xovzrd.findiover.net
Open in
urlscan Pro
52.19.101.114
Public Scan
Effective URL: https://xovzrd.findiover.net/c/1e3a4e532f1c7040?s1=144562&s2=1335143&j1=1&j3=1&j8=1&click_id=a_631caba4f0120700012286de&s3=20164
Submission: On September 10 via manual from PL — Scanned from DE
Summary
TLS certificate: Issued by R3 on July 26th 2022. Valid for: 3 months.
This is the only time xovzrd.findiover.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 91.215.42.31 91.215.42.31 | 57724 (DDOS-GUARD) (DDOS-GUARD) | |
2 | 185.129.100.100 185.129.100.100 | 57724 (DDOS-GUARD) (DDOS-GUARD) | |
1 1 | 157.245.233.39 157.245.233.39 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 1 | 2606:4700:303... 2606:4700:3031::ac43:9781 | () () | |
1 1 | 34.91.226.152 34.91.226.152 | () () | |
1 | 52.19.101.114 52.19.101.114 | () () | |
17 | 4 |
ASN57724 (DDOS-GUARD, RU)
PTR: ddos-guard.net
check.ddos-guard.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
gg.gg
1 redirects
gg.gg — Cisco Umbrella Rank: 214914 |
102 KB |
2 |
ddos-guard.net
check.ddos-guard.net — Cisco Umbrella Rank: 132666 |
742 B |
1 |
findiover.net
xovzrd.findiover.net |
|
1 |
luvmenow.com
1 redirects
t.luvmenow.com |
397 B |
1 |
makeyourwish.net
1 redirects
makeyourwish.net |
1017 B |
1 |
adverdr.com
1 redirects
track.adverdr.com |
340 B |
0 |
akamaized.net
Failed
cdn-dimi.akamaized.net Failed |
|
17 | 7 |
Domain | Requested by | |
---|---|---|
5 | gg.gg |
1 redirects
gg.gg
|
2 | check.ddos-guard.net |
gg.gg
|
1 | xovzrd.findiover.net |
gg.gg
|
1 | t.luvmenow.com | 1 redirects |
1 | makeyourwish.net | 1 redirects |
1 | track.adverdr.com | 1 redirects |
0 | cdn-dimi.akamaized.net Failed |
xovzrd.findiover.net
|
17 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.ddos-guard.net Sectigo RSA Domain Validation Secure Server CA |
2022-07-25 - 2023-08-25 |
a year | crt.sh |
*.findiover.net R3 |
2022-07-26 - 2022-10-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://xovzrd.findiover.net/c/1e3a4e532f1c7040?s1=144562&s2=1335143&j1=1&j3=1&j8=1&click_id=a_631caba4f0120700012286de&s3=20164
Frame ID: 9BB74193179F93815734F8F15457B64C
Requests: 18 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://gg.gg/126654 Page URL
-
http://gg.gg/126654
HTTP 301
https://track.adverdr.com//tr?offer_id=11&aff_id=4435&sub1=Alex61 HTTP 307
https://makeyourwish.net/bw2bwqYC?s1=631caba3976af631caba3976b1 HTTP 302
http://t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=11249&sub3=tj4l016k24q4&sub1=20164&sub2=frd HTTP 302
https://xovzrd.findiover.net/c/1e3a4e532f1c7040?s1=144562&s2=1335143&j1=1&j3=1&j8=1&click_id=a_631caba4f0... Page URL
Detected technologies
CodeIgniter (Web Frameworks) ExpandDetected patterns
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://gg.gg/126654 Page URL
-
http://gg.gg/126654
HTTP 301
https://track.adverdr.com//tr?offer_id=11&aff_id=4435&sub1=Alex61 HTTP 307
https://makeyourwish.net/bw2bwqYC?s1=631caba3976af631caba3976b1 HTTP 302
http://t.luvmenow.com/sl?id=5fa1807a127bd6bcbd272004&pid=11249&sub3=tj4l016k24q4&sub1=20164&sub2=frd HTTP 302
https://xovzrd.findiover.net/c/1e3a4e532f1c7040?s1=144562&s2=1335143&j1=1&j3=1&j8=1&click_id=a_631caba4f0120700012286de&s3=20164 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
126654
gg.gg/ |
8 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
555 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
check
gg.gg/.well-known/ddos-guard/ |
91 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.js
check.ddos-guard.net/ |
152 B 490 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vshNvTlWGOFDo6pa
gg.gg/.well-known/ddos-guard/id/ |
68 B 411 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vshNvTlWGOFDo6pa
check.ddos-guard.net/set/id/ |
68 B 252 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
gg.gg/.well-known/ddos-guard/mark/ |
0 143 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
1e3a4e532f1c7040
xovzrd.findiover.net/c/ Redirect Chain
|
23 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
style.css
