recommendedactionf2.click
Open in
urlscan Pro
45.55.200.71
Public Scan
Submitted URL: http://bestfashions3.xyz/event_96c9c679-fa10-b678-3843-73946628f5db_54_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21...
Effective URL: https://recommendedactionf2.click/ufS48F7z/mc/rd23/lp.php?isp=Nexeon%20Technologies&ip=96.9.249.35&g=us&city=Buffalo&browser=Chrom...
Submission: On January 29 via api from US — Scanned from US
Effective URL: https://recommendedactionf2.click/ufS48F7z/mc/rd23/lp.php?isp=Nexeon%20Technologies&ip=96.9.249.35&g=us&city=Buffalo&browser=Chrom...
Submission: On January 29 via api from US — Scanned from US
Summary
This website contacted 8 IPs
in 4 countries
across 17 domains to perform 15 HTTP transactions.
The main IP is 45.55.200.71, located in
and
belongs to .
The main domain is recommendedactionf2.click.
TLS certificate: Issued by R3 on January 25th 2024. Valid for: 3 months.
This is the only time recommendedactionf2.click was scanned on urlscan.io!
TLS certificate: Issued by R3 on January 25th 2024. Valid for: 3 months.
This is the only time recommendedactionf2.click was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 8 10 | 173.214.240.15 173.214.240.15 | 15317 (SERVEREL-AS) (SERVEREL-AS) | |
| 1 | 2607:f8b0:400... 2607:f8b0:4006:80d::200a | 15169 (GOOGLE) (GOOGLE) | |
| 4 4 | 199.182.164.180 199.182.164.180 | 15317 (SERVEREL-AS) (SERVEREL-AS) | |
| 1 1 | 2606:4700:303... 2606:4700:3034::ac43:c7e3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 1 | 31.220.27.135 31.220.27.135 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
| 1 1 | 2a01:9580:477... 2a01:9580:4771::12 | 49544 (I3DNET) (I3DNET) | |
| 2 | 31.204.132.207 31.204.132.207 | 49544 (I3DNET) (I3DNET) | |
| 2 2 | 157.90.33.71 157.90.33.71 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 2 | 157.90.91.144 157.90.91.144 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 1 3 | 2606:4700:1::... 2606:4700:1::6813:854c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 1 | 2606:4700:303... 2606:4700:3030::6815:28c0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 2607:f8b0:400... 2607:f8b0:4006:81c::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 1 1 | 94.130.51.235 94.130.51.235 | () () | |
| 1 | 45.55.200.71 45.55.200.71 | () () | |
| 15 | 8 |
10
173.214.240.15
(United States)
ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net
ASN15317 (SERVEREL-AS, US)
PTR: 173.214.240.15.serverel.net
| bestfashions3.xyz | |
| freetrckr.com | |
| sundaymagazine2.xyz |
4
199.182.164.180
(United States)
ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net
ASN15317 (SERVEREL-AS, US)
PTR: 180.164.182.199.serverel.net
| xml.rexsrv.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
sundaymagazine2.xyz
3 redirects
sundaymagazine2.xyz |
3 KB |
| 4 |
rexsrv.com
4 redirects
xml.rexsrv.com — Cisco Umbrella Rank: 76577 |
2 KB |
| 3 |
mgid.com
1 redirects
