amazing-offers-for-you.fetchit.site
Open in
urlscan Pro
2400:cb00:2048:1::681f:4c37
Public Scan
Submitted URL: http://clk.apxadtracking.net/iclk/redirect.php?id=mNoreWbumzjMIWuXmTJuKWoaeOjMIWuXeU4UKU9-0N&trafficsourceid=31376&dv1=2c8b6f...
Effective URL: https://amazing-offers-for-you.fetchit.site/rc/newsponsored?uid=Jy9torx6bkzTv2swq93TiqdA0qDPCapFjlP9fQmD5fMhfAY1hh&src=1
Submission: On June 28 via manual from US
Effective URL: https://amazing-offers-for-you.fetchit.site/rc/newsponsored?uid=Jy9torx6bkzTv2swq93TiqdA0qDPCapFjlP9fQmD5fMhfAY1hh&src=1
Submission: On June 28 via manual from US
Summary
This website contacted 8 IPs
in 3 countries
across 13 domains to perform 21 HTTP transactions.
The main IP is 2400:cb00:2048:1::681f:4c37, located in
United States and
belongs to CLOUDFLARENET - Cloudflare, Inc., US.
The main domain is amazing-offers-for-you.fetchit.site.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on June 10th 2018. Valid for: 6 months.
This is the only time amazing-offers-for-you.fetchit.site was scanned on urlscan.io!
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on June 10th 2018. Valid for: 6 months.
This is the only time amazing-offers-for-you.fetchit.site was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 136.243.47.67 136.243.47.67 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 1 | 54.191.116.23 54.191.116.23 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 2 2 | 34.226.151.136 34.226.151.136 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 2 2 | 34.198.88.244 34.198.88.244 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 2 2 | 54.165.15.182 54.165.15.182 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 1 | 54.208.38.120 54.208.38.120 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 1 1 | 198.134.116.30 198.134.116.30 | 27257 (WEBAIR-IN...) (WEBAIR-INTERNET - Webair Internet Development Company Inc.) | |
| 2 | 2400:cb00:204... 2400:cb00:2048:1::681f:4c37 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:820::200a | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 10 | 205.185.216.42 205.185.216.42 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:820::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:820::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:812::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 21 | 8 |
1
136.243.47.67
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.67.47.243.136.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.67.47.243.136.clients.your-server.de
| clk.apxadtracking.net |
1
54.191.116.23
(Boardman, United States)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-191-116-23.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-191-116-23.us-west-2.compute.amazonaws.com
| c.navhi.com |
2
34.226.151.136
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-226-151-136.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-226-151-136.compute-1.amazonaws.com
| t1.wiseforwarding.com |
2
34.198.88.244
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-198-88-244.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-198-88-244.compute-1.amazonaws.com
| t1.contentfall.com |
2
54.165.15.182
