urlscan.io logo urlscan.io
SecurityTrails logo

m24app.cfd Open in urlscan Pro
172.67.166.78  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://et.sp-25.com/e/c/SFpva?referCode=product_SF5228aaaaaaaaaa&shortLink=aaaaa&longLink=H4sIAAAAAAAAALWOQQuCMBiGf0...
Effective URL: https://m24app.cfd/?sp_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&sp...
Submission: On June 24 via manual from IN — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 6 HTTP transactions. The main IP is 172.67.166.78, located in United States and belongs to CLOUDFLARENET, US. The main domain is m24app.cfd.
TLS certificate: Issued by WE1 on June 23rd 2024. Valid for: 3 months.
This is the only time m24app.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.213.162.106 16509 (AMAZON-02)
2 172.67.166.78 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 172.67.70.233 13335 (CLOUDFLAR...)
1 74.125.130.100 15169 (GOOGLE)
6 5
1    13.213.162.106 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-162-106.ap-southeast-1.compute.amazonaws.com
et.sp-25.com
2    172.67.166.78 (United States)

ASN13335 (CLOUDFLARENET, US)
m24app.cfd
1    2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    172.67.70.233 (United States)

ASN13335 (CLOUDFLARENET, US)
get.geojs.io
1    74.125.130.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f100.1e100.net
google.com
Apex Domain
Subdomains		 Transfer
2 m24app.cfd
m24app.cfd
3 KB
1 google.com
google.com — Cisco Umbrella Rank: 1 Failed
1 geojs.io
get.geojs.io — Cisco Umbrella Rank: 17918
822 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 816
30 KB
1 sp-25.com
et.sp-25.com
299 B
6 5
Domain Requested by
2 m24app.cfd
1 google.com
1 get.geojs.io m24app.cfd
1 code.jquery.com m24app.cfd
1 et.sp-25.com 1 redirects
6 5

This site contains no links.

Subject Issuer Validity Valid
m24app.cfd
WE1		 2024-06-23 -
2024-09-21		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
geojs.io
E1		 2024-05-09 -
2024-08-07		 3 months crt.sh
*.google.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://m24app.cfd/?sp_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&sp_medium=email&sp_source=smartpush&utm_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&utm_medium=email&utm_source=smartpush&hotspotId=uViFUwx1Vl&sd_id=4503599661045228
Frame ID: 6DDE1EF80D8CE93438782E18648B5ABA
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

loading...

Page URL History Show full URLs

  1. https://et.sp-25.com/e/c/SFpva?referCode=product_SF5228aaaaaaaaaa&shortLink=aaaaa&longLink=H4sIAA... HTTP 302
    https://m24app.cfd/?sp_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

83 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

35 kB
Transfer

92 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://et.sp-25.com/e/c/SFpva?referCode=product_SF5228aaaaaaaaaa&shortLink=aaaaa&longLink=H4sIAAAAAAAAALWOQQuCMBiGf03eTL_NbRqM6CIEQafsKF86c-DccBv189NjdO7ywvMeHp4xBOcPWWZIgc7tu6E_etd2aBzq5ywxBmswaDvv6Km-XO-cEcpyKqpqXeBcFNDCA3lZUkhJroa0AMzTEgimWCjGgFd9x0UrhGAlT1a5Ub2ORiqDetrY27h0SnqDS3DRj0kM5o8Fm_0rYTt-GkYbvLPh3MvY6Pr2ekMzfQAS8YUuLAEAAA==&ecSource=SF&referId=4503599661045228 HTTP 302
    https://m24app.cfd/?sp_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&sp_medium=email&sp_source=smartpush&utm_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&utm_medium=email&utm_source=smartpush&hotspotId=uViFUwx1Vl&sd_id=4503599661045228 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://m24app.cfd/9360SAMH9VR8VM8GV5AM2FRID2.html?ip=209.58.162.239&loc=SG&city=Singapore&reg=undefined HTTP 302
  • https://google.com/

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
m24app.cfd/
Redirect Chain
  • https://et.sp-25.com/e/c/SFpva?referCode=product_SF5228aaaaaaaaaa&shortLink=aaaaa&longLink=H4sIAAAAAAAAALWOQQuCMBiGf03eTL_NbRqM6CIEQafsKF86c-DccBv189NjdO7ywvMeHp4xBOcPWWZIgc7tu6E_etd2aBzq5ywxBmswaD...
  • https://m24app.cfd/?sp_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&sp_medium=email&sp_source=smartpush&utm_campaign=automation%3AFLOW652350379950316674...
747 B
924 B 		Document
General
Check archive.org
Download Go to
Full URL
https://m24app.cfd/?sp_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&sp_medium=email&sp_source=smartpush&utm_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&utm_medium=email&utm_source=smartpush&hotspotId=uViFUwx1Vl&sd_id=4503599661045228
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
993f7f4f0774e1944ce207ba8e404f2e67584e5e5603d4cafae47368e8b40e1a

