mssql.cosmeticskd.com Open in urlscan Pro
172.67.197.46 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mssql.cosmeticskd.com/
Submission: On June 25 via api (June 25th 2024, 5:19:56 pm UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 16 HTTP transactions. The main IP is 172.67.197.46, located in United States and belongs to CLOUDFLARENET, US. The main domain is mssql.cosmeticskd.com.
TLS certificate: Issued by WE1 on June 9th 2024. Valid for: 3 months.

This is the only time mssql.cosmeticskd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
14	172.67.197.46 172.67.197.46		13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2

14 172.67.197.46 (United States)

ASN13335 (CLOUDFLARENET, US)

mssql.cosmeticskd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	cosmeticskd.com mssql.cosmeticskd.com	97 KB
0	parallels.com Failed promo.parallels.com Failed
16	2

	Domain	Requested by
14	mssql.cosmeticskd.com	mssql.cosmeticskd.com
0	promo.parallels.com Failed	mssql.cosmeticskd.com
16	2

This site contains links to these domains. Also see Links.

Domain
www.parallels.com

Subject Issuer	Validity	Valid
cosmeticskd.com WE1	`2024-06-09` - `2024-09-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mssql.cosmeticskd.com/
Frame ID: 01ABC540708034907E5B904E013BFDA3
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Default Parallels Plesk Panel Page

Page Statistics

16
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

97 kB
Transfer

101 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.parallels.com/products/panel/intro

Search URL Search Domain Scan URL

URL: http://www.parallels.com/intro
Title: Parallels

Search URL Search Domain Scan URL

URL: http://www.parallels.com/products/desktop/intro
Title: Parallels® Desktop for Mac

Search URL Search Domain Scan URL

URL: http://www.parallels.com/products/desktop/pd4wl/intro
Title: Parallels® Desktop forWindows and Linux

Search URL Search Domain Scan URL

URL: http://www.parallels.com/products/server/intro
Title: Parallels® Server

Search URL Search Domain Scan URL

URL: http://www.parallels.com/products/containers/intro
Title: Parallels® Container

Search URL Search Domain Scan URL

URL: http://www.parallels.com/products/automation/intro
Title: Parallels® Automation

