www2.mixdealdowngradeaflash.icu
Open in
urlscan Pro
18.211.136.211
Public Scan
Effective URL: https://www2.mixdealdowngradeaflash.icu/?3281yba=yTGmk142u_AH3OmLxPAk_VZpsQwcioqI4RWRSWNNvO4iD7irybz6LK2CbztkOp4s2bD2Q3-P5tfQ6GVkl0aQyA....
Submission: On November 28 via manual from PH
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on November 17th 2018. Valid for: 3 months.
This is the only time www2.mixdealdowngradeaflash.icu was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 95.211.219.67 95.211.219.67 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
2 2 | 108.168.193.189 108.168.193.189 | 36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.) | |
1 | 52.57.135.107 52.57.135.107 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 | 18.195.195.71 18.195.195.71 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 35.168.24.149 35.168.24.149 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 1 | 18.235.71.50 18.235.71.50 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 18.211.136.211 18.211.136.211 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 2606:4700::68... 2606:4700::6813:c597 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
6 | 5 |
ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com
mybestmv.com | |
p185689.mybestmv.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-135-107.eu-central-1.compute.amazonaws.com
comptian-worsects.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-195-71.eu-central-1.compute.amazonaws.com
comptian-worsects.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-168-24-149.compute-1.amazonaws.com
v2.adpiano.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-235-71-50.compute-1.amazonaws.com
www.getbestflareaflash.icu |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-211-136-211.compute-1.amazonaws.com
www2.mixdealdowngradeaflash.icu |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
comptian-worsects.com
comptian-worsects.com |
2 KB |
2 |
mybestmv.com
2 redirects
mybestmv.com p185689.mybestmv.com |
1 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
6 KB |
1 |
mixdealdowngradeaflash.icu
www2.mixdealdowngradeaflash.icu |
294 KB |
1 |
getbestflareaflash.icu
1 redirects
www.getbestflareaflash.icu |
489 B |
1 |
adpiano.com
v2.adpiano.com Failed |
338 B |
1 |
fotocajon.com
1 redirects
fotocajon.com |
2 KB |
6 | 7 |
Domain | Requested by | |
---|---|---|
2 | comptian-worsects.com | |
1 | cdnjs.cloudflare.com |
www2.mixdealdowngradeaflash.icu
|
1 | www2.mixdealdowngradeaflash.icu | |
1 | www.getbestflareaflash.icu | 1 redirects |
1 | v2.adpiano.com | |
1 | p185689.mybestmv.com | 1 redirects |
1 | mybestmv.com | 1 redirects |
1 | fotocajon.com | 1 redirects |
6 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
comptian-worsects.com COMODO RSA Domain Validation Secure Server CA |
2018-08-10 - 2019-08-10 |
a year | crt.sh |
www2.mixdealdowngradeaflash.icu Let's Encrypt Authority X3 |
2018-11-17 - 2019-02-15 |
3 months | crt.sh |
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2018-09-22 - 2019-03-31 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www2.mixdealdowngradeaflash.icu/?3281yba=yTGmk142u_AH3OmLxPAk_VZpsQwcioqI4RWRSWNNvO4iD7irybz6LK2CbztkOp4s2bD2Q3-P5tfQ6GVkl0aQyA..&cid=wCU1HQLVGN85VVHIH4DCP068&sid=340&v_id=gEfEq_OjzIBAJ0PYlkyRGfycxNMD1ClSek4BYwI3z7Y.
Frame ID: 623352D37C5783C695836E3C134A6507
Requests: 9 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://fotocajon.com/
HTTP 302
http://mybestmv.com/aS/feedclick?s=Un8YNmzNixqNivbFmjmTAubIryAadW7-3rpQh3DdoypUKk9JO4ddMqd73pnnD... HTTP 302
http://p185689.mybestmv.com/adServe/domainClick?ai=30AGLxYm2rB7MsPxKaJ4hJ8uxg8hfhQu7ACnlUPzrKG407H84asSw... HTTP 302
https://comptian-worsects.com/0f75e619-fd5c-44a1-ae5b-d9b729d38433?var1=340&source=301943432&kw=foto+cajon... Page URL
- https://comptian-worsects.com/redirect?target=BASE64aHR0cHM6Ly92Mi5hZHBpYW5vLmNvbS9kZTMxZzF5L2oxNGhudmhhZD... Page URL
-
https://v2.adpiano.com/de31g1y/j14hnvhad?utm_source=15756&utm_campaign=757774&sid=340&clck=wCU1HQLV...