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-15-182.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-15-182.compute-1.amazonaws.com
| t1.trackingfall.com |
1
54.208.38.120
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-208-38-120.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-208-38-120.compute-1.amazonaws.com
| sax.peakonspot.com |
1
198.134.116.30
(Garden City, United States)
ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
| mob.popshore.club |
2
2400:cb00:2048:1::681f:4c37
(United States)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
| amazing-offers-for-you.fetchit.site |
10
205.185.216.42
(Phoenix, United States)
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
| img.revcontent.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
revcontent.com
img.revcontent.com |
83 KB |
| 3 |
gstatic.com
fonts.gstatic.com |
32 KB |
| 2 |
google-analytics.com
www.google-analytics.com |
14 KB |
| 2 |
fetchit.site
amazing-offers-for-you.fetchit.site |
12 KB |
| 2 |
trackingfall.com
2 redirects
t1.trackingfall.com |
1 KB |
| 2 |
contentfall.com
2 redirects
t1.contentfall.com |
2 KB |
| 2 |
wiseforwarding.com
t1.wiseforwarding.com Failed |
3 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com |
24 KB |
| 1 |
googleapis.com
fonts.googleapis.com |
872 B |
| 1 |
popshore.club
1 redirects
mob.popshore.club |
127 B |
| 1 |
peakonspot.com
1 redirects
sax.peakonspot.com |
458 B |
| 1 |
navhi.com
c.navhi.com |
1 KB |
| 1 |
apxadtracking.net
1 redirects
clk.apxadtracking.net |
268 B |
| 21 | 13 |
| Domain | Requested by | |
|---|---|---|
| 10 | img.revcontent.com |
amazing-offers-for-you.fetchit.site
|
| 3 | fonts.gstatic.com |
amazing-offers-for-you.fetchit.site
|
| 2 | www.google-analytics.com |
www.googletagmanager.com
amazing-offers-for-you.fetchit.site |
| 2 | amazing-offers-for-you.fetchit.site |
c.navhi.com
amazing-offers-for-you.fetchit.site |
| 2 | t1.trackingfall.com | 2 redirects |
| 2 | t1.contentfall.com | 2 redirects |
| 2 | t1.wiseforwarding.com |
c.navhi.com
|
| 1 | www.googletagmanager.com |
amazing-offers-for-you.fetchit.site
|
| 1 | fonts.googleapis.com |
amazing-offers-for-you.fetchit.site
|
| 1 | mob.popshore.club | 1 redirects |
| 1 | sax.peakonspot.com | 1 redirects |
| 1 | c.navhi.com | |
| 1 | clk.apxadtracking.net | 1 redirects |
| 21 | 13 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| ols.dedicatefind.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| navhi.com Amazon |
2018-05-25 - 2019-06-25 |
a year | crt.sh |
| sni102622.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2018-06-10 - 2018-12-17 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://amazing-offers-for-you.fetchit.site/rc/newsponsored?uid=Jy9torx6bkzTv2swq93TiqdA0qDPCapFjlP9fQmD5fMhfAY1hh&src=1
Frame ID: 095C23072F9E87B0C3EFAD11594F5AD7
Requests: 21 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://clk.apxadtracking.net/iclk/redirect.php?id=mNoreWbumzjMIWuXmTJuKWoaeOjMIWuXeU4UKU9-0N&trafficsourc...
HTTP 302
https://c.navhi.com/ck/sl/9Zl8Xlhq?tfc_id=160&sc=27367_31376_10236&pub_click_id=grf3s4ww720x Page URL
-
http://t1.wiseforwarding.com/dfd85d4?p=68_160_27367_31376_10236&sid=4963479f-7a9c-11e8-8866-0acccf0ddae8
