![](/screenshots/894ad8f5-28e5-4c79-bbdd-99b4d5a8827f.png)
www.sekuru.click
Open in
urlscan Pro
164.90.196.46
Public Scan
Effective URL: https://www.sekuru.click/01spaiPjDVni2fSJdhgE6ewUXB/?ip=217.114.218.27&lpkey=160f854d510f194d55&thjp=ZGFpbHlzZWFyY2huZXdz...
Submission: On May 31 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 10th 2023. Valid for: 3 months.
This is the only time www.sekuru.click was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 45.132.1.73 45.132.1.73 | 199785 (CHSN-AS) (CHSN-AS) | |
1 | 185.177.94.194 185.177.94.194 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
1 | 185.177.94.180 185.177.94.180 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
8 | 185.177.94.42 185.177.94.42 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
1 | 185.177.92.29 185.177.92.29 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
1 1 | 164.90.194.65 164.90.194.65 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 2 | 195.201.221.45 195.201.221.45 | 24940 (HETZNER-AS) (HETZNER-AS) | |
3 | 164.90.196.46 164.90.196.46 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
18 | 9 |
ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-194.ah-server.com
majormedialink.com |
ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-180.ah-server.com
au01.bid |
ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-42.ah-server.com
lan05.biz |
ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-92-29.ah-server.com
racetrack.top |
ASN24940 (HETZNER-AS, DE)
PTR: static.45.221.201.195.clients.your-server.de
dailysearchnews.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
lan05.biz
lan05.biz |
50 KB |
3 |
sekuru.click
www.sekuru.click |
219 KB |
2 |
dailysearchnews.com
1 redirects
dailysearchnews.com |
609 B |
2 |
restorex.tech
restorex.tech |
1 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 199 |
27 KB |
1 |
dm9.biz
1 redirects
dm9.biz — Cisco Umbrella Rank: 874435 |
492 B |
1 |
racetrack.top
racetrack.top |
65 KB |
1 |
au01.bid
au01.bid |
65 KB |
1 |
majormedialink.com
majormedialink.com |
15 KB |
18 | 9 |
Domain | Requested by | |
---|---|---|
8 | lan05.biz |
restorex.tech
lan05.biz |
3 | www.sekuru.click |
restorex.tech
www.sekuru.click |
2 | dailysearchnews.com |
1 redirects
www.sekuru.click
|
2 | restorex.tech |
restorex.tech
|
1 | cdnjs.cloudflare.com |
www.sekuru.click
|
1 | dm9.biz | 1 redirects |
1 | racetrack.top |
restorex.tech
|
1 | au01.bid |
restorex.tech
|
1 | majormedialink.com | |
18 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
restorex.tech R3 |
2023-05-31 - 2023-08-29 |
3 months | crt.sh |
majorpushme1.com R3 |
2023-05-17 - 2023-08-15 |
3 months | crt.sh |
0.allowww.com R3 |
2023-05-01 - 2023-07-30 |
3 months | crt.sh |
0.lan04.biz R3 |
2023-04-05 - 2023-07-04 |
3 months | crt.sh |
0.racetrack.top R3 |
2023-04-05 - 2023-07-04 |
3 months | crt.sh |
www.mickeu.click R3 |
2023-05-10 - 2023-08-08 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
dailysearchnews.com R3 |
2023-05-14 - 2023-08-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.sekuru.click/01spaiPjDVni2fSJdhgE6ewUXB/?ip=217.114.218.27&lpkey=160f854d510f194d55&thjp=ZGFpbHlzZWFyY2huZXdzLmNvbQ&uclick=c8a74psy&uclickhash=c8a74psy-c8a74psy-bzfn-uowj-oj52-2ta1wj-2txodz-d5bb16
Frame ID: CBA5A8892CD5F0146119DF14B863E9AC
Requests: 21 HTTP requests in this frame
Screenshot
![](/screenshots/894ad8f5-28e5-4c79-bbdd-99b4d5a8827f.png)
Page Title
Turn On Antivirus ProtectionPage URL History Show full URLs
- https://restorex.tech/ Page URL
- http://restorex.tech/ Page URL
- https://majormedialink.com/?p=ga4gmobwmy5gi3bpgq3tgny&sub1=%D1%81%D1%81%D1%81 Page URL
- https://au01.bid/go/mi4tgnbumy5dsmjzg4?subid1=%D1%81 Page URL
- https://lan05.biz/?p=gntdoobvmm5gi3bpgy3toni&sub1=hhh Page URL
- https://racetrack.top/go/gu4dmmjvgm5dcmzq Page URL
-
https://dm9.biz/?auf=gjtggzjymi5dgmjxf4ytgmbphaxtezrxha2dcn3df4zdilzrgy4dknjrge3dkna&p=l&sub...
HTTP 302
https://dailysearchnews.com/click.php?key=wer6k43xdure203h0e41&clickid=730d2c97-1194-47c2-8df8-c15297c50... HTTP 302
https://www.sekuru.click/01spaiPjDVni2fSJdhgE6ewUXB/?ip=217.114.218.27&lpkey=160f854d510f194d55&thjp=... Page URL
Detected technologies
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://restorex.tech/ Page URL
- http://restorex.tech/ Page URL
- https://majormedialink.com/?p=ga4gmobwmy5gi3bpgq3tgny&sub1=%D1%81%D1%81%D1%81 Page URL
- https://au01.bid/go/mi4tgnbumy5dsmjzg4?subid1=%D1%81 Page URL
- https://lan05.biz/?p=gntdoobvmm5gi3bpgy3toni&sub1=hhh Page URL
- https://racetrack.top/go/gu4dmmjvgm5dcmzq Page URL
-
https://dm9.biz/?auf=gjtggzjymi5dgmjxf4ytgmbphaxtezrxha2dcn3df4zdilzrgy4dknjrge3dkna&p=l&sub1=&sub2=&sub3=&sub4=&cpc=0&cpm=0
HTTP 302
https://dailysearchnews.com/click.php?key=wer6k43xdure203h0e41&clickid=730d2c97-1194-47c2-8df8-c15297c50f08&cost=0.0061&feedid=feed9317&creative=0&site=2f78417c&age=0&hash=2f78417c&campaign=158846 HTTP 302
https://www.sekuru.click/01spaiPjDVni2fSJdhgE6ewUXB/?ip=217.114.218.27&lpkey=160f854d510f194d55&thjp=ZGFpbHlzZWFyY2huZXdzLmNvbQ&uclick=c8a74psy&uclickhash=c8a74psy-c8a74psy-bzfn-uowj-oj52-2ta1wj-2txodz-d5bb16 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
restorex.tech/ |
917 B 687 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
restorex.tech/ |
441 B 507 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
majormedialink.com/ |
15 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
4 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mi4tgnbumy5dsmjzg4
au01.bid/go/ |
64 KB 65 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
lan05.biz/ |
11 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon1.png
lan05.biz/img/25/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon2.png
lan05.biz/img/25/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon3.png
lan05.biz/img/25/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon4.png
lan05.biz/img/25/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon5.png
lan05.biz/img/25/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon7.png
lan05.biz/img/25/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon8.png
lan05.biz/img/25/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gu4dmmjvgm5dcmzq
racetrack.top/go/ |
65 KB 65 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
20 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.sekuru.click/01spaiPjDVni2fSJdhgE6ewUXB/ Redirect Chain
|
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ |
85 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.svg
www.sekuru.click/01spaiPjDVni2fSJdhgE6ewUXB/s/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
box.png
www.sekuru.click/01spaiPjDVni2fSJdhgE6ewUXB/s/ |
214 KB 214 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
click.php
dailysearchnews.com/ |
0 143 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery function| _0x303225 function| _0xe1c7 function| _0x2b67 function| getURLParameter string| thjp object| pp function| exit_offer function| _0x2195069 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
restorex.tech/ | Name: 2945af79a Value: af79abbd7c8d |
|
.majormedialink.com/ | Name: uuid Value: e6e722dc-a912-4472-bcfc-7e637f284bac |
|
.au01.bid/ | Name: uuid Value: fcd8c206-1e19-4d07-8179-3ea02e277e57 |
|
.lan05.biz/ | Name: uuid Value: b2c3d009-b48f-40ce-bf49-11243c899fdf |
|
.racetrack.top/ | Name: uuid Value: 3a517d37-96fe-4fcb-ad49-635b9b2fcf79 |
|
dm9.biz/ | Name: uuid Value: 9097e75e-a81a-4998-b7aa-06ba2d308a65 |
|
.dm9.biz/ | Name: ccid Value: %5B158846%5D |
|
dailysearchnews.com/ | Name: uclick Value: c8a74psy |
|
dailysearchnews.com/ | Name: uclickhash Value: c8a74psy-c8a74psy-bzfn-uowj-oj52-2ta1wj-2txodz-d5bb16 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
au01.bid
cdnjs.cloudflare.com
dailysearchnews.com
dm9.biz
lan05.biz
majormedialink.com
racetrack.top
restorex.tech
www.sekuru.click
164.90.194.65
164.90.196.46
185.177.92.29
185.177.94.180
185.177.94.194
185.177.94.42
195.201.221.45
2606:4700::6811:190e
45.132.1.73
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
260988c387344b8bb16ec9dde69ec1e3743eeb9d48be6f7addc974e90c87a6eb
349f4bc944f444e656ac165e19aa5c1920416170f0b24f75b02766a363888e93
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
65c9b748de918d55759da17721cbe1b99d68482b5398f06a1ff0baaff41b746c
8545f789d157443e285020e59d3ede5a7725a9ab6d03ebaa996ef57914d1685c
9cce02c3a35b9ad6c74f6d077c9764c32d1e11bf528e406869d4ff70852f8b8f
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
b06a086772e41e5c71e268946669ad339dd475cd64aa09c2cdcf0c0ad9cb1b49
b73de4fb5bd6549ee0acf1393cabba644785979705fef3b0a25fab508f779b2e
bed6943660a4142c53885d3338387ea35a5a3a34c07a7c0ddcd3dc6b3a0802d6
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
f89af9ffc77074abc4737828e94e6b863682ceb0dcfbd9d60fecd79571760351
fae5426bccacee7bd12dc18b8320cc4a6a801ba598247d9a2987739629a29c02