destinyfw.xyz
Open in
urlscan Pro
2606:4700:3036::6815:3f77
Public Scan
Effective URL: https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5=
Submission: On May 29 via manual from FI — Scanned from FI
Summary
TLS certificate: Issued by GTS CA 1P5 on April 14th 2023. Valid for: 3 months.
This is the only time destinyfw.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 151.101.65.195 151.101.65.195 | 54113 (FASTLY) (FASTLY) | |
1 2 | 85.143.174.199 85.143.174.199 | 201848 (TRADERSOFT) (TRADERSOFT) | |
1 1 | 141.95.107.214 141.95.107.214 | 16276 (OVH) (OVH) | |
1 1 | 34.117.79.165 34.117.79.165 | 396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM) | |
1 10 | 2606:4700:303... 2606:4700:3036::6815:3f77 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2606:4700:303... 2606:4700:3037::6815:4392 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 20.50.64.3 20.50.64.3 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
15 | 4 |
ASN201848 (TRADERSOFT, RU)
PTR: 318785.simplecloud.ru
85.143.174.199 |
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 165.79.117.34.bc.googleusercontent.com
www.lpredirect.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
destinyfw.xyz
1 redirects
destinyfw.xyz |
606 KB |
3 |
virtualpushplatform.com
virtualpushplatform.com — Cisco Umbrella Rank: 554887 |
5 KB |
2 |
pushserve.xyz
pushserve.xyz — Cisco Umbrella Rank: 348741 |
2 KB |
2 |
amz.run
2 redirects
amz.run — Cisco Umbrella Rank: 516905 |
976 B |
1 |
lpredirect.com
1 redirects
www.lpredirect.com — Cisco Umbrella Rank: 577897 |
485 B |
1 |
deals2cantia.com
1 redirects
www.deals2cantia.com |
620 B |
15 | 6 |
Domain | Requested by | |
---|---|---|
10 | destinyfw.xyz |
1 redirects
85.143.174.199
destinyfw.xyz |
3 | virtualpushplatform.com |
destinyfw.xyz
virtualpushplatform.com |
2 | pushserve.xyz |
virtualpushplatform.com
|
2 | amz.run | 2 redirects |
1 | www.lpredirect.com | 1 redirects |
1 | www.deals2cantia.com | 1 redirects |
15 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
destinyfw.xyz GTS CA 1P5 |
2023-04-14 - 2023-07-13 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-02-14 - 2024-02-13 |
a year | crt.sh |
pushserve.xyz Sectigo RSA Domain Validation Secure Server CA |
2022-08-01 - 2023-08-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5=
Frame ID: FA6B12A60EA15DC1371B768D2C5BFBE8
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
(1) IlmoitusPage URL History Show full URLs
-
http://amz.run/6jAJ
HTTP 301
https://amz.run/6jAJ HTTP 302
http://85.143.174.199:8181/redirecting Page URL
-
http://85.143.174.199//fwd/P2Q9NjYxMDYmZWk9NDgwNDkzNTQmaWY9NzUxMSZsaT05
HTTP 302
https://www.deals2cantia.com/39S8941/21D8NQ8J/?sub1=66106&sub2=48049354-9&sub3=7511 HTTP 302
https://www.lpredirect.com/24QSBG/DHP7FXN/?source_id=1428&sub1=9bbe73612d7a458c8c375bc7d2922aee HTTP 302
https://destinyfw.xyz/dhdqzNMTQ6/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=... HTTP 302
https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4... Page URL
Detected technologies
Laravel (Web Frameworks) ExpandDetected patterns
animate.css (Web Frameworks) Expand
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://amz.run/6jAJ
HTTP 301
https://amz.run/6jAJ HTTP 302
http://85.143.174.199:8181/redirecting Page URL
-
http://85.143.174.199//fwd/P2Q9NjYxMDYmZWk9NDgwNDkzNTQmaWY9NzUxMSZsaT05
HTTP 302
https://www.deals2cantia.com/39S8941/21D8NQ8J/?sub1=66106&sub2=48049354-9&sub3=7511 HTTP 302
https://www.lpredirect.com/24QSBG/DHP7FXN/?source_id=1428&sub1=9bbe73612d7a458c8c375bc7d2922aee HTTP 302
https://destinyfw.xyz/dhdqzNMTQ6/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= HTTP 302
https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://amz.run/6jAJ HTTP 301
- https://amz.run/6jAJ HTTP 302