HTTP 302
https://www.getbestflareaflash.icu/?3281yba=LkDFtl0zDo8eJZZd7VqBy2E2BfQFi9qcRBkS2WoXyqo.&cid=wCU1HQLVGN85VVHIH4... HTTP 302
https://www2.mixdealdowngradeaflash.icu/?3281yba=yTGmk142u_AH3OmLxPAk_VZpsQwcioqI4RWRSWNNvO4iD7irybz6LK2CbztkOp4s2bD... Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
HeadJS (JavaScript Libraries) Expand
Detected patterns
- env /^head$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://fotocajon.com/
HTTP 302
http://mybestmv.com/aS/feedclick?s=Un8YNmzNixqNivbFmjmTAubIryAadW7-3rpQh3DdoypUKk9JO4ddMqd73pnnDH6ohvzYfNFjJsIjeRAqbTvnp_5PY7DAm2XxOkHel4U4pfpg6RfU48Vyi6YZ_8dAZcE4MLekFlfWsTpfBjRhq2gpKC3YnqmDhMigCgDuHiz9ENIJYPej9r9soV28MLY2AhDTpiguVpgGgzhtx0aji1fQMCfPKENZopw_yj1vTUE9cBx8dE0Z_T0wguZtpnNBzvkNJy4fJi1WerEfOjYTTmcvXfV0uYUbw-v3_K7bmG6zEdEA-IncDRQ2Vrq8p6tucaSg3ExZvaVUr0dLQW6fdQYlYPhJhk8oZXVi8iiSKzDaOefPkwX3bpOpdBqLvGjrjtEPDuEWhGbpWFBxUd-11Mth4z9NWohMQghl8ZH5sezx3tiSQsyiFDo4u_hTyU9eLpNoZuluKZIpR5D35osCs_hDOw8UFn78sK16c8_ac6dKg3WpncAjpcaB0PIUDXmzuJLRr6J5RJV-t4TFFiYzVhtl6MLwRCTYsYmtpq9WWlP5D6yDwFtWSotMzRxE8_i5PNpMFdGi8d_I7QB_Rm7lLSRhb_Yn80FhPIGbxLqmtjKwDOi2qalzdz3EEkZOWIBNeKUMQ1t1UgEQGQriHx_DgOt69bFdO4a6i48FGv-CrIjzB1K7Owp4_2DqTSByqC8NDOrQ75MMG18YjJjgPm2TPwtfJsuetHUNKAfmB8wdJR6KvdLA_ceX22fznJf67UnECWtU-1SKmLZZp2M9qyFR2vqD_IQ0ERUvITNCgzHn1edUG_ThSmKpHa5wZQstZhVbmNXHgaAngn19YDAyMJ-VrezGZvbwCo99VEOgci82YcqNXwWKMQEXfQTO3qgejVIrehRGC0Wy4qwZ9KUUarbi3qQuL6Y67z-BLKjg9GDKnlp02efeYyJBEGS0VePW_zIhtML8oJ4APUi-E1o_yxSmkH3QiP7drWZ7AKsdnlXnbriY7IcCs1Y4qVHd2rcsHJL3BgCnvXJKYJbGdu2M43HctUWGfKT6Ifj6CGUXDd6khgw1xizex3btw87HaAp4fFE_zlx7_Kbc8xtuWKx-wwWZE6djS2-unEQ-J1auuLkOK4xQy3Pq8THCDMRmfA3epIYMNcYsXWka4GaDehxRtgE-BiBRdgV5sYyIQdQaQcO941xXs67UQRszycLcNcTSj6JcTelAh7VqYwJmbDKh0Upd-LOXNw_DKqAwmSNfUdB9f1oV4uKAUt9qY9fx8CCs6_xyOJ7eOYwwqJPWDKwb0stcngH55yS2_DKxPkd5 HTTP 302
http://p185689.mybestmv.com/adServe/domainClick?ai=30AGLxYm2rB7MsPxKaJ4hJ8uxg8hfhQu7ACnlUPzrKG407H84asSwe8_s996SlAozDepVN2hqaw_RFaBcwr6-p1LGVWYVlTz_tvSyZhB3Zme2-kMvWtZhwO-x1_DSuzSUGjXgOCu-vDr2iPLc49PEcCzJWiv21BheTWpCUU7Q9X1psTDsRrlvDgYac-y6eWm-BXDYmtTwnuCWrhaiJME1alM2nmIUo8KOMM3uHGhqQ7wHQ8XzWThVcVnwTvz4JH_S4_YcX9EiZNLVX1G33FwFCZz1sNG2ry8bhUhS89BCUkXu88wSWywELxBhUNI1iZDeG75T0AK4q1x6QIhKEl2-24Ho5c3-uyByYQap6RQGI_Hxn4EOZqHGWX6S1YKPDR-LaZPcWgqR_IYWSC7Q6bHvMTeGuqtTGQT&ui=Un8YNmzNixqNivbFmjmTAlY37AsT2AewLeMtoliSMNwZr2M7sGjKI1RR7wijvABIZdEwF24_cjdNofl2LpFPVGpysoHlXKQ-pV5tbBw_TUTTNE22bY8Ecw&si=1&oref=d0d95da11708ce662e9c4c1ce9e49bb5&rb=HZ1YWkFkjTI&rb=0 HTTP 302
