www.ports.rocks Open in urlscan Pro
213.32.106.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://attackingcap.com/login/link.php?M=9417564&N=479&L=3&F=H
Effective URL:
https://www.ports.rocks/offer/143954%7C22144?data2=EUeMTe5zTARtrhsFw2WiN2&tag=EUeMTe5zTARtrhsFw2WiN2&eyeg=c21a0c2b10b6b7...
Submission: On May 20 via api (May 20th 2020, 4:53:42 pm UTC) from BE

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 5 countries across 8 domains to perform 7 HTTP transactions. The main IP is 213.32.106.166, located in France and belongs to OVH, FR. The main domain is www.ports.rocks.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 25th 2020. Valid for: 3 months.

This is the only time www.ports.rocks was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	134.122.103.119 134.122.103.119	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	18.195.149.11 18.195.149.11	16509 (AMAZON-02) (AMAZON-02)
1	18.195.19.123 18.195.19.123	16509 (AMAZON-02) (AMAZON-02)
1 1	52.214.156.144 52.214.156.144	16509 (AMAZON-02) (AMAZON-02)
1 1	5.2.73.231 5.2.73.231	60404 (LITESERVER) (LITESERVER)
1 3	184.154.47.14 184.154.47.14	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	2a05:d014:286... 2a05:d014:286:3502:280f:5c03:88aa:6d81	16509 (AMAZON-02) (AMAZON-02)
2	213.32.106.166 213.32.106.166	16276 (OVH) (OVH)
7	5

1 134.122.103.119 (United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: host.attackingcap.com

attackingcap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.149.11 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-149-11.eu-central-1.compute.amazonaws.com

track.reducerfate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.19.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-19-123.eu-central-1.compute.amazonaws.com

track.longgatecell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.156.144 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-156-144.eu-west-1.compute.amazonaws.com

monkeydoggy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.2.73.231 (Netherlands) 1 redirects

ASN60404 (LITESERVER, NL)

zesvushop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.154.47.14 (Chicago, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi

click.whatthetrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d014:286:3502:280f:5c03:88aa:6d81 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

y3oaj.bemobtracks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.32.106.166 (France)

ASN16276 (OVH, FR)
PTR: ip166.ip-213-32-106.eu

www.ports.rocks	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	whatthetrack.com 1 redirects click.whatthetrack.com	6 KB
2	ports.rocks www.ports.rocks	5 KB
1	bemobtracks.com 1 redirects y3oaj.bemobtracks.com	759 B
1	zesvushop.com 1 redirects zesvushop.com	352 B
1	monkeydoggy.com 1 redirects monkeydoggy.com	763 B
1	longgatecell.com track.longgatecell.com Failed	779 B
1	reducerfate.com track.reducerfate.com	2 KB
1	attackingcap.com 1 redirects attackingcap.com	268 B
7	8

	Domain	Requested by
3	click.whatthetrack.com	1 redirects track.longgatecell.com click.whatthetrack.com
2	www.ports.rocks	click.whatthetrack.com www.ports.rocks
1	y3oaj.bemobtracks.com	1 redirects
1	zesvushop.com	1 redirects
1	monkeydoggy.com	1 redirects
1	track.longgatecell.com	track.reducerfate.com
1	track.reducerfate.com
1	attackingcap.com	1 redirects
7	8

This site contains no links.