HTTP 302
http://t1.contentfall.com/c/c42263b?c=0&po=&a=dfd85d4&p=001910_68_160_27367_31376_10236&s=1910&st=2055... HTTP 302
http://t1.trackingfall.com/c42263b?a=dfd85d4&c=0&callback_url=https%3A%2F%2Fdna.mobra.in%2Fconversion%2... HTTP 302
http://sax.peakonspot.com/pops/dlink.php?pid=6616&format=POPUP&subid=000364_001910_68_160_27367_31376_... HTTP 302
http://t1.wiseforwarding.com/38495d6?p=000364_001910_68_160_27367_31376_10236&sid=1806280327a59fdfabb43b00 HTTP 302
http://t1.contentfall.com/c/3101rca?c=0&po=&a=38495d6&p=001236_000364_001910_68_160_27367_31376_10236&... HTTP 302
http://t1.trackingfall.com/3101rca?a=38495d6&c=0&callback_url=https%3A%2F%2Fdna.mobra.in%2Fconversion%2... HTTP 302
http://mob.popshore.club/redirect?feed=122827&auth=ebuQy0&url=http%3A%2F%2Fmyfinancetoday.com&subid=0... HTTP 302
https://amazing-offers-for-you.fetchit.site/rc/red Page URL
- https://amazing-offers-for-you.fetchit.site/rc/newsponsored?uid=Jy9torx6bkzTv2swq93TiqdA0qDPCapFjlP9fQmD5fMhfAY1hh&src=1 Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.php(?:$|\?)/i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^google_tag_manager$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: http://ols.dedicatefind.com/sl?feed=1000013&auth=11204&subid=revc
Title: Continue to site >>>>
Title: Continue to site >>>>
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://clk.apxadtracking.net/iclk/redirect.php?id=mNoreWbumzjMIWuXmTJuKWoaeOjMIWuXeU4UKU9-0N&trafficsourceid=31376&dv1=2c8b6fa8-6013-41e3-97fe-9b68e9a15c53&device_id=c03cf129-d559-4793-9a1f-65bc07c990e1&nw_sub_aff=10236&dv5=vStudio.Android.Camera360
HTTP 302
https://c.navhi.com/ck/sl/9Zl8Xlhq?tfc_id=160&sc=27367_31376_10236&pub_click_id=grf3s4ww720x Page URL
-
http://t1.wiseforwarding.com/dfd85d4?p=68_160_27367_31376_10236&sid=4963479f-7a9c-11e8-8866-0acccf0ddae8
HTTP 302
http://t1.contentfall.com/c/c42263b?c=0&po=&a=dfd85d4&p=001910_68_160_27367_31376_10236&s=1910&st=2055&f=4&sh=80&ct=&w=&h=&isp=HETZNER&callback_url=https%3A%2F%2Fdna.mobra.in%2Fconversion%2F20180628-a90b169e-00f3-4c28-a42d-85e9d009cbe2%2Fc42263b%3Fdna_iid%3D20180628-a90b169e-00f3-4c28-a42d-85e9d009cbe2%26dna_group_id%3Dmobrain_42865%26dna_exp%3D%26callback_url%3Dhttps%253A%252F%252Fnetwork.adkaka.com%252Fpb%252Fad%252FoP8Md21NHDB0DDXcSkqdO9hsnjkiff7N4UI8L9NX%253Fclick_id%253D%257Bsid%257D%2526payout%253D%257Bpayout%257D%2526currency%253DUSD&xcl=mobrain_42865&sid=4963479f-7a9c-11e8-8866-0acccf0ddae8 HTTP 302
http://t1.trackingfall.com/c42263b?a=dfd85d4&c=0&callback_url=https%3A%2F%2Fdna.mobra.in%2Fconversion%2F20180628-a90b169e-00f3-4c28-a42d-85e9d009cbe2%2Fc42263b%3Fdna_iid%3D20180628-a90b169e-00f3-4c28-a42d-85e9d009cbe2%26dna_group_id%3Dmobrain_42865%26dna_exp%3D%26callback_url%3Dhttps%253A%252F%252Fnetwork.adkaka.com%252Fpb%252Fad%252FoP8Md21NHDB0DDXcSkqdO9hsnjkiff7N4UI8L9NX%253Fclick_id%253D%257Bsid%257D%2526payout%253D%257Bpayout%257D%2526currency%253DUSD&f=4&p=001910_68_160_27367_31376_10236&po=&s=1910&sh=80&sid=4963479f-7a9c-11e8-8866-0acccf0ddae8&st=2055&xcl=mobrain_42865 HTTP 302
http://sax.peakonspot.com/pops/dlink.php?pid=6616&format=POPUP&subid=000364_001910_68_160_27367_31376_10236&cid=1806280327a59fdfabb43b00 HTTP 302