https://comptian-worsects.com/0f75e619-fd5c-44a1-ae5b-d9b729d38433?var1=340&source=301943432&kw=foto+cajon&geo=DE&carrier=UNKNOWN&campaignname=MacKeeper+%28DE%29+SA%2BCH&bid=0.0171 Page URL
- https://comptian-worsects.com/redirect?target=BASE64aHR0cHM6Ly92Mi5hZHBpYW5vLmNvbS9kZTMxZzF5L2oxNGhudmhhZD91dG1fc291cmNlPTE1NzU2JnV0bV9jYW1wYWlnbj03NTc3NzQmc2lkPTM0MCZjbGNrPXdDVTFIUUxWR044NVZWSElINERDUDA2OA&ts=1543390550302&hash=HNCiN2u4uEtXVrPT26QMQ-GsPl3r3jFT50sA1bfoKVE&rm=DJ Page URL
-
https://v2.adpiano.com/de31g1y/j14hnvhad?utm_source=15756&utm_campaign=757774&sid=340&clck=wCU1HQLVGN85VVHIH4DCP068
HTTP 302
https://www.getbestflareaflash.icu/?3281yba=LkDFtl0zDo8eJZZd7VqBy2E2BfQFi9qcRBkS2WoXyqo.&cid=wCU1HQLVGN85VVHIH4DCP068&sid=340 HTTP 302
https://www2.mixdealdowngradeaflash.icu/?3281yba=yTGmk142u_AH3OmLxPAk_VZpsQwcioqI4RWRSWNNvO4iD7irybz6LK2CbztkOp4s2bD2Q3-P5tfQ6GVkl0aQyA..&cid=wCU1HQLVGN85VVHIH4DCP068&sid=340&v_id=gEfEq_OjzIBAJ0PYlkyRGfycxNMD1ClSek4BYwI3z7Y. Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://fotocajon.com/ HTTP 302
- http://mybestmv.com/aS/feedclick?s=Un8YNmzNixqNivbFmjmTAubIryAadW7-3rpQh3DdoypUKk9JO4ddMqd73pnnDH6ohvzYfNFjJsIjeRAqbTvnp_5PY7DAm2XxOkHel4U4pfpg6RfU48Vyi6YZ_8dAZcE4MLekFlfWsTpfBjRhq2gpKC3YnqmDhMigCgDuHiz9ENIJYPej9r9soV28MLY2AhDTpiguVpgGgzhtx0aji1fQMCfPKENZopw_yj1vTUE9cBx8dE0Z_T0wguZtpnNBzvkNJy4fJi1WerEfOjYTTmcvXfV0uYUbw-v3_K7bmG6zEdEA-IncDRQ2Vrq8p6tucaSg3ExZvaVUr0dLQW6fdQYlYPhJhk8oZXVi8iiSKzDaOefPkwX3bpOpdBqLvGjrjtEPDuEWhGbpWFBxUd-11Mth4z9NWohMQghl8ZH5sezx3tiSQsyiFDo4u_hTyU9eLpNoZuluKZIpR5D35osCs_hDOw8UFn78sK16c8_ac6dKg3WpncAjpcaB0PIUDXmzuJLRr6J5RJV-t4TFFiYzVhtl6MLwRCTYsYmtpq9WWlP5D6yDwFtWSotMzRxE8_i5PNpMFdGi8d_I7QB_Rm7lLSRhb_Yn80FhPIGbxLqmtjKwDOi2qalzdz3EEkZOWIBNeKUMQ1t1UgEQGQriHx_DgOt69bFdO4a6i48FGv-CrIjzB1K7Owp4_2DqTSByqC8NDOrQ75MMG18YjJjgPm2TPwtfJsuetHUNKAfmB8wdJR6KvdLA_ceX22fznJf67UnECWtU-1SKmLZZp2M9