1.groovinews.com
Open in
urlscan Pro
45.133.44.21
Public Scan
Effective URL: https://1.groovinews.com/common-player-arrow/index.html?var=&ymid=w2i587n77lp4kf8qikjsj53u&rc=0&mrc=6&fsc=0&zoneid=196458...
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On July 19 via api from AU — Scanned from AU
Summary
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 30th 2023. Valid for: 3 months.
This is the only time 1.groovinews.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.172.228.26 167.172.228.26 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 2 | 52.117.247.211 52.117.247.211 | 36351 (SOFTLAYER) (SOFTLAYER) | |
1 | 52.116.53.146 52.116.53.146 | 36351 (SOFTLAYER) (SOFTLAYER) | |
1 1 | 18.141.253.42 18.141.253.42 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 45.133.44.21 45.133.44.21 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
11 | 4 |
ASN14061 (DIGITALOCEAN-ASN, US)
janeweberevergreenarboretum.com |
ASN36351 (SOFTLAYER, US)
PTR: d3.f7.7534.ip4.static.sl-reverse.com
myckdom.com | |
p374591.myckdom.com |
ASN36351 (SOFTLAYER, US)
PTR: 92.35.7434.ip4.static.sl-reverse.com
clkdeals.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-253-42.ap-southeast-1.compute.amazonaws.com
tectlymealed.com |
ASN39572 (ADVANCEDHOSTERS-AS, NL)
1.groovinews.com | |
7.groovinews.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
groovinews.com
1.groovinews.com 7.groovinews.com — Cisco Umbrella Rank: 570699 |
14 KB |
2 |
myckdom.com
1 redirects
myckdom.com — Cisco Umbrella Rank: 88128 p374591.myckdom.com — Cisco Umbrella Rank: 621180 |
2 KB |
1 |
tectlymealed.com
1 redirects
tectlymealed.com |
646 B |
1 |
clkdeals.com
clkdeals.com — Cisco Umbrella Rank: 277038 |
197 B |
1 |
janeweberevergreenarboretum.com
1 redirects
janeweberevergreenarboretum.com |
2 KB |
11 | 5 |
Domain | Requested by | |
---|---|---|
1 | 7.groovinews.com |
1.groovinews.com
|
1 | 1.groovinews.com |
p374591.myckdom.com
|
1 | tectlymealed.com | 1 redirects |
1 | clkdeals.com |
p374591.myckdom.com
|
1 | p374591.myckdom.com | |
1 | myckdom.com | 1 redirects |
1 | janeweberevergreenarboretum.com | 1 redirects |
11 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.myckdom.com Sectigo RSA Domain Validation Secure Server CA |
2023-03-20 - 2024-03-20 |
a year | crt.sh |
www.clkdeals.com Sectigo RSA Domain Validation Secure Server CA |
2022-12-07 - 2023-12-29 |
a year | crt.sh |
*.groovinews.com ZeroSSL RSA Domain Secure Site CA |
2023-06-30 - 2023-09-28 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://1.groovinews.com/common-player-arrow/index.html?var=&ymid=w2i587n77lp4kf8qikjsj53u&rc=0&mrc=6&fsc=0&zoneid=1964585&tbz=1964587
Frame ID: 42D7D3DB8ABF3F39D788778503F00431
Requests: 11 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://janeweberevergreenarboretum.com/
HTTP 302
https://myckdom.com/aS/feedclick?s=yzphimlcv1XGkOSnr5TccpfSv0CZDKCXsrJDU8ee0jGbVkzpZ8gEizZTiQMvA... HTTP 302
https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlUtVP300OpqonVqIjTk0VLfPXYwRMzy-feXnoqJn36A... Page URL
-
https://tectlymealed.com/b657e763-84c9-4a71-911e-6158eab76b8e?keyword=janeweberevergreenarboretum.com...