http://t1.wiseforwarding.com/38495d6?p=000364_001910_68_160_27367_31376_10236&sid=1806280327a59fdfabb43b00 HTTP 302
http://t1.contentfall.com/c/3101rca?c=0&po=&a=38495d6&p=001236_000364_001910_68_160_27367_31376_10236&s=1236&st=1377&f=4&sh=75&ct=&w=&h=&isp=HETZNER&callback_url=https%3A%2F%2Fdna.mobra.in%2Fconversion%2F20180628-a90b169e-00f3-4c28-a42d-85e9d009cbe2%2F3101rca%3Fdna_iid%3D20180628-b4a88e33-7221-4fd0-a183-2726807070d8%26dna_group_id%3Dmobrain_173222%26dna_exp%3D%26callback_url%3Dhttp%253A%252F%252Ftracking.aedgency.com%252Fs2s_tracker.php%253Fpartner_id%253D2361%2526program_id%253D666999%2526commission%253D%257Bpayout%257D%2526subid1%253D%257Bsid%257D%2526token%253Deb6aa71380213ab100af69a925c2bb48%2526payout_type%253DCPL%2526currency%253DUSD%2526flag%253D1&xcl=mobrain_173222&sid=1806280327a59fdfabb43b00 HTTP 302
http://t1.trackingfall.com/3101rca?a=38495d6&c=0&callback_url=https%3A%2F%2Fdna.mobra.in%2Fconversion%2F20180628-a90b169e-00f3-4c28-a42d-85e9d009cbe2%2F3101rca%3Fdna_iid%3D20180628-b4a88e33-7221-4fd0-a183-2726807070d8%26dna_group_id%3Dmobrain_173222%26dna_exp%3D%26callback_url%3Dhttp%253A%252F%252Ftracking.aedgency.com%252Fs2s_tracker.php%253Fpartner_id%253D2361%2526program_id%253D666999%2526commission%253D%257Bpayout%257D%2526subid1%253D%257Bsid%257D%2526token%253Deb6aa71380213ab100af69a925c2bb48%2526payout_type%253DCPL%2526currency%253DUSD%2526flag%253D1&f=4&p=001236_000364_001910_68_160_27367_31376_10236&po=&s=1236&sh=75&sid=1806280327a59fdfabb43b00&st=1377&xcl=mobrain_173222 HTTP 302
http://mob.popshore.club/redirect?feed=122827&auth=ebuQy0&url=http%3A%2F%2Fmyfinancetoday.com&subid=000364_001236_000364_001910_68_160_27367_31376_10236&query=1806280327a5a1c95714989d HTTP 302
https://amazing-offers-for-you.fetchit.site/rc/red Page URL
- https://amazing-offers-for-you.fetchit.site/rc/newsponsored?uid=Jy9torx6bkzTv2swq93TiqdA0qDPCapFjlP9fQmD5fMhfAY1hh&src=1 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://clk.apxadtracking.net/iclk/redirect.php?id=mNoreWbumzjMIWuXmTJuKWoaeOjMIWuXeU4UKU9-0N&trafficsourceid=31376&dv1=2c8b6fa8-6013-41e3-97fe-9b68e9a15c53&device_id=c03cf129-d559-4793-9a1f-65bc07c990e1&nw_sub_aff=10236&dv5=vStudio.Android.Camera360 HTTP 302
- https://c.navhi.com/ck/sl/9Zl8Xlhq?tfc_id=160&sc=27367_31376_10236&pub_click_id=grf3s4ww720x
- http://t1.wiseforwarding.com/dfd85d4?p=68_160_27367_31376_10236&sid=4963479f-7a9c-11e8-8866-0acccf0ddae8 HTTP 302
- http://t1.contentfall.com/c/c42263b?c=0&po=&a=dfd85d4&p=001910_68_160_27367_31376_10236&s=1910&st=2055&f=4&sh=80&ct=&w=&h=&isp=HETZNER&callback_url=https%3A%2F%2Fdna.mobra.in%2Fconversion%2F20180628-a90b169e-00f3-4c28-a42d-85e9d009cbe2%2Fc42263b%3Fdna_iid%3D20180628-a90b169e-00f3-4c28-a42d-85e9d009cbe2%26dna_group_id%3Dmobrain_42865%26dna_exp%3D%26callback_url%3Dhttps%253A%252F%252Fnetwork.adkaka.com%252Fpb%252Fad%252FoP8Md21NHDB0DDXcSkqdO9hsnjkiff7N4UI8L9NX%253Fclick_id%253D%257Bsid%257D%2526payout%253D%257Bpayout%257D%2526currency%253DUSD&xcl=mobrain_42865&sid=4963479f-7a9c-11e8-8866-0acccf0ddae8 HTTP 302