Subject Issuer	Validity	Valid
track.reducerfate.com Let's Encrypt Authority X3	`2020-05-11` - `2020-08-09`	3 months	crt.sh
www.ports.rocks Let's Encrypt Authority X3	`2020-03-25` - `2020-06-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.ports.rocks/offer/143954%7C22144?data2=EUeMTe5zTARtrhsFw2WiN2&tag=EUeMTe5zTARtrhsFw2WiN2&eyeg=c21a0c2b10b6b7bd5f5269e76ea6dd9e&eyer=0.6568332675328314&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=click.whatthetrack.com
Frame ID: C6AFEEED689371DA5ACB858969F0A06D
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://attackingcap.com/login/link.php?M=9417564&N=479&L=3&F=H HTTP 302
https://track.reducerfate.com/75518eab-382c-48bd-9a63-2e2749079ff7 Page URL
http://track.longgatecell.com/redirect?target=BASE64aHR0cHM6Ly9tb25rZXlkb2dneS5jb20vP2E9NDIwMiZjPTI0MTM3Jn... Page URL
https://monkeydoggy.com/?a=4202&c=24137&s1=75518eab-382c-48bd-9a63-2e2749079ff7&s2=wdhav5h7c0djig6v1... HTTP 302
https://zesvushop.com/page?cam=11570&country=be&pub=110&r=23351-515225424&a=4202 HTTP 307
http://click.whatthetrack.com/?utm_medium=fb2df8ac86656630edd8f361be874ffc0230659c&utm_campaign=Exit-Mains... Page URL
http://click.whatthetrack.com/?utm_term=6828970538635887605&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
http://click.whatthetrack.com/proc.php?33383e1f09c48764e98a2b1469e97e3f6b0390d3 HTTP 302
https://y3oaj.bemobtracks.com/go/4521bf26-191a-4cfb-9c56-ba9e607aa831?sid=6828970538635887605&pub=4225&pid... HTTP 302
https://www.ports.rocks/offer/143954%7C22144?data2=EUeMTe5zTARtrhsFw2WiN2&tag=EUeMTe5zTARtrhsFw2WiN2 Page URL
https://www.ports.rocks/offer/143954%7C22144?data2=EUeMTe5zTARtrhsFw2WiN2&tag=EUeMTe5zTARtrhsFw2WiN2... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

7
Requests

43 %
HTTPS

13 %
IPv6

8
Domains

8
Subdomains

5
IPs

5
Countries

12 kB
Transfer

17 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://attackingcap.com/login/link.php?M=9417564&N=479&L=3&F=H HTTP 302
https://track.reducerfate.com/75518eab-382c-48bd-9a63-2e2749079ff7 Page URL
http://track.longgatecell.com/redirect?target=BASE64aHR0cHM6Ly9tb25rZXlkb2dneS5jb20vP2E9NDIwMiZjPTI0MTM3JnMxPTc1NTE4ZWFiLTM4MmMtNDhiZC05YTYzLTJlMjc0OTA3OWZmNyZzMj13ZGhhdjVoN2MwZGppZzZ2MWIxcWNqc3E&ts=1589993605449&hash=PmWhRLbw4k5sEHvwkupVmw_f6bpDAi-BLHwByG_RIFE&rm=DJ Page URL
https://monkeydoggy.com/?a=4202&c=24137&s1=75518eab-382c-48bd-9a63-2e2749079ff7&s2=wdhav5h7c0djig6v1b1qcjsq HTTP 302
https://zesvushop.com/page?cam=11570&country=be&pub=110&r=23351-515225424&a=4202 HTTP 307
http://click.whatthetrack.com/?utm_medium=fb2df8ac86656630edd8f361be874ffc0230659c&utm_campaign=Exit-Mainstream Page URL
http://click.whatthetrack.com/?utm_term=6828970538635887605&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e Page URL
http://click.whatthetrack.com/proc.php?33383e1f09c48764e98a2b1469e97e3f6b0390d3 HTTP 302
https://y3oaj.bemobtracks.com/go/4521bf26-191a-4cfb-9c56-ba9e607aa831?sid=6828970538635887605&pub=4225&pid=4225-43570cez HTTP 302
https://www.ports.rocks/offer/143954%7C22144?data2=EUeMTe5zTARtrhsFw2WiN2&tag=EUeMTe5zTARtrhsFw2WiN2 Page URL
https://www.ports.rocks/offer/143954%7C22144?data2=EUeMTe5zTARtrhsFw2WiN2&tag=EUeMTe5zTARtrhsFw2WiN2&eyeg=c21a0c2b10b6b7bd5f5269e76ea6dd9e&eyer=0.6568332675328314&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=click.whatthetrack.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://attackingcap.com/login/link.php?M=9417564&N=479&L=3&F=H HTTP 302
https://track.reducerfate.com/75518eab-382c-48bd-9a63-2e2749079ff7