HTTP 302
https://1.groovinews.com/common-player-arrow/index.html?var=&ymid=w2i587n77lp4kf8qikjsj53u&rc=0&mrc=6... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://janeweberevergreenarboretum.com/
HTTP 302
https://myckdom.com/aS/feedclick?s=yzphimlcv1XGkOSnr5TccpfSv0CZDKCXsrJDU8ee0jGbVkzpZ8gEizZTiQMvAXg5dnQ3qd4H7z-pbTnNK1c9Rxz0pbUsp-ySs4_k_wpXh0MakMa_tKTK9AWv6tOH8lSlHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyyTn3ctXNy9TLrKggI6g8CDzg8wuiGQhLSp1G65f_pRgvCuCGlh3sPKxVT-HAlgr3KmJml8YvJb0D0v53UypAzYr2WGYPk1To605nLJBhV_lFyHevFaS6Gv0R_d6UOm2rHqM6Jd3c0v-QKFk7__89FFGOybE8LzzGS30Ke4BCV275-55yaaKhnlUB-eqPSGk6Q65XciV5M04dcXHqGSZQzeSAjcMt-BvblmfXGbR9yW3KK84cJPScCOoPq3NkdVzmUYrPSsFfDJY0Dture9cxT3vzqLhK02xr3dIqwUbb4l8L31VVcGnSbIR3AR3qbMjdIGIYosZZMlqVyzvWsyKUuUOKNRawxvGXCQByHgynTYO1T3pnOY7fmd5CxbHtMljxD1eI2e1TlcAhqzo-velUoKX3ZegiVLDPlGxAGlvW6Imc-G_G5J70zGT9bQLiBLsaa8DbiCpzZFF-lp7bBfWixpViOfBkiUHVm6g3uwwq5iCcFJt3V-p6BCxLjWGiQbAJaJa4og5uNGUWOE7YsRxT-8NKSJ3nMGRyGgiYD7p4ljktUOtr-QRFm_7tM975ADPsTwFA85k2Oo5xhgggykFWRD-NNNmHAkZbGAg5Gjo1nGEBiX5t03yjYv75Gc4TcA8Ybfeg7aRu_WyR-hARo8eS9i9_wczPBJnAdc92lOBPhFUF580L-fP7iQOYDwi8nUuqWuIb9ThuSXUgVpNG69QY2AyB3-_rMaBwoYbHUooFxUCaFnN0lmatEkcIJYOJTLfhN8ETyDQkkwsKmLJcL8Q1fBG8GDAA1pmxSOxjn62GHv-AucwHA_ptn-YgaaV32gC6oAqSC1F95NGxbOcU6GoiQLDdve8ibG2g-XpOeXT-_ADT6dwUOEjgzJr2wPm4O4Sw1eSU2dNNRhVyOq7mlreeAVOEg9PlJRuFEzNeabyYVw6jRphXSyvIf1ZOTlnjJZOnIcT1_em9XckD7V3CU3nEIF9NIoDhXFZJZpSbldabFQU1tpYnVQZLhaz7jHmCnQWjXrsUseGxUpKzh2TE552ZovF-N0uca-PW-SujKqsjRwLxIWWIgbf4bn7GUZ7QQ6lTzQvziWiq67jTVQvVL4ScJYwqEcqLlqNRa8Vv1y9IfWC3Q8nwKZuEQFQaB8NztRqaKcnnOVCa1gtVodyh16Nu-Zngk2rC-1_E2NNxA6ib-IVMIyQQKPBQEVP-nMKsyLvQxB4bcvC7B6xJ7iVYW2SJ42RIOaVprx1hhRgl11k0YQUeZBwbSQFOloaEyNyDAWEZmbVhBXJmO3hgWtoExzCV9_RMLneBLVhqqMTpiSOZigz0gzuLajH8KAYniJb7O4RYCrU45ZuM8-SWV59E2f07CZqladxWJfmTolQOHdjIrID-RtqD0DhJ38vF_3TkvkTtbj4L-b6G_M-WUMALzVxbAZ7diiQYBl1cMUGcYDJPeAZHp_lMBEaL5vkby9axpxVFRFcAXRZAumwIFVjWg_Njm3Rv0OqabYZ4PyekC-tMHtMmCO6EmYqLEpy3_mQv3jmTloWol-qnYSe-OH8GqIjE1SMUkbGpieHEWDMWQ8tbfQp1dfE8ER2Fp1zonQSOYnUnvjh_BqiIxNUjFJGxqYnhxFgzFkPLW305qX83IOo14J_S8WIFj7izgXB51tqT9-yhCcIiriXVPncb6LJRO0SMt0Azp-j8QGh HTTP 302