c.mgid.com — Cisco Umbrella Rank: 6378 s-img.mgid.com — Cisco Umbrella Rank: 8695 |
11 KB |
| 3 |
freetrckr.com
3 redirects
freetrckr.com — Cisco Umbrella Rank: 588504 |
898 B |
| 2 |
gstatic.com
fonts.gstatic.com |
31 KB |
| 2 |
cdn4image.com
cdn4image.com — Cisco Umbrella Rank: 7954 |
28 KB |
| 2 |
g0-g3t-som3.net
2 redirects
g0-g3t-som3.net — Cisco Umbrella Rank: 13475 |
729 B |
| 2 |
amnew.net
cdn.amnew.net — Cisco Umbrella Rank: 17338 |
29 KB |
| 2 |
bestfashions3.xyz
2 redirects
bestfashions3.xyz |
607 B |
| 1 |
recommendedactionf2.click
recommendedactionf2.click |
|
| 1 |
onedesktrk.com
1 redirects
onedesktrk.com |
561 B |
| 1 |
mint-view.ru
1 redirects
mint-view.ru — Cisco Umbrella Rank: 52829 |
465 B |
| 1 |
karoon.xyz
1 redirects
eu.karoon.xyz — Cisco Umbrella Rank: 40683 |
108 B |
| 1 |
viiahdlc.com
1 redirects
s.viiahdlc.com — Cisco Umbrella Rank: 24925 |
353 B |
| 1 |
mint-imp.ru
1 redirects
mint-imp.ru — Cisco Umbrella Rank: 51648 |
1 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28 |
1 KB |
| 0 |
jsdelivr.net
Failed
cdn.jsdelivr.net Failed |
|
| 15 | 17 |
| Domain | Requested by | |
|---|---|---|
| 5 | sundaymagazine2.xyz |
3 redirects
sundaymagazine2.xyz
|
| 4 | xml.rexsrv.com | 4 redirects |
| 3 | freetrckr.com | 3 redirects |
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 2 | s-img.mgid.com |
sundaymagazine2.xyz
|
| 2 | cdn4image.com |
sundaymagazine2.xyz
|
| 2 | g0-g3t-som3.net | 2 redirects |
| 2 | cdn.amnew.net |
sundaymagazine2.xyz
|
| 2 | bestfashions3.xyz | 2 redirects |
| 1 | recommendedactionf2.click |
sundaymagazine2.xyz
recommendedactionf2.click |
| 1 | onedesktrk.com | 1 redirects |
| 1 | mint-view.ru | 1 redirects |
| 1 | c.mgid.com | 1 redirects |
| 1 | eu.karoon.xyz | 1 redirects |
| 1 | s.viiahdlc.com | 1 redirects |
| 1 | mint-imp.ru | 1 redirects |
| 1 | fonts.googleapis.com |
sundaymagazine2.xyz
|
| 0 | cdn.jsdelivr.net Failed |
recommendedactionf2.click
|
| 15 | 18 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| newstodai3.xyz R3 |
2023-12-21 - 2024-03-20 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
| cdn4image.com R3 |
2024-01-17 - 2024-04-16 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-11 - 2024-04-10 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
| recommendedactionmobg2.click R3 |
2024-01-25 - 2024-04-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://recommendedactionf2.click/ufS48F7z/mc/rd23/lp.php?isp=Nexeon%20Technologies&ip=96.9.249.35&g=us&city=Buffalo&browser=Chrome&os=Windows&trk=WWpJMWJGcEhWbnBoTTFKNVlYazFhbUl5TUQwPQ==&tsid=13&lpkey=17e406965667237173&lng=en&t1=1157697&t2=1869679&uclick=xs7vg6e8wj&uclickhash=xs7vg6e8wj-xs7vg6e8wj-syib-k2i4-376o-uq15-xosy-b4fccf
Frame ID: ED215BF2E4368F3746B73FDB7D9E5E4E
Requests: 15 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://bestfashions3.xyz/event_96c9c679-fa10-b678-3843-73946628f5db_54_0_4001?payload=jtdcjtiyacuymiu...
