agabreloomr.com
Open in
urlscan Pro
139.45.197.151
Public Scan
Effective URL: https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0&rdc=2
Submission: On November 02 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on August 31st 2022. Valid for: 3 months.
This is the only time agabreloomr.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 104.21.64.52 104.21.64.52 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 18.66.122.86 18.66.122.86 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 137.74.247.34 137.74.247.34 | 16276 (OVH) (OVH) | |
1 | 35.201.127.73 35.201.127.73 | 15169 (GOOGLE) (GOOGLE) | |
2 2 | 35.201.117.228 35.201.117.228 | 15169 (GOOGLE) (GOOGLE) | |
5 | 139.45.197.151 139.45.197.151 | 9002 (RETN-AS) (RETN-AS) | |
6 | 139.45.197.251 139.45.197.251 | 9002 (RETN-AS) (RETN-AS) | |
2 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
14 | 5 |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-86.fra60.r.cloudfront.net
waytogypts.xyz |
ASN16276 (OVH, FR)
PTR: ip34.ip-137-74-247.eu
tm-offers.gamingadult.com |
ASN15169 (GOOGLE, US)
PTR: 73.127.201.35.bc.googleusercontent.com
www.trafyield.com |
ASN15169 (GOOGLE, US)
PTR: 228.117.201.35.bc.googleusercontent.com
dexchangeinc.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
yonhelioliskor.com
yonhelioliskor.com — Cisco Umbrella Rank: 50625 |
56 KB |
5 |
agabreloomr.com
agabreloomr.com — Cisco Umbrella Rank: 142368 |
23 KB |
2 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 7322 |
1 KB |
2 |
dexchangeinc.com
2 redirects
dexchangeinc.com — Cisco Umbrella Rank: 85445 |
1 KB |
1 |
trafyield.com
www.trafyield.com — Cisco Umbrella Rank: 897720 |
3 KB |
1 |
gamingadult.com
1 redirects
tm-offers.gamingadult.com — Cisco Umbrella Rank: 103838 |
144 B |
1 |
waytogypts.xyz
1 redirects
waytogypts.xyz — Cisco Umbrella Rank: 207983 |
754 B |
1 |
kirutotukam.com
1 redirects
kirutotukam.com — Cisco Umbrella Rank: 320734 |
661 B |
14 | 8 |
Domain | Requested by | |
---|---|---|
6 | yonhelioliskor.com |
agabreloomr.com
yonhelioliskor.com |
5 | agabreloomr.com |
www.trafyield.com
agabreloomr.com |
2 | my.rtmark.net |
yonhelioliskor.com
|
2 | dexchangeinc.com | 2 redirects |
1 | www.trafyield.com | |
1 | tm-offers.gamingadult.com | 1 redirects |
1 | waytogypts.xyz | 1 redirects |
1 | kirutotukam.com | 1 redirects |
14 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
agabreloomr.com R3 |
2022-08-31 - 2022-11-29 |
3 months | crt.sh |
yonhelioliskor.com R3 |
2022-10-18 - 2023-01-16 |
3 months | crt.sh |
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA |
2021-11-20 - 2022-11-26 |
a year | crt.sh |
This page contains 1 frames:
Frame:
https://agabreloomr.com/4/4470221/?rhd=1&var=2266485-2658448306-0&var3=$166739473209990TDETV424540911184V09
Frame ID: 1919690EA3929D8BC7A817D65A1E25A9
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Zulassen drückenPage URL History Show full URLs
-
https://kirutotukam.com/?ts=1667394322335&id=344
HTTP 302
http://waytogypts.xyz/redirect?tid=959637&ref=android-traffic.com HTTP 302
https://tm-offers.gamingadult.com/?offer=3703&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=39456525186950898... HTTP 302
http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID} Page URL
-
http://dexchangeinc.com/jump/next.php?stamat=m%257C%252Co43NWIiPqB1dAN0dEdHP3xP.6c1%252C7H0PozvLiGV-...