- http://t1.trackingfall.com/c42263b?a=dfd85d4&c=0&callback_url=https%3A%2F%2Fdna.mobra.in%2Fconversion%2F20180628-a90b169e-00f3-4c28-a42d-85e9d009cbe2%2Fc42263b%3Fdna_iid%3D20180628-a90b169e-00f3-4c28-a42d-85e9d009cbe2%26dna_group_id%3Dmobrain_42865%26dna_exp%3D%26callback_url%3Dhttps%253A%252F%252Fnetwork.adkaka.com%252Fpb%252Fad%252FoP8Md21NHDB0DDXcSkqdO9hsnjkiff7N4UI8L9NX%253Fclick_id%253D%257Bsid%257D%2526payout%253D%257Bpayout%257D%2526currency%253DUSD&f=4&p=001910_68_160_27367_31376_10236&po=&s=1910&sh=80&sid=4963479f-7a9c-11e8-8866-0acccf0ddae8&st=2055&xcl=mobrain_42865 HTTP 302
- http://sax.peakonspot.com/pops/dlink.php?pid=6616&format=POPUP&subid=000364_001910_68_160_27367_31376_10236&cid=1806280327a59fdfabb43b00 HTTP 302
- http://t1.wiseforwarding.com/38495d6?p=000364_001910_68_160_27367_31376_10236&sid=1806280327a59fdfabb43b00 HTTP 302
- http://t1.contentfall.com/c/3101rca?c=0&po=&a=38495d6&p=001236_000364_001910_68_160_27367_31376_10236&s=1236&st=1377&f=4&sh=75&ct=&w=&h=&isp=HETZNER&callback_url=https%3A%2F%2Fdna.mobra.in%2Fconversion%2F20180628-a90b169e-00f3-4c28-a42d-85e9d009cbe2%2F3101rca%3Fdna_iid%3D20180628-b4a88e33-7221-4fd0-a183-2726807070d8%26dna_group_id%3Dmobrain_173222%26dna_exp%3D%26callback_url%3Dhttp%253A%252F%252Ftracking.aedgency.com%252Fs2s_tracker.php%253Fpartner_id%253D2361%2526program_id%253D666999%2526commission%253D%257Bpayout%257D%2526subid1%253D%257Bsid%257D%2526token%253Deb6aa71380213ab100af69a925c2bb48%2526payout_type%253DCPL%2526currency%253DUSD%2526flag%253D1&xcl=mobrain_173222&sid=1806280327a59fdfabb43b00 HTTP 302
- http://t1.trackingfall.com/3101rca?a=38495d6&c=0&callback_url=https%3A%2F%2Fdna.mobra.in%2Fconversion%2F20180628-a90b169e-00f3-4c28-a42d-85e9d009cbe2%2F3101rca%3Fdna_iid%3D20180628-b4a88e33-7221-4fd0-a183-2726807070d8%26dna_group_id%3Dmobrain_173222%26dna_exp%3D%26callback_url%3Dhttp%253A%252F%252Ftracking.aedgency.com%252Fs2s_tracker.php%253Fpartner_id%253D2361%2526program_id%253D666999%2526commission%253D%257Bpayout%257D%2526subid1%253D%257Bsid%257D%2526token%253Deb6aa71380213ab100af69a925c2bb48%2526payout_type%253DCPL%2526currency%253DUSD%2526flag%253D1&f=4&p=001236_000364_001910_68_160_27367_31376_10236&po=&s=1236&sh=75&sid=1806280327a59fdfabb43b00&st=1377&xcl=mobrain_173222 HTTP 302
- http://mob.popshore.club/redirect?feed=122827&auth=ebuQy0&url=http%3A%2F%2Fmyfinancetoday.com&subid=000364_001236_000364_001910_68_160_27367_31376_10236&query=1806280327a5a1c95714989d HTTP 302
- https://amazing-offers-for-you.fetchit.site/rc/red
21 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
9Zl8Xlhq
c.navhi.com/ck/sl/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
dfd85d4
t1.wiseforwarding.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
red
amazing-offers-for-you.fetchit.site/rc/ Redirect Chain
|
333 B 560 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
newsponsored
amazing-offers-for-you.fetchit.site/rc/ |
24 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
css
fonts.googleapis.com/ |
9 KB 872 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
img.revcontent.com/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
img.revcontent.com/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
img.revcontent.com/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
