businesspayments.org
Open in
urlscan Pro
18.213.228.110
Public Scan
Effective URL: https://businesspayments.org/6D6ZhKPn1ncfVKFb9_pQ8zEUXoNPkj3ii10d4QqELJ4/?cid=61ad581143ce5800018346ce&sid=
Submission: On December 06 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by R3 on November 16th 2021. Valid for: 3 months.
This is the only time businesspayments.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:10:... 2606:4700:10::6816:b37 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 2 | 2606:4700:303... 2606:4700:3037::6815:53f2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2606:4700:303... 2606:4700:3037::6815:4064 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 3 | 35.190.38.40 35.190.38.40 | 15169 (GOOGLE) (GOOGLE) | |
1 1 | 212.32.249.110 212.32.249.110 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
1 | 18.213.228.110 18.213.228.110 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 104.22.65.104 104.22.65.104 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:20:... 2606:4700:20::ac43:4809 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 5 |
ASN15169 (GOOGLE, US)
PTR: 40.38.190.35.bc.googleusercontent.com
www.adspredictiv.com |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
advotion.g2afse.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-228-110.compute-1.amazonaws.com
businesspayments.org |
ASN13335 (CLOUDFLARENET, US)
cdn.ocmhood.com | |
t.ocmhood.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
adspredictiv.com
2 redirects
www.adspredictiv.com |
3 KB |
2 |
ocmhood.com
cdn.ocmhood.com t.ocmhood.com |
5 KB |
2 |
r-tb.com
feed.r-tb.com t.r-tb.com |
642 B |
2 |
wait5sec.com
2 redirects
wait5sec.com |
2 KB |
1 |
businesspayments.org
businesspayments.org |
2 MB |
1 |
g2afse.com
1 redirects
advotion.g2afse.com |
309 B |
1 |
onetouch7.info
1 redirects
onetouch7.info |
967 B |
1 |
coderformylife.info
1 redirects
feed-6009.coderformylife.info |
455 B |
6 | 8 |
Domain | Requested by | |
---|---|---|
3 | www.adspredictiv.com | 2 redirects |
2 | wait5sec.com | 2 redirects |
1 | t.r-tb.com |
businesspayments.org
|
1 | t.ocmhood.com |
cdn.ocmhood.com
|
1 | cdn.ocmhood.com |
businesspayments.org
|
1 | feed.r-tb.com |
businesspayments.org
|
1 | businesspayments.org |
www.adspredictiv.com
|
1 | advotion.g2afse.com | 1 redirects |
1 | onetouch7.info | 1 redirects |
1 | feed-6009.coderformylife.info | 1 redirects |
6 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
adspredictiv.com Sectigo RSA Domain Validation Secure Server CA |
2020-06-15 - 2022-07-04 |
2 years | crt.sh |
businesspayments.org R3 |
2021-11-16 - 2022-02-14 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-06-11 - 2022-06-10 |
a year | crt.sh |
ocmhood.com Cloudflare Inc ECC CA-3 |
2021-06-04 - 2022-06-03 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://businesspayments.org/6D6ZhKPn1ncfVKFb9_pQ8zEUXoNPkj3ii10d4QqELJ4/?cid=61ad581143ce5800018346ce&sid=
Frame ID: D96C68C4C65FEA0256A9BD2FB6EE83E5
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
Click Here to edit your LP titlePage URL History Show full URLs
-
http://feed-6009.coderformylife.info/api/message/click?id=f1431516535107&time=1638710368&sig=a135b58542b535e9e0a6...
HTTP 302
https://wait5sec.com/dvzMy91L?source=31408 HTTP 302
http://onetouch7.info/pop-go/37291?sub1=3phd92v7fcd2f&sub2=31408 HTTP 302
https://wait5sec.com/dvzMy91L HTTP 302
https://www.adspredictiv.com/jump/next.php?r=2848467 Page URL
-
https://www.adspredictiv.com/jump/next.php?stamat=m%257C%252CU4iF6t3frB1dwP0dEdHP3xP.3dd%252C2t5FkDDYpjxJ...
