balance.vanlliagfitaccesses.net Open in urlscan Pro
172.67.169.108 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wickes.us/
Effective URL:
https://balance.vanlliagfitaccesses.net/bad.php
Submission Tags: phish.gg anti.fish automated Search All
Submission: On September 04 via api (September 4th 2023, 3:25:49 pm UTC) from DE — Scanned from US

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 7 domains to perform 34 HTTP transactions. The main IP is 172.67.169.108, located in United States and belongs to CLOUDFLARENET, US. The main domain is balance.vanlliagfitaccesses.net.
TLS certificate: Issued by GTS CA 1P5 on July 25th 2023. Valid for: 3 months.

This is the only time balance.vanlliagfitaccesses.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.107.56.208 185.107.56.208	43350 (NFORCE) (NFORCE)
1 2	192.99.158.241 192.99.158.241	16276 (OVH) (OVH)
1 2	52.117.247.211 52.117.247.211	36351 (SOFTLAYER) (SOFTLAYER)
1	52.116.53.146 52.116.53.146	36351 (SOFTLAYER) (SOFTLAYER)
1 1	104.21.22.250 104.21.22.250	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 30	172.67.169.108 172.67.169.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	5

1 185.107.56.208 (Netherlands) 1 redirects

ASN43350 (NFORCE, NL)

wickes.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.99.158.241 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ip241.ip-192-99-158.net

dnavexch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.117.247.211 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com

myckdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p274639.myckdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.116.53.146 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 92.35.7434.ip4.static.sl-reverse.com

clkdeals.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.22.250 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

myimaginarymgmtcenter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 172.67.169.108 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

balance.vanlliagfitaccesses.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	vanlliagfitaccesses.net 2 redirects balance.vanlliagfitaccesses.net	2 MB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1033	48 KB
2	myckdom.com 1 redirects myckdom.com — Cisco Umbrella Rank: 126935 p274639.myckdom.com	2 KB
2	dnavexch.com 1 redirects dnavexch.com — Cisco Umbrella Rank: 516389	8 KB
1	myimaginarymgmtcenter.com 1 redirects myimaginarymgmtcenter.com	457 B
1	clkdeals.com clkdeals.com — Cisco Umbrella Rank: 227803	197 B
1	wickes.us 1 redirects wickes.us	601 B
34	7

	Domain	Requested by
30	balance.vanlliagfitaccesses.net	2 redirects p274639.myckdom.com balance.vanlliagfitaccesses.net
3	maxcdn.bootstrapcdn.com	balance.vanlliagfitaccesses.net maxcdn.bootstrapcdn.com
2	dnavexch.com	1 redirects
1	myimaginarymgmtcenter.com	1 redirects
1	clkdeals.com	p274639.myckdom.com
1	p274639.myckdom.com
1	myckdom.com	1 redirects
1	wickes.us	1 redirects
34	8

This site contains no links.

Subject Issuer	Validity	Valid
*.myckdom.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-20` - `2024-03-20`	a year	crt.sh
www.clkdeals.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-07` - `2023-12-29`	a year	crt.sh
vanlliagfitaccesses.net GTS CA 1P5	`2023-07-25` - `2023-10-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://balance.vanlliagfitaccesses.net/bad.php
Frame ID: AB9F35298574ED6F76FE38ACD611C6CE
Requests: 32 HTTP requests in this frame

Frame: https://balance.vanlliagfitaccesses.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js
Frame ID: D39E4CDE7FBDB5391B8B3C08D63D3736
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MyGift Visa Gift Card

Page URL History Show full URLs

http://wickes.us/ HTTP 302
http://dnavexch.com/click?data=TmxjQks4T3RuNmpnd2NPODJ3TC1pT2NMRmxXanNWblRnNWlkeUNhT3c2dm91M3ZWN... Page URL
http://dnavexch.com/Redirect/ HTTP 302
https://myckdom.com/aS/feedclick?s=ULvdn1uz3febt1xI3YONt7YUp7aBBDBgXQaiCg3BLRuzbOwltOcHjH5XPU-DA... HTTP 302
https://p274639.myckdom.com/adServe/domainClick?ai=8t_YSst-khR5fJD9dE4XGpD1bEyEOireHMBkS1RnhihgdcxMTC_77... Page URL
https://myimaginarymgmtcenter.com/?click=90664213766&source=446919085&sub=SAPF&v=0.11 HTTP 302
https://balance.vanlliagfitaccesses.net/?c=90664213766 HTTP 302
https://balance.vanlliagfitaccesses.net/bad.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