HTTP 301
https://bestfashions3.xyz/event_96c9c679-fa10-b678-3843-73946628f5db_54_0_4001?payload=jtdcjtiyacuymiu... HTTP 302
https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1 HTTP 302
https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=2&ch=1 HTTP 302
https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=3&ch=1 HTTP 302
https://sundaymagazine2.xyz/sw_f100b1b5-dca3-3e94-2f90-211419f609ec_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EzJT... Page URL
-
https://xml.rexsrv.com/click?s=1&tid=467&sid=8c94e9ffdcbf41bafe758b29505e5b69&rnd=695663732
HTTP 302
https://g0-g3t-som3.net/clk/Z7HrK-z7gLPG_OcV0uC8BvSS0yK2HjCYDhG6FtrhIUJ7hazVzrgKuaE96b2WLAa5jnRkj6CM... HTTP 302
https://onedesktrk.com/rdr.php?k=ru2jug6qyxk8xf28w9xs&clickid=GM0BOOcIaMi5JnDvjnLoAcHURoAC666hrbOFp... HTTP 302
https://recommendedactionf2.click/ufS48F7z/mc/rd23/lp.php?isp=Nexeon%20Technologies&ip=96.9.249.35&g=us&city=B... Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bestfashions3.xyz/event_96c9c679-fa10-b678-3843-73946628f5db_54_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21lzglhlm5ldcuymiuyqyuymnulmjilm0elnuilmjixmdcyltu2ngqxntm0ngjintk5zjflmde3nzbhzjizzjm5nthlltm2mditmc4wmda0nzylmjilnuqln0q%3d&t=1706487776312&rnd=775128069&js...~311~...qx2pwx3vzx2rlc2slmjiln0q=&if=0
HTTP 301
https://bestfashions3.xyz/event_96c9c679-fa10-b678-3843-73946628f5db_54_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21lzglhlm5ldcuymiuyqyuymnulmjilm0elnuilmjixmdcyltu2ngqxntm0ngjintk5zjflmde3nzbhzjizzjm5nthlltm2mditmc4wmda0nzylmjilnuqln0q%3d&t=1706487776312&rnd=775128069&js...~311~...qx2pwx3vzx2rlc2slmjiln0q=&if=0 HTTP 302
https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1 HTTP 302
https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=2&ch=1 HTTP 302
https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=3&ch=1 HTTP 302
https://sundaymagazine2.xyz/sw_f100b1b5-dca3-3e94-2f90-211419f609ec_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EzJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D Page URL
-
https://xml.rexsrv.com/click?s=1&tid=467&sid=8c94e9ffdcbf41bafe758b29505e5b69&rnd=695663732
HTTP 302