img.revcontent.com/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
img.revcontent.com/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
img.revcontent.com/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
img.revcontent.com/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
img.revcontent.com/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
img.revcontent.com/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
img.revcontent.com/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
js
www.googletagmanager.com/gtag/ |
69 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ |
10 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
analytics.js
www.google-analytics.com/ |
34 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
collect
www.google-analytics.com/r/ |
35 B 111 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- t1.wiseforwarding.com
- URL
- http://t1.wiseforwarding.com/dfd85d4?p=68_160_27367_31376_10236&sid=4963479f-7a9c-11e8-8866-0acccf0ddae8
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| erlog function| goToAd function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .fetchit.site/ | Name: _gat_gtag_UA_120508216_5 Value: 1 |
|
| .fetchit.site/ | Name: _gid Value: GA1.2.523308561.1530167232 |
|
| amazing-offers-for-you.fetchit.site/ | Name: allowClick Value: 1 |
|
| .fetchit.site/ | Name: _ga Value: GA1.2.967273252.1530167232 |
|
| .fetchit.site/ | Name: __cfduid Value: d6a9fb6893798b5627245f330792687201530167231 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amazing-offers-for-you.fetchit.site
c.navhi.com
clk.apxadtracking.net
fonts.googleapis.com
fonts.gstatic.com
img.revcontent.com
mob.popshore.club
sax.peakonspot.com
t1.contentfall.com
t1.trackingfall.com
t1.wiseforwarding.com
www.google-analytics.com
www.googletagmanager.com
t1.wiseforwarding.com
136.243.47.67
198.134.116.30
205.185.216.42
2400:cb00:2048:1::681f:4c37
2a00:1450:4001:812::200e
2a00:1450:4001:820::2003
2a00:1450:4001:820::2008
2a00:1450:4001:820::200a
34.198.88.244
34.226.151.136
54.165.15.182
54.191.116.23
54.208.38.120
177cac9414b1d405e793f4eaefdec5c4db056c20911ec03fd4341e6429ba1c7f
1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
1c024c185a6fe78d0e5dff2035f4cc6c365da6ff740a8bf45b79aff45c46ace7
1d382238c568cc1a7e5c5cff60b5b879fc4d789fe7f5950829e2981a5c5268ea
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
4e19ee4257209057dd0f1b20e038e443d2b1b0f6d703de7e9698c04d74c4757a
586b6cc92300bf37644154bb7313abad16c6561168ca4d291b5106981bbd5266
6f94ddde4dfdae8f00edf40ca3407f0a1526874968bc305f4aff5685797a727e
79dd68e29778780ed16798356c06960abc111e72f137ff7a8a70ff30fffe08d4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
931a64ad13cce3d3d5b597d67ea1af59deffa513775a799ed0092797bd789c81
9d5e2c1a7c8b145a193b9b5d6f397cda41f135ca1f9073b09c58a826ffd97e2d
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
ca29a9646f1d38999895936bf9cc7e6c841aac0d6a6bd15f1ba503383e890ffe
d7b78ed3e7a17c17c3499666cfec6e7f4b191536a44c0067db32b2f810bd7261
db0b1859d0bcc21788f62d7f9ba114adc6e8e56887d998b8006810539350a7e2
e67e18bc5b86cb516fad4806ff098f1d46ae74a06b9c55aea59cff64f498d11e
ec1abace7c6927d02ddf2bd7fcc5339a01c78143ebd69b86769dba9acdc2d7d6