94 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

5
IPs

4
Countries

2257 kB
Transfer

2552 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wickes.us/ HTTP 302
http://dnavexch.com/click?data=TmxjQks4T3RuNmpnd2NPODJ3TC1pT2NMRmxXanNWblRnNWlkeUNhT3c2dm91M3ZWNHFYM0hGSDExZExzdGdMaHVBcF81ZEp6R0RFNmdyeVBSQW5wUDgtUzQ1Q0U2bkF4QThhbjZKa3BmTGk5MkVVMFRMeGRQaGczdVNDWS0ycWVhVlZBYjFkZTFGdUNYNXFHaVZkRlBBMg2&id=0756ac2d-2f1d-4aca-8e04-b140826ca2c2 Page URL
http://dnavexch.com/Redirect/ HTTP 302
https://myckdom.com/aS/feedclick?s=ULvdn1uz3febt1xI3YONt7YUp7aBBDBgXQaiCg3BLRuzbOwltOcHjH5XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZg570qmhSob9iTdYYEA44WYlJzChtcb99a-hz6nOf0-V35hDWF21szTZekRk7AUpJuEGLaVG8NJmXLnDLd-tFcTIqHaxObetc1oLHZ067gnxnYZCHtpBYsO9hbL7uLV8VifrnAUOX9vHUDnqOdlPSYYfx8qhHZNizFyjAY-SFzjWVJJrKhmG1AHkWeoweiN2I86mw93xwXGOxmnhCizDL4v75zb8pgHrGBVeJV_vVmQQ1VWLs-U1gUz2FnK9PqGSLi9SpgzgKkQTsef7fzHHdRa5UUp4xCf6N2NNwXXZwCrb2LQ9-9GMjKz9MiubikoGNvdKsnciD6ByxnxVvRgqnjJGidsvEf3NvUANtXWSmRDyHAEx6sAEIz_eGeJzRg8_DKJZKWOK5M2qGIcYZm3_Aj5kS1F1KH_mjJoDE0_Xwxubk96i1vmPVUu-uspMrEVJHq8Vsov6rfyackSgIn8kUJdQ3dJFgpOYNj1DLRvnqoJ4tN5gZQJWABvBRDlLnp4NADzCVPC8ASYnB5u8P53Brb9Bkm0dhI6peuOzWN-841DnhUPMMocDS0kfEgkbz625qQqeUAmDpg_94Rv-zrh8cBadWFBDk69nksVTw98xuUdVHOR9B7SxwSa6lfE691OBOvQ1LvBRnAbmG-z0HkKRMQ2PguehXBajeftIwLVTbcZQ7Jx0kiDBvZHVKP2XhSKvWPnWIbrAcGchKZnHCtlJqexDXqil5PlK-r488hILamtbJsKtuzMSWJCPyY4Dtb-qyTGNukGC32LBQcz4bFZki7Gr9A_2HcQiK9QgdCLp-dCNZDJnZtZiwvizTNCCi_1inEnXUALW7Bu6r_9Te8R0Ipw17I52regNsmERACmm9d1B5Zomt-_Cawpnl25oY5s9TgZH83wiszWH2fC7GrymtpLMLAgpVlA41DykXlRwFap00WWhP4PNBWueYOiaAAqt6eXinuDGa9GMyMNyo0Qi1fI1cU0aoJtZiZ6ZXaN8_B_rzdnHRAtpz56VpL3A1bp2all5L4XEv68ibNLUmC5GizgEZftNtarDOG5o1sPzZ5CspaVYc0hePltGWALpgIhy1p23oJKWJ2mxq6_Sa2eHiCA3T4aQC37hUuM14wm_OVfH07D0TqYmm2uA4uH5wie2wSIn7Sx5SfBZNebTgl_nuUdz6NA97oTfkyOI_WjEirYIWTEp_-S-dqCNsWnoACTpQbBcf1Iky73F1IKHiIA6NVtNIEgSmqr7IIQVSeP-wCxL0kOEvJ_ur_oM2FppmEuUOrhEXSYaUFA2imajhTIF7jxLuSjDtFy53SEhO5r8sZqriGCzpeYCnSAB6rRT5ryDn1Q3MPaSNCo9ZvfzFGT9lPqqBiaP--x1sPIZCWjByYL_p_ior3gIiFkwSMi7OM76LlMTIGlyHvSjWz_pI3_0G3iZJ7oUoyrlfmWpQ72bc4t3Hx47DhhZ146qPnfQWoodQ1iSnaG39La6iVkSlR8KVKDWV5tso2d63P3kquTyvbhVMU9I7aPk7NKCeAD1IvhNaP8sUppB90IhXvMYORdOEXp_FHNfEhKooIbr4ScI-uON36n1-VC-CuKifHwHvWXoIxb8tkShtl8myBJmW7EcHPTumAeTpY7x42mqi9EcDwDmFCjhA5kocz4dfzLroTowgOMWmM7434rpt1MTjmFH9Mw6FZBAh1-_Fi2L-4COsWdTlIP5ptT_pYkIAHi3_wSjrANX07v6saMijraNl66F-P1TNjyt1ncZ4iUqYl9Si94mfHb5OmfX5vmyF20HWW_L-PXBdrLbigrT1ys1hOH9WUxjPW1rx_nl-nxtAIHFWJkJlvy55s6Gi2RSzW6_A32gDSxA4FRjTqs0h6-yE-Gt6zcanF5juWxD4Xp46MNtPa4gZnk547BHwUzDffQpdJWdEh6Bm0-9Ux9pTjhgCC-_JLEamKPgsGH2jHE-E6NGOzsIOmP-fh2ZBo6zvEEyVHBW-IATk8IyXyLE7MRCw2iDeXmDoxRofkCVe3fluPd58CgwrURPy62_68L9E1DM5lwEqZds_BpipfYzzQ-16HIWXc8Fp9h11G3M0L_uTceS_ATcfo_kX-PMVITMauPDHliX8w6DFJBp_EKSjBEUucKa0S9bXXemDInDdxQpf-ylliHaNdMbkp-P1ahUaICvJ4cZdOKy-FrD9-eGhfFV3lnxMm2k5oVXiKpQrqlcKdp-BdTjTrAProoQ5FyRZ2zw3EgLEc_1EkUPyLI8krhGTSdWRmZ9FiCq7N2wkxcencAHLgQklO7oBdjPsrhSzW6_A32gDpaj6eHjFT3_PY5rWQaP2ByU9tkJ9s1OqqESm6G7jU0jgcm6cqkr2IYcW4nD_UNrqsoe88VPwkctlkkLEB146pQ HTTP 302
https://p274639.myckdom.com/adServe/domainClick?ai=8t_YSst-khR5fJD9dE4XGpD1bEyEOireHMBkS1RnhihgdcxMTC_77YmBbjdrRV8lOWw1ExPQwoclHrl1k_0_ol-rUMhnE8BfZzT_XXk8zbLYMpRzwgJ_XWz-_QgCIH-e_Um1DHULjs9jJf14907DhcFc2MPW0O-qAwwDRrpWZMOxj0PwWlfnFfLvVmpjHpNcaqAbIFDsUJSMKYfHg7Y2fA9d8LOfDfIwUsHcUmOeTOTs_YQqk8IZrcsVDOsvpryM68VsiSX-FhPIDSzUszxAi0kmadw6N4EQBmn-NR6QZt5Yzq10NtvSy_-ksmVOdTqFIy_4NaNO0OKUYALmW9khi-LPl4YV0sb4Q7Ge21nDntFO5YROiW87Xk642Q_uDWBGsfLS3eez5-DPr7BVFqfg_i4pba7jOYHnDseHgR2yYasiz84u93LAtTp1T_f4NC24GNhkGX0W1WEDgwDsRKusVoS7Ocyk9FII2O0y16yCsseHK8tEBM7hr-Qxm3fyDPT0AqM8rzIb-PiTtjegZs_yEsPZEguvhzLXntvpDL1rWYdOIs3E02P7faY0kMzWSjRebmcEoQHKaiRiVnQIGgxQDiU7ugF2M-yuFLNbr8DfaAPfU1FdfCYQtWc6G2VcJWi50Vd72cJKvyK8pZyDwONmkt347mfhgNbxZuDK-Dk20eQlVRFEktQBWBaf4XymfSdAQOGScGtJTvTwrHjoweW6kBTRhJTr31T6sz6E4fJKdEtrKCtj0Ed3D281oaJh9pZt1A3LQQeWyuAM6cRdns6hCaZd0oS6zOUCFtGHlaE3QDF6P_CYCJRt6hYEa7djHvbY9hg2BfAA_PZrKjH7AtpTCkHZ0-1ZdaXKlNKykvgARudlkkLEB146pQ&ui=ULvdn1uz3febt1xI3YONt_bWwvziNp_1xLgNeF8Zj-jo3_TEmQA4Td535fyvzw7WP6WSLdVzkFSKjbPwuNd5DojvmotfTdW06dp7VJFDYmOyGwLEmcj8tQ&si=1&oref=849f468308e2fd2ca5be96d7a870fa70&optunit=FLNbr8DfaAM1ksAx6i4xhw&rb=lklr6Bsrz6o&rr=1&abtg=0 Page URL
https://myimaginarymgmtcenter.com/?click=90664213766&source=446919085&sub=SAPF&v=0.11 HTTP 302
https://balance.vanlliagfitaccesses.net/?c=90664213766 HTTP 302
https://balance.vanlliagfitaccesses.net/bad.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://wickes.us/ HTTP 302
http://dnavexch.com/click?data=TmxjQks4T3RuNmpnd2NPODJ3TC1pT2NMRmxXanNWblRnNWlkeUNhT3c2dm91M3ZWNHFYM0hGSDExZExzdGdMaHVBcF81ZEp6R0RFNmdyeVBSQW5wUDgtUzQ1Q0U2bkF4QThhbjZKa3BmTGk5MkVVMFRMeGRQaGczdVNDWS0ycWVhVlZBYjFkZTFGdUNYNXFHaVZkRlBBMg2&id=0756ac2d-2f1d-4aca-8e04-b140826ca2c2

