bestgflocator.net.ru
Open in
urlscan Pro
2a06:98c1:3120::c
Public Scan
Effective URL: https://bestgflocator.net.ru/?s1=ser1
Submission: On August 20 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by E1 on July 24th 2022. Valid for: 3 months.
This is the only time bestgflocator.net.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2a00:1450:400... 2a00:1450:400e:810::200e | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 2606:4700:303... 2606:4700:3031::6815:b9c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 2a06:98c1:312... 2a06:98c1:3120::c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 8 | 2a02:6b8::1:119 2a02:6b8::1:119 | 208722 (GLOBAL_DC) (GLOBAL_DC) | |
17 | 3 |
ASN15169 (GOOGLE, US)
feedproxy.google.com | |
feeds.feedburner.com |
ASN13335 (CLOUDFLARENET, US)
rdrfbrdr.pp.ru | |
svntrk.com | |
chytrack.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
yandex.com
2 redirects
mc.yandex.com — Cisco Umbrella Rank: 10960 |
2 KB |
6 |
net.ru
bestgflocator.net.ru |
816 KB |
3 |
chytrack.com
chytrack.com — Cisco Umbrella Rank: 617678 |
25 KB |
3 |
pp.ru
1 redirects
4xmlrdrdom.pp.ru rdrfbrdr.pp.ru |
2 KB |
2 |
yandex.ru
1 redirects
mc.yandex.ru — Cisco Umbrella Rank: 3880 |
71 KB |
1 |
svntrk.com
svntrk.com — Cisco Umbrella Rank: 371526 |
604 B |
1 |
feedburner.com
1 redirects
feeds.feedburner.com — Cisco Umbrella Rank: 15730 |
334 B |
1 |
google.com
1 redirects
feedproxy.google.com — Cisco Umbrella Rank: 253779 |
335 B |
17 | 8 |
Domain | Requested by | |
---|---|---|
6 | mc.yandex.com |
2 redirects
bestgflocator.net.ru
mc.yandex.ru |
6 | bestgflocator.net.ru |
rdrfbrdr.pp.ru
bestgflocator.net.ru |
3 | chytrack.com |
bestgflocator.net.ru
chytrack.com |
2 | mc.yandex.ru |
1 redirects
bestgflocator.net.ru
|
2 | rdrfbrdr.pp.ru |
rdrfbrdr.pp.ru
|
1 | svntrk.com |
bestgflocator.net.ru
|
1 | 4xmlrdrdom.pp.ru | 1 redirects |
1 | feeds.feedburner.com | 1 redirects |
1 | feedproxy.google.com | 1 redirects |
17 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.rdrfbrdr.pp.ru E1 |
2022-08-06 - 2022-11-04 |
3 months | crt.sh |
*.bestgflocator.net.ru E1 |
2022-07-24 - 2022-10-22 |
3 months | crt.sh |
*.svntrk.com E1 |
2022-08-03 - 2022-11-01 |
3 months | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2022-05-21 - 2022-10-31 |
5 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-11-16 - 2022-11-15 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://bestgflocator.net.ru/?s1=ser1
Frame ID: 118B9D32EE011CB9B9E93CE1CE2E7E60
Requests: 15 HTTP requests in this frame
Frame:
https://rdrfbrdr.pp.ru/hashed/beacon.php?e=
Frame ID: FE2F937FC8DFAE6019C494221F949881
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Jump into the sexy relationship!Page URL History Show full URLs
-
https://feedproxy.google.com/Wasotvgm.Tansy2
HTTP 301
https://feeds.feedburner.com/Wasotvgm.Tansy2 HTTP 301
https://4xmlrdrdom.pp.ru/r110622_mouse.php HTTP 302
https://rdrfbrdr.pp.ru/hashed/?_=mfffd&_=1a4w0VyTrlq2I Page URL
- https://bestgflocator.net.ru/?s1=ser1 Page URL
Detected technologies
Laravel (Web Frameworks) ExpandDetected patterns
Yandex.Metrika (Analytics) Expand
Detected patterns
- mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://feedproxy.google.com/Wasotvgm.Tansy2
HTTP 301
https://feeds.feedburner.com/Wasotvgm.Tansy2 HTTP 301
https://4xmlrdrdom.pp.ru/r110622_mouse.php HTTP 302
https://rdrfbrdr.pp.ru/hashed/?_=mfffd&_=1a4w0VyTrlq2I Page URL
- https://bestgflocator.net.ru/?s1=ser1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://feedproxy.google.com/Wasotvgm.Tansy2 HTTP 301
