hut90.columnstoodth.com
Open in
urlscan Pro
34.195.224.242
Public Scan
Submitted URL: https://xml.xmlwolf.com/redirect?feed=699518&auth=fp0x&pubid=209037
Effective URL: https://hut90.columnstoodth.com/KVWRXKQ?tag_id=1105024&sub_id1=&sub_id2=1781291042991025650&cookie_id=5b32dfd0-b820-4f54-abc4-48...
Submission: On November 14 via api from LU — Scanned from DE
Effective URL: https://hut90.columnstoodth.com/KVWRXKQ?tag_id=1105024&sub_id1=&sub_id2=1781291042991025650&cookie_id=5b32dfd0-b820-4f54-abc4-48...
Submission: On November 14 via api from LU — Scanned from DE
Summary
This website contacted 5 IPs
in 3 countries
across 7 domains to perform 24 HTTP transactions.
The main IP is 34.195.224.242, located in
Ashburn, United States and
belongs to AMAZON-AES, US.
The main domain is hut90.columnstoodth.com.
TLS certificate: Issued by R11 on October 7th 2024. Valid for: 3 months.
This is the only time hut90.columnstoodth.com was scanned on urlscan.io!
TLS certificate: Issued by R11 on October 7th 2024. Valid for: 3 months.
This is the only time hut90.columnstoodth.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 2604:9e00:1:1... 2604:9e00:1:129::2:b10 | () () | |
| 1 1 | 13.35.58.34 13.35.58.34 | 16509 (AMAZON-02) (AMAZON-02) | |
| 7 | 34.195.224.242 34.195.224.242 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:802::200a | 15169 (GOOGLE) (GOOGLE) | |
| 3 | 172.217.18.3 172.217.18.3 | 15169 (GOOGLE) (GOOGLE) | |
| 8 | 54.225.185.110 54.225.185.110 | () () | |
| 24 | 5 |
1
13.35.58.34
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-34.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-34.fra60.r.cloudfront.net
| pectationselea.info |
7
34.195.224.242
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-224-242.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-224-242.compute-1.amazonaws.com
| mwccg.columnstoodth.com | |
| hut90.columnstoodth.com |
3
172.217.18.3
(United States)
ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net
| fonts.gstatic.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 15 |
columnstoodth.com
mwccg.columnstoodth.com hc5c0.columnstoodth.com pzdzt.columnstoodth.com hut90.columnstoodth.com |
544 KB |
| 3 |
gstatic.com
fonts.gstatic.com |
44 KB |
| 3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 55 |
935 B |
| 1 |
pectationselea.info
1 redirects
pectationselea.info — Cisco Umbrella Rank: 90415 |
678 B |
| 1 |
xmlwolf.com
1 redirects
xml.xmlwolf.com — Cisco Umbrella Rank: 110050 |
202 B |
| 0 |
google.com
Failed
accounts.google.com — Cisco Umbrella Rank: 26 Failed |
|
| 0 |
facebook.com
Failed
www.facebook.com Failed |
|
| 24 | 7 |
| Domain | Requested by | |
|---|---|---|
| 4 | pzdzt.columnstoodth.com |
hc5c0.columnstoodth.com
pzdzt.columnstoodth.com |
| 4 | hc5c0.columnstoodth.com |
mwccg.columnstoodth.com
hc5c0.columnstoodth.com |
| 4 | mwccg.columnstoodth.com |
mwccg.columnstoodth.com
|
| 3 | hut90.columnstoodth.com |
pzdzt.columnstoodth.com
hut90.columnstoodth.com |
| 3 | fonts.gstatic.com |
fonts.googleapis.com
|
| 3 | fonts.googleapis.com |
mwccg.columnstoodth.com
hc5c0.columnstoodth.com pzdzt.columnstoodth.com |
| 1 | pectationselea.info | 1 redirects |
| 1 | xml.xmlwolf.com | 1 redirects |
| 0 | accounts.google.com Failed |
mwccg.columnstoodth.com
|
| 0 | www.facebook.com Failed |
mwccg.columnstoodth.com
|
| 24 | 10 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| columnstoodth.com R11 |
2024-10-07 - 2025-01-05 |
3 months | crt.sh |
| upload.video.google.com WR2 |
2024-10-21 - 2025-01-13 |
3 months | crt.sh |
| *.gstatic.com WR2 |
2024-10-21 - 2025-01-13 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://hut90.columnstoodth.com/KVWRXKQ?tag_id=1105024&sub_id1=&sub_id2=1781291042991025650&cookie_id=5b32dfd0-b820-4f54-abc4-48cef9a6f6cc&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fpectationselea.info%2F%3Ftid%3D1105024%26noocp%3D1&hop=4&geo=DE&sub=hut90
Frame ID: B41C4A8A97C58CBDCAA7BC28D4227D0C
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
Confirm notificationsPage URL History Show full URLs
-
https://xml.xmlwolf.com/redirect?feed=699518&auth=fp0x&pubid=209037
HTTP 302
https://pectationselea.info/redirect?tid=1105024 HTTP 302
https://mwccg.columnstoodth.com/KVWRXKQ?tag_id=1105024&sub_id1=&sub_id2=1781291042991025650&cookie_id=5b32df... Page URL
- https://hc5c0.columnstoodth.com/KVWRXKQ?tag_id=1105024&sub_id1=&sub_id2=1781291042991025650&cookie_id=5b32df... Page URL
- https://pzdzt.columnstoodth.com/KVWRXKQ?tag_id=1105024&sub_id1=&sub_id2=1781291042991025650&cookie_id=5b32df... Page URL
- https://hut90.columnstoodth.com/KVWRXKQ?tag_id=1105024&sub_id1=&sub_id2=1781291042991025650&cookie_id=5b32df... Page URL
