24newsoft.yourbestcontentsonweb.xyz
Open in
urlscan Pro
163.172.199.47
Public Scan
Effective URL: https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&...
Submission: On March 13 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on January 25th 2019. Valid for: 3 months.
This is the only time 24newsoft.yourbestcontentsonweb.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 159.69.42.212 159.69.42.212 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:816::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 144.76.0.242 144.76.0.242 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 94.130.185.237 94.130.185.237 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 94.130.186.231 94.130.186.231 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 2 | 188.42.162.193 188.42.162.193 | 35415 (WEBZILLA) (WEBZILLA) | |
1 | 88.85.66.186 88.85.66.186 | 35415 (WEBZILLA) (WEBZILLA) | |
1 | 188.42.160.69 188.42.160.69 | 35415 (WEBZILLA) (WEBZILLA) | |
2 2 | 51.68.19.23 51.68.19.23 | 16276 (OVH) (OVH) | |
1 1 | 51.158.25.238 51.158.25.238 | 12876 (AS12876) (AS12876) | |
1 | 163.172.199.47 163.172.199.47 | 12876 (AS12876) (AS12876) | |
7 | 2600:9000:200... 2600:9000:200d:a000:1c:adf9:fc40:21 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
17 | 10 |
ASN24940 (HETZNER-AS, DE)
PTR: static.212.42.69.159.clients.your-server.de
citiesclick.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.242.0.76.144.clients.your-server.de
track.tkbo.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.237.185.130.94.clients.your-server.de
track.tkbo.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.231.186.130.94.clients.your-server.de
track.traffic.club |
ASN12876 (AS12876, FR)
PTR: 51-158-25-238.rev.poneytelecom.eu
www.linktoconfigingsavevideo.icu |
ASN12876 (AS12876, FR)
PTR: 163-172-199-47.rev.poneytelecom.eu
24newsoft.yourbestcontentsonweb.xyz |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d25ngfp8ma2ho1.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
cloudfront.net
d25ngfp8ma2ho1.cloudfront.net |
88 KB |
2 |
adexc.net
2 redirects
adexc.net |
669 B |
2 |
bestadbid.com
1 redirects
bestadbid.com |
7 KB |
2 |
traffic.club
track.traffic.club |
763 B |
2 |
tkbo.com
track.tkbo.com |
1 KB |
1 |
yourbestcontentsonweb.xyz
24newsoft.yourbestcontentsonweb.xyz |
3 KB |
1 |
linktoconfigingsavevideo.icu
1 redirects
www.linktoconfigingsavevideo.icu |
402 B |
1 |
rtmark.net
my.rtmark.net |
366 B |
1 |
trecurlik.com
trecurlik.com |
162 B |
1 |
google-analytics.com
www.google-analytics.com |
17 KB |
1 |
citiesclick.com
citiesclick.com |
2 KB |
17 | 11 |
Domain | Requested by | |
---|---|---|
7 | d25ngfp8ma2ho1.cloudfront.net |
24newsoft.yourbestcontentsonweb.xyz
|
2 | adexc.net | 2 redirects |
2 | bestadbid.com |
1 redirects
track.traffic.club
|
2 | track.traffic.club |
track.tkbo.com
track.traffic.club |
2 | track.tkbo.com |
citiesclick.com
track.tkbo.com |
1 | 24newsoft.yourbestcontentsonweb.xyz |
bestadbid.com
|
1 | www.linktoconfigingsavevideo.icu | 1 redirects |
1 | my.rtmark.net |
bestadbid.com
|
1 | trecurlik.com |
bestadbid.com
|
1 | www.google-analytics.com |
citiesclick.com
|
1 | citiesclick.com | |
17 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
citiesclick.com Let's Encrypt Authority X3 |
2019-03-13 - 2019-06-11 |
3 months | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
track.tkbo.com Sectigo RSA Domain Validation Secure Server CA |
2019-02-27 - 2020-02-27 |
a year | crt.sh |
traffic.club GlobeSSL DV Certification Authority 2 |
2019-01-07 - 2021-01-06 |
2 years | crt.sh |
24newsoft.yourbestcontentsonweb.xyz Let's Encrypt Authority X3 |
2019-01-25 - 2019-04-25 |
3 months | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2018-10-08 - 2019-10-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA.
Frame ID: 7EE62557DB87D6590B79386E53DA00FE
Requests: 17 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://citiesclick.com/ Page URL
- http://track.tkbo.com/?mid=138&f=138&domain=citiesclick.com Page URL
- https://track.tkbo.com/go.php?mid=138&f=138&domain=citiesclick.com&ref= Page URL
- https://track.traffic.club/helper/forward.php?target=aHR0cDovL2Jlc3RhZGJpZC5jb20vYWZ1LnBocD96b25laWQ9MT... Page URL
- https://track.traffic.club/helper/forward.php Page URL
- http://bestadbid.com/afu.php?zoneid=1407735 Page URL
-
http://bestadbid.com/?r=%2Fmb%2Fhan&pbk3=4f2aefb6ef00f021086d69fd09bc07746667811504115020951&empt...
