secureupdatewarning.com
Open in
urlscan Pro
91.224.59.26
Public Scan
Submitted URL: http://yfsla.com/
Effective URL: https://secureupdatewarning.com/av/1/?avbrand=mcafee&ofrurl=12&s1=hs55&s2=238366223&s3=ts10065-sms-av-us&c=0.0&click=1709905366....
Submission: On March 08 via api from US — Scanned from US
Effective URL: https://secureupdatewarning.com/av/1/?avbrand=mcafee&ofrurl=12&s1=hs55&s2=238366223&s3=ts10065-sms-av-us&c=0.0&click=1709905366....
Submission: On March 08 via api from US — Scanned from US
Summary
This website contacted 4 IPs
in 2 countries
across 7 domains to perform 18 HTTP transactions.
The main IP is 91.224.59.26, located in
Czech Republic and
belongs to FIBERTEL-AS # upstreams, CZ.
The main domain is secureupdatewarning.com.
TLS certificate: Issued by R3 on March 3rd 2024. Valid for: 3 months.
This is the only time secureupdatewarning.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on March 3rd 2024. Valid for: 3 months.
This is the only time secureupdatewarning.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 47.253.35.191 47.253.35.191 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
| 1 1 | 34.232.73.186 34.232.73.186 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 1 | 84.32.131.67 84.32.131.67 | 204770 (CHERRYSER...) (CHERRYSERVERS3-AS) | |
| 1 13 | 91.224.59.26 91.224.59.26 | 50833 (FIBERTEL-...) (FIBERTEL-AS # upstreams) | |
| 1 | 2607:f8b0:400... 2607:f8b0:4006:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
| 3 | 2606:4700:e6:... 2606:4700:e6::ac40:cf26 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 2607:f8b0:400... 2607:f8b0:4006:81f::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 18 | 4 |
1
47.253.35.191
(United States)
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
| yfsla.com |
1
34.232.73.186
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-73-186.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-73-186.compute-1.amazonaws.com
| track.birdsandwedges.com |
13
91.224.59.26
(Czech Republic)
ASN50833 (FIBERTEL-AS # upstreams, CZ)
PTR: ip-91-224-58-26.fibtel.net
ASN50833 (FIBERTEL-AS # upstreams, CZ)
PTR: ip-91-224-58-26.fibtel.net
| secureupdatewarning.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 13 |
secureupdatewarning.com
1 redirects
secureupdatewarning.com |
124 KB |
| 3 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 973 |
84 KB |
| 2 |
gstatic.com
fonts.gstatic.com |
31 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30 |
1 KB |
| 1 |
horegari.com
1 redirects
go.horegari.com — Cisco Umbrella Rank: 893431 |
279 B |
| 1 |
birdsandwedges.com
1 redirects
track.birdsandwedges.com — Cisco Umbrella Rank: 782818 |
809 B |
| 1 |
yfsla.com
1 redirects
yfsla.com |
536 B |
| 18 | 7 |
| Domain | Requested by | |
|---|---|---|
| 13 | secureupdatewarning.com |
1 redirects
secureupdatewarning.com
|
| 3 | use.fontawesome.com |
secureupdatewarning.com
use.fontawesome.com |
| 2 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | fonts.googleapis.com |
secureupdatewarning.com
|
| 1 | go.horegari.com | 1 redirects |
| 1 | track.birdsandwedges.com | 1 redirects |
| 1 | yfsla.com | 1 redirects |
| 18 | 7 |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| secureupdatewarning.com R3 |
2024-03-03 - 2024-06-01 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
| use.fontawesome.com Cloudflare Inc ECC CA-3 |
2023-10-12 - 2024-10-10 |
a year | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2024-02-05 - 2024-04-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://secureupdatewarning.com/av/1/?avbrand=mcafee&ofrurl=12&s1=hs55&s2=238366223&s3=ts10065-sms-av-us&c=0.0&click=1709905366.826921-238366223-89957&s4=89957
Frame ID: 81082D6B16467EEA07C283FF8CF192D5
Requests: 18 HTTP requests in this frame
Screenshot
Page Title
Your McAfee subscription has expiredPage URL History Show full URLs
-
http://yfsla.com/
HTTP 302
http://track.birdsandwedges.com/9b1ed9eb-66a9-40ac-8a87-02125c8ad182?%7Bvar3%7D=EMPTY HTTP 302
http://go.horegari.com/ts10065-sms-av-us?clickid=wjm19nq2aludednvio4l8p5o HTTP 302
https://secureupdatewarning.com/av/1?avbrand=mcafee&ofrurl=12&s1=hs55&s2=238366223&s3=ts10065-sms-av-us&c=0.... HTTP 301