https://g0-g3t-som3.net/clk/Z7HrK-z7gLPG_OcV0uC8BvSS0yK2HjCYDhG6FtrhIUJ7hazVzrgKuaE96b2WLAa5jnRkj6CMShLFfinntErHaBA7UTE5Hd_BQfueHfrT5D9IWgAX-nYCCeMun0b8rIxLwqZswT7Nb1M6-7Io0WmHFQzelFIhHCDCpNTLVUeobJK8UBbJGAdZ1RxWYc9iOQQS1S64A26t7EOsKceC0yv7YqQCJt_QmzY4CEn3lmrCQtOdnuucLbHPiEV0F3RMQa7CeyhMSsiuEtn4y39ur2rAEoMOaTEwgw01oE4Il1Ek4spruRq15tjV4hvFcDOJD1L42MnBrwPi3JW3pwO7-LfWxqFdk9Ivzcf2mFQk9XOQxq0YuIejcFKyW2v7uXucscV3GflqXsrPVH8N1ynvgQu6LrJmL4t3uUFyMK0euF6pbW7lqT6msfH7jXAe-n-esjMFaugcRSXkn4LsKa6S22KEBaBhcZTs4cJjPd3W6oM8voq_NweKmy2kbkPnR6_Jr3uJw1GjLWm_8o6U6jxBpapiMqAQu8CRLNc4qH_HO_QpvoswUZTvCuDPb2yWKCMjnlcq9k7iPy9t0fyqZ-zm9w9qLpc6tyI7TFuAk-NSh1n8jYnS8bab7Ya9RC1vWQaCDjQ8lzUeeXlMoI7_LGnH8MPR-nU0-Y5zoFBFIwqxyVL7ARnFyQWjoPs24RUHA76_qZKAeOknK7imW5KD-wBSUDgmfHr5HhBrgBAWUd23AWp1f53f5DUv HTTP 302
https://onedesktrk.com/rdr.php?k=ru2jug6qyxk8xf28w9xs&clickid=GM0BOOcIaMi5JnDvjnLoAcHURoAC666hrbOFprEB&cost=0.1920&zoneid=1157697&creativeid=1869679&agegroup=AGE_0_3&browser=Chrome&device=desktop&isp=Nexeon+Technologies&carrier=Nexeon+Technologies&feedid=205&osversion=win_10 HTTP 302
https://recommendedactionf2.click/ufS48F7z/mc/rd23/lp.php?isp=Nexeon%20Technologies&ip=96.9.249.35&g=us&city=Buffalo&browser=Chrome&os=Windows&trk=WWpJMWJGcEhWbnBoTTFKNVlYazFhbUl5TUQwPQ==&tsid=13&lpkey=17e406965667237173&lng=en&t1=1157697&t2=1869679&uclick=xs7vg6e8wj&uclickhash=xs7vg6e8wj-xs7vg6e8wj-syib-k2i4-376o-uq15-xosy-b4fccf Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://bestfashions3.xyz/event_96c9c679-fa10-b678-3843-73946628f5db_54_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21lzglhlm5ldcuymiuyqyuymnulmjilm0elnuilmjixmdcyltu2ngqxntm0ngjintk5zjflmde3nzbhzjizzjm5nthlltm2mditmc4wmda0nzylmjilnuqln0q%3d&t=1706487776312&rnd=775128069&js...~311~...qx2pwx3vzx2rlc2slmjiln0q=&if=0 HTTP 301
- https://bestfashions3.xyz/event_96c9c679-fa10-b678-3843-73946628f5db_54_0_4001?payload=jtdcjtiyacuymiuzqsuymnhtbc5hzhbpy21lzglhlm5ldcuymiuyqyuymnulmjilm0elnuilmjixmdcyltu2ngqxntm0ngjintk5zjflmde3nzbhzjizzjm5nthlltm2mditmc4wmda0nzylmjilnuqln0q%3d&t=1706487776312&rnd=775128069&js...~311~...qx2pwx3vzx2rlc2slmjiln0q=&if=0 HTTP 302
- https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=1&ch=1 HTTP 302
- https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=2&ch=1 HTTP 302
- https://freetrckr.com/bid?id=4001&token=e807a67b57ff274565f78878190ec04e&sub_id=&rc=3&ch=1 HTTP 302
- https://sundaymagazine2.xyz/sw_f100b1b5-dca3-3e94-2f90-211419f609ec_7_0_4001.js?h=JTdCJTIycmMlMjIlM0EzJTJDJTIyaGlkJTIyJTNBMSUyQyUyMnNpZCUyMiUzQSUyMiUyMiU3RA%3D%3D
- https://sundaymagazine2.xyz/event_aa0f2e31-5997-1f3b-385d-eb3444a1b8b1_7_3738_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0QxNTg4ZTY1M2ViMzNhMjhiYWViYWMyNjVkMjE4YzIxMCUyNnJuZCUzRDE4NDAwNjYyMA%3D%3D&t=1706562067657&rnd=276063336&i=1 HTTP 302
- https://xml.rexsrv.com/icon?sid=1588e653eb33a28baebac265d218c210&rnd=184006620 HTTP 302