HTTP 302
https://www.adspredictiv.com/script/i.php?stamat=m%257C%252C%252CgjYrdiI6oGU3Bp-GH0dEdHP3xP.00a%252C68Hxs... HTTP 302
https://advotion.g2afse.com/click?pid=6&offer_id=612&sub1=16387502240760730940014576998775748&sub3=2848467 HTTP 302
https://businesspayments.org/6D6ZhKPn1ncfVKFb9_pQ8zEUXoNPkj3ii10d4QqELJ4/?cid=61ad581143ce5800018346ce&sid= Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://feed-6009.coderformylife.info/api/message/click?id=f1431516535107&time=1638710368&sig=a135b58542b535e9e0a67e50e7ac3a&srv=1&sage=17071739
HTTP 302
https://wait5sec.com/dvzMy91L?source=31408 HTTP 302
http://onetouch7.info/pop-go/37291?sub1=3phd92v7fcd2f&sub2=31408 HTTP 302
https://wait5sec.com/dvzMy91L HTTP 302
https://www.adspredictiv.com/jump/next.php?r=2848467 Page URL
-
https://www.adspredictiv.com/jump/next.php?stamat=m%257C%252CU4iF6t3frB1dwP0dEdHP3xP.3dd%252C2t5FkDDYpjxJXsMWHSh7wKsTFo_9DWdVnHcBDLzDvAV1rtcjJRh7XKgcungnm-a2&cbur=0.19226206659137568&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=
HTTP 302
https://www.adspredictiv.com/script/i.php?stamat=m%257C%252C%252CgjYrdiI6oGU3Bp-GH0dEdHP3xP.00a%252C68Hxs1PGndhaT6TY6-0X6-mJ1FXoP0NJdcBudzGWHbUGEXBZmVVZ7hFjpYqW_0JrZ8RdE1gjve859ehFDCtwVocfrzjs5Kv_VGaR9Q_ToFG2x334FZSS7UT9KJDmfXrWIrHFuNUflp0iaxX9jJGE_tvK-IcogK5gk4liYp1MdArV3CDbNw4uWfbfCgT9PnrBSmlzRKMOUKiutBtBfcYzvusUzRl5KzRqgguoXNDqF8ij_E4tJ8mWhdOy2up8eQul7A-4u8aBeJcSbqTb1ldYfywHO21uV78C1rdp-S_LaYOceyFSEEg7b8YpuD-MRVIxNXemfFcuMxfmCTyeyHeySRjf8VWiIl2LKOInm4tNCqfV2RqgKs7fOyWY8Lr1HDEeZl_Ho3I58XaAuoe2xiWjXi_p8uJrEXl65xN6ZR48cxPG2rjlXuWonvakCH580uOd4RETDowdRm0mvGwCbGZhhhJGU_VXAG4ygOmtvswv5oCMYn3p_01p-GH9ccYNgVHSgihE4oy9nI3w5SK-hEk3Aw%252C%252C HTTP 302
https://advotion.g2afse.com/click?pid=6&offer_id=612&sub1=16387502240760730940014576998775748&sub3=2848467 HTTP 302
https://businesspayments.org/6D6ZhKPn1ncfVKFb9_pQ8zEUXoNPkj3ii10d4QqELJ4/?cid=61ad581143ce5800018346ce&sid= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://feed-6009.coderformylife.info/api/message/click?id=f1431516535107&time=1638710368&sig=a135b58542b535e9e0a67e50e7ac3a&srv=1&sage=17071739 HTTP 302
- https://wait5sec.com/dvzMy91L?source=31408 HTTP 302
- http://onetouch7.info/pop-go/37291?sub1=3phd92v7fcd2f&sub2=31408 HTTP 302
- https://wait5sec.com/dvzMy91L HTTP 302
- https://www.adspredictiv.com/jump/next.php?r=2848467
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
next.php
www.adspredictiv.com/jump/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
businesspayments.org/6D6ZhKPn1ncfVKFb9_pQ8zEUXoNPkj3ii10d4QqELJ4/ Redirect Chain
|
2 MB 2 MB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 MB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AFU1kAAPatM
feed.r-tb.com/v1/native/ |
701 B 642 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hood.js
cdn.ocmhood.com/sdk/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
activity
t.ocmhood.com/v2/ |
0 562 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
imp
t.r-tb.com/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| qs string| fallback_url object| ad number| cpc function| popme function| pbcid function| finalRedirect function| uuidv4 function| fetchAd function| goNextUrl function| goNext function| goNextWithUserGesture function| isPushApiSupported function| goToRedirectBack function| goToRedirectBlock function| goToRedirectonAllow function| goToRedirectSmart2 function| Hood function| before_redirect_block7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
businesspayments.org/6D6ZhKPn1ncfVKFb9_pQ8zEUXoNPkj3ii10d4QqELJ4 | Name: session Value: 8ouaj9po5EzBPENJoRF7c9mhtEqKNM11 |
|
onetouch7.info/ | Name: pop-u-uni-de728f Value: 749268d66d0288c9b08db76c7c02903da%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22pop-u-uni-de728f%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D |
|
wait5sec.com/ | Name: _subid Value: 3phd92v7fcd2j |
|
wait5sec.com/ | Name: _token Value: uuid_3phd92v7fcd2j_3phd92v7fcd2j61ad580fd18cb9.50871172 |
|
wait5sec.com/ | Name: bc730 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3NDJcIjoxNjM4NzUwMjIzLFwiMTg1MFwiOjE2Mzg3NTAyMjN9LFwiY2FtcGFpZ25zXCI6e1wiNTExXCI6MTYzODc1MDIyM30sXCJ0aW1lXCI6MTYzODc1MDIyM30ifQ.iHd_W2sMUSiy3VOXsv-ymhyM9Apr1NNZaUEeqYE5iwM |
|
advotion.g2afse.com/ | Name: afclick Value: 61ad581143ce5800018346ce |
|
advotion.g2afse.com/ | Name: afoffers Value: {"612":1638750225} |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
advotion.g2afse.com
businesspayments.org
cdn.ocmhood.com
feed-6009.coderformylife.info
feed.r-tb.com
onetouch7.info
t.ocmhood.com
t.r-tb.com
wait5sec.com
www.adspredictiv.com
104.22.65.104
18.213.228.110
212.32.249.110
2606:4700:10::6816:b37
2606:4700:20::ac43:4809
2606:4700:3037::6815:4064
2606:4700:3037::6815:53f2
35.190.38.40
15a943c93811e5b0d35837b9dd8ecd78b6af256702c14370b8ed2fdd3c2d77e9
989f9018f08e6b812cfce8110b6b803c493d89474a7f9ed90c249c0cc11e4fbc
9b4b7d3b40cb6b2ac9bdf2bb261352d0d4d6aeec3b8a095ebc774870d59cb144
a31c3bec0944672f78f89810365299ef8aa2f171bbeae568d8803da3b6e9be9d
c1a84e0cb0dda09323794bd0ba2300984170c58e7b2436fffcc0d11c05e4f296
cf4229280f8c4cc467dddbab3f2230f827f3755c90f6df84324b9b80d0887cbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee3df69641a083faeda162fce068aef31075856f15c43c74eada446496b865f2