destinyfw.xyz Open in urlscan Pro
2606:4700:3036::6815:3f77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://amz.run/6jAJ#/fwd/P2Q9NjYxMDYmZWk9NDgwNDkzNTQmaWY9NzUxMSZsaT05
Effective URL:
https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5=
Submission: On May 29 via manual (May 29th 2023, 6:00:48 am UTC) from FI — Scanned from FI

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 4 countries across 6 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3036::6815:3f77, located in United States and belongs to CLOUDFLARENET, US. The main domain is destinyfw.xyz.
TLS certificate: Issued by GTS CA 1P5 on April 14th 2023. Valid for: 3 months.

This is the only time destinyfw.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
1 2	85.143.174.199 85.143.174.199	201848 (TRADERSOFT) (TRADERSOFT)
1 1	141.95.107.214 141.95.107.214	16276 (OVH) (OVH)
1 1	34.117.79.165 34.117.79.165	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 10	2606:4700:303... 2606:4700:3036::6815:3f77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3037::6815:4392	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	20.50.64.3 20.50.64.3	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
15	4

2 151.101.65.195 (United States) 2 redirects

ASN54113 (FASTLY, US)

amz.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.143.174.199 (Russian Federation) 1 redirects

ASN201848 (TRADERSOFT, RU)
PTR: 318785.simplecloud.ru

85.143.174.199	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.107.214 (France) 1 redirects

ASN16276 (OVH, FR)

www.deals2cantia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.79.165 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 165.79.117.34.bc.googleusercontent.com

www.lpredirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3036::6815:3f77 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

destinyfw.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:4392 (United States)

ASN13335 (CLOUDFLARENET, US)

virtualpushplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.64.3 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

pushserve.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	destinyfw.xyz 1 redirects destinyfw.xyz	606 KB
3	virtualpushplatform.com virtualpushplatform.com — Cisco Umbrella Rank: 554887	5 KB
2	pushserve.xyz pushserve.xyz — Cisco Umbrella Rank: 348741	2 KB
2	amz.run 2 redirects amz.run — Cisco Umbrella Rank: 516905	976 B
1	lpredirect.com 1 redirects www.lpredirect.com — Cisco Umbrella Rank: 577897	485 B
1	deals2cantia.com 1 redirects www.deals2cantia.com	620 B
15	6

	Domain	Requested by
10	destinyfw.xyz	1 redirects 85.143.174.199 destinyfw.xyz
3	virtualpushplatform.com	destinyfw.xyz virtualpushplatform.com
2	pushserve.xyz	virtualpushplatform.com
2	amz.run	2 redirects
1	www.lpredirect.com	1 redirects
1	www.deals2cantia.com	1 redirects
15	6

This site contains no links.

Subject Issuer	Validity	Valid
destinyfw.xyz GTS CA 1P5	`2023-04-14` - `2023-07-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-14` - `2024-02-13`	a year	crt.sh
pushserve.xyz Sectigo RSA Domain Validation Secure Server CA	`2022-08-01` - `2023-08-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5=
Frame ID: FA6B12A60EA15DC1371B768D2C5BFBE8
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

(1) Ilmoitus

Page URL History Show full URLs

http://amz.run/6jAJ HTTP 301
https://amz.run/6jAJ HTTP 302
http://85.143.174.199:8181/redirecting Page URL
http://85.143.174.199//fwd/P2Q9NjYxMDYmZWk9NDgwNDkzNTQmaWY9NzUxMSZsaT05 HTTP 302
https://www.deals2cantia.com/39S8941/21D8NQ8J/?sub1=66106&sub2=48049354-9&sub3=7511 HTTP 302
https://www.lpredirect.com/24QSBG/DHP7FXN/?source_id=1428&sub1=9bbe73612d7a458c8c375bc7d2922aee HTTP 302
https://destinyfw.xyz/dhdqzNMTQ6/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=... HTTP 302
https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4... Page URL