- https://mint-imp.ru/b2/c/i/icon?cid=10&did=CQsJAAA&eid=13957&nid=10006&sid=3293434934TnGqWMOv&ts=1706562066&ttl=3000&v=v5.9.12 HTTP 302
- https://s.viiahdlc.com/n/1980/ozihu7srifmhy6tgpz2eayabpnwhyztxifdfua2cjnggl5sglo4wmwd5fqcbccdtfjqfuucamedhu2lvn4oegrcqabfuistiir7hn64girv33uv24rgxqutqjir66oivpisl7gpc47i3bk5l2firrwgku3avmo6jspio2tbqu5b4q4qlh3tor7kvlnxuic5wd44terqdoulum3cqjnewdb2szjevpwcd6t2t57kzrp4ghmlushz2njegv6h3lekhxfizksuxiweexgapc5yzwuriwbm63a2sjowgaw7wd4zruzrzkgxg5dsaxfrrnrklo7tesqolkjhikwmxpcjxa752gpcypprssbf5tm5kgkrurmdvt5fuway3a35fcnsnlccjxd45jlzda46splaxhydmiu4qgd7zmopnhipkvg333dfmg6hvucs6btqugaqs2lmeoqokbnfdt35g5r3fcy2vlye6yclgbtimb2thcvlug4lvmizietird7qhydtgzt5hiog3gzetls5a5567uuumbr6dxvfv2zfpgm3soj4fb2wt2542iuwjjczxk3msjjkkqqhnskqn6wnmkve7w5tkaulbmgtbimvvrvtpkhvuuh67nzf7qvka7jylnqh2lkcfj7pszrqme4mb36ynkqxmijuftootmltwtsd4zzgehu2xutu3r2kr6n2ydup77os57hls6jvk7uv35g3j5ceswveyytdccfqqgl3nebqxmeqqkfirorclm4jxexzekrscqlaecmgcsllcprzycvzu3rn6iusc3fyghadxoewqgnhsnnna====?f=https%3A%2F%2Feu.karoon.xyz%2Fnty%2Fmetrics%2Fsave.img%3Fevent%3Dimpressions%26bid-id%3Dv2-1706562066820-7-1867-1313447-d333759b-1782-9a63-d9c1-f83439a3239f%26country%3DHBoI%26placement%3DKyt8K3lxfiotfXt9L30tLS8oeHB_fHkqK3wteHtwf3g%26device-type%3DBAYLAAUM%26browser%3DCiE7JiQs%26os-base%3DHiAnLSY-Og%26lang%3DLCc%26adv-bid-price%3DcHlneQ%26pub-bid-price%3DfHtneXl7cHh-cHBwcHBwcHB9%26img%3Dhttps%253A%252F%252Fcdn.amnew.net%252F9f588828ba3f81092ff3f27327a23ee5.png HTTP 302
- https://eu.karoon.xyz/nty/metrics/save.img?event=impressions&bid-id=v2-1706562066820-7-1867-1313447-d333759b-1782-9a63-d9c1-f83439a3239f&country=HBoI&placement=Kyt8K3lxfiotfXt9L30tLS8oeHB_fHkqK3wteHtwf3g&device-type=BAYLAAUM&browser=CiE7JiQs&os-base=HiAnLSY-Og&lang=LCc&adv-bid-price=cHlneQ&pub-bid-price=fHtneXl7cHh-cHBwcHBwcHB9&img=https%3A%2F%2Fcdn.amnew.net%2F9f588828ba3f81092ff3f27327a23ee5.png HTTP 302
- https://cdn.amnew.net/9f588828ba3f81092ff3f27327a23ee5.png
- https://sundaymagazine2.xyz/event_aa0f2e31-5997-1f3b-385d-eb3444a1b8b1_7_2978_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0Q4Yzk0ZTlmZmRjYmY0MWJhZmU3NThiMjk1MDVlNWI2OSUyNnJuZCUzRDE4NDAwNjYyMA%3D%3D&t=1706562067657&rnd=26105142&i=1 HTTP 302
- https://xml.rexsrv.com/icon?sid=8c94e9ffdcbf41bafe758b29505e5b69&rnd=184006620 HTTP 302