Request Chain 3

https://monkeydoggy.com/?a=4202&c=24137&s1=75518eab-382c-48bd-9a63-2e2749079ff7&s2=wdhav5h7c0djig6v1b1qcjsq HTTP 302
https://zesvushop.com/page?cam=11570&country=be&pub=110&r=23351-515225424&a=4202 HTTP 307
http://click.whatthetrack.com/?utm_medium=fb2df8ac86656630edd8f361be874ffc0230659c&utm_campaign=Exit-Mainstream

Request Chain 5

http://click.whatthetrack.com/proc.php?33383e1f09c48764e98a2b1469e97e3f6b0390d3 HTTP 302
https://y3oaj.bemobtracks.com/go/4521bf26-191a-4cfb-9c56-ba9e607aa831?sid=6828970538635887605&pub=4225&pid=4225-43570cez HTTP 302
https://www.ports.rocks/offer/143954%7C22144?data2=EUeMTe5zTARtrhsFw2WiN2&tag=EUeMTe5zTARtrhsFw2WiN2

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200	Cookie set 75518eab-382c-48bd-9a63-2e2749079ff7 Show response track.reducerfate.com/ Redirect Chain http://attackingcap.com/login/link.php?M=9417564&N=479&L=3&F=H https://track.reducerfate.com/75518eab-382c-48bd-9a63-2e2749079ff7	832 B 2 KB	239ms 65ms	Document text/html	18.195.149.11 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.reducerfate.com/75518eab-382c-48bd-9a63-2e2749079ff7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.195.149.11 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-149-11.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash `85ce9feb039ef46f987de8f6d705cafc35be910aa611413c6b27efb0f4ab1dcf` Request headers Host track.reducerfate.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx Date Wed, 20 May 2020 16:53:25 GMT Content-Type text/html;charset=UTF-8 Content-Length 832 Connection keep-alive Cache-Control no-store, no-cache, pre-check=0, post-check=0 Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Set-Cookie 75518eab-382c-48bd-9a63-2e2749079ff7-v4=75518eab-382c-48bd-9a63-2e2749079ff7; Max-Age=86400; Expires=Thu, 21-May-2020 16:53:25 GMT; Domain=track.reducerfate.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=wGi2bumQztsj8jrEnNIN7SY%2Fm8WmRMCq5%2BVCmco5pbeTw5KFVgpL6uTaKnrYuu9swxvXNyCLhCfRQXbMe%2F0qcN22myDl8Fu5H0RomM%2F3jTO%2Br3rVMuwo09tio0qfMwKS%2Fscu21imi%2FANMahItkt94w%3D%3D; Max-Age=31536000; Expires=Thu, 20-May-2021 16:53:25 GMT; Domain=track.reducerfate.com; Path=/; Secure; HttpOnly;SameSite=None Redirect headers Date Wed, 20 May 2020 16:53:25 GMT Server Apache Location https://track.reducerfate.com/75518eab-382c-48bd-9a63-2e2749079ff7 Content-Length 0 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET		redirect track.longgatecell.com/	0 0