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response mssql.cosmeticskd.com/	10 KB 3 KB	92ms 52ms	Document text/html	172.67.197.46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mssql.cosmeticskd.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `6c71579927d2062d26f9597afa17ac45687dd5c1067f06db4ebeb74a71896ce9` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 89969ffedb189b2b-FRA content-encoding br content-type text/html date Tue, 25 Jun 2024 17:19:52 GMT last-modified Mon, 07 Oct 2013 17:21:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HtOhCjEeynqi5K%2BdNfQVXSye%2Bp3RGC1ks0uwFLrGVyVxe78zOxv4E72rO8K0pGftz0aIkT0OZF0vMfUXR0QhF7F7ujYA8xq4MO3rYGc57hGFvkbYdhpRuk7hMZjhtj47ZEkFifQRGYQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by ASP.NET
GET H3	200	style.css mssql.cosmeticskd.com/css/	3 KB 2 KB	62ms 62ms	Stylesheet text/css	172.67.197.46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mssql.cosmeticskd.com/css/style.css Requested by Host: mssql.cosmeticskd.com URL: https://mssql.cosmeticskd.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `34f177e82d46cd9f6e9d0d0b564279bc6dfac594ab0334e1efdf674909888188` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mssql.cosmeticskd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 17:19:52 GMT content-encoding br cf-cache-status MISS last-modified Mon, 07 Oct 2013 17:12:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"76f4ac6580c3ce1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t57hN1UR8x%2FEJ8kIgOl0x8%2BGcHudxhkvQXQNBR5Aak%2FUlKlJ%2BkG9UiiX22XaBbtxK%2FdjYFLeMMdak%2FVYkFPLy4dtalLWMW8NrKH0G%2BMEr2ScsitdLnEGDCWdERNQ726XsKEO8N4zJ3c%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 89969fff2b5a9b2b-FRA alt-svc h3=":443"; ma=86400
GET H3	200	panel-logo.png mssql.cosmeticskd.com/img/	4 KB 4 KB	112ms 111ms	Image image/png	172.67.197.46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mssql.cosmeticskd.com/img/panel-logo.png Requested by Host: mssql.cosmeticskd.com URL: https://mssql.cosmeticskd.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `72a293701b3852690e7fff4b03b819ac41d2c2fc12dccdcd47c2f1391490045d` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mssql.cosmeticskd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 17:19:52 GMT cf-cache-status MISS last-modified Mon, 07 Oct 2013 17:12:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2258af6580c3ce1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1TBVnJ8ZbC6DbbMqBNOt4x1mDUGDxMfAbnE6RQPwNH%2BzlBhC%2FMJebKdJbFnb33jNBcxJ%2BB8bDK%2FipF84lkiqfQ4seEY1ThvJTlV1dVREIo8IR2ywzV%2BrYe4onj1r6%2F8dmZIGxgjqNTA%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 89969fff2b5e9b2b-FRA alt-svc h3=":443"; ma=86400 content-length 3625
GET H3	200	pd-box.gif mssql.cosmeticskd.com/img/apps/	6 KB 6 KB	74ms 73ms	Image image/gif	172.67.197.46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mssql.cosmeticskd.com/img/apps/pd-box.gif Requested by Host: mssql.cosmeticskd.com URL: https://mssql.cosmeticskd.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `6ea44cca387479be5856fc4e8f72f41eae6fe232b6a40e1bc2151f828183ad33` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mssql.cosmeticskd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 17:19:52 GMT cf-cache-status MISS last-modified Mon, 07 Oct 2013 17:12:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "76f4ac6580c3ce1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iMQtj5JiVKIFHKZnjwzB9e8rfgJ7cyxLOoWCz4VuOizE6j7ciiSHcnfjkrdN7IlNMydkjDx15%2FSiYRWviWA9wEyk43PC9tRPpw3dukUnjv16R%2BZ3QzP9F1bpk1RVQ%2BTXMogd8X08UQo%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 89969fff2b5f9b2b-FRA alt-svc h3=":443"; ma=86400 content-length 5897
GET H3	200	pdfwl-box.gif mssql.cosmeticskd.com/img/apps/	6 KB 6 KB	59ms 58ms	Image image/gif	172.67.197.46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mssql.cosmeticskd.com/img/apps/pdfwl-box.gif Requested by Host: mssql.cosmeticskd.com URL: https://mssql.cosmeticskd.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `e1df238ea854d78e792391db5e7408fbc2a306df676b720fa909387bc721e004` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mssql.cosmeticskd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 17:19:52 GMT cf-cache-status MISS last-modified Mon, 07 Oct 2013 17:12:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "76f4ac6580c3ce1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=obFji9rLUFSxfpUOHUvSaASeY6PN2phH%2FUqmQpc7ceo4JMljtbqadwSpGYBe4RSXwb27uQ6kWjMFRXBMs1eg0ta6zsQELiM%2FkIVM0Ky%2Bnjx%2BFUZNIg1fspiLxg4ppicWvR5VZo%2FIA%2Fk%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 89969fff9ba89b2b-FRA alt-svc h3=":443"; ma=86400 content-length 5731