- https://g0-g3t-som3.net/icn/Mq29cxRQZUro8g_QeW-lm8wYTrCQLGrmaF8E4hhnX0F9Bw5TOJCsb4pt-0PBL0GR9WaA9-3h1lgl4YdsZasr7MN-KVwFjU-hZm_GPfOaWJMFzNnOxbhWpDzOR1gZzJpQarZscSkJcfIYKoWCt-BHWkSx3yOiR8zTJWQs7A-asew9s-nIe4BEP-ylfUs4IEkr7gidQ3hOr49DmNvtapTCKRC7KBVtF4mz1MUVB92s5yPpz4hWI2g2zYuD02mNDeXq5N1qc2RzV59HJlay3DPrvSV9EmcWvpDroF-p1gIq7GjV0_SwRBZo4jXqOp_lPD9VPRwnCGBZyJbylkfIMIDNtX9cJj9jot-II_GUqqokokeF4gSfAar46RY2u8tLH9ab179p_O874P93AdD3JcQyVAHR5eXxWmAT7FzgzhHHyxR6-lt0BGVORkvYiVjk-ladw-qMwsF2wraBg7302on_hijT8HRkedC4OPQ6lAlpY7fX3bIK7eNnmg HTTP 307
- https://cdn4image.com/creatives/629/960/192_0_1704815283430.png
- https://sundaymagazine2.xyz/event_aa0f2e31-5997-1f3b-385d-eb3444a1b8b1_7_3747_4001?payload=aHR0cHMlM0ElMkYlMkZ4bWwucmV4c3J2LmNvbSUyRmljb24lM0ZzaWQlM0Q2M2Y3YTg0MDRlYjc5YmJlMGJmZmNlZDBhZjZhNzc5ZSUyNnJuZCUzRDE4NDAwNjYyMA%3D%3D&t=1706562067657&rnd=774537268&i=1 HTTP 302
- https://xml.rexsrv.com/icon?sid=63f7a8404eb79bbe0bffced0af6a779e&rnd=184006620 HTTP 302
- https://c.mgid.com/c?pv=2&v=0|0|0|OjDn7cuSQ8KXxQtQT8NvDW3Mhk0R9htCww53zOHoCSZnci7QaIA1oyax_7_UQlnXg_51pe3Z2doY4af4iGDnKg**&cid=1574325&f=1&h2=aHiBFlkmhgWQShAV2Kk0Qlp5nGvfhNPzQ9HUFVAbHc1xqGdb2hFIP2xC4zVpYgcy&rid=8546fb02-bee9-11ee-a117-c84bd68370c0&psid=96421&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzE4MDEzMzE1LzMyOHgzMjgvLS9hSFIwY0RvdkwyTnNMbWx0WjJodmMzUnpMbU52YlM5cGJXZG9MMmx0WVdkbEwyWmxkR05vTDJGeVh6RTZNU3hqWDJacGJHd3NaVjl6YUdGeWNHVnVPakV3TUN4bVgycHdaeXhuWDJaaFkyVnpPbUYxZEc4c2NWOWhkWFJ2T21KbGMzUXNkMTg1TmpBdmFIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpNdE1ETXZOelF5TVRZMUx6WmpNbU13TlRnNU9ETXdZVEUyT0dRd09USXdObU5tTWpSaE9UQm1ZelppTG1wd1pXYy53ZWJwP3Y9MTcwNjU2MjA2Ni1kNGY0TTREblpPbzJOblF3N0g1dmdsdTRnR2pTNzBkZ3Z1ckNlZGFFck4w HTTP 301
- https://s-img.mgid.com/g/18013315/328x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvNzQyMTY1LzZjMmMwNTg5ODMwYTE2OGQwOTIwNmNmMjRhOTBmYzZiLmpwZWc.webp?v=1706562066-d4f4M4DnZOo2NnQw7H5vglu4gGjS70dgvurCedaErN0
- https://mint-view.ru/b2/c/v/img?cid=10&did=CQsJAAA&eid=13957&nid=10006&sid=3293434934TnGqWMOv&ts=1706562066&ttl=3000&v=v5.9.12 HTTP 302
- https://cdn.amnew.net/b47327cc2719e194ad365049b0d4898c.jpeg
15 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
sw_f100b1b5-dca3-3e94-2f90-211419f609ec_7_0_4001.js
sundaymagazine2.xyz/ Redirect Chain
|
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
9f588828ba3f81092ff3f27327a23ee5.png
cdn.amnew.net/ Redirect Chain
|
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
192_0_1704815283430.png
cdn4image.com/creatives/629/960/ Redirect Chain
|
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd185NjAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDMvNzQyMTY1LzZjMmMwN...
s-img.mgid.com/g/18013315/328x328/-/ Redirect Chain
|
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b47327cc2719e194ad365049b0d4898c.jpeg
cdn.amnew.net/ Redirect Chain
|
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
360_0_1704815283430.png
cdn4image.com/creatives/629/960/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzI6MSxjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmJlc3Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIzLTAzLzc0MjE2NS82YzJjM...
s-img.mgid.com/g/18013315/453x227/-/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
event_aa0f2e31-5997-1f3b-385d-eb3444a1b8b1_7_0_4001
sundaymagazine2.xyz/ |
115 B 207 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
lp.php
recommendedactionf2.click/ufS48F7z/mc/rd23/ Redirect Chain
|
3 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
functions.js
recommendedactionf2.click/ufS48F7z/mc/rd23/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
product.png
recommendedactionf2.click/ufS48F7z/mc/rd23/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdn.jsdelivr.net
- URL
- https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
- Domain
- recommendedactionf2.click
- URL
- https://recommendedactionf2.click/ufS48F7z/mc/rd23/js/functions.js
- Domain
- recommendedactionf2.click
- URL
- https://recommendedactionf2.click/ufS48F7z/mc/rd23/img/product.png
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .mgid.com/ | Name: __cf_bm Value: 6UiGPR7PndiTDK48Jq6WHb8A7fJE3rWHDj5wBDQ35VQ-1706562067-1-Ae7jTCHs02Ti/sggvzYS4UIhcm+4FW7fguaAGuzPi19UsPVr6ISNv7skNumCv0EnosP6VbL+AI6V1VGZSWOEHmA= |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bestfashions3.xyz
c.mgid.com
cdn.amnew.net
cdn.jsdelivr.net
cdn4image.com
eu.karoon.xyz
fonts.googleapis.com
fonts.gstatic.com
freetrckr.com
g0-g3t-som3.net
mint-imp.ru
mint-view.ru
onedesktrk.com
recommendedactionf2.click
s-img.mgid.com
s.viiahdlc.com
sundaymagazine2.xyz
xml.rexsrv.com
cdn.jsdelivr.net
recommendedactionf2.click
157.90.33.71
157.90.91.144
173.214.240.15
199.182.164.180
2606:4700:1::6813:854c
2606:4700:3030::6815:28c0
2606:4700:3034::ac43:c7e3
2607:f8b0:4006:80d::200a
2607:f8b0:4006:81c::2003
2a01:9580:4771::12
31.204.132.207
31.220.27.135
45.55.200.71
94.130.51.235
274521d9954dbeea56152c7ef89853d12215b7d8fd118b70fcf06578e44b5e20
36572bcc883979b506b5adf124a36c91d49e06b188e6b879e31faefea7adc5d5
36b8ec3a924839e020d53da41bde28785f0254146742837ea715e07b8cf66324
3b2370c2ff76a7258f7b60fea93a405ce94f5babf5ffeacb0d10a4dec605f8f3
8c086e2e4eb60b0a54f5120a162bb6aa409e5f42d08be11871cee6134606a323
9810191d0a8d80e3ccd723d78e536ab8218fa079a0d9aada7f54b770944ade9f
d42bb0284b724614d86d789c5dea479d30a53b4f4ae47c50703d5bb396b59b4b
dce175cc41307da454e5490d5b746b85c596f33d7463834a9046012b7e42d6e3
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615