GET H/1.1	200	redirect track.longgatecell.com/	506 B 779 B	162ms 98ms	Document text/html	18.195.19.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://track.longgatecell.com/redirect?target=BASE64aHR0cHM6Ly9tb25rZXlkb2dneS5jb20vP2E9NDIwMiZjPTI0MTM3JnMxPTc1NTE4ZWFiLTM4MmMtNDhiZC05YTYzLTJlMjc0OTA3OWZmNyZzMj13ZGhhdjVoN2MwZGppZzZ2MWIxcWNqc3E&ts=1589993605449&hash=PmWhRLbw4k5sEHvwkupVmw_f6bpDAi-BLHwByG_RIFE&rm=DJ Requested by Host: track.reducerfate.com URL: https://track.reducerfate.com/75518eab-382c-48bd-9a63-2e2749079ff7 Protocol HTTP/1.1 Server 18.195.19.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-195-19-123.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Host track.longgatecell.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx Date Wed, 20 May 2020 16:53:25 GMT Content-Type text/html;charset=UTF-8 Content-Length 506 Connection keep-alive Cache-Control no-store, no-cache, pre-check=0, post-check=0 Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache
GET H/1.1	200 OK	Cookie set / Show response click.whatthetrack.com/ Redirect Chain https://monkeydoggy.com/?a=4202&c=24137&s1=75518eab-382c-48bd-9a63-2e2749079ff7&s2=wdhav5h7c0djig6v1b1qcjsq https://zesvushop.com/page?cam=11570&country=be&pub=110&r=23351-515225424&a=4202 http://click.whatthetrack.com/?utm_medium=fb2df8ac86656630edd8f361be874ffc0230659c&utm_campaign=Exit-Mainstream	3 KB 2 KB	344ms 271ms	Document text/html	184.154.47.14 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL http://click.whatthetrack.com/?utm_medium=fb2df8ac86656630edd8f361be874ffc0230659c&utm_campaign=Exit-Mainstream Requested by Host: track.longgatecell.com URL: http://track.longgatecell.com/redirect?target=BASE64aHR0cHM6Ly9tb25rZXlkb2dneS5jb20vP2E9NDIwMiZjPTI0MTM3JnMxPTc1NTE4ZWFiLTM4MmMtNDhiZC05YTYzLTJlMjc0OTA3OWZmNyZzMj13ZGhhdjVoN2MwZGppZzZ2MWIxcWNqc3E&ts=1589993605449&hash=PmWhRLbw4k5sEHvwkupVmw_f6bpDAi-BLHwByG_RIFE&rm=DJ Protocol HTTP/1.1 Server 184.154.47.14 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS server04.com-2.mobi Software nginx / PHP/7.3.4 Resource Hash `238e245daa12277c60f6db3f5019227c9723c68fa547877decea3629abb62f8f` Request headers Host click.whatthetrack.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://track.longgatecell.com/redirect?target=BASE64aHR0cHM6Ly9tb25rZXlkb2dneS5jb20vP2E9NDIwMiZjPTI0MTM3JnMxPTc1NTE4ZWFiLTM4MmMtNDhiZC05YTYzLTJlMjc0OTA3OWZmNyZzMj13ZGhhdjVoN2MwZGppZzZ2MWIxcWNqc3E&ts=1589993605449&hash=PmWhRLbw4k5sEHvwkupVmw_f6bpDAi-BLHwByG_RIFE&rm=DJ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://track.longgatecell.com/redirect?target=BASE64aHR0cHM6Ly9tb25rZXlkb2dneS5jb20vP2E9NDIwMiZjPTI0MTM3JnMxPTc1NTE4ZWFiLTM4MmMtNDhiZC05YTYzLTJlMjc0OTA3OWZmNyZzMj13ZGhhdjVoN2MwZGppZzZ2MWIxcWNqc3E&ts=1589993605449&hash=PmWhRLbw4k5sEHvwkupVmw_f6bpDAi-BLHwByG_RIFE&rm=DJ Response headers Server nginx Date Wed, 20 May 2020 16:53:26 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding X-Powered-By PHP/7.3.4 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT Set-Cookie u=a64afff26ff69fa7f5a5daa22db643b3; expires=Thu, 20-May-2021 16:53:26 GMT; Max-Age=31536000; path=/ Content-Encoding gzip Redirect headers Server nginx Date Wed, 20 May 2020 16:53:26 GMT Content-Type text/html Content-Length 0 Connection keep-alive Location http://click.whatthetrack.com/?utm_medium=fb2df8ac86656630edd8f361be874ffc0230659c&utm_campaign=Exit-Mainstream Strict-Transport-Security max-age=63072000 X-Frame-Options SAMEORIGIN
GET H/1.1	200 OK	/ Show response click.whatthetrack.com/	9 KB 3 KB	164ms 163ms	Document text/html	184.154.47.14 SINGLEHOP-LLC
