usmagazine-trending-news.com Open in urlscan Pro
2606:4700:30::681c:670 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.info.swallowprde.me/34nk.kkpUQ4nPnUi4kPwfw.UL4-rfSVU/?qs=49871587/3498HCEU98/4988BR93812S9C48+398HTO/3498H/498H....
Effective URL:
https://usmagazine-trending-news.com/nfbk6xi-W/?txt=1&click=10&cep=LB4yrXqcOCDtiZzt0caZrkQLiFVMAw2i4juYFolBhZY67D4w3anVwk2L1vKX_xR5Wq...
Submission: On September 11 via manual (September 11th 2019, 9:33:50 pm UTC) from CA

Summary HTTP 58 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 11 domains to perform 58 HTTP transactions. The main IP is 2606:4700:30::681c:670, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is usmagazine-trending-news.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on September 1st 2019. Valid for: 6 months.

This is the only time usmagazine-trending-news.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Lion's Den Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	69.172.214.175 69.172.214.175	13768 (COGECO-PEER1) (COGECO-PEER1 - Cogeco Peer 1)
2 2	54.148.113.91 54.148.113.91	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	52.59.185.192 52.59.185.192	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
47	2606:4700:30:... 2606:4700:30::681c:670	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700:30:... 2606:4700:30::681f:4aa9	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::681b:bb87	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2606:4700:20:... 2606:4700:20::6819:1b24	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	143.204.214.29 143.204.214.29	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
58	9

1 69.172.214.175 (United States)

ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA)

click.info.swallowprde.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.148.113.91 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-148-113-91.us-west-2.compute.amazonaws.com

cmg1track.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
conc1setrack9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.185.192 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-185-192.eu-central-1.compute.amazonaws.com

go.usmagazine-trending-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 2606:4700:30::681c:670 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

usmagazine-trending-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681f:4aa9 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

healthynewsdaily.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:bb87 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.consumer-rewards.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::6819:1b24 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.uprivaladserver.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.29 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-29.fra53.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	usmagazine-trending-news.com 1 redirects go.usmagazine-trending-news.com usmagazine-trending-news.com	387 KB
2	gstatic.com fonts.gstatic.com	18 KB
2	uprivaladserver.net cdn.uprivaladserver.net	4 KB
2	healthynewsdaily.org healthynewsdaily.org	22 KB
1	pushnami.com api.pushnami.com	7 KB
1	consumer-rewards.net cdn.consumer-rewards.net	2 KB
1	googleapis.com fonts.googleapis.com	734 B
1	jquery.com code.jquery.com	30 KB
1	conc1setrack9.com 1 redirects conc1setrack9.com	732 B
1	cmg1track.com 1 redirects cmg1track.com	270 B
1	swallowprde.me click.info.swallowprde.me	440 B
58	11

	Domain	Requested by
47	usmagazine-trending-news.com	usmagazine-trending-news.com
2	fonts.gstatic.com	usmagazine-trending-news.com
2	cdn.uprivaladserver.net	usmagazine-trending-news.com
2	healthynewsdaily.org	usmagazine-trending-news.com
1	api.pushnami.com	usmagazine-trending-news.com
1	cdn.consumer-rewards.net	usmagazine-trending-news.com
1	fonts.googleapis.com	usmagazine-trending-news.com
1	code.jquery.com	usmagazine-trending-news.com
1	go.usmagazine-trending-news.com	1 redirects
1	conc1setrack9.com	1 redirects
1	cmg1track.com	1 redirects
1	click.info.swallowprde.me
58	12

This site contains links to these domains. Also see Links.

Domain
go.usmagazine-trending-news.com

Subject Issuer	Validity	Valid
sni171042.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-01` - `2020-03-09`	6 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
sni174455.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-26` - `2020-03-03`	6 months	crt.sh
ssl374911.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-11` - `2020-03-19`	6 months	crt.sh
*.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.pushnami.com Amazon	`2019-06-14` - `2020-07-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://usmagazine-trending-news.com/nfbk6xi-W/?txt=1&click=10&cep=LB4yrXqcOCDtiZzt0caZrkQLiFVMAw2i4juYFolBhZY67D4w3anVwk2L1vKX_xR5WqT3cHJGYXTcL2pAU8Y__42_YBxSXtrnVj6-6P7h4pqvwRuS3rS67-WD2nh7AHW_-OozaUeRUZSi4MX_5YkK9b1CKWuBW5tS9sB93Mk2zsVoD4TgLToJeWRw47b8njSJgC4uwQJ018CTeuKDQM0D7XdoF4Pv8VUZnyM_EZ0_I5UobfYXjsKiVng99SjVex1PychsJ9Ztau5nDFfMC_OY64FSnUDUhJ9t1o2i_ZOSdTVP0uQbjbmVw5KRVABAvlCO&lptoken=15e568a2232f94191521
Frame ID: 451147D373D85057930260EA4EADCFBF
Requests: 58 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://click.info.swallowprde.me/34nk.kkpUQ4nPnUi4kPwfw.UL4-rfSVU/?qs=49871587/3498HCEU98/4988BR93812S9C48& Page URL
http://cmg1track.com/?a=385&oc=2010&c=9578&p=m&s1=602427&s2=ci4ul HTTP 302
http://conc1setrack9.com/?a=385&oc=2010&c=9578&p=m&s1=602427&s2=ci4ul&ckmguid=3cf033c7-ed39-4205-bb4e... HTTP 302
http://go.usmagazine-trending-news.com/4b21ce58-1662-4834-9589-13666e7a706b HTTP 302
https://usmagazine-trending-news.com/nfbk6xi-W/?txt=1&click=10&cep=LB4yrXqcOCDtiZzt0caZrkQLiFVMAw2i4juYFolBhZY67D... Page URL

