2119.liftaxenay.live Open in urlscan Pro
139.162.141.184 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.synaxisreadymix.com/a.htm
Effective URL:
https://2119.liftaxenay.live/jcgwsyrm/?u=t11kd0b&o=zac8myd&m=1&t=anon2&f=1&sid=t4~jh51x02jd5chwqlhv2f3jqmy&fp=RrYpH3CAs0iqhjM...
Submission: On December 21 via api (December 21st 2022, 7:14:52 pm UTC) from SE — Scanned from SE

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 16 HTTP transactions. The main IP is 139.162.141.184, located in and belongs to . The main domain is 2119.liftaxenay.live.
TLS certificate: Issued by R3 on December 13th 2022. Valid for: 3 months.

This is the only time 2119.liftaxenay.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.21.61.116 104.21.61.116	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	172.67.209.157 172.67.209.157	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.21.54.241 104.21.54.241	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	57.128.28.32 57.128.28.32	16276 (OVH) (OVH)
1	139.162.141.184 139.162.141.184	() ()
16	4

1 104.21.61.116 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.synaxisreadymix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.209.157 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.synaxisreadymix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
synaxisreadymix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.54.241 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cartoonmines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 57.128.28.32 (France)

ASN16276 (OVH, FR)

takebonuseshere.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.141.184 (None, )

ASN- ()

2119.liftaxenay.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	synaxisreadymix.com 2 redirects www.synaxisreadymix.com synaxisreadymix.com	8 KB
2	takebonuseshere.life takebonuseshere.life	88 KB
1	liftaxenay.live 2119.liftaxenay.live	2 KB
1	cartoonmines.com cartoonmines.com Failed	831 B
0	easyappcloud.com Failed easyappcloud.com Failed
16	5

	Domain	Requested by
3	www.synaxisreadymix.com	1 redirects www.synaxisreadymix.com
2	takebonuseshere.life	www.synaxisreadymix.com takebonuseshere.life
1	2119.liftaxenay.live	takebonuseshere.life
1	cartoonmines.com	www.synaxisreadymix.com
1	synaxisreadymix.com	1 redirects
0	easyappcloud.com Failed	2119.liftaxenay.live
16	6

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-16` - `2023-06-16`	a year	crt.sh
takebonuseshere.life R3	`2022-11-10` - `2023-02-08`	3 months	crt.sh
*.liftaxenay.live R3	`2022-12-13` - `2023-03-13`	3 months	crt.sh

This page contains 2 frames:

Frame: https://easyappcloud.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D
Frame ID: F8603D28EC06C100DCBE497E856EB76D
Requests: 15 HTTP requests in this frame

Frame: https://takebonuseshere.life/media/mainstream/frame.html
Frame ID: 4CA44AE40D7DCB52C8C1246A7FA0F527
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.synaxisreadymix.com/a.htm HTTP 301
https://www.synaxisreadymix.com/a.htm Page URL
https://synaxisreadymix.com/n26-mise-a-jour-securite-/N26-Link/ HTTP 301
https://www.synaxisreadymix.com/n26-mise-a-jour-securite-/N26-Link/ Page URL
https://cartoonmines.com/anon2 HTTP 302
https://takebonuseshere.life/?u=t11kd0b&o=zac8myd&m=1&t=anon2 Page URL
https://2119.liftaxenay.live/jcgwsyrm/?u=t11kd0b&o=zac8myd&m=1&t=anon2&f=1&sid=t4~jh51x02jd5chwqlhv2f3jqm... Page URL