General Check archive.org Show headers Download Go to Full URL http://click.whatthetrack.com/?utm_term=6828970538635887605&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e Requested by Host: click.whatthetrack.com URL: http://click.whatthetrack.com/?utm_medium=fb2df8ac86656630edd8f361be874ffc0230659c&utm_campaign=Exit-Mainstream Protocol HTTP/1.1 Server 184.154.47.14 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US), Reverse DNS server04.com-2.mobi Software nginx / PHP/7.3.4 Resource Hash `b1bee006a436418fc04da3e6d00f838424e9fd990496ccfae5507b9333f0c1a3` Request headers Host click.whatthetrack.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://click.whatthetrack.com/?utm_medium=fb2df8ac86656630edd8f361be874ffc0230659c&utm_campaign=Exit-Mainstream Accept-Encoding gzip, deflate Accept-Language en-US Cookie u=a64afff26ff69fa7f5a5daa22db643b3 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://click.whatthetrack.com/?utm_medium=fb2df8ac86656630edd8f361be874ffc0230659c&utm_campaign=Exit-Mainstream Response headers Server nginx Date Wed, 20 May 2020 16:53:27 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Vary Accept-Encoding X-Powered-By PHP/7.3.4 Cache-Control no-store, no-cache, must-revalidate, max-age=0 Pragma no-cache Expires Thu, 01 Jan 1970 00:00:00 GMT Content-Encoding gzip
GET H/1.1	200 OK	143954%7C22144 Show response www.ports.rocks/offer/ Redirect Chain http://click.whatthetrack.com/proc.php?33383e1f09c48764e98a2b1469e97e3f6b0390d3 https://y3oaj.bemobtracks.com/go/4521bf26-191a-4cfb-9c56-ba9e607aa831?sid=6828970538635887605&pub=4225&pid=4225-43570cez https://www.ports.rocks/offer/143954%7C22144?data2=EUeMTe5zTARtrhsFw2WiN2&tag=EUeMTe5zTARtrhsFw2WiN2	4 KB 5 KB	660ms 60ms	Document text/html	213.32.106.166 OVH
General Check archive.org Show headers Download Go to Full URL https://www.ports.rocks/offer/143954%7C22144?data2=EUeMTe5zTARtrhsFw2WiN2&tag=EUeMTe5zTARtrhsFw2WiN2 Requested by Host: click.whatthetrack.com URL: http://click.whatthetrack.com/?utm_term=6828970538635887605&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.32.106.166 , France, ASN16276 (OVH, FR), Reverse DNS ip166.ip-213-32-106.eu Software openresty / Resource Hash `658883d92784beb03f8aaf77d5d58527631162e3fe9de1a5a9abfc65c6f781ca` Request headers Host www.ports.rocks Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer http://click.whatthetrack.com/?utm_term=6828970538635887605&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://click.whatthetrack.com/?utm_term=6828970538635887605&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b78485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54e# Response headers Server openresty Date Wed, 20 May 2020 16:53:28 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Redirect headers Server nginx Date Wed, 20 May 2020 16:53:27 GMT Content-Type text/html; charset=utf-8 Content-Length 252 Connection keep-alive Access-Control-Allow-Origin * Set-Cookie bemob-uniq-visit:4521bf26-191a-4cfb-9c56-ba9e607aa831=1; Domain=y3oaj.bemobtracks.com; Path=/; Expires=Thu, 21 May 2020 16:53:27 GMT; HttpOnly bemob-click-id=EUeMTe5zTARtrhsFw2WiN2; Domain=y3oaj.bemobtracks.com; Path=/; Expires=Thu, 21 May 2020 16:53:27 GMT; HttpOnly Location https://www.ports.rocks/offer/143954%7C22144?data2=EUeMTe5zTARtrhsFw2WiN2&tag=EUeMTe5zTARtrhsFw2WiN2 Vary Accept X-Response-Time 3.734ms Expires Thu, 01 Jan 1970 00:00:01 GMT Cache-Control no-cache Strict-Transport-Security max-age=0; includeSubDomains
GET H/1.1	200 OK	Primary Request 143954%7C22144 Show response www.ports.rocks/offer/	43 B 320 B	103ms 103ms	Document text/html	213.32.106.166 OVH
General Check archive.org Show headers Download Go to Full URL https://www.ports.rocks/offer/143954%7C22144?data2=EUeMTe5zTARtrhsFw2WiN2&tag=EUeMTe5zTARtrhsFw2WiN2&eyeg=c21a0c2b10b6b7bd5f5269e76ea6dd9e&eyer=0.6568332675328314&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=click.whatthetrack.com Requested by Host: www.ports.rocks URL: https://www.ports.rocks/offer/143954%7C22144?data2=EUeMTe5zTARtrhsFw2WiN2&tag=EUeMTe5zTARtrhsFw2WiN2 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.32.106.166 , France, ASN16276 (OVH, FR), Reverse DNS ip166.ip-213-32-106.eu Software openresty / PHP/7.4.3 Resource Hash `782f0879ded640fd8a64dade36f396703e02443b82c0c2dfe231fdf2809814d7` Request headers Host www.ports.rocks Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site same-origin Sec-Fetch-Mode navigate Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server openresty Date Wed, 20 May 2020 16:53:28 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/7.4.3 Referrer-Policy no-referrer Content-Encoding gzip

