urlscan.io logo urlscan.io
SecurityTrails logo

da.mergedagonal.com Open in urlscan Pro
173.0.146.205  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7335783585871298681&website=15494-b849e9c5&plac...
Effective URL: https://da.mergedagonal.com/iZQuvNpIRld5Z/eLNoE?subid=268604
Submission: On February 20 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 4 countries across 5 domains to perform 2 HTTP transactions. The main IP is 173.0.146.205, located in United States and belongs to SERVERS-COM, US. The main domain is da.mergedagonal.com. The Cisco Umbrella rank of the primary domain is 981552.
TLS certificate: Issued by R3 on February 8th 2024. Valid for: 3 months.
This is the only time da.mergedagonal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 3 51.68.85.158 16276 (OVH)
1 1 104.26.6.190 13335 (CLOUDFLAR...)
1 1 51.161.115.163 16276 (OVH)
1 1 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 173.0.146.205 7979 (SERVERS-COM)
2 2
3    51.68.85.158 (France)

ASN16276 (OVH, FR)
cimentbuilder.one
1    104.26.6.190 (None, )

ASN13335 (CLOUDFLARENET, US)
admoustache.aftrad-visit.com
1    51.161.115.163 (Canada)

ASN16276 (OVH, FR)
PTR: ns572483.ip-51-161-115.net
t3.blowingwnd.com
1    2604:9e00:1:129::2:b2a (United States)

ASN27257 (WEBAIR-INTERNET, US)
go.savethereef.xyz
1    173.0.146.205 (United States)

ASN7979 (SERVERS-COM, US)
da.mergedagonal.com
Apex Domain
Subdomains		 Transfer
3 cimentbuilder.one
cimentbuilder.one
5 KB
1 mergedagonal.com
da.mergedagonal.com — Cisco Umbrella Rank: 981552
6 KB
1 savethereef.xyz
go.savethereef.xyz — Cisco Umbrella Rank: 370075
214 B
1 blowingwnd.com
t3.blowingwnd.com
486 B
1 aftrad-visit.com
admoustache.aftrad-visit.com
554 B
2 5
Domain Requested by
3 cimentbuilder.one 2 redirects
1 da.mergedagonal.com cimentbuilder.one
1 go.savethereef.xyz 1 redirects
1 t3.blowingwnd.com 1 redirects
1 admoustache.aftrad-visit.com 1 redirects
2 5

This site contains no links.

Subject Issuer Validity Valid
da.mergedagonal.com
R3		 2024-02-08 -
2024-05-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://da.mergedagonal.com/iZQuvNpIRld5Z/eLNoE?subid=268604
Frame ID: 62BFC6875C8F5CCFA5E01BD855219519
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7335783585871298681&website... Page URL
  2. http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7335783585871298681&website... HTTP 302
    http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7335783585871298681&website... HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330001... HTTP 302
    https://t3.blowingwnd.com/l.php?p=c:btrsnl901aaqozhg8&d=65ce2e32e492740f6e0cacf0&pid=201PMXKpfHm5ig51J... HTTP 302
    https://go.savethereef.xyz/redirect?feed=642698&url=t3.blowingwnd.com&subid=1B7fmUHKE&query=&pub_clicki... HTTP 302
    https://da.mergedagonal.com/iZQuvNpIRld5Z/eLNoE?subid=268604 Page URL