Detected technologies

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Page Statistics

15
Requests

93 %
HTTPS

29 %
IPv6

6
Domains

6
Subdomains

4
IPs

4
Countries

614 kB
Transfer

701 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://amz.run/6jAJ HTTP 301
https://amz.run/6jAJ HTTP 302
http://85.143.174.199:8181/redirecting Page URL
http://85.143.174.199//fwd/P2Q9NjYxMDYmZWk9NDgwNDkzNTQmaWY9NzUxMSZsaT05 HTTP 302
https://www.deals2cantia.com/39S8941/21D8NQ8J/?sub1=66106&sub2=48049354-9&sub3=7511 HTTP 302
https://www.lpredirect.com/24QSBG/DHP7FXN/?source_id=1428&sub1=9bbe73612d7a458c8c375bc7d2922aee HTTP 302
https://destinyfw.xyz/dhdqzNMTQ6/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= HTTP 302
https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://amz.run/6jAJ HTTP 301
https://amz.run/6jAJ HTTP 302
http://85.143.174.199:8181/redirecting

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	redirecting 85.143.174.199/ Redirect Chain http://amz.run/6jAJ https://amz.run/6jAJ http://85.143.174.199:8181/redirecting	439 B 2 KB	524ms 451ms	Document text/html	85.143.174.199 TRADERSOFT
General Check archive.org Show headers Download Go to Full URL http://85.143.174.199:8181/redirecting Protocol HTTP/1.1 Server 85.143.174.199 , Russian Federation, ASN201848 (TRADERSOFT, RU), Reverse DNS 318785.simplecloud.ru Software Apache/2.4.6 (CentOS) PHP/7.4.33 / PHP/7.4.33 Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers Cache-Control no-cache, private Connection Keep-Alive Content-Length 439 Content-Type text/html; charset=UTF-8 Date Mon, 29 May 2023 06:00:37 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.6 (CentOS) PHP/7.4.33 X-Powered-By PHP/7.4.33 Redirect headers accept-ranges bytes access-control-allow-headers Content-Type access-control-allow-methods GET access-control-allow-origin * access-control-max-age 3666 alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=utf-8 date Mon, 29 May 2023 06:00:37 GMT expires 0 function-execution-id 16m06zeh5hb1 location http://85.143.174.199:8181/redirecting pragma no-cache referer amz.run server Google Frontend strict-transport-security max-age=31556926 vary Origin, Accept,cookie,need-authorization, x-fh-requested-host, accept-encoding x-cache MISS x-cache-hits 0 x-cloud-trace-context 1d38c9493fb5fa8bf892837c44c6e5fc x-country-code FI x-orig-accept-language fi-FI,fi;q=0.9 x-powered-by Express x-served-by cache-bma1640-BMA x-timer S1685340037.069897,VS0,VE208
GET H2	200	Primary Request / Show response destinyfw.xyz/ Redirect Chain http://85.143.174.199//fwd/P2Q9NjYxMDYmZWk9NDgwNDkzNTQmaWY9NzUxMSZsaT05 https://www.deals2cantia.com/39S8941/21D8NQ8J/?sub1=66106&sub2=48049354-9&sub3=7511 https://www.lpredirect.com/24QSBG/DHP7FXN/?source_id=1428&sub1=9bbe73612d7a458c8c375bc7d2922aee https://destinyfw.xyz/dhdqzNMTQ6/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5=	13 KB 3 KB	263ms 263ms	Document text/html	2606:4700:3036::6815:3f77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= Requested by Host: 85.143.174.199 URL: http://85.143.174.199:8181/redirecting Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::6815:3f77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2d9eab540d8cf223b38041464c2fb6e7b7ed61e2d0052143b08ae1fc56cb071f` Request headers Referer http://85.143.174.199:8181/redirecting#/fwd/P2Q9NjYxMDYmZWk9NDgwNDkzNTQmaWY9NzUxMSZsaT05 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7cec84b6e875b50c-OSL content-encoding br content-type text/html date Mon, 29 May 2023 06:00:40 GMT last-modified Fri, 14 Apr 2023 09:15:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FdhSGNGG8ITe%2BWnxEdndFvtWNc6uYFY4j9WEF1fBNNHFbOVfoxhFycyDQzWqPHBpNuykDRs8QsiRJ0GbApr5pzEcGOtJ6nvYhLlLALmK3bIu58u93LNq%2BiCUFQpbo0b5PFZYBUEtEHhsaEf"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7cec84af58b5b50c-OSL content-type text/html date Mon, 29 May 2023 06:00:40 GMT location https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSEFwL8BsP1uYk%2FLOqQedCMzmLKsMqlXG2%2FCi%2F8U8l%2BPBWQkzcur8msB%2FV%2FlEj7kKpNhH%2Begpk59y0xjLqzC7jXt7ku%2FozU%2BLoz9BXdxYr%2BgEWmSXFhl0lDZcvFc6UjVc6nIIqLnridenlJn"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	style.css destinyfw.xyz/css/	10 KB 2 KB	725ms 724ms	Stylesheet text/css	2606:4700:3036::6815:3f77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://destinyfw.xyz/css/style.css Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:3f77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `324fcaa022e7461f0e9307fc28b74c1b293d1ef7a5629271770e36394d200a23` Request headers accept-language fi-FI,fi;q=0.9 Referer https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 06:00:41 GMT content-encoding br cf-cache-status DYNAMIC last-modified Fri, 14 Apr 2023 09:15:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"4167792921" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmm87T%2BprI2r%2BWx5n0OFySzwJnDfDDUyBoqr9mfiQFEw2YcaXl2HIH77rYMFMP%2FwmTrrXx0LGfZdsShw6oHG7Sip3NoGrHmmVv8Ww%2FZYclYd4ctUvrs7%2BUqXdB2kQBkoGvf%2FJXTX2UxrCc0g"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cf-ray 7cec84b8ba8eb50b-OSL alt-svc h3=":443"; ma=86400