qyFR2vqD_IQ0ERUvITNCgzHn1edUG_ThSmKpHa5wZQstZhVbmNXHgaAngn19YDAyMJ-VrezGZvbwCo99VEOgci82YcqNXwWKMQEXfQTO3qgejVIrehRGC0Wy4qwZ9KUUarbi3qQuL6Y67z-BLKjg9GDKnlp02efeYyJBEGS0VePW_zIhtML8oJ4APUi-E1o_yxSmkH3QiP7drWZ7AKsdnlXnbriY7IcCs1Y4qVHd2rcsHJL3BgCnvXJKYJbGdu2M43HctUWGfKT6Ifj6CGUXDd6khgw1xizex3btw87HaAp4fFE_zlx7_Kbc8xtuWKx-wwWZE6djS2-unEQ-J1auuLkOK4xQy3Pq8THCDMRmfA3epIYMNcYsXWka4GaDehxRtgE-BiBRdgV5sYyIQdQaQcO941xXs67UQRszycLcNcTSj6JcTelAh7VqYwJmbDKh0Upd-LOXNw_DKqAwmSNfUdB9f1oV4uKAUt9qY9fx8CCs6_xyOJ7eOYwwqJPWDKwb0stcngH55yS2_DKxPkd5 HTTP 302
- http://p185689.mybestmv.com/adServe/domainClick?ai=30AGLxYm2rB7MsPxKaJ4hJ8uxg8hfhQu7ACnlUPzrKG407H84asSwe8_s996SlAozDepVN2hqaw_RFaBcwr6-p1LGVWYVlTz_tvSyZhB3Zme2-kMvWtZhwO-x1_DSuzSUGjXgOCu-vDr2iPLc49PEcCzJWiv21BheTWpCUU7Q9X1psTDsRrlvDgYac-y6eWm-BXDYmtTwnuCWrhaiJME1alM2nmIUo8KOMM3uHGhqQ7wHQ8XzWThVcVnwTvz4JH_S4_YcX9EiZNLVX1G33FwFCZz1sNG2ry8bhUhS89BCUkXu88wSWywELxBhUNI1iZDeG75T0AK4q1x6QIhKEl2-24Ho5c3-uyByYQap6RQGI_Hxn4EOZqHGWX6S1YKPDR-LaZPcWgqR_IYWSC7Q6bHvMTeGuqtTGQT&ui=Un8YNmzNixqNivbFmjmTAlY37AsT2AewLeMtoliSMNwZr2M7sGjKI1RR7wijvABIZdEwF24_cjdNofl2LpFPVGpysoHlXKQ-pV5tbBw_TUTTNE22bY8Ecw&si=1&oref=d0d95da11708ce662e9c4c1ce9e49bb5&rb=HZ1YWkFkjTI&rb=0 HTTP 302
- https://comptian-worsects.com/0f75e619-fd5c-44a1-ae5b-d9b729d38433?var1=340&source=301943432&kw=foto+cajon&geo=DE&carrier=UNKNOWN&campaignname=MacKeeper+%28DE%29+SA%2BCH&bid=0.0171
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
0f75e619-fd5c-44a1-ae5b-d9b729d38433
comptian-worsects.com/ Redirect Chain
|
856 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
redirect
comptian-worsects.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
redirect
comptian-worsects.com/ |
522 B 816 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
j14hnvhad
v2.adpiano.com/de31g1y/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
/
www2.mixdealdowngradeaflash.icu/ Redirect Chain
|
430 KB 294 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ua-parser.min.js
cdnjs.cloudflare.com/ajax/libs/UAParser.js/0.7.18/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
26 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
15 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