- https://feeds.feedburner.com/Wasotvgm.Tansy2 HTTP 301
- https://4xmlrdrdom.pp.ru/r110622_mouse.php HTTP 302
- https://rdrfbrdr.pp.ru/hashed/?_=mfffd&_=1a4w0VyTrlq2I
- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9736.RDjMPcExo8xduPshrV60p9L-yF1yxvNgi4Vberw-RTMAeR5J41naQvTqiCAoAL2a.SWph__SnkO7s_ZciB5VkYl44kFo%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=9736.ys0IVmIPG_RDt6XFf9YSBdne2sGfnUgpi1d2DlJqcvdK8_utT6iFgmrn_oZgOkYdDeS40n4_SBG1hIs1ozpUEw%2C%2C.Tea9k40Ta_RLxK6wxsx7lcgU2bc%2C
- https://mc.yandex.com/watch/55352929?wmode=7&page-url=https%3A%2F%2Fbestgflocator.net.ru%2F%3Fs1%3Dser1&page-ref=https%3A%2F%2Frdrfbrdr.pp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A1340%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A16759463621%3Ahid%3A399708646%3Az%3A0%3Ai%3A20220820172506%3Aet%3A1661016306%3Ac%3A1%3Arn%3A991413848%3Arqn%3A1%3Au%3A1661016306337334770%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661016304293%3Ads%3A114%2C113%2C333%2C0%2C1%2C0%2C%2C767%2C89%2C%2C%2C%2C1329%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661016306%3At%3AJump%20into%20the%20sexy%20relationship!&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
- https://mc.yandex.com/watch/55352929/1?wmode=7&page-url=https%3A%2F%2Fbestgflocator.net.ru%2F%3Fs1%3Dser1&page-ref=https%3A%2F%2Frdrfbrdr.pp.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetqp77kpsc2e48%3Afp%3A1340%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A16759463621%3Ahid%3A399708646%3Az%3A0%3Ai%3A20220820172506%3Aet%3A1661016306%3Ac%3A1%3Arn%3A991413848%3Arqn%3A1%3Au%3A1661016306337334770%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661016304293%3Ads%3A114%2C113%2C333%2C0%2C1%2C0%2C%2C767%2C89%2C%2C%2C%2C1329%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661016306%3At%3AJump%20into%20the%20sexy%20relationship%21&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
rdrfbrdr.pp.ru/hashed/ Redirect Chain
|
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
beacon.php
rdrfbrdr.pp.ru/hashed/ Frame FE2F |
176 B 382 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
bestgflocator.net.ru/ |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ser1_630118f0bb00d.js
svntrk.com/assets/ |
0 604 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vendor.css
bestgflocator.net.ru/landings/45/fonts/ |
15 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vendor.js
bestgflocator.net.ru/landings/45/js/ |
105 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
mc.yandex.ru/metrika/ |
205 KB 71 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4.png
bestgflocator.net.ru/landings/45/images/ |
166 KB 166 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Lato-Regular.woff
bestgflocator.net.ru/landings/45/fonts/Lato/ |
301 KB 299 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Lato-Bold.woff
bestgflocator.net.ru/landings/45/fonts/Lato/ |
307 KB 305 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
75 B 75 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.com/metrika/ |
43 B 160 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.com/watch/55352929/ Redirect Chain
|
350 B 432 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
assetsv2.min.js
chytrack.com/ |
63 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1
mc.yandex.com/watch/55352929/ |
43 B 73 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
t
chytrack.com/ |
75 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
t