Page Statistics

16
Requests

31 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

97 kB
Transfer

113 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.synaxisreadymix.com/a.htm HTTP 301
https://www.synaxisreadymix.com/a.htm Page URL
https://synaxisreadymix.com/n26-mise-a-jour-securite-/N26-Link/ HTTP 301
https://www.synaxisreadymix.com/n26-mise-a-jour-securite-/N26-Link/ Page URL
https://cartoonmines.com/anon2 HTTP 302
https://takebonuseshere.life/?u=t11kd0b&o=zac8myd&m=1&t=anon2 Page URL
https://2119.liftaxenay.live/jcgwsyrm/?u=t11kd0b&o=zac8myd&m=1&t=anon2&f=1&sid=t4~jh51x02jd5chwqlhv2f3jqmy&fp=RrYpH3CAs0iqhjMap3eXQoc6nYc%2Fl9zLnK7L7JO1SwdsmbutNxbOoLmhKUz3EYeX46Nx53hV9ZOGeYgX7SAkFNdxVrwhFfvv4Ttfy9dM3sToy54Wm1QR03Hw5NpuvPQPekz9WjkvCEQb0UeJGBpheOyfhfnWLGRnDHZiPiUEHtpBhUp0CGn7%2BTjB1rNB%2BlkFizKCvWxo07RAPh1o1gzKOoyV8X%2B%2B%2Bu3gxw6VYFEnMk6ftyl2JJHqtp7AG91HHYCFX7iJyIJIzUDqyAuKdLxU0nzRfwRAm2EaNWT%2BAR6om%2FFJSN2lUfiQVYvkfr4mkn3N%2BM8sn0%2FNabtIzLHcs6XMzxjJx9ad%2BjWN8TY7pUQCwWGCEf0iRiGFyTGI5Ry30exUx8UbVTtO%2BtN7jFlmQtxtRomk1v0fCAqwWc7KdD0pBOcFvCQN97btrn99H2btykVSvQttqKGo8TPl2NX0237h4JYoQlda20UCyTW%2B8NyJEZdBwmgsyWViF%2FNVIbbAYgwH1cqOylldV3r2u3YxFxV%2BaWZpTrHrYp%2B35HEUkCM%2BNF20l2fkI5NLZC7l7%2BjDir6gJ5UCsNg9kiI8sEwVh4hPoCp8tWOdsr8vnz84pBY%2BXyQjTrFV5%2BP810tpQHDppXWF0vT19proMcnGgHEeGS1dph05O39gS1bw7XLVXO%2BxtTqWRwKFA1ywYSiJ5zy6BkimZlmKiiL8ro2SJ%2FmjGTFHwcKlx2TH1JpkFg%2Fywu8eDrMOastOsGFhl7yN%2B2saj86wuvbIxgJZDSfusyfLmtzxZsF72A7ah6DY96tZeiD2lGbOt5UJvTjl7%2FzIYdGT%2Fn2YCCQ7hijKYzqc4TcFCIl%2FheZRdv3YcXEWMG27OWgLcQsc2%2FPUj5vg%2B2%2FreFeTorBg5I2FyE5HxM3vZMU2jlDjIK%2FnMMJtBSzjGs1Nce3k%2FwWkc7INYXUM17%2BhAjWOcsAhbeIZ2VK5%2BFGMQrt6yu0kzEKMjcTCrTbqhvzS83kQliqF6KDd%2Fd6l7m8m8Z6jBTiP3O8d3rw0uT%2BdXCUQEuRlvktRhTsoDZUfXg1360G4jsynR6JBGM9gVHfK%2B4Y5TQenr%2BbCniyN9xDEbUKkicH2UnxUnb9Tg%2FQQRnlY5kA2oFK08O44g5U53ohjjmcbEWzITlVFmGUZExDznU%2FaoUJdu%2FwvteXjQ%2BDLhH5xRDeAKZMVjdFBImxYTFRDDwkYBEDhs%2Fpi7E9zH4f8GxFjq%2BJcNfSusVzTil4noB4N83aUxrztZ2Lrwuslpnq7R1KnisdPjZpyjehroTMPTqFLPRD8seMWQKNiuAvi9Iyn3jSX8nSbaMJPCMA7KZdIW4YYG12NTV%2BlHnTv5mHoKOEllvqU3b1uT3uh5tgCqLfbpA6tH35sVx3ksIvf0wSTbAaZqA1LzwizGdmQocH2xqQYqalugOv9BJgKUGESxb%2BWXxknLdEUfbbfOgElbGzJ1l%2Fxi2EmHYcV50MXjQAZqsmhxV7xXl0%2FhDCJxEIyhq4QMywbz8giARFdOIPJS5%2BeGsnET9vutmBzafD97suU0OHHiBCYb2dPKUacwiUsLRgoLXIPdixPQNxo0VqUA2Oq3cu%2BNA8BMNh40MCWd9X%2FFc7XULKMGpTEjiWokhcXXWr%2FIEK%2Be4TGlK0AvSPfczEwcEQ6mu%2BDcYgv0T2wEN2ir2v8Isx0iREh6d5x29iYaLzshkx%2BPZ8W86fQUh6nQbtTj7vgVgCWH1DXp%2BiO7b6Umg2U7B6xfKFXuV4%2ByeD11CC6qMLGpsUXsGvo0WjOKNQvGMdoP3g45FHgGLXppnD8PQA%2FujBLIFOpLmrmMdjEYFzUnxNGipXnPGrIcIdW190L3HE7KxDZLYX0V5BZwkgmE7eKc32bCA6nwijI0b8sC6EOYidxx6EyXh%2FgD2r1eTJSeQg37nBI2fGKGZ5uCs2k2KUwJUehdMXtyAGSRhh9O9ARbBXisIM1RWlRuHFV%2BZRz75t9jY5EpUGUXU81P9yl1Pw%2BLhDIsCyDiyXqKoIh36B94MwbtSk%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.synaxisreadymix.com/a.htm HTTP 301
https://www.synaxisreadymix.com/a.htm

Request Chain 1

https://synaxisreadymix.com/n26-mise-a-jour-securite-/N26-Link/ HTTP 301
https://www.synaxisreadymix.com/n26-mise-a-jour-securite-/N26-Link/

Request Chain 12

https://cartoonmines.com/anon2 HTTP 302
https://takebonuseshere.life/?u=t11kd0b&o=zac8myd&m=1&t=anon2

Request Chain 14

https://2119.liftaxenay.live/web/?sid=t4~jh51x02jd5chwqlhv2f3jqmy HTTP 302
https://easyappcloud.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	a.htm Show response www.synaxisreadymix.com/ Redirect Chain http://www.synaxisreadymix.com/a.htm https://www.synaxisreadymix.com/a.htm	107 B 575 B	821ms 700ms	Document text/html	172.67.209.157 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.synaxisreadymix.com/a.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.209.157 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7213728c77f617fcb0e15a90f566e69901d59652c6b5673e7a0afcb51efc4e16` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language se-SE,se;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 77d2f157ef55d0b5-AMS content-encoding br content-type text/html date Wed, 21 Dec 2022 19:14:48 GMT last-modified Wed, 15 Sep 2021 12:45:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LD6vEGAP5e4y4hVU0waN%2B9uO3ezD6ilkm5wJo1OGq3DoQ2a2MoqiFGYiS2B%2FUE2%2BOvUVq93mY%2BWQc2g6kHxwFob0sIhInnLFQHrJrhukrZpmyGzel21o3Ra%2BczfRjov55XSB4agD3tt0ug%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers CF-RAY 77d2f156b8980e00-AMS Cache-Control max-age=3600 Connection keep-alive Date Wed, 21 Dec 2022 19:14:47 GMT Expires Wed, 21 Dec 2022 20:14:47 GMT Location https://www.synaxisreadymix.com/a.htm NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56fiwzfCHsxPYwkmd5SgQTXbYCmD7nXXILq%2FsBt0s5OC2HS2Czuemf9T%2BGFH8DZmmNKcUrB88fhovrDAoZiqZnc%2FqQT82FoGBGWHRKY0JLNmZRNehtnmWZlMnztOkmH%2BjsAvYWL8wvwdQA%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	404	/ www.synaxisreadymix.com/n26-mise-a-jour-securite-/N26-Link/ Redirect Chain https://synaxisreadymix.com/n26-mise-a-jour-securite-/N26-Link/ https://www.synaxisreadymix.com/n26-mise-a-jour-securite-/N26-Link/	23 KB 6 KB	514ms 512ms	Document text/html	172.67.209.157 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.synaxisreadymix.com/n26-mise-a-jour-securite-/N26-Link/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.209.157 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.33 Resource Hash Request headers Referer https://www.synaxisreadymix.com/a.htm Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language se-SE,se;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, must-revalidate, max-age=0 cf-cache-status DYNAMIC cf-ray 77d2f1626d2ed0b5-AMS content-encoding br content-type text/html; charset=UTF-8 date Wed, 21 Dec 2022 19:14:49 GMT expires Wed, 11 Jan 1984 05:00:00 GMT link <https://www.synaxisreadymix.com/index.php/wp-json/>; rel="https://api.w.org/" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRy2VoAt63JHVXy6Mwgj4N6%2B7J6NeL1MrUxF5YOPSAdJw%2F1K1G8OJfPfGgObZyI5tCbzEIuuf479iwcLef38KyynotaBPqimJ4o%2F4ohgwpa61IyK1t3MqAReil5V3njnFpyJw0Jq%2FlGHyw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding,Cookie x-powered-by PHP/7.1.33 Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control max-age=3600 cf-cache-status DYNAMIC cf-ray 77d2f15ccd8ad0b5-AMS content-type text/html; charset=UTF-8 date Wed, 21 Dec 2022 19:14:49 GMT expires Wed, 21 Dec 2022 20:14:49 GMT location https://www.synaxisreadymix.com/n26-mise-a-jour-securite-/N26-Link/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fl%2BmBdTikKGugxbMIP6h5V1NTOmm1gstzhKQX%2FdUvRPI%2F1ZUZcxk6NQmp6C21bXuUhZcDZJWJmTdp7nS86Hlhf9khuheIgVHwTZUlb%2BdhdLBt9%2BpaUwUCYaa3rtA1Cm49fkGuNvf"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding,Cookie x-powered-by PHP/7.1.33 x-redirect-by WordPress
GET		style.min.css www.synaxisreadymix.com/wp-content/themes/Avada/assets/css/	0 0

GET		eb7ad3b1443ffba972ea9268bee7313a.min.css www.synaxisreadymix.com/wp-content/uploads/fusion-styles/	0 0

GET		jquery.js www.synaxisreadymix.com/wp-includes/js/jquery/	0 0

GET		jquery-migrate.min.js www.synaxisreadymix.com/wp-includes/js/jquery/	0 0

GET		Logo-e1563873146532.jpg www.synaxisreadymix.com/wp-content/uploads/2019/07/	0 0

GET		email-decode.min.js www.synaxisreadymix.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/	0 0

GET		scripts.js www.synaxisreadymix.com/wp-content/plugins/contact-form-7/includes/js/	0 0

GET		b3579878a010ddba3a8823ccff96f3d7.min.js www.synaxisreadymix.com/wp-content/uploads/fusion-scripts/	0 0