Request Chain 1

http://dnavexch.com/Redirect/ HTTP 302
https://myckdom.com/aS/feedclick?s=ULvdn1uz3febt1xI3YONt7YUp7aBBDBgXQaiCg3BLRuzbOwltOcHjH5XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZg570qmhSob9iTdYYEA44WYlJzChtcb99a-hz6nOf0-V35hDWF21szTZekRk7AUpJuEGLaVG8NJmXLnDLd-tFcTIqHaxObetc1oLHZ067gnxnYZCHtpBYsO9hbL7uLV8VifrnAUOX9vHUDnqOdlPSYYfx8qhHZNizFyjAY-SFzjWVJJrKhmG1AHkWeoweiN2I86mw93xwXGOxmnhCizDL4v75zb8pgHrGBVeJV_vVmQQ1VWLs-U1gUz2FnK9PqGSLi9SpgzgKkQTsef7fzHHdRa5UUp4xCf6N2NNwXXZwCrb2LQ9-9GMjKz9MiubikoGNvdKsnciD6ByxnxVvRgqnjJGidsvEf3NvUANtXWSmRDyHAEx6sAEIz_eGeJzRg8_DKJZKWOK5M2qGIcYZm3_Aj5kS1F1KH_mjJoDE0_Xwxubk96i1vmPVUu-uspMrEVJHq8Vsov6rfyackSgIn8kUJdQ3dJFgpOYNj1DLRvnqoJ4tN5gZQJWABvBRDlLnp4NADzCVPC8ASYnB5u8P53Brb9Bkm0dhI6peuOzWN-841DnhUPMMocDS0kfEgkbz625qQqeUAmDpg_94Rv-zrh8cBadWFBDk69nksVTw98xuUdVHOR9B7SxwSa6lfE691OBOvQ1LvBRnAbmG-z0HkKRMQ2PguehXBajeftIwLVTbcZQ7Jx0kiDBvZHVKP2XhSKvWPnWIbrAcGchKZnHCtlJqexDXqil5PlK-r488hILamtbJsKtuzMSWJCPyY4Dtb-qyTGNukGC32LBQcz4bFZki7Gr9A_2HcQiK9QgdCLp-dCNZDJnZtZiwvizTNCCi_1inEnXUALW7Bu6r_9Te8R0Ipw17I52regNsmERACmm9d1B5Zomt-_Cawpnl25oY5s9TgZH83wiszWH2fC7GrymtpLMLAgpVlA41DykXlRwFap00WWhP4PNBWueYOiaAAqt6eXinuDGa9GMyMNyo0Qi1fI1cU0aoJtZiZ6ZXaN8_B_rzdnHRAtpz56VpL3A1bp2all5L4XEv68ibNLUmC5GizgEZftNtarDOG5o1sPzZ5CspaVYc0hePltGWALpgIhy1p23oJKWJ2mxq6_Sa2eHiCA3T4aQC37hUuM14wm_OVfH07D0TqYmm2uA4uH5wie2wSIn7Sx5SfBZNebTgl_nuUdz6NA97oTfkyOI_WjEirYIWTEp_-S-dqCNsWnoACTpQbBcf1Iky73F1IKHiIA6NVtNIEgSmqr7IIQVSeP-wCxL0kOEvJ_ur_oM2FppmEuUOrhEXSYaUFA2imajhTIF7jxLuSjDtFy53SEhO5r8sZqriGCzpeYCnSAB6rRT5ryDn1Q3MPaSNCo9ZvfzFGT9lPqqBiaP--x1sPIZCWjByYL_p_ior3gIiFkwSMi7OM76LlMTIGlyHvSjWz_pI3_0G3iZJ7oUoyrlfmWpQ72bc4t3Hx47DhhZ146qPnfQWoodQ1iSnaG39La6iVkSlR8KVKDWV5tso2d63P3kquTyvbhVMU9I7aPk7NKCeAD1IvhNaP8sUppB90IhXvMYORdOEXp_FHNfEhKooIbr4ScI-uON36n1-VC-CuKifHwHvWXoIxb8tkShtl8myBJmW7EcHPTumAeTpY7x42mqi9EcDwDmFCjhA5kocz4dfzLroTowgOMWmM7434rpt1MTjmFH9Mw6FZBAh1-_Fi2L-4COsWdTlIP5ptT_pYkIAHi3_wSjrANX07v6saMijraNl66F-P1TNjyt1ncZ4iUqYl9Si94mfHb5OmfX5vmyF20HWW_L-PXBdrLbigrT1ys1hOH9WUxjPW1rx_nl-nxtAIHFWJkJlvy55s6Gi2RSzW6_A32gDSxA4FRjTqs0h6-yE-Gt6zcanF5juWxD4Xp46MNtPa4gZnk547BHwUzDffQpdJWdEh6Bm0-9Ux9pTjhgCC-_JLEamKPgsGH2jHE-E6NGOzsIOmP-fh2ZBo6zvEEyVHBW-IATk8IyXyLE7MRCw2iDeXmDoxRofkCVe3fluPd58CgwrURPy62_68L9E1DM5lwEqZds_BpipfYzzQ-16HIWXc8Fp9h11G3M0L_uTceS_ATcfo_kX-PMVITMauPDHliX8w6DFJBp_EKSjBEUucKa0S9bXXemDInDdxQpf-ylliHaNdMbkp-P1ahUaICvJ4cZdOKy-FrD9-eGhfFV3lnxMm2k5oVXiKpQrqlcKdp-BdTjTrAProoQ5FyRZ2zw3EgLEc_1EkUPyLI8krhGTSdWRmZ9FiCq7N2wkxcencAHLgQklO7oBdjPsrhSzW6_A32gDpaj6eHjFT3_PY5rWQaP2ByU9tkJ9s1OqqESm6G7jU0jgcm6cqkr2IYcW4nD_UNrqsoe88VPwkctlkkLEB146pQ HTTP 302
https://p274639.myckdom.com/adServe/domainClick?ai=8t_YSst-khR5fJD9dE4XGpD1bEyEOireHMBkS1RnhihgdcxMTC_77YmBbjdrRV8lOWw1ExPQwoclHrl1k_0_ol-rUMhnE8BfZzT_XXk8zbLYMpRzwgJ_XWz-_QgCIH-e_Um1DHULjs9jJf14907DhcFc2MPW0O-qAwwDRrpWZMOxj0PwWlfnFfLvVmpjHpNcaqAbIFDsUJSMKYfHg7Y2fA9d8LOfDfIwUsHcUmOeTOTs_YQqk8IZrcsVDOsvpryM68VsiSX-FhPIDSzUszxAi0kmadw6N4EQBmn-NR6QZt5Yzq10NtvSy_-ksmVOdTqFIy_4NaNO0OKUYALmW9khi-LPl4YV0sb4Q7Ge21nDntFO5YROiW87Xk642Q_uDWBGsfLS3eez5-DPr7BVFqfg_i4pba7jOYHnDseHgR2yYasiz84u93LAtTp1T_f4NC24GNhkGX0W1WEDgwDsRKusVoS7Ocyk9FII2O0y16yCsseHK8tEBM7hr-Qxm3fyDPT0AqM8rzIb-PiTtjegZs_yEsPZEguvhzLXntvpDL1rWYdOIs3E02P7faY0kMzWSjRebmcEoQHKaiRiVnQIGgxQDiU7ugF2M-yuFLNbr8DfaAPfU1FdfCYQtWc6G2VcJWi50Vd72cJKvyK8pZyDwONmkt347mfhgNbxZuDK-Dk20eQlVRFEktQBWBaf4XymfSdAQOGScGtJTvTwrHjoweW6kBTRhJTr31T6sz6E4fJKdEtrKCtj0Ed3D281oaJh9pZt1A3LQQeWyuAM6cRdns6hCaZd0oS6zOUCFtGHlaE3QDF6P_CYCJRt6hYEa7djHvbY9hg2BfAA_PZrKjH7AtpTCkHZ0-1ZdaXKlNKykvgARudlkkLEB146pQ&ui=ULvdn1uz3febt1xI3YONt_bWwvziNp_1xLgNeF8Zj-jo3_TEmQA4Td535fyvzw7WP6WSLdVzkFSKjbPwuNd5DojvmotfTdW06dp7VJFDYmOyGwLEmcj8tQ&si=1&oref=849f468308e2fd2ca5be96d7a870fa70&optunit=FLNbr8DfaAM1ksAx6i4xhw&rb=lklr6Bsrz6o&rr=1&abtg=0