Page Statistics

2
Requests

50 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

2
IPs

4
Countries

10 kB
Transfer

16 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7335783585871298681&website=15494-b849e9c5&placement=15494 Page URL
  2. http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7335783585871298681&website=15494-b849e9c5&placement=15494&eyeg=f49a132d664ed79a12349778a0c70101&eyer=0.1261058512553992&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
    http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7335783585871298681&website=15494-b849e9c5&placement=15494&eyeg=3&eyer=0.1261058512553992&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef= HTTP 302
    https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330001cf8307da40765006dbcdbffcfd044320220-202402-flb*5738009-ccc5a*m7335783585871298681*sl_5738009-ccc5a*e58a44160004688b89ffdc3564b79dd0ac918907*15494-b849e9c5*15494 HTTP 302
    https://t3.blowingwnd.com/l.php?p=c:btrsnl901aaqozhg8&d=65ce2e32e492740f6e0cacf0&pid=201PMXKpfHm5ig51JfKy1RbCboHJvh1z6NMy3AQPsR8bUZiRvRBoitBWhYu2Lu2R87uKhU&s=1B7fmUHKE HTTP 302
    https://go.savethereef.xyz/redirect?feed=642698&url=t3.blowingwnd.com&subid=1B7fmUHKE&query=&pub_clickid=65d5166d91fe3e5dda1ddb7a&default_url=https%3A%2F%2Ft1.hightid.com%2Fr.php%3Fp%3Dc%3As_8942pgf_9qrwlx0%26d%3D653c9411464a4419c012ddb2%26s%3D%7Bpubfeed%7D%26d2%3D%7Breferrer_domain%7D HTTP 302
    https://da.mergedagonal.com/iZQuvNpIRld5Z/eLNoE?subid=268604 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
cimentbuilder.one/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7335783585871298681&website=15494-b849e9c5&placement=15494
Protocol
HTTP/1.1
Server
51.68.85.158 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Tue, 20 Feb 2024 21:15:23 GMT
Transfer-Encoding
chunked
Primary Request eLNoE
da.mergedagonal.com/iZQuvNpIRld5Z/
Redirect Chain
  • http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7335783585871298681&website=15494-b849e9c5&placement=15494&eyeg=f49a132d664ed79a12349778a0c70101&eyer=0.1261058512553992&ey...
  • http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7335783585871298681&website=15494-b849e9c5&placement=15494&eyeg=3&eyer=0.1261058512553992&eyei=0&eyew=1600&eyeh=1200&eyetd=...
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330001cf8307da40765006dbcdbffcfd044320220-202402-flb*5738009-ccc5a*m7335783585871298681*sl...
  • https://t3.blowingwnd.com/l.php?p=c:btrsnl901aaqozhg8&d=65ce2e32e492740f6e0cacf0&pid=201PMXKpfHm5ig51JfKy1RbCboHJvh1z6NMy3AQPsR8bUZiRvRBoitBWhYu2Lu2R87uKhU&s=1B7fmUHKE
  • https://go.savethereef.xyz/redirect?feed=642698&url=t3.blowingwnd.com&subid=1B7fmUHKE&query=&pub_clickid=65d5166d91fe3e5dda1ddb7a&default_url=https%3A%2F%2Ft1.hightid.com%2Fr.php%3Fp%3Dc%3As_8942pg...
  • https://da.mergedagonal.com/iZQuvNpIRld5Z/eLNoE?subid=268604
11 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://da.mergedagonal.com/iZQuvNpIRld5Z/eLNoE?subid=268604
Requested by
Host: cimentbuilder.one
URL: http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7335783585871298681&website=15494-b849e9c5&placement=15494
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
173.0.146.205 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
165f265cf2e04e762511152fb1198d443046b6fde46d1f4eac213f0e7c8496c0
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
http://cimentbuilder.one/?sl=5738009-ccc5a&data1=track1&data2=track2&tag=m7335783585871298681&website=15494-b849e9c5&placement=15494
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Feb 2024 21:15:25 GMT
Keep-Alive
timeout=20
Server
nginx
Strict-Transport-Security
max-age=1
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Feb 2024 21:15:25 GMT
Location
https://da.mergedagonal.com/iZQuvNpIRld5Z/eLNoE?subid=268604
Server
nginx

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
da.mergedagonal.com/ Name: GL_UI4
Value: eJw9jU1ugzAYRPknaQPtSBygR8CkULKscogukcFfiBuwI%2BOCevtaldrVPI3eaDzPC4on%2BGuyR%2FjFa7ywpqypObXH09C3jJdvTX2sL6x9raq2bqoKe7l0lvcT2Qi7ZebGdnaNcBhJkZFDN2hBGZ6d9dfclN5UhLg3XIkM8eyMKUPaG70tZIoQkeIzITlfjXYZz%2FxTG4SsYo6lcuyXCPRShPkD0g%2BphBvmBwSszPPEw%2BN94vaizdxJkfiIR8MFwX%2FHbuCWRm2%2BkQpablbfAT2J7t%2F%2F%2FQ03ViIRtMrBnWt7JfMDBERNFA%3D%3D
da.mergedagonal.com/ Name: GL_GI10
Value: eJwNzDEKg0AQBdCdAZVALD4xvScQVovYC1ZJJR5gUZEB3ZF1k%2FPH4rXPGMPFHSwH8qatbFNX1rbVqwat4HEATx756CUuczlEF5cTFMD9Gxw8sn7TILMDTUg%2B4nYBCZ6drouPZaf7%2FvUyuSjqT%2FDl1mk4NFwP6EgJHDVLwOdcGNAvffwBYRUjLA%3D%3D

1 Console Messages

Source Level URL
Text
javascript warning URL: https://da.mergedagonal.com/iZQuvNpIRld5Z/eLNoE?subid=268604(Line 9)
Message:
Scripts may close only the windows that were opened by them.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admoustache.aftrad-visit.com
cimentbuilder.one
da.mergedagonal.com
go.savethereef.xyz
t3.blowingwnd.com
104.26.6.190
173.0.146.205
2604:9e00:1:129::2:b2a
51.161.115.163
51.68.85.158
165f265cf2e04e762511152fb1198d443046b6fde46d1f4eac213f0e7c8496c0