GET		wp-embed.min.js www.synaxisreadymix.com/wp-includes/js/	0 0

GET		anon2 cartoonmines.com/	0 0

GET H/1.1	200 OK	/ Show response takebonuseshere.life/ Redirect Chain https://cartoonmines.com/anon2 https://takebonuseshere.life/?u=t11kd0b&o=zac8myd&m=1&t=anon2	88 KB 88 KB	361ms 132ms	Document text/html	57.128.28.32 OVH
General Check archive.org Show headers Download Go to Full URL https://takebonuseshere.life/?u=t11kd0b&o=zac8myd&m=1&t=anon2 Requested by Host: www.synaxisreadymix.com URL: https://www.synaxisreadymix.com/n26-mise-a-jour-securite-/N26-Link/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 57.128.28.32 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash `18b58c1c7ae4566f1757b7627a0725b2fee2536718b7568d002acb26535156a4` Request headers Referer https://www.synaxisreadymix.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language se-SE,se;q=0.9 Response headers Cache-Control no-transform Connection keep-alive Content-Length 89834 Content-Type text/html Date Wed, 21 Dec 2022 19:14:50 GMT Server nginx cache-control private Redirect headers access-control-allow-origin * alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 77d2f1665a7eb509-OSL content-type text/html; charset=UTF-8 date Wed, 21 Dec 2022 19:14:50 GMT expires 0 location https://takebonuseshere.life/?u=t11kd0b&o=zac8myd&m=1&t=anon2 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sTUCL%2FAhjzicMoLI8Kd3e0CY17SOSqKZsn%2BILrERsrfS0iKx16h3NjrN%2BPSIXv5hLYTcnLDld4byTjmb%2BUqRSAdRTf%2BcL6gknUUnTv2KjI7tA3t9Vs%2BgTl78TktxcteIyIE"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H/1.1	200 OK	frame.html takebonuseshere.life/media/mainstream/ Frame 4CA4	39 B 320 B	283ms 126ms	Document text/html	57.128.28.32 OVH
General Check archive.org Show headers Download Go to Full URL https://takebonuseshere.life/media/mainstream/frame.html Requested by Host: takebonuseshere.life URL: https://takebonuseshere.life/?u=t11kd0b&o=zac8myd&m=1&t=anon2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 57.128.28.32 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash Request headers Referer https://takebonuseshere.life/?u=t11kd0b&o=zac8myd&m=1&t=anon2 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language se-SE,se;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-transform Connection keep-alive Content-Length 39 Content-Type text/html Date Wed, 21 Dec 2022 19:14:50 GMT ETag "60a5fcce-27" Last-Modified Thu, 20 May 2021 06:08:14 GMT Server nginx Vary Accept-Encoding
GET H/1.1	200 OK	Primary Request / 2119.liftaxenay.live/jcgwsyrm/	2 KB 2 KB	1459ms 123ms	Document text/html	139.162.141.184