GET H3	200	animate.min.css destinyfw.xyz/css/	57 KB 5 KB	871ms 869ms	Stylesheet text/css	2606:4700:3036::6815:3f77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://destinyfw.xyz/css/animate.min.css Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:3f77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4c055e6d0d9ba2b8f1be4719110e92c1b9499ed0759f0d1c48fccd16a7b31dcf` Request headers accept-language fi-FI,fi;q=0.9 Referer https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 06:00:41 GMT content-encoding br cf-cache-status DYNAMIC last-modified Fri, 14 Apr 2023 09:15:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"365016116" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5Jv0pkzRArjzR3hpbMR4kkuGo9CCLpONfzVR8SrdmAmUcLimWzhKg%2F%2F70%2FPlbkuoDBFM%2BDRikfsv%2Bk3uuy%2FFeWPkm7HdFQe14dfuxcM5D1hWPvtY8RHM2x9JFdMcCJFvD8cESK2IHKYpWnJ"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 cf-ray 7cec84b8ba8fb50b-OSL alt-svc h3=":443"; ma=86400
GET H2	200	ace-push.js Show response virtualpushplatform.com/	14 KB 5 KB	277ms 120ms	Script text/javascript	2606:4700:3037::6815:4392 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://virtualpushplatform.com/ace-push.js Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:4392 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8223ce1fe4adee1ad538aff400d2735eac21a87fea16c50ed9d70180a1ddbfd6` Request headers accept-language fi-FI,fi;q=0.9 Referer https://destinyfw.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 06:00:41 GMT content-encoding br cf-cache-status BYPASS last-modified Fri, 10 Feb 2023 12:37:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1d93d4c6f6742a1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGIhDQYj5M5%2FAy4e6Yp70scVeTaUeZHV671sWKerRHuV6EzdX1ug1%2F57hjOo366fEQBXwSi5Tv6otI9eHwkJFonEdzj%2F%2BZVv97cyn3h5bqQkDTovU3o87RXCLh9ZJEzsazdZKgCogVXR13BhjwRUYF9k0uvaZw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cf-ray 7cec84b9bfbcb4f1-OSL alt-svc h3=":443"; ma=86400
GET H3	200	logo.png destinyfw.xyz/images/	65 KB 65 KB	233ms 232ms	Image image/png	2606:4700:3036::6815:3f77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/logo.png Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:3f77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6a0a8080f4a518e4ea683497ecf8871c3a1aa69f492b0e0cbabe220ff8019f1a` Request headers accept-language fi-FI,fi;q=0.9 Referer https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 06:00:42 GMT cf-cache-status DYNAMIC last-modified Fri, 14 Apr 2023 09:15:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3372820535" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHQKaSHGa2nhxodoPvDwUQ5Xp0fhNO93QNe%2BVsgu3na6pBw4XMczA42YbF%2FnwuixlekNUkcE5aVnOe0j7YKKr27seIDj6bj7SXRDFWwYENSkmAm96YFtQw0AaalZfOFqmE6g6DOtpEgkF5nk"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 7cec84be4f23b50b-OSL alt-svc h3=":443"; ma=86400 content-length 66251
GET H3	200	package.png destinyfw.xyz/images/	17 KB 18 KB	723ms 723ms	Image image/png	2606:4700:3036::6815:3f77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/package.png Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:3f77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3b19eeb21d7fbd9b8b260e57c2d9198f83732339a9e3cbd5d2264f77e722df26` Request headers accept-language fi-FI,fi;q=0.9 Referer https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 06:00:42 GMT cf-cache-status DYNAMIC last-modified Fri, 14 Apr 2023 09:15:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3340804465" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5XjyLmYLafCWshKMKmfbo7k39Ie1jI3kVzXhrnd2cDyaLyJRUlUNtgMJxLY90r91TfHKLOiLMnqUeBdy3YXwJVcUKpi%2B0IFMq%2FFTp4a%2B%2BYuYx6Yzg2CdXfBjhUIHgPhN1moFn53581xvtCC"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 7cec84be5f2eb50b-OSL alt-svc h3=":443"; ma=86400 content-length 17622
GET H3	200	loading.gif destinyfw.xyz/images/	490 KB 491 KB	881ms 881ms	Image image/gif	2606:4700:3036::6815:3f77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/loading.gif Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:3f77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dd61c75f11dc5751a169179a16af82a97382eb701106d5a4fb114d93bb74815d` Request headers accept-language fi-FI,fi;q=0.9 Referer https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 06:00:42 GMT cf-cache-status DYNAMIC last-modified Fri, 14 Apr 2023 09:15:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1738273278" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePBa955vnnmpxButZaQ25aidIFyTmy%2FDJdyGn2VWhbcUyBOsOQSu6g7hpcDXnlyx8LOWJ7S15FNHCNOMZrg3O9L1deSpr%2BXmOtvWkbqdnJkkA0Pa9qqL4iUpySTwhoDd3e%2B00tB5ODZItWu2"}],"group":"cf-nel","max_age":604800} content-type image/gif accept-ranges bytes cf-ray 7cec84be5f2fb50b-OSL alt-svc h3=":443"; ma=86400 content-length 502226
GET H3	200	check.png destinyfw.xyz/images/	5 KB 5 KB	552ms 551ms	Image image/png	2606:4700:3036::6815:3f77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/check.png Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:3f77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `910138d05875d80d59bf575a8eb743ed78d3f23129ddc8111ca21884dee51c20` Request headers accept-language fi-FI,fi;q=0.9 Referer https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 06:00:42 GMT cf-cache-status DYNAMIC last-modified Fri, 14 Apr 2023 09:15:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3356848972" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ub8vzIVB9MLPKVUmv8Nzl03vidshPUi34pXAxdaPZx5Zr%2FAqqYvgvpBjPW%2BZ%2F0c57KdPtmveU4IBj60OT7Bf6QopNKaK6HLxj6XnV%2FTyGjewGII4L%2FP7eYZawgjvrdolxHsz5uEvKsRfKdmg"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 7cec84be5f30b50b-OSL alt-svc h3=":443"; ma=86400 content-length 5076