- http://85.143.174.199:8181/redirecting
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
redirecting
85.143.174.199/ Redirect Chain
|
439 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
destinyfw.xyz/ Redirect Chain
|
13 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
style.css
destinyfw.xyz/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
animate.min.css
destinyfw.xyz/css/ |
57 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ace-push.js
virtualpushplatform.com/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
destinyfw.xyz/images/ |
65 KB 65 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
package.png
destinyfw.xyz/images/ |
17 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
loading.gif
destinyfw.xyz/images/ |
490 KB 491 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
check.png
destinyfw.xyz/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
product.png
destinyfw.xyz/images/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
script.js
destinyfw.xyz/js/ |
13 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
visit
pushserve.xyz/api/v1/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
visit
pushserve.xyz/api/v1/ |
1 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H3 |
log-client-error
virtualpushplatform.com/api/v1/visit/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
log-client-error
virtualpushplatform.com/api/v1/visit/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| initializeAcePush function| setBaseUrl function| getLocation function| registerServiceWorker7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
85.143.174.199/ | Name: XSRF-TOKEN Value: eyJpdiI6ImVPVDB4alBtQkxibkJic2tqcytzSnc9PSIsInZhbHVlIjoiOGhWWHR5c3JsSklGUmtxSmtNUWNhU0t5eUJDWDRMZCtUQ0xSbWF0SVREdWM4M0NBNEZmbFFHakwvancyY2ZBalVFSXRkTjVLNGJVZG5VcjcwSk0zRGhReWlFMGN4WVBTU3BxeDh5Qm1jb3lOK2d2aDVBaS90TU1IUzV0eHNNS0EiLCJtYWMiOiI4OTBjZGQwY2M0YTVhZWE5YTUzZWRjMTc4OTA1NzA4OWQxMjBhZmI1ZWZjMjgxZTQxYjZlOGY0N2NmYmE5ZWU3IiwidGFnIjoiIn0%3D |
|
85.143.174.199/ | Name: laravel_session Value: eyJpdiI6IktwMzhqQUdxNlloQXNmT3pCN0h2ZEE9PSIsInZhbHVlIjoiN2hiSjRjYXhBQ1R4Umhta1dqUVZmbURWQzZFMlFXaGJ1OVduQllwNEZ3ekxocEdDcEx1ZmpVZ1dCQ29YU0twQUY4MDJHQ215cXRxeThZbDN5RmpOKytiRm1YZzJGTDV4dlBIOEl2aGI1SWZ2SnNMRlpPV2JtUHpCWnBFNjJ1TmoiLCJtYWMiOiJkOTllYjU1YjhmZTcwMzc3YzhkZjFkOGY1MWQ4OWM4MmNkM2JhMDExYjc4YzNmNGFiYjk0MGEzNjMwYTY2ZWM0IiwidGFnIjoiIn0%3D |
|
www.lpredirect.com/ | Name: uniqueClick_DHP7FXN Value: bf4291b2-a4a9-4e02-8b8c-786393825f1a:1685340039 |
|
www.lpredirect.com/ | Name: transaction_id Value: 6a07b2d57e314744b92060a08b2409dc |
|
destinyfw.xyz/ | Name: SESSIONIDS Value: dhdqzNMTQ6 |
|
.virtualpushplatform.com/ | Name: TiPMix Value: 2.1697757631634063 |
|
.virtualpushplatform.com/ | Name: x-ms-routing-name Value: self |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amz.run
destinyfw.xyz
pushserve.xyz
virtualpushplatform.com
www.deals2cantia.com
www.lpredirect.com
141.95.107.214
151.101.65.195
20.50.64.3
2606:4700:3036::6815:3f77
2606:4700:3037::6815:4392
34.117.79.165
85.143.174.199
2d9eab540d8cf223b38041464c2fb6e7b7ed61e2d0052143b08ae1fc56cb071f
324fcaa022e7461f0e9307fc28b74c1b293d1ef7a5629271770e36394d200a23
3b19eeb21d7fbd9b8b260e57c2d9198f83732339a9e3cbd5d2264f77e722df26
3cb9c5a643cf21f453637d1c5e4cca7fd5a2cda687e0b1711056508a52fe09a4
4c055e6d0d9ba2b8f1be4719110e92c1b9499ed0759f0d1c48fccd16a7b31dcf
6a0a8080f4a518e4ea683497ecf8871c3a1aa69f492b0e0cbabe220ff8019f1a
6b83282d850d687d049f53f4fd97aec0aa73981c65e77ea38487ae5500c05767
8223ce1fe4adee1ad538aff400d2735eac21a87fea16c50ed9d70180a1ddbfd6
910138d05875d80d59bf575a8eb743ed78d3f23129ddc8111ca21884dee51c20
b3363883cddb4e0daa825b5c23b6ef0c512fc7eaab9b42939800f41bc4002b47
dd61c75f11dc5751a169179a16af82a97382eb701106d5a4fb114d93bb74815d