General Check archive.org Show headers Download Go to Full URL https://2119.liftaxenay.live/jcgwsyrm/?u=t11kd0b&o=zac8myd&m=1&t=anon2&f=1&sid=t4~jh51x02jd5chwqlhv2f3jqmy&fp=RrYpH3CAs0iqhjMap3eXQoc6nYc%2Fl9zLnK7L7JO1SwdsmbutNxbOoLmhKUz3EYeX46Nx53hV9ZOGeYgX7SAkFNdxVrwhFfvv4Ttfy9dM3sToy54Wm1QR03Hw5NpuvPQPekz9WjkvCEQb0UeJGBpheOyfhfnWLGRnDHZiPiUEHtpBhUp0CGn7%2BTjB1rNB%2BlkFizKCvWxo07RAPh1o1gzKOoyV8X%2B%2B%2Bu3gxw6VYFEnMk6ftyl2JJHqtp7AG91HHYCFX7iJyIJIzUDqyAuKdLxU0nzRfwRAm2EaNWT%2BAR6om%2FFJSN2lUfiQVYvkfr4mkn3N%2BM8sn0%2FNabtIzLHcs6XMzxjJx9ad%2BjWN8TY7pUQCwWGCEf0iRiGFyTGI5Ry30exUx8UbVTtO%2BtN7jFlmQtxtRomk1v0fCAqwWc7KdD0pBOcFvCQN97btrn99H2btykVSvQttqKGo8TPl2NX0237h4JYoQlda20UCyTW%2B8NyJEZdBwmgsyWViF%2FNVIbbAYgwH1cqOylldV3r2u3YxFxV%2BaWZpTrHrYp%2B35HEUkCM%2BNF20l2fkI5NLZC7l7%2BjDir6gJ5UCsNg9kiI8sEwVh4hPoCp8tWOdsr8vnz84pBY%2BXyQjTrFV5%2BP810tpQHDppXWF0vT19proMcnGgHEeGS1dph05O39gS1bw7XLVXO%2BxtTqWRwKFA1ywYSiJ5zy6BkimZlmKiiL8ro2SJ%2FmjGTFHwcKlx2TH1JpkFg%2Fywu8eDrMOastOsGFhl7yN%2B2saj86wuvbIxgJZDSfusyfLmtzxZsF72A7ah6DY96tZeiD2lGbOt5UJvTjl7%2FzIYdGT%2Fn2YCCQ7hijKYzqc4TcFCIl%2FheZRdv3YcXEWMG27OWgLcQsc2%2FPUj5vg%2B2%2FreFeTorBg5I2FyE5HxM3vZMU2jlDjIK%2FnMMJtBSzjGs1Nce3k%2FwWkc7INYXUM17%2BhAjWOcsAhbeIZ2VK5%2BFGMQrt6yu0kzEKMjcTCrTbqhvzS83kQliqF6KDd%2Fd6l7m8m8Z6jBTiP3O8d3rw0uT%2BdXCUQEuRlvktRhTsoDZUfXg1360G4jsynR6JBGM9gVHfK%2B4Y5TQenr%2BbCniyN9xDEbUKkicH2UnxUnb9Tg%2FQQRnlY5kA2oFK08O44g5U53ohjjmcbEWzITlVFmGUZExDznU%2FaoUJdu%2FwvteXjQ%2BDLhH5xRDeAKZMVjdFBImxYTFRDDwkYBEDhs%2Fpi7E9zH4f8GxFjq%2BJcNfSusVzTil4noB4N83aUxrztZ2Lrwuslpnq7R1KnisdPjZpyjehroTMPTqFLPRD8seMWQKNiuAvi9Iyn3jSX8nSbaMJPCMA7KZdIW4YYG12NTV%2BlHnTv5mHoKOEllvqU3b1uT3uh5tgCqLfbpA6tH35sVx3ksIvf0wSTbAaZqA1LzwizGdmQocH2xqQYqalugOv9BJgKUGESxb%2BWXxknLdEUfbbfOgElbGzJ1l%2Fxi2EmHYcV50MXjQAZqsmhxV7xXl0%2FhDCJxEIyhq4QMywbz8giARFdOIPJS5%2BeGsnET9vutmBzafD97suU0OHHiBCYb2dPKUacwiUsLRgoLXIPdixPQNxo0VqUA2Oq3cu%2BNA8BMNh40MCWd9X%2FFc7XULKMGpTEjiWokhcXXWr%2FIEK%2Be4TGlK0AvSPfczEwcEQ6mu%2BDcYgv0T2wEN2ir2v8Isx0iREh6d5x29iYaLzshkx%2BPZ8W86fQUh6nQbtTj7vgVgCWH1DXp%2BiO7b6Umg2U7B6xfKFXuV4%2ByeD11CC6qMLGpsUXsGvo0WjOKNQvGMdoP3g45FHgGLXppnD8PQA%2FujBLIFOpLmrmMdjEYFzUnxNGipXnPGrIcIdW190L3HE7KxDZLYX0V5BZwkgmE7eKc32bCA6nwijI0b8sC6EOYidxx6EyXh%2FgD2r1eTJSeQg37nBI2fGKGZ5uCs2k2KUwJUehdMXtyAGSRhh9O9ARbBXisIM1RWlRuHFV%2BZRz75t9jY5EpUGUXU81P9yl1Pw%2BLhDIsCyDiyXqKoIh36B94MwbtSk%3D Requested by Host: takebonuseshere.life URL: https://takebonuseshere.life/?u=t11kd0b&o=zac8myd&m=1&t=anon2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 139.162.141.184 -, , ASN (), Reverse DNS Software nginx / Resource Hash Request headers Referer https://takebonuseshere.life/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language se-SE,se;q=0.9 Response headers Cache-Control no-transform Connection keep-alive Content-Length 1554 Content-Type text/html Date Wed, 21 Dec 2022 19:12:25 GMT Server nginx cache-control private
GET		/ easyappcloud.com/ Redirect Chain https://2119.liftaxenay.live/web/?sid=t4~jh51x02jd5chwqlhv2f3jqmy https://easyappcloud.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.synaxisreadymix.com
URL: https://www.synaxisreadymix.com/wp-content/themes/Avada/assets/css/style.min.css?ver=5.9.1