GET H3	200	product.png destinyfw.xyz/images/	14 KB 15 KB	346ms 346ms	Image image/png	2606:4700:3036::6815:3f77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://destinyfw.xyz/images/product.png Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:3f77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3cb9c5a643cf21f453637d1c5e4cca7fd5a2cda687e0b1711056508a52fe09a4` Request headers accept-language fi-FI,fi;q=0.9 Referer https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 06:00:42 GMT cf-cache-status DYNAMIC last-modified Fri, 14 Apr 2023 09:15:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1005052209" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6rfCXzlEn%2Fqt26vwhI511Upkvvo7iCJppxO7fc5h58GlPLQT9KIYI41hh4%2BI9vDL8ZnO1hKPWLOqqc%2BQ8S6NPDdLSUff9mTpI%2B6%2F9x7hdiUp%2FBzvvPQYmLbPf0fbMtwq%2F%2FjOOi%2FWK0VRD88"}],"group":"cf-nel","max_age":604800} content-type image/png accept-ranges bytes cf-ray 7cec84be5f31b50b-OSL alt-svc h3=":443"; ma=86400 content-length 14785
GET H3	200	script.js Show response destinyfw.xyz/js/	13 KB 1 KB	233ms 233ms	Script application/javascript	2606:4700:3036::6815:3f77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://destinyfw.xyz/js/script.js Requested by Host: destinyfw.xyz URL: https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::6815:3f77 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6b83282d850d687d049f53f4fd97aec0aa73981c65e77ea38487ae5500c05767` Request headers accept-language fi-FI,fi;q=0.9 Referer https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Mon, 29 May 2023 06:00:41 GMT content-encoding br cf-cache-status DYNAMIC last-modified Fri, 14 Apr 2023 09:15:22 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3314832207" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRa0i0jVpKiiT0In%2F0sRA%2FIIKSzOtL1NPjA0QbsFRXbmCIZq%2BfbgyF0c3ywydmeqjsSCGZkX7wAbMNcJKtS4HqwkUvaCrJKk9qFEEwhDk3%2Bg%2FxNxwjFertCvC5BhKNY8%2Bsy93KzZZYGdtd%2BT"}],"group":"cf-nel","max_age":604800} content-type application/javascript cf-ray 7cec84bd4e27b50b-OSL alt-svc h3=":443"; ma=86400
OPTIONS H2	200	visit pushserve.xyz/api/v1/	0 0	340ms 104ms	Preflight	20.50.64.3 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pushserve.xyz/api/v1/visit Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://destinyfw.xyz Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-origin * content-length 0 date Mon, 29 May 2023 06:00:42 GMT
POST H2	200	visit Show response pushserve.xyz/api/v1/	1 KB 2 KB	101ms 100ms	Fetch application/json	20.50.64.3 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://pushserve.xyz/api/v1/visit Requested by Host: virtualpushplatform.com URL: https://virtualpushplatform.com/ace-push.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.50.64.3 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Kestrel / Resource Hash `b3363883cddb4e0daa825b5c23b6ef0c512fc7eaab9b42939800f41bc4002b47` Request headers Referer https://destinyfw.xyz/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-type application/json Response headers access-control-allow-origin * date Mon, 29 May 2023 06:00:42 GMT server Kestrel content-length 1492 content-type application/json; charset=utf-8
OPTIONS H3	200	log-client-error virtualpushplatform.com/api/v1/visit/	0 0	355ms 272ms	Preflight	2606:4700:3037::6815:4392 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://virtualpushplatform.com/api/v1/visit/log-client-error Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:4392 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept / Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://destinyfw.xyz Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7cec84c59da2b51b-OSL content-length 0 date Mon, 29 May 2023 06:00:43 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krcZbe%2B%2F1%2FWqtb8DZXAbub1Bn%2BluE69JqQ0XDYHGsCAynmSlaPyYFZS4%2FhUJhPs2kQVtL1848ODkCQWQ%2Fso5y%2B1N%2FJenOz4WTUpgqW1uH6Id5oQhCOM%2FIQNvbDU4CYAsDFXz87M0hQkjBfi8Vv8mwO5MKUKxmQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
POST H3	200	log-client-error virtualpushplatform.com/api/v1/visit/	0 0	274ms 268ms	Fetch	2606:4700:3037::6815:4392 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://virtualpushplatform.com/api/v1/visit/log-client-error Requested by Host: virtualpushplatform.com URL: https://virtualpushplatform.com/ace-push.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:4392 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://destinyfw.xyz/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Content-type application/json Response headers date Mon, 29 May 2023 06:00:43 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDmOh5l4DXVilin6JklmslxFfcgJhcOPgEFh17zgQUhjcHY%2BkfGveH5xe6NHO8h4bFcYICIJHcKW0lNjtRLAdNdte2wSpS05Gw3AX3IcJSbQT6FHlJnklMHSylC2XgnaUGhUdUCX0y22ntpUw8beWEpgEKVL1g%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7cec84c75f73b51b-OSL alt-svc h3=":443"; ma=86400 content-length 0