HTTP 302
https://adexc.net/partner-lmudj/?ref_prm=0961&cid=129634725512884224&pub_sd=1407735&adprm=5&ad... HTTP 302
https://adexc.net/partner-lmudj/process.php?ad_spv=7465&adprm=5&pub_sd=1407735&5&prod=9&ad_uni... HTTP 302
https://www.linktoconfigingsavevideo.icu/rrr?b9zd1=U58fvaq6GMsxJYyG1QLXZ6h_gHWQ6BA4ywv1VD73ku0.&cid=12963472551288422... HTTP 302
https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n... Page URL
Detected technologies
Lua (Programming Languages) ExpandDetected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
OpenResty (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://citiesclick.com/ Page URL
- http://track.tkbo.com/?mid=138&f=138&domain=citiesclick.com Page URL
- https://track.tkbo.com/go.php?mid=138&f=138&domain=citiesclick.com&ref= Page URL
- https://track.traffic.club/helper/forward.php?target=aHR0cDovL2Jlc3RhZGJpZC5jb20vYWZ1LnBocD96b25laWQ9MTQwNzczNQ==&hash=5ad5f6186dc0a6c2e1c03c27c49d2545 Page URL
- https://track.traffic.club/helper/forward.php Page URL
- http://bestadbid.com/afu.php?zoneid=1407735 Page URL
-
http://bestadbid.com/?r=%2Fmb%2Fhan&pbk3=4f2aefb6ef00f021086d69fd09bc07746667811504115020951&empty=0&uuid=30357b90-132f-4b56-8a3a-dca4006132aa&ad_scheme=1&rotation_type=25&ppucounter=0&first_visit=0&on_test=1&offer_views=0&ab_test=2999&adparams=bm9qcz0w&ip=374b1235a862bf574d813dfea74222be&zoneid=1407735&x=1600&y=1200&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=http%3A%2F%2Fbestadbid.com%2Fafu.php%3Fzoneid%3D1365143%26var%3D1407735&drf=&np=0&pt=0&nb=1&ng=1&dm=undefined&cf=0&nw=1&hil=undefined&id=c4a8267c1841b05ec4f130b18646f96c&co=1&rf=0&hs=d01d492f13aec958676a3d4656a2a36c&ix=0&fs=0&sf_type=1&timeout=0
HTTP 302
https://adexc.net/partner-lmudj/?ref_prm=0961&cid=129634725512884224&pub_sd=1407735&adprm=5&ad_spv=7465 HTTP 302
https://adexc.net/partner-lmudj/process.php?ad_spv=7465&adprm=5&pub_sd=1407735&5&prod=9&ad_unit_id=6&creative_id=6&sid=7&t=1457603843840&rh=6&utm_source=8=referral&adserver=adsrv1&aff=0961&referal=129634725512884224 HTTP 302
https://www.linktoconfigingsavevideo.icu/rrr?b9zd1=U58fvaq6GMsxJYyG1QLXZ6h_gHWQ6BA4ywv1VD73ku0.&cid=129634725512884224&sub=1407735 HTTP 302
https://24newsoft.yourbestcontentsonweb.xyz/?b9zd1=ZHZUb_a5ZGU8A82I7GqnKk_fTu4Yb_Z-UjT7Zv49UTAzb-5joUklxaNXHPkmfVXuDKP8n5AALMWY56JvjqeOvQ..&cid=129634725512884224&sub=1407735&v_id=B7ZbOw0Raegx3lregXzKOakpXUlxxAvbklH1fxPCLdA. Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
citiesclick.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
track.tkbo.com/ |
737 B 749 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
go.php
track.tkbo.com/ |
610 B 704 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forward.php
track.traffic.club/helper/ |
129 B 367 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
forward.php
track.traffic.club/helper/ |
153 B 396 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
afu.php
bestadbid.com/ |
12 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sc.php
trecurlik.com/ |
0 162 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
img.gif
my.rtmark.net/ |
43 B 366 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
/
24newsoft.yourbestcontentsonweb.xyz/ Redirect Chain
|
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mac4GERedt.png
d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
downloadgif.gif
d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/ |
12 KB 12 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
downloadactive.png
d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ok.png
d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
okactive.png
d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
okactive@2x.png
d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
downloadactive@2x.png
d25ngfp8ma2ho1.cloudfront.net/lps/flash_mac/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| onDownloadButtonClicked object| dlobj3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
24newsoft.yourbestcontentsonweb.xyz/ | Name: lp_id Value: 2272 |
|
24newsoft.yourbestcontentsonweb.xyz/ | Name: dist_id Value: 7436 |
|
24newsoft.yourbestcontentsonweb.xyz/ | Name: channel Value: lep_macDE_jan2 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
24newsoft.yourbestcontentsonweb.xyz
adexc.net
bestadbid.com
citiesclick.com
d25ngfp8ma2ho1.cloudfront.net
my.rtmark.net
track.tkbo.com
track.traffic.club
trecurlik.com
www.google-analytics.com
www.linktoconfigingsavevideo.icu
144.76.0.242
159.69.42.212
163.172.199.47
188.42.160.69
188.42.162.193
2600:9000:200d:a000:1c:adf9:fc40:21
2a00:1450:4001:816::200e
51.158.25.238
51.68.19.23
88.85.66.186
94.130.185.237
94.130.186.231
2755c2a109a7dc442afa20ab5ea319eca18f94a8ea7c05e2dddb6e1264501e23
2817da2ae5e4f15a2ee4c44f41df8c5a3567c17803d5c0bc2d44a48b0d1bab9f
36972f3fc5b47dd031ce17c3e02045917cef4b8ccda24febdaa90667d6998588
5fec405c8610a074c07a57f58be0acafd88da9c3d4fa5647f3d645a431fedaf9
60bc686d0dbd4a721a5b96df034ac04067756297cf097ad6f4338b0e37c95af1
85ca0e8a71da7cb9f6da2faad0b491818b83b721a03dd71a9e6c1fd23cc355fe
911a71457c0146a07bd5d48ef8556f7a802c9feddf63d59750453ff76a443484
a8b80ca1f74242b77cbf0ac6ec3e8076757aa54578434944a4e4df767c9cf6ad
d714e144f5890b10e5bfb765e0ea6c31737ee11031131a0c306cc2645ef7ba81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855