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.longgatecell.com
URL: http://track.longgatecell.com/redirect?target=BASE64aHR0cHM6Ly9tb25rZXlkb2dneS5jb20vP2E9NDIwMiZjPTI0MTM3JnMxPTc1NTE4ZWFiLTM4MmMtNDhiZC05YTYzLTJlMjc0OTA3OWZmNyZzMj13ZGhhdjVoN2MwZGppZzZ2MWIxcWNqc3E&ts=1589993605449&hash=PmWhRLbw4k5sEHvwkupVmw_f6bpDAi-BLHwByG_RIFE&rm=DJ

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

attackingcap.com
click.whatthetrack.com
monkeydoggy.com
track.longgatecell.com
track.reducerfate.com
www.ports.rocks
y3oaj.bemobtracks.com
zesvushop.com
track.longgatecell.com
134.122.103.119
18.195.149.11
18.195.19.123
184.154.47.14
213.32.106.166
2a05:d014:286:3502:280f:5c03:88aa:6d81
5.2.73.231
52.214.156.144
238e245daa12277c60f6db3f5019227c9723c68fa547877decea3629abb62f8f
658883d92784beb03f8aaf77d5d58527631162e3fe9de1a5a9abfc65c6f781ca
782f0879ded640fd8a64dade36f396703e02443b82c0c2dfe231fdf2809814d7
85ce9feb039ef46f987de8f6d705cafc35be910aa611413c6b27efb0f4ab1dcf
b1bee006a436418fc04da3e6d00f838424e9fd990496ccfae5507b9333f0c1a3

www.ports.rocks Open in urlscan Pro 213.32.106.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

43 %HTTPS

13 %IPv6

8 Domains

8 Subdomains

5 IPs

5 Countries

12 kBTransfer

17 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

www.ports.rocks Open in urlscan Pro
213.32.106.166 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

43 %
HTTPS

13 %
IPv6

8
Domains

8
Subdomains

5
IPs

5
Countries

12 kB
Transfer

17 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions