![](/screenshots/935aba3f-2613-482d-9bd8-c5374bb8a24d.png)
s-1-dfa3f4.ingress-haven.ewp.live
Open in
urlscan Pro
63.250.43.144
Public Scan
Effective URL: https://s-1-dfa3f4.ingress-haven.ewp.live/wp-content/plugins/A/midas/6282422341
Submission: On January 06 via api from US — Scanned from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 2nd 2023. Valid for: a year.
This is the only time s-1-dfa3f4.ingress-haven.ewp.live was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 69.61.26.122 69.61.26.122 | 22653 (GLOBALCOM...) (GLOBALCOMPASS) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:823::2002 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:80e::2008 | 15169 (GOOGLE) (GOOGLE) | |
3 | 2607:f8b0:400... 2607:f8b0:4006:80c::200e | 15169 (GOOGLE) (GOOGLE) | |
3 | 2607:f8b0:400... 2607:f8b0:4006:81f::2002 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:823::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 63.250.43.144 63.250.43.144 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
3 | 2607:f8b0:400... 2607:f8b0:4006:824::2002 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2607:f8b0:400... 2607:f8b0:4006:80d::2001 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:80f::2004 | 15169 (GOOGLE) (GOOGLE) | |
19 | 11 |
ASN15169 (GOOGLE, US)
96c88d88683945706318479a3ed99a8c.safeframe.googlesyndication.com |
ASN22612 (NAMECHEAP-NET, US)
PTR: ingress-haven.ewp.live
s-1-dfa3f4.ingress-haven.ewp.live |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
googlesyndication.com
96c88d88683945706318479a3ed99a8c.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185 |
42 KB |
3 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 |
139 KB |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101 |
21 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114 |
148 KB |
2 |
cutt.us
1 redirects
cutt.us |
2 KB |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 6 |
1 KB |
1 |
ewp.live
s-1-dfa3f4.ingress-haven.ewp.live |
888 KB |
1 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271 |
29 KB |
19 | 8 |
Domain | Requested by | |
---|---|---|
3 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
3 | securepubads.g.doubleclick.net |
www.googletagservices.com
securepubads.g.doubleclick.net |
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
2 | www.googletagmanager.com |
cutt.us
www.googletagmanager.com |
2 | cutt.us | 1 redirects |
1 | www.google.com |
tpc.googlesyndication.com
|
1 | s-1-dfa3f4.ingress-haven.ewp.live |
cutt.us
|
1 | 96c88d88683945706318479a3ed99a8c.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
1 | www.googletagservices.com |
cutt.us
|
19 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.namecheap.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cutt.us R3 |
2023-10-01 - 2023-12-30 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.ingress-haven.ewp.live Sectigo RSA Domain Validation Secure Server CA |
2023-12-02 - 2024-12-02 |
a year | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://s-1-dfa3f4.ingress-haven.ewp.live/wp-content/plugins/A/midas/6282422341
Frame ID: E304BA7AD605D7F50CEE530B35CDD508
Requests: 15 HTTP requests in this frame
Frame:
https://96c88d88683945706318479a3ed99a8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DE7796471711B8AF7C8AA4B0AE81C0A4
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A6D6EF1D72B0D2702BB65D97CFBC119C
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 336F3725A5B5ED9E71AB5E3EF99E2BA7
Requests: 2 HTTP requests in this frame
Screenshot
![](/screenshots/935aba3f-2613-482d-9bd8-c5374bb8a24d.png)
Page Title
Website is being created…Page URL History Show full URLs
-
http://cutt.us/lKWYJ
HTTP 301
https://cutt.us/lKWYJ Page URL
- https://s-1-dfa3f4.ingress-haven.ewp.live/wp-content/plugins/A/midas/6282422341 Page URL
Detected technologies
Detected patterns
- /wp-(?:content|includes)/
Detected patterns
- googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Detected patterns
- googlesyndication\.com/
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtag/js
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Contact customer support
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://cutt.us/lKWYJ
HTTP 301
https://cutt.us/lKWYJ Page URL
- https://s-1-dfa3f4.ingress-haven.ewp.live/wp-content/plugins/A/midas/6282422341 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://cutt.us/lKWYJ HTTP 301
- https://cutt.us/lKWYJ
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
lKWYJ
cutt.us/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ |
89 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
189 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
225 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401020101/ |
436 KB 137 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
58 B 593 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/g/ |
0 165 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
1 B 91 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
securepubads.g.doubleclick.net/gampad/ |
668 B 698 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
96c88d88683945706318479a3ed99a8c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DE77 |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
6282422341
s-1-dfa3f4.ingress-haven.ewp.live/wp-content/plugins/A/midas/ |
888 KB 888 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A6D6 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 336F |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame A6D6 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 336F |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
generate_204
tpc.googlesyndication.com/ Frame A6D6 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
44 KB 44 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
47 KB 47 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- tpc.googlesyndication.com
- URL
- https://tpc.googlesyndication.com/generate_204?MYTp-w
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.cutt.us/ | Name: _ga_ZBQ2JYBBZ5 Value: GS1.1.1704531375.1.0.1704531375.0.0.0 |
|
.cutt.us/ | Name: _ga Value: GA1.2.589323206.1704531376 |
|
.cutt.us/ | Name: _gid Value: GA1.2.1030526256.1704531376 |
|
.cutt.us/ | Name: _gat_gtag_UA_31510493_1 Value: 1 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.cutt.us/ | Name: __gads Value: ID=a49b3330c23801b6:T=1704531376:RT=1704531376:S=ALNI_MZWDc-D3kLdL6m9Xb6YxEG3dJDdag |
|
.cutt.us/ | Name: __gpi Value: UID=00000a067b389544:T=1704531376:RT=1704531376:S=ALNI_MZfKMi3iJBu8M3coWNQzZEkO6_IKA |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubdomains; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
96c88d88683945706318479a3ed99a8c.safeframe.googlesyndication.com
cutt.us
pagead2.googlesyndication.com
s-1-dfa3f4.ingress-haven.ewp.live
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
tpc.googlesyndication.com
2607:f8b0:4006:80c::200e
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::2004
2607:f8b0:4006:81f::2002
2607:f8b0:4006:823::2001
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2002
63.250.43.144
69.61.26.122
10117233686e9025987212b8d4437d51aa66d7299a39532561cdc53192fbd68d
202af489c906640c6327214bfd8ddce5a8dfcaddbf3354a0356bc0b08c5fd50f
236ac4befac7236521dba57e67381df45655028a0e1c2074fbfb40776ce79986
37ca0978eb20b971010a8f19420ce25e13783d8910b05e5cc547ad144ee5d12f
409112f7a9eac92bb00a0db35de71515d65bd4459808d8a9f9a65bc017f23c2f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4bd38e4e9426438f900fff9b392e0fdb731957a5db258e2ddf058d440674ab59
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8538fa1e11fa1334100b86b0c251b8ffa0b51f5db3e732c23963053686a93dc7
ccb847db6e26475f89893d491520afa1de864c948296e10ad36f854f240bdb62
da15d6c210d0080d414bd513e3ce5490ae2384008d6cee805b7d436f3165829b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f720b662c9689e54866876f5b560794caa4b2757e8222d04786d62ae6ccb2e56