Domain: www.synaxisreadymix.com
URL: https://www.synaxisreadymix.com/wp-content/uploads/fusion-styles/eb7ad3b1443ffba972ea9268bee7313a.min.css?ver=5.2.17

Domain: www.synaxisreadymix.com
URL: https://www.synaxisreadymix.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Domain: www.synaxisreadymix.com
URL: https://www.synaxisreadymix.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Domain: www.synaxisreadymix.com
URL: https://www.synaxisreadymix.com/wp-content/uploads/2019/07/Logo-e1563873146532.jpg

Domain: www.synaxisreadymix.com
URL: https://www.synaxisreadymix.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Domain: www.synaxisreadymix.com
URL: https://www.synaxisreadymix.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4

Domain: www.synaxisreadymix.com
URL: https://www.synaxisreadymix.com/wp-content/uploads/fusion-scripts/b3579878a010ddba3a8823ccff96f3d7.min.js

Domain: www.synaxisreadymix.com
URL: https://www.synaxisreadymix.com/wp-includes/js/wp-embed.min.js?ver=5.2.17

Domain: cartoonmines.com
URL: https://cartoonmines.com/anon2

Domain: easyappcloud.com
URL: https://easyappcloud.com/?url=I4WHKFughjIM4OSrD1FhgflBuuchpNyX022dpkYZcRKOs%2BnHIiVJuj9KMLIJmLpbmQBltWEJtmiCqo%2BCL3smdYsLZJxTOx4KKCslpeNP9Sk06hpPcywqTw%3D%3D

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
synaxisreadymix.com/	1970-01-20 08:22:16	Name: ht_rr Value: 1
www.synaxisreadymix.com/	1970-01-20 08:22:16	Name: ht_rr Value: 1
cartoonmines.com/	1970-01-20 09:05:28	Name: _subid Value: 2if17v2lgt0h
cartoonmines.com/	1970-01-20 17:56:50	Name: 2d1e5 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjExOVwiOjE2NzE2NTAwOTB9LFwiY2FtcGFpZ25zXCI6e1wiMTlcIjoxNjcxNjUwMDkwfSxcInRpbWVcIjoxNjcxNjUwMDkwfSJ9.iVAU6p5cFDaHgZTuCIVnm8Sq_oyMim_rZGLnQsucGtk
takebonuseshere.life/	1969-12-31 23:59:59	Name: sid Value: t4~jh51x02jd5chwqlhv2f3jqmy
takebonuseshere.life/	1969-12-31 23:59:59	Name: p1 Value: https://liftaxenay.live/jcgwsyrm/
takebonuseshere.life/	1969-12-31 23:59:59	Name: s1 Value: mntc7zcky41srewt

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.synaxisreadymix.com/n26-mise-a-jour-securite-/N26-Link/ Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2119.liftaxenay.live
cartoonmines.com
easyappcloud.com
synaxisreadymix.com
takebonuseshere.life
www.synaxisreadymix.com
cartoonmines.com
easyappcloud.com
www.synaxisreadymix.com
104.21.54.241
104.21.61.116
139.162.141.184
172.67.209.157
57.128.28.32
18b58c1c7ae4566f1757b7627a0725b2fee2536718b7568d002acb26535156a4
7213728c77f617fcb0e15a90f566e69901d59652c6b5673e7a0afcb51efc4e16

2119.liftaxenay.live Open in urlscan Pro 139.162.141.184 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

16 Requests

31 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

4 IPs

3 Countries

97 kBTransfer

113 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

7 Cookies

1 Console Messages

Indicators

2119.liftaxenay.live Open in urlscan Pro
139.162.141.184 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

31 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

4
IPs

3
Countries

97 kB
Transfer

113 kB
Size

7
Cookies

16 HTTP transactions
0 data transactions