GET H3	200	server-box.gif mssql.cosmeticskd.com/img/apps/	6 KB 7 KB	61ms 61ms	Image image/gif	172.67.197.46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mssql.cosmeticskd.com/img/apps/server-box.gif Requested by Host: mssql.cosmeticskd.com URL: https://mssql.cosmeticskd.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `021ca8c31c7b3e1dac93a3ed24b20075476c503cf216b022ca6766eec2f92525` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mssql.cosmeticskd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 17:19:52 GMT cf-cache-status MISS last-modified Mon, 07 Oct 2013 17:12:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "76f4ac6580c3ce1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=apaGWYZ2ufAvlw6Gde0H0th7ry7yyys8JQ8cEVEJIi%2BV%2BmUeiB69zi9Hwy6NIGhm5Y22VQdBTLDX95NHiCbBPd4AIc3eZlNcAzIOC0iDSGwXoEiNqUJerPnK9g%2FCmirH8db3P1Y6FBk%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 89969fff9bac9b2b-FRA alt-svc h3=":443"; ma=86400 content-length 6222
GET H3	200	container-box.gif mssql.cosmeticskd.com/img/apps/	5 KB 6 KB	63ms 62ms	Image image/gif	172.67.197.46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mssql.cosmeticskd.com/img/apps/container-box.gif Requested by Host: mssql.cosmeticskd.com URL: https://mssql.cosmeticskd.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `47cde0d33d376e7a2c3f190e54886dddd4fb92fb5465374e09887c1682e22962` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mssql.cosmeticskd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 17:19:52 GMT cf-cache-status MISS last-modified Mon, 07 Oct 2013 17:12:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "76f4ac6580c3ce1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fb807PrjX8h3xI5aRMx%2B4EBANw%2FFrk6uuikSNsGbN3%2B2jcxdG6VAocVyumZocC01PzAC8PHFAfWHEm%2FryLIMl5AsTz9KtHfTbuIxWOoaKhohrvZ7DzmMvlRUxhGuwzE0b0MiYdr4JLg%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 89969fff9bad9b2b-FRA alt-svc h3=":443"; ma=86400 content-length 5400
GET H3	200	poa-box.gif mssql.cosmeticskd.com/img/apps/	6 KB 6 KB	63ms 63ms	Image image/gif	172.67.197.46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mssql.cosmeticskd.com/img/apps/poa-box.gif Requested by Host: mssql.cosmeticskd.com URL: https://mssql.cosmeticskd.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `286803f4133459e54faa8aa6a18cf68328b4d915e20589ad6129d9f5c16289bd` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mssql.cosmeticskd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 17:19:52 GMT cf-cache-status MISS last-modified Mon, 07 Oct 2013 17:12:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "76f4ac6580c3ce1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9K2X1Hk9yLooY9fkVQYXUJ7Kh%2F%2FjxkR1m1ImODOfjphFTLkQ%2FaUoflgtVaE4pWOttRdhkLxU6pkoAr99FOhxnX9hi8400Iqh8vl6NpUN8Y4mPc9zFQPSWDorz0o9Dqwt28RsZIm0csI%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 89969fff9bae9b2b-FRA alt-svc h3=":443"; ma=86400 content-length 5928
GET H3	200	pcp-box.gif mssql.cosmeticskd.com/img/apps/	6 KB 7 KB	49ms 48ms	Image image/gif	172.67.197.46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mssql.cosmeticskd.com/img/apps/pcp-box.gif Requested by Host: mssql.cosmeticskd.com URL: https://mssql.cosmeticskd.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `36a63c855c919f4ae0c2d60d44a8bbee157839b4eed5e72064154f6fefaaa85f` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mssql.cosmeticskd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 17:19:52 GMT cf-cache-status MISS last-modified Mon, 07 Oct 2013 17:12:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "76f4ac6580c3ce1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oLN0%2FYNikTGWG1oS4qsIVdkdm9p%2Fj10sfuZg4qo4sN14LxiLiCI3%2BQrg1pOLbbZULjMzj6P2KqLKfCjssHUP5A%2BnzA0kBsXmL8GHFYYwIwsawx22A7Resy1GnI1s5%2FTRHLC3bdHyw%2BA%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 89969fff9baf9b2b-FRA alt-svc h3=":443"; ma=86400 content-length 6420
GET		promo-flags.js.php mssql.cosmeticskd.com/javascript/	0 0