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
85.143.174.199/	1970-01-20 12:09:07	Name: XSRF-TOKEN Value: eyJpdiI6ImVPVDB4alBtQkxibkJic2tqcytzSnc9PSIsInZhbHVlIjoiOGhWWHR5c3JsSklGUmtxSmtNUWNhU0t5eUJDWDRMZCtUQ0xSbWF0SVREdWM4M0NBNEZmbFFHakwvancyY2ZBalVFSXRkTjVLNGJVZG5VcjcwSk0zRGhReWlFMGN4WVBTU3BxeDh5Qm1jb3lOK2d2aDVBaS90TU1IUzV0eHNNS0EiLCJtYWMiOiI4OTBjZGQwY2M0YTVhZWE5YTUzZWRjMTc4OTA1NzA4OWQxMjBhZmI1ZWZjMjgxZTQxYjZlOGY0N2NmYmE5ZWU3IiwidGFnIjoiIn0%3D
85.143.174.199/	1970-01-20 12:09:07	Name: laravel_session Value: eyJpdiI6IktwMzhqQUdxNlloQXNmT3pCN0h2ZEE9PSIsInZhbHVlIjoiN2hiSjRjYXhBQ1R4Umhta1dqUVZmbURWQzZFMlFXaGJ1OVduQllwNEZ3ekxocEdDcEx1ZmpVZ1dCQ29YU0twQUY4MDJHQ215cXRxeThZbDN5RmpOKytiRm1YZzJGTDV4dlBIOEl2aGI1SWZ2SnNMRlpPV2JtUHpCWnBFNjJ1TmoiLCJtYWMiOiJkOTllYjU1YjhmZTcwMzc3YzhkZjFkOGY1MWQ4OWM4MmNkM2JhMDExYjc4YzNmNGFiYjk0MGEzNjMwYTY2ZWM0IiwidGFnIjoiIn0%3D
www.lpredirect.com/	1970-01-20 12:10:26	Name: uniqueClick_DHP7FXN Value: bf4291b2-a4a9-4e02-8b8c-786393825f1a:1685340039
www.lpredirect.com/	1970-01-20 14:18:36	Name: transaction_id Value: 6a07b2d57e314744b92060a08b2409dc
destinyfw.xyz/	1969-12-31 23:59:59	Name: SESSIONIDS Value: dhdqzNMTQ6
.virtualpushplatform.com/	1970-01-20 12:09:03	Name: TiPMix Value: 2.1697757631634063
.virtualpushplatform.com/	1970-01-20 12:09:03	Name: x-ms-routing-name Value: self