Page Statistics

58
Requests

98 %
HTTPS

64 %
IPv6

11
Domains

12
Subdomains

9
IPs

3
Countries

469 kB
Transfer

753 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://go.usmagazine-trending-news.com/click
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.info.swallowprde.me/34nk.kkpUQ4nPnUi4kPwfw.UL4-rfSVU/?qs=49871587/3498HCEU98/4988BR93812S9C48& Page URL
http://cmg1track.com/?a=385&oc=2010&c=9578&p=m&s1=602427&s2=ci4ul HTTP 302
http://conc1setrack9.com/?a=385&oc=2010&c=9578&p=m&s1=602427&s2=ci4ul&ckmguid=3cf033c7-ed39-4205-bb4e-583362ca6d99 HTTP 302
http://go.usmagazine-trending-news.com/4b21ce58-1662-4834-9589-13666e7a706b HTTP 302
https://usmagazine-trending-news.com/nfbk6xi-W/?txt=1&click=10&cep=LB4yrXqcOCDtiZzt0caZrkQLiFVMAw2i4juYFolBhZY67D4w3anVwk2L1vKX_xR5WqT3cHJGYXTcL2pAU8Y__42_YBxSXtrnVj6-6P7h4pqvwRuS3rS67-WD2nh7AHW_-OozaUeRUZSi4MX_5YkK9b1CKWuBW5tS9sB93Mk2zsVoD4TgLToJeWRw47b8njSJgC4uwQJ018CTeuKDQM0D7XdoF4Pv8VUZnyM_EZ0_I5UobfYXjsKiVng99SjVex1PychsJ9Ztau5nDFfMC_OY64FSnUDUhJ9t1o2i_ZOSdTVP0uQbjbmVw5KRVABAvlCO&lptoken=15e568a2232f94191521 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
click.info.swallowprde.me/34nk.kkpUQ4nPnUi4kPwfw.UL4-rfSVU/ 161 B
440 B 873ms
599ms Document
text/html 69.172.214.175
Cogeco Peer 1

General

Domain/Path	Expires	Name / Value
usmagazine-trending-news.com/	1970-01-19 13:03:12	Name: _pk_id.2.7f0e Value: 405e9eee952c1d1c.1568237616.1.1568237616.1568237616.
usmagazine-trending-news.com/	1970-01-19 08:00:05	Name: _pk_ref.2.7f0e Value: %5B%22%22%2C%22%22%2C1568237616%2C%22http%3A%2F%2Fclick.info.swallowprde.me%2F34nk.kkpUQ4nPnUi4kPwfw.UL4-rfSVU%2F%3Fqs%3D49871587%2F3498HCEU98%2F4988BR93812S9C48%26%22%5D
usmagazine-trending-news.com/	1969-12-31 23:59:59	Name: _pk_testcookie..undefined Value: 1
usmagazine-trending-news.com/	1970-01-19 03:37:17	Name: backb Value: 1
usmagazine-trending-news.com/	1970-01-19 03:37:19	Name: _pk_ses.2.7f0e Value: 1
usmagazine-trending-news.com/	1969-12-31 23:59:59	Name: _pk_testcookie.2.7f0e Value: 1
.usmagazine-trending-news.com/	1970-01-19 12:22:53	Name: __cfduid Value: d23a8df3486d6665184888eceaef46bf91568237615

usmagazine-trending-news.com Open in urlscan Pro 2606:4700:30::681c:670 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

58 Requests

98 %HTTPS

64 %IPv6

11 Domains

12 Subdomains

9 IPs

3 Countries

469 kBTransfer

753 kBSize

7 Cookies

1 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

usmagazine-trending-news.com Open in urlscan Pro
2606:4700:30::681c:670 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

98 %
HTTPS

64 %
IPv6

11
Domains

12
Subdomains

9
IPs

3
Countries

469 kB
Transfer

753 kB
Size

7
Cookies

58 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!