14 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- comptian-worsects.com
- URL
- https://comptian-worsects.com/redirect?target=BASE64aHR0cHM6Ly92Mi5hZHBpYW5vLmNvbS9kZTMxZzF5L2oxNGhudmhhZD91dG1fc291cmNlPTE1NzU2JnV0bV9jYW1wYWlnbj03NTc3NzQmc2lkPTM0MCZjbGNrPXdDVTFIUUxWR044NVZWSElINERDUDA2OA&ts=1543390550302&hash=HNCiN2u4uEtXVrPT26QMQ-GsPl3r3jFT50sA1bfoKVE&rm=DJ
- Domain
- v2.adpiano.com
- URL
- https://v2.adpiano.com/de31g1y/j14hnvhad?utm_source=15756&utm_campaign=757774&sid=340&clck=wCU1HQLVGN85VVHIH4DCP068
Verdicts & Comments Add Verdict or Comment
26 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| UAParser object| d object| user object| $links object| $overlay object| $window object| steps function| isElement function| onClick function| replaceText function| prepareSteps function| showSteps string| host string| pdi_param_1 number| pdi_param_2 number| pdi_param_3 string| pdi_start_url object| head object| css object| adVars function| goToAd function| setFilterEffect function| close_modal_ad function| showModalAd function| httpGetAsync object| dlobj3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www2.mixdealdowngradeaflash.icu/ | Name: lp_id Value: 2454 |
|
www2.mixdealdowngradeaflash.icu/ | Name: dist_id Value: 3651 |
|
www2.mixdealdowngradeaflash.icu/ | Name: channel Value: grx_aug_de_test |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
comptian-worsects.com
fotocajon.com
mybestmv.com
p185689.mybestmv.com
v2.adpiano.com
www.getbestflareaflash.icu
www2.mixdealdowngradeaflash.icu
comptian-worsects.com
v2.adpiano.com
108.168.193.189
18.195.195.71
18.211.136.211
18.235.71.50
2606:4700::6813:c597
35.168.24.149
52.57.135.107
95.211.219.67
019e4232099e505119edc52f1fe815864a46f4190ff147620c5f454d03881d93
6f89e4af43c454543512a5e04b6cb36711312723781af57b3c53abe14650264f
7cce0a3aeeb0cfd9b2c9524b7949df15fe18beceb59530e6e73e267ec33e8b19
8c5d5209dc5ba7581664cefb7401bad7778f5f00427680adefdd833053781967
a11bdefe5f3317ce495ff60c664f979d4ecc89f17c3ba1299246b94bdb189ffb
add554ae6eb172aacf9f78ba2b4bd7149c0ad84c4e5f424fee8aa0ac09d0e7ca
b12ed91dd5bbd851580d3b75af956ccb197b8fb04f623e70709456367842d7a6