Request Chain 31

https://balance.vanlliagfitaccesses.net/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://balance.vanlliagfitaccesses.net/cdn-cgi/challenge-platform/h/g/scripts/jsd/3e377faf/main.js

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

click Show response
dnavexch.com/
Redirect Chain

http://wickes.us/
http://dnavexch.com/click?data=TmxjQks4T3RuNmpnd2NPODJ3TC1pT2NMRmxXanNWblRnNWlkeUNhT3c2dm91M3ZWNHFYM0hGSDExZExzdGdMaHVBcF81ZEp6R0RFNmdyeVBSQW5wUDgtUzQ1Q0U2bkF4QThhbjZKa3BmTGk5MkVVMFRMeGRQaGczdVNDWS...

5 KB
6 KB

39ms
12ms

Document
text/html

192.99.158.241
OVH

General

Domain/Path	Expires	Name / Value
.wickes.us/	1970-01-21 00:06:41	Name: sid Value: 4f616a9a-4b37-11ee-8c17-6e73999c7453
dnavexch.com/	1969-12-31 23:59:59	Name: cMEszOsUjTfdveI Value: cMEszOsUjTfdveI
.myckdom.com/	1970-01-20 18:49:53	Name: rhid Value: 83604889600
.myckdom.com/	1970-01-20 14:30:44	Name: loi Value: ad_1427683_off_870620_aff_90840_cid_274639-584136950-WICKES.US_ts_1693841143
balance.vanlliagfitaccesses.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: rnril9bc0dag17vaj03u7404kn
.vanlliagfitaccesses.net/	1970-01-20 23:16:17	Name: cf_clearance Value: kq41d4hCdZOtlQNAvVZKQeZNDCoIecZV.2iKhxElpes-1693841148-0-1-32474010.cc936940.65461ff0-0.2.1693841148

balance.vanlliagfitaccesses.net Open in urlscan Pro 172.67.169.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

94 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

5 IPs

4 Countries

2257 kBTransfer

2552 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

balance.vanlliagfitaccesses.net Open in urlscan Pro
172.67.169.108 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

94 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

5
IPs

4
Countries

2257 kB
Transfer

2552 kB
Size

6
Cookies

34 HTTP transactions
0 data transactions