f.figurnews.net Open in urlscan Pro
176.236.94.116 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://f.figurnews.net/frm/sv/sb?fid=1517404&rr=10278239&rk=qSxu&c=50947823
Submission: On February 22 via manual (February 22nd 2022, 4:54:32 pm UTC) from TR — Scanned from DE

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 176.236.94.116, located in Turkey and belongs to TELLCOM-AS, TR. The main domain is f.figurnews.net.

This is the only time f.figurnews.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	176.236.94.116 176.236.94.116	34984 (TELLCOM-AS) (TELLCOM-AS)
1	185.93.251.254 185.93.251.254	34984 (TELLCOM-AS) (TELLCOM-AS)
2	2

1 176.236.94.116 (Turkey)

ASN34984 (TELLCOM-AS, TR)

f.figurnews.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.93.251.254 (Turkey)

ASN34984 (TELLCOM-AS, TR)
PTR: mail18593251254.revomailtr.com

www.revotas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	revotas.com www.revotas.com	872 B
1	figurnews.net f.figurnews.net	6 KB
2	2

	Domain	Requested by
1	www.revotas.com	f.figurnews.net
1	f.figurnews.net
2	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://f.figurnews.net/frm/sv/sb?fid=1517404&rr=10278239&rk=qSxu&c=50947823
Frame ID: 6F3DEAEA00CB550E4E2EF753D3B3CDA0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Unsubscribe

Page Statistics

2
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

7 kB
Transfer

6 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request sb Show response f.figurnews.net/frm/sv/	5 KB 6 KB	223ms 179ms	Document text/html	176.236.94.116 TELLCOM-AS
General Check archive.org Show headers Download Go to Full URL http://f.figurnews.net/frm/sv/sb?fid=1517404&rr=10278239&rk=qSxu&c=50947823 Protocol HTTP/1.1 Server 176.236.94.116 , Turkey, ASN34984 (TELLCOM-AS, TR), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash `f84dea2b055ddd99436c233e2eaea39281e8f43764cb56787dbe8051c284d223` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server Apache-Coyote/1.1 Expires 0 Pragma no-cache Cache-Control no-store, no-cache, max-age=0, must-revalidate, post-check=0, pre-check=0 Content-Type text/html;charset=UTF-8 Transfer-Encoding chunked Date Tue, 22 Feb 2022 16:54:25 GMT
GET H/1.1	200 OK	unsub.js Show response www.revotas.com/host/js/	959 B 872 B	105ms 52ms	Script application/javascript	185.93.251.254 TELLCOM-AS
General Check archive.org Show headers Download Go to Full URL http://www.revotas.com/host/js/unsub.js Requested by Host: f.figurnews.net URL: http://f.figurnews.net/frm/sv/sb?fid=1517404&rr=10278239&rk=qSxu&c=50947823 Protocol HTTP/1.1 Server 185.93.251.254 , Turkey, ASN34984 (TELLCOM-AS, TR), Reverse DNS mail18593251254.revomailtr.com Software Apache/2.4.29 (Ubuntu) / Resource Hash `c6061243a6d8b5561b612405eca5762e34dfcdf4101f31ddac303a5dd3d0e62b` Request headers Accept-Language de-DE,de;q=0.9 Referer http://f.figurnews.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Response headers Date Tue, 22 Feb 2022 16:54:27 GMT Content-Encoding gzip Last-Modified Tue, 10 Jul 2012 13:49:31 GMT Server Apache/2.4.29 (Ubuntu) Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 516

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

f.figurnews.net
www.revotas.com
176.236.94.116
185.93.251.254
c6061243a6d8b5561b612405eca5762e34dfcdf4101f31ddac303a5dd3d0e62b
f84dea2b055ddd99436c233e2eaea39281e8f43764cb56787dbe8051c284d223

f.figurnews.net Open in urlscan Pro 176.236.94.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

2 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

7 kBTransfer

6 kBSize

0 Cookies

0 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Indicators

f.figurnews.net Open in urlscan Pro
176.236.94.116 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

7 kB
Transfer

6 kB
Size

0
Cookies

2 HTTP transactions
0 data transactions