https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlUtVP300OpqonVqIjTk0VLfPXYwRMzy-feXnoqJn36A4YFOLcM58DWLj58wwMVDl2hOOxVHTWRXEFZSqpAeW7njLQpTbQuAY-uo0dfw76PwVEzTrwqsCMq5G5dpv3H8lwtpYupqQq_qkt-TBPwxLfRWMCwkfS5SAA5elaFd_tidQK8sczUyG_FAz4mvdD0n7T5PQC-Ns7H0UP4ihGJaOYXu_nVZS66_Rw2IaP5PrOi_krJc1GxPiCE6pWnPG-pkM1j3I-qDK2QsWJWdAgaDFAOJTu6AXYz7K5gO-Yz2uT6CaFfoEM4DjNLWsKIqOMeo2RuorUv5kV-PA70sCjuHHHR6ghym9oFsiWUxfqcBxeQI-QYn90FXXp0t6ZcGxQYNoWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxAvZaY3AaL1KSAlEMfER0v1BbsozkC8-D-BybpyqSvYhMWU9yWglbJb4DwGaxzdGBahEpuhu41NIkEpwcG3g30I&ui=yzphimlcv1XGkOSnr5TcclJYVZbN5_3WIaIc3yOo5HIKeTHv4fIbNW_eXbLh9oo4oBieIlvs7hFgKtTjlm4zz5JZXn0TZ_TsJmqVp3FYl-aP7lzeQD0zVg&si=1&oref=2b5d6448c2845793acb9fa6edf291ead&optunit=YDvmM9rk-gmhX6BDOA4zS1rCiKjjHqNke2HMJNFmZz0&rb=OZGG-tuiaBk&rr=1&isco=t&abtg=0 Page URL
-
https://tectlymealed.com/b657e763-84c9-4a71-911e-6158eab76b8e?keyword=janeweberevergreenarboretum.com+RO+Travel+botanical+garden+Destinations+Tourist&geo=US&campaignname=US+A+Collector+Domain+CPA+windows+chrome&device=Desktop&os=Windows+10&browser=Chrome+114&carrier=UNKNOWN&source=446872094&bid=0.0024&clickid=90530985361
HTTP 302
https://1.groovinews.com/common-player-arrow/index.html?var=&ymid=w2i587n77lp4kf8qikjsj53u&rc=0&mrc=6&fsc=0&zoneid=1964585&tbz=1964587 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://janeweberevergreenarboretum.com/ HTTP 302
- https://myckdom.com/aS/feedclick?s=yzphimlcv1XGkOSnr5TccpfSv0CZDKCXsrJDU8ee0jGbVkzpZ8gEizZTiQMvAXg5dnQ3qd4H7z-pbTnNK1c9Rxz0pbUsp-ySs4_k_wpXh0MakMa_tKTK9AWv6tOH8lSlHWVUL2gXgUyatsBFMaSTc1RQ5RxkQPBqyyTn3ctXNy9TLrKggI6g8CDzg8wuiGQhLSp1G65f_pRgvCuCGlh3sPKxVT-HAlgr3KmJml8YvJb0D0v53UypAzYr2WGYPk1To605nLJBhV_lFyHevFaS6Gv0R_d6UOm2rHqM6Jd3c0v-QKFk7__89FFGOybE8LzzGS30Ke4BCV275-55yaaKhnlUB-eqPSGk6Q65XciV5M04dcXHqGSZQzeSAjcMt-BvblmfXGbR9yW3KK84cJPScCOoPq3NkdVzmUYrPSsFfDJY0Dture9cxT3vzqLhK02xr3dIqwUbb4l8L31VVcGnSbIR3AR3qbMjdIGIYosZZMlqVyzvWsyKUuUOKNRawxvGXCQByHgynTYO1T3pnOY7fmd5CxbHtMljxD1eI2e1TlcAhqzo-velUoKX3ZegiVLDPlGxAGlvW6Imc-G_G5J70zGT9bQLiBLsaa8DbiCpzZFF-lp7bBfWixpViOfBkiUHVm6g3uwwq5iCcFJt3V-p6BCxLjWGiQbAJaJa4og5uNGUWOE7YsRxT-8NKSJ3nMGRyGgiYD7p4ljktUOtr-QRFm_7tM975ADPsTwFA85k2Oo5xhgggykFWRD-NNNmHAkZbGAg5Gjo1nGEBiX5t03yjYv75Gc4TcA8Ybfeg7aRu_WyR-hARo8eS9i9_wczPBJnAdc92lOBPhFUF580L-fP7iQOYDwi8nUuqWuIb9ThuSXUgVpNG69QY2AyB3-_rMaBwoYbHUooFxUCaFnN0lmatEkcIJYOJTLfhN8ETyDQkkwsKmLJcL8Q1fBG8GDAA1pmxSOxjn62GHv-AucwHA_ptn-YgaaV32gC6oAqSC1F95NGxbOcU6GoiQLDdve8ibG2g-XpOeXT-_ADT6dwUOEjgzJr2wPm4O4Sw1eSU2dNNRhVyOq7mlreeAVOEg9PlJRuFEzNeabyYVw6jRphXSyvIf1ZOTlnjJZOnIcT1_em9XckD7V3CU3nEIF9NIoDhXFZJZpSbldabFQU1tpYnVQZLhaz7jHmCnQWjXrsUseGxUpKzh2TE552ZovF-N0uca-PW-SujKqsjRwLxIWWIgbf4bn7GUZ7QQ6lTzQvziWiq67jTVQvVL4ScJYwqEcqLlqNRa8Vv1y9IfWC3Q8nwKZuEQFQaB8NztRqaKcnnOVCa1gtVodyh16Nu-Zngk2rC-1_E2NNxA6ib-IVMIyQQKPBQEVP-nMKsyLvQxB4bcvC7B6xJ7iVYW2SJ42RIOaVprx1hhRgl11k0YQUeZBwbSQFOloaEyNyDAWEZmbVhBXJmO3hgWtoExzCV9_RMLneBLVhqqMTpiSOZigz0gzuLajH8KAYniJb7O4RYCrU45ZuM8-SWV59E2f07CZqladxWJfmTolQOHdjIrID-RtqD0DhJ38vF_3TkvkTtbj4L-b6G_M-WUMALzVxbAZ7diiQYBl1cMUGcYDJPeAZHp_lMBEaL5vkby9axpxVFRFcAXRZAumwIFVjWg_Njm3Rv0OqabYZ4PyekC-tMHtMmCO6EmYqLEpy3_mQv3jmTloWol-qnYSe-OH8GqIjE1SMUkbGpieHEWDMWQ8tbfQp1dfE8ER2Fp1zonQSOYnUnvjh_BqiIxNUjFJGxqYnhxFgzFkPLW305qX83IOo14J_S8WIFj7izgXB51tqT9-yhCcIiriXVPncb6LJRO0SMt0Azp-j8QGh HTTP 302
- https://p374591.myckdom.com/adServe/domainClick?ai=hOD6Xl45qmlUtVP300OpqonVqIjTk0VLfPXYwRMzy-feXnoqJn36A4YFOLcM58DWLj58wwMVDl2hOOxVHTWRXEFZSqpAeW7njLQpTbQuAY-uo0dfw76PwVEzTrwqsCMq5G5dpv3H8lwtpYupqQq_qkt-TBPwxLfRWMCwkfS5SAA5elaFd_tidQK8sczUyG_FAz4mvdD0n7T5PQC-Ns7H0UP4ihGJaOYXu_nVZS66_Rw2IaP5PrOi_krJc1GxPiCE6pWnPG-pkM1j3I-qDK2QsWJWdAgaDFAOJTu6AXYz7K5gO-Yz2uT6CaFfoEM4DjNLWsKIqOMeo2RuorUv5kV-PA70sCjuHHHR6ghym9oFsiWUxfqcBxeQI-QYn90FXXp0t6ZcGxQYNoWh8HfcFb6b2kMb4Do7y-b-De0rL-F5kimWV6YBZNo-eHvK0TihL_ekkvgqc45ggkUpG405w9CXKFq5LhImb3BCguu2D-tqLGlSrIfnXI3KxAvZaY3AaL1KSAlEMfER0v1BbsozkC8-D-BybpyqSvYhMWU9yWglbJb4DwGaxzdGBahEpuhu41NIkEpwcG3g30I&ui=yzphimlcv1XGkOSnr5TcclJYVZbN5_3WIaIc3yOo5HIKeTHv4fIbNW_eXbLh9oo4oBieIlvs7hFgKtTjlm4zz5JZXn0TZ_TsJmqVp3FYl-aP7lzeQD0zVg&si=1&oref=2b5d6448c2845793acb9fa6edf291ead&optunit=YDvmM9rk-gmhX6BDOA4zS1rCiKjjHqNke2HMJNFmZz0&rb=OZGG-tuiaBk&rr=1&isco=t&abtg=0
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
domainClick
p374591.myckdom.com/adServe/ Redirect Chain
|
1 KB 908 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track
clkdeals.com/adServe/ |
49 B 197 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.html
1.groovinews.com/common-player-arrow/ Redirect Chain
|
6 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
7.groovinews.com/ |
6 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icon1.png
7.groovinews.com/common-player-arrow/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