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://destinyfw.xyz/?encoded_value=24QSBG&sub1=9bbe73612d7a458c8c375bc7d2922aee&sub2=&sub3=&sub4=&sub5= Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amz.run
destinyfw.xyz
pushserve.xyz
virtualpushplatform.com
www.deals2cantia.com
www.lpredirect.com
141.95.107.214
151.101.65.195
20.50.64.3
2606:4700:3036::6815:3f77
2606:4700:3037::6815:4392
34.117.79.165
85.143.174.199
2d9eab540d8cf223b38041464c2fb6e7b7ed61e2d0052143b08ae1fc56cb071f
324fcaa022e7461f0e9307fc28b74c1b293d1ef7a5629271770e36394d200a23
3b19eeb21d7fbd9b8b260e57c2d9198f83732339a9e3cbd5d2264f77e722df26
3cb9c5a643cf21f453637d1c5e4cca7fd5a2cda687e0b1711056508a52fe09a4
4c055e6d0d9ba2b8f1be4719110e92c1b9499ed0759f0d1c48fccd16a7b31dcf
6a0a8080f4a518e4ea683497ecf8871c3a1aa69f492b0e0cbabe220ff8019f1a
6b83282d850d687d049f53f4fd97aec0aa73981c65e77ea38487ae5500c05767
8223ce1fe4adee1ad538aff400d2735eac21a87fea16c50ed9d70180a1ddbfd6
910138d05875d80d59bf575a8eb743ed78d3f23129ddc8111ca21884dee51c20
b3363883cddb4e0daa825b5c23b6ef0c512fc7eaab9b42939800f41bc4002b47
dd61c75f11dc5751a169179a16af82a97382eb701106d5a4fb114d93bb74815d

destinyfw.xyz Open in urlscan Pro 2606:4700:3036::6815:3f77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

93 %HTTPS

29 %IPv6

6 Domains

6 Subdomains

4 IPs

4 Countries

614 kBTransfer

701 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

7 Cookies

1 Console Messages

Indicators

destinyfw.xyz Open in urlscan Pro
2606:4700:3036::6815:3f77 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

93 %
HTTPS

29 %
IPv6

6
Domains

6
Subdomains

4
IPs

4
Countries

614 kB
Transfer

701 kB
Size

7
Cookies

15 HTTP transactions
0 data transactions