0b17fa6e09cc0b1c405e35c0898523044d57f7a55e9c4cec7700829d2bcd0
6905286c938f28e46904675cb86ff60a97beaf8dbf9e9717f0e204a6899557e1
731986e9acda189814fdcdcf7ae2043bc77a3ef145b4c5fef3eb17c15cb30800
74a965f1ac479a2d5c54362502a4022dac0f711f87ad38f52d9f427e3fc758a4
8abd1446ca408e1bde5c9f14abe51e820cf753b81a8593c64771a3d9b3e9b090
8b1299d6d4514ea3385e36b7f9c4b1f48495f5bc30cbbcf34f19e4ccabf3ba79
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
a767d2ee10915d0e3e62eb9870e82584c69c3f54166bc5f30acd0e2043a7cba5
a9d7a680f678fb75f952ff9487ffa0c4110cfb2a01731099cca23fb4fe9211bb
af9bf54a79310bd9770d3bb0a2e3da31ac943d16b1003467a420ca780de32316
b4e0e4bafdba979ed97fde06c409478becd96dde7a53023aae7858a19f15a67b
b75900f5f6485c09d0192766ed53a6bd3dc99309409d93bd9c2adeb36d84c973
d995290b44515fd9053e083af5bd191aba21bbcfdd8a2a2920c0934acfb51341
e0425ed2d2058ff19395bc4fb729d292e11a587b2e751f652e29da804c71d647
e23dfee3f2702c9b728c9fa42185ed67230f14f92b6af97523f7d72f171e7bdd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed57ce02142038981dd6346be622a951494008a92e36f64e4463ebf2277255a2
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f3da7184e6ed21603aedeac2785909833ca6c16e52f2ebcb111205380d084938
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c