urlscan.io logo urlscan.io
SecurityTrails logo

almendrosterra2.com Open in urlscan Pro
149.56.93.240  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://snowplow.apps.clarivate.com/r/tp2?u=https://fildoz.com%2F%2F%2F%2F%2F%2F%2F%2F/cmsorile/%2F%2F%2F%2F/jcvwrx%2F%2F%2F%2FbHluL...
Effective URL: https://almendrosterra2.com//cmg/link.html
Submission: On May 24 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 5 HTTP transactions. The main IP is 149.56.93.240, located in Montreal, Canada and belongs to OVH, FR. The main domain is almendrosterra2.com.
TLS certificate: Issued by R3 on May 7th 2023. Valid for: 3 months.
This is the only time almendrosterra2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.36.177.214 16509 (AMAZON-02)
1 1 52.33.26.185 16509 (AMAZON-02)
1 185.179.25.253 203576 (INTERNETB...)
1 149.56.93.240 16276 (OVH)
1 45.15.25.122 47583 (AS-HOSTINGER)
1 2001:4de0:ac1... 20446 (STACKPATH...)
5 5
1    52.36.177.214 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-177-214.us-west-2.compute.amazonaws.com
snowplow.apps.clarivate.com
1    52.33.26.185 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-26-185.us-west-2.compute.amazonaws.com
snowplow.apps.clarivate.com
1    185.179.25.253 (Turkey)

ASN203576 (INTERNETBILISIM, TR)
PTR: static-253-25-179-185.megatrhost.com
fildoz.com
1    149.56.93.240 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: balder.dongee.com
almendrosterra2.com
1    45.15.25.122 (Asheville, United States)

ASN47583 (AS-HOSTINGER, CY)
drillersvm.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
Apex Domain
Subdomains		 Transfer
2 clarivate.com
snowplow.apps.clarivate.com — Cisco Umbrella Rank: 145886
716 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 696
30 KB
1 drillersvm.com
drillersvm.com
29 KB
1 almendrosterra2.com
almendrosterra2.com
385 B
1 fildoz.com
fildoz.com
309 B
5 5
Domain Requested by
2 snowplow.apps.clarivate.com 2 redirects
1 code.jquery.com drillersvm.com
1 drillersvm.com almendrosterra2.com
code.jquery.com
1 almendrosterra2.com
1 fildoz.com
5 5

This site contains no links.

Subject Issuer Validity Valid
fildoz.com
R3		 2023-05-22 -
2023-08-20		 3 months crt.sh
almendrosterra2.com
R3		 2023-05-07 -
2023-08-05		 3 months crt.sh
drillersvm.com
R3		 2023-05-10 -
2023-08-08		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://almendrosterra2.com//cmg/link.html
Frame ID: 883306500C57AD95286E6876A2D289DB
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

5
Requests

80 %
HTTPS

17 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

59 kB
Transfer

160 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://snowplow.apps.clarivate.com/r/tp2?u=https://fildoz.com%2F%2F%2F%2F%2F%2F%2F%2F/cmsorile/%2F%2F%2F%2F/jcvwrx%2F%2F%2F%2FbHluLnJhZGZvcmRAY2hvYmFuaS5jb20uYXU= HTTP 301
  • https://snowplow.apps.clarivate.com/r/tp2?u=https://fildoz.com%2F%2F%2F%2F%2F%2F%2F%2F/cmsorile/%2F%2F%2F%2F/jcvwrx%2F%2F%2F%2FbHluLnJhZGZvcmRAY2hvYmFuaS5jb20uYXU= HTTP 302
  • https://fildoz.com/////////cmsorile//////jcvwrx////bHluLnJhZGZvcmRAY2hvYmFuaS5jb20uYXU=

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
bHluLnJhZGZvcmRAY2hvYmFuaS5jb20uYXU=
fildoz.com/////////cmsorile//////jcvwrx////
Redirect Chain
  • http://snowplow.apps.clarivate.com/r/tp2?u=https://fildoz.com%2F%2F%2F%2F%2F%2F%2F%2F/cmsorile/%2F%2F%2F%2F/jcvwrx%2F%2F%2F%2FbHluLnJhZGZvcmRAY2hvYmFuaS5jb20uYXU=
  • https://snowplow.apps.clarivate.com/r/tp2?u=https://fildoz.com%2F%2F%2F%2F%2F%2F%2F%2F/cmsorile/%2F%2F%2F%2F/jcvwrx%2F%2F%2F%2FbHluLnJhZGZvcmRAY2hvYmFuaS5jb20uYXU=
  • https://fildoz.com/////////cmsorile//////jcvwrx////bHluLnJhZGZvcmRAY2hvYmFuaS5jb20uYXU=
0
309 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fildoz.com/////////cmsorile//////jcvwrx////bHluLnJhZGZvcmRAY2hvYmFuaS5jb20uYXU=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.179.25.253 , Turkey, ASN203576 (INTERNETBILISIM, TR),
Reverse DNS
static-253-25-179-185.megatrhost.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 24 May 2023 02:04:26 GMT
refresh
0;url=https://almendrosterra2.com//cmg/link.html#lyn.radford@chobani.com.au
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 24 May 2023 02:04:26 GMT
location
https://fildoz.com/////////cmsorile//////jcvwrx////bHluLnJhZGZvcmRAY2hvYmFuaS5jb20uYXU=
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server
akka-http/10.1.12
Primary Request link.html
almendrosterra2.com//cmg/ 		205 B
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://almendrosterra2.com//cmg/link.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.56.93.240 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
balder.dongee.com
Software
LiteSpeed /
Resource Hash
7765364e914cbd0bab1c373f153eb7ca3339fd23bd291b029c6bbeb7e50ef6f3

Request headers

Referer
https://fildoz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
132
content-type
text/html
date
Wed, 24 May 2023 02:04:27 GMT
last-modified
Tue, 23 May 2023 19:22:52 GMT
server
LiteSpeed
vary
Accept-Encoding
sc.js
drillersvm.com/host/admin/js/ 		75 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://drillersvm.com/host/admin/js/sc.js
Requested by
Host: almendrosterra2.com
URL: https://almendrosterra2.com//cmg/link.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.15.25.122 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
1f5c1bdb200cbd9423524b9e3c4dd1275de31313bf2f30a7318be555bec56330

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://almendrosterra2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 02:04:28 GMT
content-encoding
br
last-modified
Tue, 25 Apr 2023 10:18:34 GMT
server
nginx
etag
W/"6447a8fa-12d3b"
x-powered-by
PleskLin
content-type
application/javascript
jquery-3.1.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.1.1.min.js
Requested by
Host: drillersvm.com
URL: https://drillersvm.com/host/admin/js/sc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://almendrosterra2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 02:04:28 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-152b5"
vary
Accept-Encoding
x-hw
1684893868.dop217.am5.t,1684893868.cds211.am5.hn,1684893868.cds116.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30070
fbc887a.php
drillersvm.com/host/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
drillersvm.com
URL
https://drillersvm.com/host/fbc887a.php

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| _0x21b6e7 function| _0x37d308 function| _0x3d9a94 function| _0x25417a function| _0x5aed function| _0x418e4f function| _0x5bbb05 function| _0x4675ef function| _0x4c6b4d function| _0x1e09cd function| _0x34f462 object| scr string| stc function| _0x2e39 function| _0xc14537 function| $ function| jQuery

0 Cookies