chytrack.com/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
43 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| thirdParty string| r string| vl string| redirectURL function| openPopup function| clickButton function| nextStep function| getTimezone function| x64Add function| x64Multiply function| x64Rotl function| x64LeftShift function| x64Xor function| x64Fmix function| x64hash128 function| picassoCanvas function| picasso function| getVideoCardInfo function| $ function| jQuery function| ym object| yaParams string| ce function| appHeight function| fpResponseCallback function| fpDataCallback number| ds boolean| demo string| apiDomain object| Ya object| yaCounter55352929 string| API object| regeneratorRuntime function| getVisitorId string| fp_id16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bestgflocator.net.ru/ | Name: XSRF-TOKEN Value: eyJpdiI6IjdzaHpxUDBGT1VnZGc3b2lHTyt1WFE9PSIsInZhbHVlIjoiVFoxcUd0REJHSitIRFFLVGNxUFpFdFhmalc1M3pBVG55ay9SRWRla3UrcCsxWnd5T2VtbkZNb0RBVlc1TUhDbyIsIm1hYyI6ImMxMWFiN2QxZjdiZDZiYTUyZjQ1NzRlZTdiOTE5OWJjNjI3Y2MzNTQyMTBmOWYxNTZhZDQ3MmQ4OTEwNWM4YmUifQ%3D%3D |
|
bestgflocator.net.ru/ | Name: laravel_session Value: eyJpdiI6InROaHhBRE1QRk1tN1o2U1gvNDlGckE9PSIsInZhbHVlIjoiWmZJd0Q5eVg4MHdlUVdhWVB4MklDZGlBN1FaT054M25kdktaV2hkZGZsVzdkYkxwVVdoWC9UT3NiV1hlcHViSyIsIm1hYyI6ImE1NTYyZjdhYmRiNGMxYzUxOGM5ZTBlNTc2M2NhZGQwYWVkYmEyZGQ3YTI0ZDkzNGU0ZTk3ZjMxNWFmNDBlZDYifQ%3D%3D |
|
bestgflocator.net.ru/ | Name: SRVNAME Value: w1 |
|
svntrk.com/ | Name: svnimp Value: 630118f10e20e |
|
.bestgflocator.net.ru/ | Name: _ym_uid Value: 1661016306337334770 |
|
.bestgflocator.net.ru/ | Name: _ym_d Value: 1661016306 |
|
.bestgflocator.net.ru/ | Name: _ym_isad Value: 2 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 3127420966fake |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 1010185041fake |
|
.yandex.com/ | Name: yandexuid Value: 6856335831661016306 |
|
.yandex.com/ | Name: yuidss Value: 6856335831661016306 |
|
mc.yandex.com/ | Name: yabs-sid Value: 1811457011661016306 |
|
.yandex.com/ | Name: i Value: 2SFDg9UpHCjIUCoFndHZmzer9WKYUrMeXSRsr3snEOflBMQBvuiVeER8tRubaHGKbvpH6U8wJbXTkg4+GpsdWWi3jEM= |
|
.yandex.com/ | Name: ymex Value: 1692552306.yrts.1661016306#1692552306.yrtsi.1661016306 |
|
.bestgflocator.net.ru/ | Name: _ym_visorc Value: b |
|
.bestgflocator.net.ru/ | Name: fp_id Value: 630118f31c40f |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
4xmlrdrdom.pp.ru
bestgflocator.net.ru
chytrack.com
feedproxy.google.com
feeds.feedburner.com
mc.yandex.com
mc.yandex.ru
rdrfbrdr.pp.ru
svntrk.com
2606:4700:3031::6815:b9c
2a00:1450:400e:810::200e
2a02:6b8::1:119
2a06:98c1:3120::3
2a06:98c1:3120::c
1f38cb7a5cbe6f61e1fca377b02da9458c445f8b65526b75248a062f0c7a51b8
41750f8d6bd7280fef146aed05a703e591284756967b0d9fec0896ff01188692
4feb8a4baf1ab6d4efee5b984ea48ff22af46b19c3b6c21964607fe61eea837c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5982d4e485674a4eebdc91d4d986fbc3fa59e45c59cc326b28e07b530a4af4e0
60124e45c456badbd2b70dd302fa4edf237cd39addfb215602cf7cdc753027a5
6e777128e8b1ab860ca07b61f5c9d193335a0a447848ba682542dd0fd729ca05
759bda5bab8087b590e5668424d0f444a0668cefd1dea9913036b50ddc1ea7f7
7cf624c2cd85b4ac2c7b44b09627034156408931974cdbcec6df1223ea7a24e3
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
957d16bf3f42d0c2f3104e192618d02df1c117a767559477673eba656e61751d
9acca166fd4b1207323992cbbff3b9901fecb4739fce847641f3ac3ab9381e4f
d8a91ad61eea03b749cf4cd1d2b704161d2b41a54a254468a264baa211ca70d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855