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
898bfbda69ee797f-SIN
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 24 Jun 2024 10:20:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wVwkx1ZTcjXxmxwtMDAvOi6mYp0M0QlM%2BP3PV%2FzP4Vw9tLlgoSyedVLP9xJpRTCdKMhuLhIfsv8%2Fga2ydiWVH9hWRkR4iMtDkrr5%2B14L6mSOZ52FBuhKxYjCaOSK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

content-length
374
content-type
text/html; charset=utf-8
date
Mon, 24 Jun 2024 10:20:11 GMT
location
https://m24app.cfd?sp_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&sp_medium=email&sp_source=smartpush&utm_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&utm_medium=email&utm_source=smartpush&hotspotId=uViFUwx1Vl&sd_id=4503599661045228
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: m24app.cfd
URL: https://m24app.cfd/?sp_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&sp_medium=email&sp_source=smartpush&utm_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&utm_medium=email&utm_source=smartpush&hotspotId=uViFUwx1Vl&sd_id=4503599661045228
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://m24app.cfd/
Origin
https://m24app.cfd
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:20:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
628983
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-maa10228-MAA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1719224412.850818,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
49, 1217203
geo.js
get.geojs.io/v1/ip/ 		361 B
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://get.geojs.io/v1/ip/geo.js
Requested by
Host: m24app.cfd
URL: https://m24app.cfd/?sp_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&sp_medium=email&sp_source=smartpush&utm_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&utm_medium=email&utm_source=smartpush&hotspotId=uViFUwx1Vl&sd_id=4503599661045228
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.233 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
040955bba2fc973d8329ad298db6e3639e0f9a9cdff5a75ac3a484bc7d315ab2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://m24app.cfd/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:20:12 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
b717c6ac7f87c4444d0c39a896723ab7-AMS
x-geojs-location
AMS
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T39xixCTkC8IejOJZNAFEQhxeDaUAqhKtG43ym9eN2mCsvFvMLstTiO7eWA%2B%2FPDVRGxift%2FNYHA4iQ3Pu5vFdpLwLgToNeO9r44%2Bp6dxHyCnn8bTTx9fwxp5VsBaRg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-ray
898bfbdd99189ce7-SIN
favicon.ico
m24app.cfd/ 		4 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://m24app.cfd/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.166.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
21f540a884a6e01767a0f8102f9f5023da01aa945bae6becfbe3a44f1eeb461c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://m24app.cfd/?sp_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&sp_medium=email&sp_source=smartpush&utm_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&utm_medium=email&utm_source=smartpush&hotspotId=uViFUwx1Vl&sd_id=4503599661045228
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 24 Jun 2024 10:20:12 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 17 Sep 2021 00:47:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"e36-17bf138fce8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tqAZzys6rqtYNBJ5tm1DIGa7h9%2BDDM2Y7uc%2BHCNHvbfPPFyWZP%2FzbgETxj8xVErVi%2B%2BXcgdp9zKA%2FuDNw4zeF9npumBRdN020kxLmhpUh4n79PpdWjjdyYSX8tgx"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
public, max-age=14400
cf-ray
898bfbdf9fe1797f-SIN
alt-svc
h3=":443"; ma=86400
/
google.com/
Redirect Chain
  • https://m24app.cfd/9360SAMH9VR8VM8GV5AM2FRID2.html?ip=209.58.162.239&loc=SG&city=Singapore&reg=undefined
  • https://google.com/
0
0
/
google.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://google.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f100.1e100.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://m24app.cfd
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1592
content-type
text/html; charset=UTF-8
date
Mon, 24 Jun 2024 10:20:12 GMT
referrer-policy
no-referrer

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google.com
URL
https://google.com/

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery function| geoip

1 Cookies

Domain/Path Name / Value
m24app.cfd/ Name: csrf-token
Value: 2DIRF2MA5VG8MV8RV9HMAS0639

2 Console Messages

Source Level URL
Text
javascript error URL: https://m24app.cfd/?sp_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&sp_medium=email&sp_source=smartpush&utm_campaign=automation%3AFLOW6523503799503166741_1ba68831-20ef-41a0-812a-a4e55169dc67_777586&utm_medium=email&utm_source=smartpush&hotspotId=uViFUwx1Vl&sd_id=4503599661045228
Message:
Access to XMLHttpRequest at 'https://google.com/' (redirected from 'https://m24app.cfd/9360SAMH9VR8VM8GV5AM2FRID2.html?ip=209.58.162.239&loc=SG&city=Singapore&reg=undefined') from origin 'https://m24app.cfd' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://google.com/
Message:
Failed to load resource: net::ERR_FAILED