GET H3	200	top-bottom.png mssql.cosmeticskd.com/img/	1 KB 2 KB	50ms 50ms	Image image/png	172.67.197.46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mssql.cosmeticskd.com/img/top-bottom.png Requested by Host: mssql.cosmeticskd.com URL: https://mssql.cosmeticskd.com/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `3139e648ad6392b154569f8acf43334f6a0dc1777cc678b592ff49e1de8a49eb` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mssql.cosmeticskd.com/css/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 17:19:52 GMT cf-cache-status MISS last-modified Mon, 07 Oct 2013 17:12:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2258af6580c3ce1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=46gIIvC%2B1menEb0%2F8kSVDlLUgNbC8yB4pyCM7JXHCLSsh1Ga7hmkuDiEN39KEPYO1qTqKr1w5M3ZrZWkG7PnlJgmJGXRiMhsQZrUxtQ%2BtX4cNbXMU3RBRFW66LYIAVZE4wXBfn0txyg%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 89969fff9bb09b2b-FRA alt-svc h3=":443"; ma=86400 content-length 1105
GET H3	200	p-box.png mssql.cosmeticskd.com/img/	943 B 1 KB	65ms 65ms	Image image/png	172.67.197.46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mssql.cosmeticskd.com/img/p-box.png Requested by Host: mssql.cosmeticskd.com URL: https://mssql.cosmeticskd.com/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `cdaf3f547e6a8177b48c232110a3eb5e85ef1092a6442158b0ff4dc5d16921fd` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mssql.cosmeticskd.com/css/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 17:19:52 GMT cf-cache-status MISS last-modified Mon, 07 Oct 2013 17:12:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "2258af6580c3ce1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1pb1%2FiZ2FAo%2B2N6Vj%2Be6cLC2uuN9jWvq%2FJX8USzBPJtmVccwRbN33QK23L1R8nQ6ccgoocvUpq7xtzvbRfi0%2BUcSORRHkoCOG9X7MO1Ai5Gn2eemycHk3Xdg8n6yyM8bVgRMGzYITe8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 89969fff9bb19b2b-FRA alt-svc h3=":443"; ma=86400 content-length 943
GET H3	200	globe.png mssql.cosmeticskd.com/img/	45 KB 46 KB	85ms 85ms	Image image/png	172.67.197.46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mssql.cosmeticskd.com/img/globe.png Requested by Host: mssql.cosmeticskd.com URL: https://mssql.cosmeticskd.com/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `def4b21b4717650d6155a46a4272ca4d6499a3a51acdb19b976e65de4f95992b` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mssql.cosmeticskd.com/css/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 17:19:52 GMT cf-cache-status MISS last-modified Mon, 07 Oct 2013 17:12:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "76f4ac6580c3ce1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=atJI9ILnCKgd9xdHhLQKvFCNcHoDl%2BDgQ6veyaSX0cbvpgmgqylBhdeosiYYOs18zPwJDkLcCCIL6vILTw428ogvDLID22WYpaPLNbEiyrlgfOORhw24BrM2Mhrf45CYyWvSO7oxpd8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 89969fff9bb29b2b-FRA alt-svc h3=":443"; ma=86400 content-length 46252
GET H3	200	bullet.gif mssql.cosmeticskd.com/img/	1 KB 2 KB	67ms 67ms	Image image/gif	172.67.197.46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mssql.cosmeticskd.com/img/bullet.gif Requested by Host: mssql.cosmeticskd.com URL: https://mssql.cosmeticskd.com/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `9c3765b3ca5fd7c7482a7ea1bc0d72b93693e941e51324488f24d38a2b69a3dd` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mssql.cosmeticskd.com/css/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 17:19:52 GMT cf-cache-status MISS last-modified Mon, 07 Oct 2013 17:12:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "76f4ac6580c3ce1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cvLyoNJJldzZgb2qVrBcfgWRNSEnkJsW94Hml5NIqo7K%2FAi4ZixAQY0jX4EbP5SFcQwTPmb%2BmakRUIG9u%2BQIfJWcNHmqe7KaR19sgzWZ%2B%2BybRvNjAuWWK8F7EjmnuD3xF2HJFm4vm3g%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 89969fff9bb49b2b-FRA alt-svc h3=":443"; ma=86400 content-length 1213
GET		promo.plesk.js promo.parallels.com/js/	0 0