cdn-dimi.akamaized.net/landings/274421/1662542857/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
popup.css
cdn-dimi.akamaized.net/landings/274421/1662542857/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
jquery-2.2.4.min.js
cdn-dimi.akamaized.net/landings/274421/1662542857/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
vegas.js
cdn-dimi.akamaized.net/landings/274421/1662542857/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
function.js
cdn-dimi.akamaized.net/landings/274421/1662542857/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
translates.js
cdn-dimi.akamaized.net/landings/274421/1662542857/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
tn_pHash.js
cdn-dimi.akamaized.net/landings/274421/1662542857/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
logo.png
cdn-dimi.akamaized.net/landings/274421/1662542857/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
logo-white.png
cdn-dimi.akamaized.net/landings/274421/1662542857/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
1.jpg
cdn-dimi.akamaized.net/landings/274421/1662542857/images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- cdn-dimi.akamaized.net
- URL
- https://cdn-dimi.akamaized.net/landings/274421/1662542857/css/style.css?1662542858
- Domain
- cdn-dimi.akamaized.net
- URL
- https://cdn-dimi.akamaized.net/landings/274421/1662542857/css/popup.css?1662542858
- Domain
- cdn-dimi.akamaized.net
- URL
- https://cdn-dimi.akamaized.net/landings/274421/1662542857/js/jquery-2.2.4.min.js?1662542858
- Domain
- cdn-dimi.akamaized.net
- URL
- https://cdn-dimi.akamaized.net/landings/274421/1662542857/js/vegas.js?1662542858
- Domain
- cdn-dimi.akamaized.net
- URL
- https://cdn-dimi.akamaized.net/landings/274421/1662542857/js/function.js?1662542858
- Domain
- cdn-dimi.akamaized.net
- URL
- https://cdn-dimi.akamaized.net/landings/274421/1662542857/js/translates.js?1662542858
- Domain
- cdn-dimi.akamaized.net
- URL
- https://cdn-dimi.akamaized.net/landings/274421/1662542857/js/tn_pHash.js?1662542858
- Domain
- cdn-dimi.akamaized.net
- URL
- https://cdn-dimi.akamaized.net/landings/274421/1662542857/images/logo.png
- Domain
- cdn-dimi.akamaized.net
- URL
- https://cdn-dimi.akamaized.net/landings/274421/1662542857/images/logo-white.png
- Domain
- cdn-dimi.akamaized.net
- URL
- https://cdn-dimi.akamaized.net/landings/274421/1662542857/images/1.jpg
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.gg.gg/ | Name: __ddgid_ Value: BfnbmNUnA3cEv6WN |
|
.gg.gg/ | Name: __ddgmark_ Value: vw0cfikMKYqDQvaQ |
|
.gg.gg/ | Name: __ddg5_ Value: RDp2O0fN28Rk1lyj |
|
.check.ddos-guard.net/ | Name: __ddg2 Value: vshNvTlWGOFDo6pa |
|
.gg.gg/ | Name: __ddg2_ Value: vshNvTlWGOFDo6pa |
|
.gg.gg/ | Name: __ddg1_ Value: 2X5i3dd1XgxG2cEfn27k |
|
gg.gg/ | Name: ci_session Value: a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%22ce80e8a02a0af79ab82d3779af1b47e3%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22186.2.160.181%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A116%3A%22Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F105.0.5195.102+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1662823330%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D907dc229a993d8ab201c6dff50b615bd |
|
.gg.gg/ | Name: gg_token Value: 3799b441943c38903e901ad97dc1fabb631caba27981c6.08187294 |
|
track.adverdr.com/ | Name: click_id Value: 631caba3976af631caba3976b1 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn-dimi.akamaized.net
check.ddos-guard.net
gg.gg
makeyourwish.net
t.luvmenow.com
track.adverdr.com
xovzrd.findiover.net
cdn-dimi.akamaized.net
157.245.233.39
185.129.100.100
2606:4700:3031::ac43:9781
34.91.226.152
52.19.101.114
91.215.42.31
3ae6b0aa0ad7a4a3135967f6aa7317820d5b7a4b60e7bebbc0abca7c8fe045c2
781f9640521a0e58c8bfa567d0b6646fd227fb85ff3530f737ebec5998633ce0
8c1e6d80e1c67dc4ad85380bd468c389292d34aac3cc2f44662894414a35f352
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ad60f8af33e8db9e91a6b54dab652bafd39d012cd299df50d7b1b5efbc9596
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710