https://secureupdatewarning.com/av/1/?avbrand=mcafee&ofrurl=12&s1=hs55&s2=238366223&s3=ts10065-sms-av-us&c=0... Page URL
Detected technologies
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://ctrck.com/bb246a40-0633-46c7-ad3b-cba2ece6f2bf?avbrand=mcafee&ofrurl=12&s1=hs55&s2=238366223&s3=ts10065-sms-av-us&c=0.0&click=1709905366.826921-238366223-89957&s4=89957
Title: Renew Subscription
Title: Renew Subscription
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://yfsla.com/
HTTP 302
http://track.birdsandwedges.com/9b1ed9eb-66a9-40ac-8a87-02125c8ad182?%7Bvar3%7D=EMPTY HTTP 302
http://go.horegari.com/ts10065-sms-av-us?clickid=wjm19nq2aludednvio4l8p5o HTTP 302
https://secureupdatewarning.com/av/1?avbrand=mcafee&ofrurl=12&s1=hs55&s2=238366223&s3=ts10065-sms-av-us&c=0.0&click=1709905366.826921-238366223-89957&s4=89957 HTTP 301
https://secureupdatewarning.com/av/1/?avbrand=mcafee&ofrurl=12&s1=hs55&s2=238366223&s3=ts10065-sms-av-us&c=0.0&click=1709905366.826921-238366223-89957&s4=89957 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
secureupdatewarning.com/av/1/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
f182237388.js
secureupdatewarning.com/av/1/src/ |
9 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
f182237388.css
secureupdatewarning.com/av/1/src/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-3.6.0.min.js
secureupdatewarning.com/av/1/src/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
secureupdatewarning.com/av/1/src/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dynamicContent.js
secureupdatewarning.com/av/1/src/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
norton.png
secureupdatewarning.com/av/1/src/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
norton2.png
secureupdatewarning.com/av/1/src/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
t.js
secureupdatewarning.com/av/1/pixel/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f182237388.css
use.fontawesome.com/ |
1 KB 873 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ |
75 KB 76 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
secureupdatewarning.com/av/1/pixel/ |
26 B 361 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mcafee.png
secureupdatewarning.com/av/1/src/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mcafee2.png
secureupdatewarning.com/av/1/src/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| FontAwesomeCdnConfig string| cssUrl function| $ function| jQuery function| detectDevice3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .track.birdsandwedges.com/ | Name: 9b1ed9eb-66a9-40ac-8a87-02125c8ad182-v4 Value: lB88tNkErPBYpDajGo3cD26Im_7iQhc6B1O0nNPUbws |
|
| .track.birdsandwedges.com/ | Name: cc-v4 Value: LTv849ZPIQ5IWz6r63PWMEokIhgY4em43ET%2Fvh3stockQfiEktv1Le7lcstHy9urKYeHnWq1AIaZm4op47XKQOndSWnLW497QAa3LRcxzHhThoZBLhJjCQPmWxMay6zryvNj7Sim%2BGTlvUDhjPTl%2FA%3D%3D |
|
| secureupdatewarning.com/ | Name: PHPSESSID Value: ai7l1t1qs33fll3e7235jeeal4 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
go.horegari.com
secureupdatewarning.com
track.birdsandwedges.com
use.fontawesome.com
yfsla.com
2606:4700:e6::ac40:cf26
2607:f8b0:4006:80b::200a
2607:f8b0:4006:81f::2003
34.232.73.186
47.253.35.191
84.32.131.67
91.224.59.26
0bd236468153e84c922df130048063f28e6c0b86f18325bbb049cfaaa176ac0b
17a532a8737870a49a4051a5f5b5bb124d643ba701c764e5c437a8e644401bc6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2eb5a91332faaf20ca1c4ca2583371cd8388122a0ed8ba95b3bb4504af8a03f5
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
5988eb6ce333327f3e7a8d1baff12ed73a177c05784f937fe3368e91d698a411
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5fc81f26f3ae5cce9fffb7bf98e91a71210defe0a685ba8eff16ce863524a131
88d31598bb9d6b595dfffa638611cca502bcf8eabeaa747f4904c0df0a013cbf
95881e5529a4da2df42f5440134b3aab3834b3e4090771980f59876a0af6c10f
aa0dbf14bdb8849bbc19de1e2743d95a3e5ac95ac9eeee16ef266a8dcae65eed
d25f2e5b6844e649547b9ba4ea7e167d62a1d7de816429d5899214ae19fbecae
d6beffa4c06a03e010a2e50fb20475e522dcc99afbba57b09acfa27fbe1050f8
dc6297763a51525087438ba49b813365cb81e328ecee69bfee191369e62f6663
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e