GET H3	200	favicon.ico mssql.cosmeticskd.com/	1 KB 592 B	48ms 48ms	Other image/x-icon	172.67.197.46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mssql.cosmeticskd.com/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.197.46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash `3550474f9a466ace7857064d81db50a25ba7c81de043bc9df8289bd90e32e411` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://mssql.cosmeticskd.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 25 Jun 2024 17:19:52 GMT content-encoding br cf-cache-status MISS last-modified Mon, 07 Oct 2013 17:12:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2258af6580c3ce1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jxxpIhsbjFLUCPJk0SR38cUZUzGP1pafVIGYVV2YH5NeqjUldqZXcU66U89OTv%2BO9Vlv4h64ZDmKD1MeUwJ2QEpjk9hJvHQvomKZSj2obavvaw3aletyvayyQuSHjx%2FvgcDyOhLldyQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/x-icon cache-control max-age=14400 cf-ray 8996a0003c429b2b-FRA alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mssql.cosmeticskd.com
URL: http://mssql.cosmeticskd.com:8880/javascript/promo-flags.js.php

Domain: promo.parallels.com
URL: http://promo.parallels.com/js/promo.plesk.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage number| plesk

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://mssql.cosmeticskd.com/(Line 15) Message: Mixed Content: The page at 'https://mssql.cosmeticskd.com/' was loaded over HTTPS, but requested an insecure script 'http://mssql.cosmeticskd.com:8880/javascript/promo-flags.js.php'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mssql.cosmeticskd.com/(Line 194) Message: Mixed Content: The page at 'https://mssql.cosmeticskd.com/' was loaded over HTTPS, but requested an insecure script 'http://promo.parallels.com/js/promo.plesk.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mssql.cosmeticskd.com
promo.parallels.com
mssql.cosmeticskd.com
promo.parallels.com
172.67.197.46
021ca8c31c7b3e1dac93a3ed24b20075476c503cf216b022ca6766eec2f92525
286803f4133459e54faa8aa6a18cf68328b4d915e20589ad6129d9f5c16289bd
3139e648ad6392b154569f8acf43334f6a0dc1777cc678b592ff49e1de8a49eb
34f177e82d46cd9f6e9d0d0b564279bc6dfac594ab0334e1efdf674909888188
3550474f9a466ace7857064d81db50a25ba7c81de043bc9df8289bd90e32e411
36a63c855c919f4ae0c2d60d44a8bbee157839b4eed5e72064154f6fefaaa85f
47cde0d33d376e7a2c3f190e54886dddd4fb92fb5465374e09887c1682e22962
6c71579927d2062d26f9597afa17ac45687dd5c1067f06db4ebeb74a71896ce9
6ea44cca387479be5856fc4e8f72f41eae6fe232b6a40e1bc2151f828183ad33
72a293701b3852690e7fff4b03b819ac41d2c2fc12dccdcd47c2f1391490045d
9c3765b3ca5fd7c7482a7ea1bc0d72b93693e941e51324488f24d38a2b69a3dd
cdaf3f547e6a8177b48c232110a3eb5e85ef1092a6442158b0ff4dc5d16921fd
def4b21b4717650d6155a46a4272ca4d6499a3a51acdb19b976e65de4f95992b
e1df238ea854d78e792391db5e7408fbc2a306df676b720fa909387bc721e004

mssql.cosmeticskd.com Open in urlscan Pro 172.67.197.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

16 Requests

88 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

97 kBTransfer

101 kBSize

0 Cookies

7 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

mssql.cosmeticskd.com Open in urlscan Pro
172.67.197.46 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

97 kB
Transfer

101 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions