spellads.com
Open in
urlscan Pro
185.49.85.110
Public Scan
Submission: On December 21 via api from US — Scanned from DE
Summary
This is the only time spellads.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 185.49.85.110 185.49.85.110 | 43754 (ASIATECH) (ASIATECH) | |
3 | 185.143.234.120 185.143.234.120 | 205585 (ARVANCLOU...) (ARVANCLOUD-CDN-) | |
1 | 185.166.104.3 185.166.104.3 | 202319 (CAFEBAZAAR) (CAFEBAZAAR) | |
1 5 | 185.143.233.120 185.143.233.120 | 205585 (ARVANCLOU...) (ARVANCLOUD-CDN-) | |
1 | 51.83.105.55 51.83.105.55 | 16276 (OVH) (OVH) | |
10 | 5 |
ASN205585 (ARVANCLOUD-CDN-, IR)
ua.yektanet.com | |
audience.yektanet.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
yektanet.com
1 redirects
cdn.yektanet.com — Cisco Umbrella Rank: 63126 ua.yektanet.com — Cisco Umbrella Rank: 68841 audience.yektanet.com — Cisco Umbrella Rank: 72474 |
18 KB |
4 |
najva.com
van.najva.com — Cisco Umbrella Rank: 116443 cookie.najva.com — Cisco Umbrella Rank: 506429 |
49 KB |
1 |
spellads.com
spellads.com |
839 B |
10 | 3 |
Domain | Requested by | |
---|---|---|
4 | ua.yektanet.com |
1 redirects
cdn.yektanet.com
ua.yektanet.com |
3 | van.najva.com |
spellads.com
van.najva.com |
1 | audience.yektanet.com |
cdn.yektanet.com
|
1 | cookie.najva.com | |
1 | cdn.yektanet.com |
van.najva.com
|
1 | spellads.com | |
10 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
van.najva.com R3 |
2023-10-16 - 2024-01-14 |
3 months | crt.sh |
cdn.yektanet.com R3 |
2023-11-27 - 2024-02-25 |
3 months | crt.sh |
yektanet.com R3 |
2023-10-15 - 2024-01-13 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
http://spellads.com/
Frame ID: B6C362E8CD5919FF7094FD6DFF6A4506
Requests: 8 HTTP requests in this frame
Frame:
https://ua.yektanet.com/cookie/iframe/
Frame ID: B3EC4D4E39CF3F7B65EB3F34D9046713
Requests: 2 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://ua.yektanet.com/pixel?id=njv-email HTTP 302
- https://cookie.najva.com/matching/?yektanet_user_id=ec5d8aa6-c97c-4a8d-9cc3-9f13b842d350&njc=
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
spellads.com/ |
1 KB 839 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
local-messaging.css
van.najva.com/static/cdn/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-website410895-website-51158-3d354d16-3709-428d-b12f-009781800221.js
van.najva.com/static/js/scripts/ |
180 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-website410895-website-51158-3d354d16-3709-428d-b12f-009781800221.json
van.najva.com/static/js/scripts/ |
3 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
complete.js
cdn.yektanet.com/rg_woebegone/scripts_v4/pijZHGAR/ |
43 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cookie.najva.com/matching/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
audience.yektanet.com/api/v1/scripts/preview/validate/ |
5 B 442 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
ua.yektanet.com/cookie/iframe/ Frame B3EC |
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
__fake.gif
ua.yektanet.com/ |
42 B 688 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
set
ua.yektanet.com/cookie/ Frame B3EC |
74 B 797 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 string| configFile object| Najva object| ynWebpackJsonp boolean| yektanet_ua-script-pijZHGAR_is_loaded function| yektanet7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.yektanet.com/ | Name: gearbox_ad_token Value: ec5d8aa6-c97c-4a8d-9cc3-9f13b842d350 |
|
.yektanet.com/ | Name: analytics_global_token Value: ec5d8aa6-c97c-4a8d-9cc3-9f13b842d350 |
|
spellads.com/ | Name: analytics_token Value: 933a0eb4-c35b-f053-45d6-95952f7462d7 |
|
spellads.com/ | Name: analytics_session_token Value: c4102b49-9917-8545-834b-e422bf327ce2 |
|
spellads.com/ | Name: yektanet_session_last_activity Value: 12/21/2023 |
|
spellads.com/ | Name: _yngt_iframe Value: 1 |
|
spellads.com/ | Name: _yngt Value: ec5d8aa6-c97c-4a8d-9cc3-9f13b842d350 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
audience.yektanet.com
cdn.yektanet.com
cookie.najva.com
spellads.com
ua.yektanet.com
van.najva.com
185.143.233.120
185.143.234.120
185.166.104.3
185.49.85.110
51.83.105.55
1cf0812509c5938bfe6604f9d05c2618f40cda4a15b3f6953c534eb346fa6fd3
47bc06af8c5cc306fa3dbd09f66ddeef0743f5e68f972b8d60aa9596eb48af23
484ac1557316809102bc68e7d4b2310c43ac896352e33e7aeda1015f1f47f90c
5456146fcd0c934436c0fcb3855719e3d9bed96cb15f27dee2f11b89df20ac71
aa13018609b6c07644a4c01a79916410831b69e1db35aa3d03ed8f77154ead67
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec23baab8cd3483c4877e0e191853c7566fef52363c7abf347286f63a93b9c99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
ff8555f136d630f445e51b84fbbd12f9564f637f5b754a433b476a362779ff87