icon2.png
7.groovinews.com/common-player-arrow/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
icon3.png
7.groovinews.com/common-player-arrow/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
icon4.png
7.groovinews.com/common-player-arrow/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
icon5.png
7.groovinews.com/common-player-arrow/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
icon7.png
7.groovinews.com/common-player-arrow/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
icon8.png
7.groovinews.com/common-player-arrow/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- 7.groovinews.com
- URL
- https://7.groovinews.com/common-player-arrow/img/icon1.png
- Domain
- 7.groovinews.com
- URL
- https://7.groovinews.com/common-player-arrow/img/icon2.png
- Domain
- 7.groovinews.com
- URL
- https://7.groovinews.com/common-player-arrow/img/icon3.png
- Domain
- 7.groovinews.com
- URL
- https://7.groovinews.com/common-player-arrow/img/icon4.png
- Domain
- 7.groovinews.com
- URL
- https://7.groovinews.com/common-player-arrow/img/icon5.png
- Domain
- 7.groovinews.com
- URL
- https://7.groovinews.com/common-player-arrow/img/icon7.png
- Domain
- 7.groovinews.com
- URL
- https://7.groovinews.com/common-player-arrow/img/icon8.png
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.myckdom.com/ | Name: rhid Value: 83455961589 |
|
.myckdom.com/ | Name: loi Value: ad_1641867_off_1084531_aff_87436_cid_374591-JANEWEBEREVERGREENARBORETUM.COM_ts_1689751884 |
|
.tectlymealed.com/ | Name: b657e763-84c9-4a71-911e-6158eab76b8e-v4 Value: e1e0CaStgP9uKzOtDTnskT3Qc5PfEtwGZCdwEWOE_PY |
|
.tectlymealed.com/ | Name: cc-v4 Value: y5NZ3gwVwBuSU%2FFPex38hOKtDpRu4vRinybbtbrhcdTvRQkLyaRZpWrfclG4W4%2Bc99FPo3HLJZAyiOglePdp4%2BUVMfem5MXg00o2eCYJk85RDY%2BtqtuILgupJD%2BEspIhcpFY5KxiNhq8TtTU7fCLHA%3D%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1.groovinews.com
7.groovinews.com
clkdeals.com
janeweberevergreenarboretum.com
myckdom.com
p374591.myckdom.com
tectlymealed.com
7.groovinews.com
167.172.228.26
18.141.253.42
45.133.44.21
52.116.53.146
52.117.247.211
278036e70b87a8718a79e43b7e3b187be57065702861536af09ae7bcd2bd5d75
2e6c7a5818160fa7db7adb5c5cba9324acd5fa11ed0ebb9b453d1728dd04122f
4f58b524e7febc482c9d333400ba9fb4751f5f401bd269b3c7e57b0130e7a4ba