HTTP 302
http://dexchangeinc.com/script/i.php?stamat=m%257C%252C%252CAiI293J6oGU3BP-GH0dEdHP3xP.46b%252C9JgYV... HTTP 302
https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-26584483... Page URL
- https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-26584483... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://kirutotukam.com/?ts=1667394322335&id=344
HTTP 302
http://waytogypts.xyz/redirect?tid=959637&ref=android-traffic.com HTTP 302
https://tm-offers.gamingadult.com/?offer=3703&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=394565251869508984&subid2=959637 HTTP 302
http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID} Page URL
-
http://dexchangeinc.com/jump/next.php?stamat=m%257C%252Co43NWIiPqB1dAN0dEdHP3xP.6c1%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRojzCFppeyuyNUcXIWTpr4qOisK9egWq4Gte5gsBu4kffU2AzdwAGhiKkUksdmpj4g%252C&cbpage=http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}&cbur=0.0374198252291984&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
HTTP 302
http://dexchangeinc.com/script/i.php?stamat=m%257C%252C%252CAiI293J6oGU3BP-GH0dEdHP3xP.46b%252C9JgYVKfVxhkRVWw4EfmAV20Y3uLJs25DSlKhGH_TXOQeRgDYUZjnsxzM_lRsEmTgASYS006Y1EBVP3s3uosPSRn4SI58BNtE6O2An63yHYhLIEEiIsPfmi0BY5p8QDLFoxI7wPIaLmPT0zR6ljySt2e5-FlKblfVZvjdQhlVTFzgqawY_7UfJgDdtxJJfywtA0Hrj6NcNbBl5I97WpZLC5Q-K7Emu4AHdvghX6FA4yBDTGdXmtcjlcED9AbBZRR1bkQgyZasdqN9e8Dbccj9i1y-BRUX_jAc-oPC0-xit3kXTXgzSuVmMkvAkICX-RB4SMplviWq6As0yW1TELPjTZ_0PN8JgTCQf_ViIp34DN2TrJK2BnlcomXADFzqZ0ex59wW20Zya9kPKLeEnHmRJpuGwJS3CW1g7kF4SQlAlD7t8b1DuirZSqH49qWkXWdWxOfu6LYR9cJ1EB-1lJs_GkH4dUc7Ts48PpM-kVQ5HrgJmdOjp2VBcMM17NLnSiYivFcm-iJiVJjseEeA_JFStwB4zRZpidSFNvV9kQU40YI-qF5rVe0tIhwlEomnhEwgheFe5nnQ099L-zDXSYL2CaiqOzTRtVQ1VtB8eU2sWgnE-OvNvE4Tx07zZVa-Aacq HTTP 302
https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0 Page URL
- https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0&rdc=2 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://kirutotukam.com/?ts=1667394322335&id=344 HTTP 302
- http://waytogypts.xyz/redirect?tid=959637&ref=android-traffic.com HTTP 302
- https://tm-offers.gamingadult.com/?offer=3703&uid=1b428417-5a71-4589-b1e9-809f2b9dbee1&subid=394565251869508984&subid2=959637 HTTP 302
- http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}
- http://dexchangeinc.com/jump/next.php?stamat=m%257C%252Co43NWIiPqB1dAN0dEdHP3xP.6c1%252C7H0PozvLiGV-YkDx825CHjXHsSctWIGDQyh13bePJRojzCFppeyuyNUcXIWTpr4qOisK9egWq4Gte5gsBu4kffU2AzdwAGhiKkUksdmpj4g%252C&cbpage=http://www.trafyield.com/jump/next.php?r=2266483&pub_clickid=${UNIQUE_ID}&sub1=${CHANNEL_ID}&cbur=0.0374198252291984&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref= HTTP 302
- http://dexchangeinc.com/script/i.php?stamat=m%257C%252C%252CAiI293J6oGU3BP-GH0dEdHP3xP.46b%252C9JgYVKfVxhkRVWw4EfmAV20Y3uLJs25DSlKhGH_TXOQeRgDYUZjnsxzM_lRsEmTgASYS006Y1EBVP3s3uosPSRn4SI58BNtE6O2An63yHYhLIEEiIsPfmi0BY5p8QDLFoxI7wPIaLmPT0zR6ljySt2e5-FlKblfVZvjdQhlVTFzgqawY_7UfJgDdtxJJfywtA0Hrj6NcNbBl5I97WpZLC5Q-K7Emu4AHdvghX6FA4yBDTGdXmtcjlcED9AbBZRR1bkQgyZasdqN9e8Dbccj9i1y-BRUX_jAc-oPC0-xit3kXTXgzSuVmMkvAkICX-RB4SMplviWq6As0yW1TELPjTZ_0PN8JgTCQf_ViIp34DN2TrJK2BnlcomXADFzqZ0ex59wW20Zya9kPKLeEnHmRJpuGwJS3CW1g7kF4SQlAlD7t8b1DuirZSqH49qWkXWdWxOfu6LYR9cJ1EB-1lJs_GkH4dUc7Ts48PpM-kVQ5HrgJmdOjp2VBcMM17NLnSiYivFcm-iJiVJjseEeA_JFStwB4zRZpidSFNvV9kQU40YI-qF5rVe0tIhwlEomnhEwgheFe5nnQ099L-zDXSYL2CaiqOzTRtVQ1VtB8eU2sWgnE-OvNvE4Tx07zZVa-Aacq HTTP 302
- https://agabreloomr.com/?l=uDMZTXJiMzarH2i&s=$166739473209990TDETV424540911184V09&z=2266485-2658448306-0
14 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
next.php
www.trafyield.com/jump/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
agabreloomr.com/ Redirect Chain
|
18 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
micro.tag.min.js
yonhelioliskor.com/pfe/current/ |
76 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
agabreloomr.com/ |
2 B 301 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
zone
yonhelioliskor.com/ |
0 252 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gid.js
my.rtmark.net/ |
65 B 544 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zone
yonhelioliskor.com/ |
730 B 1018 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
agabreloomr.com/ |
18 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
micro.tag.min.js
yonhelioliskor.com/pfe/current/ |
76 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
agabreloomr.com/ |
2 B 301 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
zone
yonhelioliskor.com/ |
0 252 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gid.js
my.rtmark.net/ |
65 B 543 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zone
yonhelioliskor.com/ |
730 B 1016 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
agabreloomr.com/4/4470221/ |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| alphabet string| subdomain function| randomInt string| mtPushZone string| mtS string| mtZ string| mtTargetUrl string| mtDebug string| mtRDC string| mtUHD string| srcDomain function| redirect object| mtScript function| updateURLParameter object| ntfcSDK object| zfgformats4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
kirutotukam.com/ | Name: _ctid Value: 4010870372 |
|
waytogypts.xyz/ | Name: csu Value: 5adf6336-7270-4c44-9756-95122024e9ff |
|
my.rtmark.net/ | Name: ID Value: f6fd5fe313e14ef29aea9eae993fedaf |
|
agabreloomr.com/ | Name: reverse Value: rnZsPs9YwtqVUGDK31a0BGad4MNQFPdWhXWxN-3vITE |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
agabreloomr.com
dexchangeinc.com
kirutotukam.com
my.rtmark.net
tm-offers.gamingadult.com
waytogypts.xyz
www.trafyield.com
yonhelioliskor.com
104.21.64.52
137.74.247.34
139.45.195.8
139.45.197.151
139.45.197.251
18.66.122.86
35.201.117.228
35.201.127.73
0091781d32fa208d9cb4ad29cd18a8ac200d3a505f2c7df847573eb05c6a47f6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
601d33b3e3ab49ff30d2c602d9301c8da06afc5a4ad9b291e1e2128a85215648
6600e628d105299a9954bb85edc818356f1ec6136ba5d503dc39b2b3de8526c7
ca4589208ce9cb3c52e768d28b70ee3e5e802314831515364368f2ae81086df4
d421d993139b75ff65f8d96f70675459011aefa15e4f2a87488ba43bde293658
d98b029d0ff88e0723d8787f451809863c5a9708162d414a62af49a81f9b9e09
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855