Detected technologies
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://xml.xmlwolf.com/redirect?feed=699518&auth=fp0x&pubid=209037
HTTP 302
https://pectationselea.info/redirect?tid=1105024 HTTP 302
https://mwccg.columnstoodth.com/KVWRXKQ?tag_id=1105024&sub_id1=&sub_id2=1781291042991025650&cookie_id=5b32dfd0-b820-4f54-abc4-48cef9a6f6cc&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fpectationselea.info%2F%3Ftid%3D1105024%26noocp%3D1&hop=7&geo=DE Page URL
- https://hc5c0.columnstoodth.com/KVWRXKQ?tag_id=1105024&sub_id1=&sub_id2=1781291042991025650&cookie_id=5b32dfd0-b820-4f54-abc4-48cef9a6f6cc&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fpectationselea.info%2F%3Ftid%3D1105024%26noocp%3D1&hop=6&geo=DE&sub=hc5c0 Page URL
- https://pzdzt.columnstoodth.com/KVWRXKQ?tag_id=1105024&sub_id1=&sub_id2=1781291042991025650&cookie_id=5b32dfd0-b820-4f54-abc4-48cef9a6f6cc&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fpectationselea.info%2F%3Ftid%3D1105024%26noocp%3D1&hop=5&geo=DE&sub=pzdzt Page URL
- https://hut90.columnstoodth.com/KVWRXKQ?tag_id=1105024&sub_id1=&sub_id2=1781291042991025650&cookie_id=5b32dfd0-b820-4f54-abc4-48cef9a6f6cc&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fpectationselea.info%2F%3Ftid%3D1105024%26noocp%3D1&hop=4&geo=DE&sub=hut90 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://xml.xmlwolf.com/redirect?feed=699518&auth=fp0x&pubid=209037 HTTP 302
- https://pectationselea.info/redirect?tid=1105024 HTTP 302
- https://mwccg.columnstoodth.com/KVWRXKQ?tag_id=1105024&sub_id1=&sub_id2=1781291042991025650&cookie_id=5b32dfd0-b820-4f54-abc4-48cef9a6f6cc&lp=animateLoading&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Fpectationselea.info%2F%3Ftid%3D1105024%26noocp%3D1&hop=7&geo=DE
- https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
- https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AcMMx-ePlkXnmlEky9VL1tvDBU5pVMjcLgG39-OduPCIeBGQ30GAmy1a1K4DIaKdAiQ4uHKKBMIVjg HTTP 302
- https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-cMTQIwKH5JJyC6IppcccOI0i6s48zjAImdogDn6SlQQVQSBXlaALLzuVsj3GIGOZQRAFJnPQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1172304014%3A1731610068512739&ddm=1
- https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
- https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AcMMx-dIbwsxwjCyjuXwayjRy09Ge4D2j2W8kyggFlIL0Q46LbfoAzIIYHFn2n9CegKtW4MF9yFuoQ HTTP 302
- https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-d5-Szg2FHA1yEs2Vj3R5wpfM_v2Nkx1I0HPDWw_o5ecfqfrn0fJd-ijPWzLyuLqVepX7W_VQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S538372319%3A1731610068516395&ddm=1
24 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
KVWRXKQ
mwccg.columnstoodth.com/ Redirect Chain
|
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dlp
mwccg.columnstoodth.com/ |
262 KB 174 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
mwccg.columnstoodth.com/ |
0 126 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
1 KB 935 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
132 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
login.php
www.facebook.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
identifier
accounts.google.com/v3/signin/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
identifier
accounts.google.com/v3/signin/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
mwccg.columnstoodth.com/ |
0 37 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KVWRXKQ
hc5c0.columnstoodth.com/ |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dlp
hc5c0.columnstoodth.com/ |
262 KB 174 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
hc5c0.columnstoodth.com/ |
0 126 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
1 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
132 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ |
44 KB 0 |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
hc5c0.columnstoodth.com/ |
0 36 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KVWRXKQ
pzdzt.columnstoodth.com/ |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dlp
pzdzt.columnstoodth.com/ |
262 KB 174 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
pzdzt.columnstoodth.com/ |
0 126 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
1 KB 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
132 KB 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ |
44 KB 0 |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
pzdzt.columnstoodth.com/ |
0 36 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
KVWRXKQ
hut90.columnstoodth.com/ |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dlp
hut90.columnstoodth.com/ |
214 KB 0 |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
hut90.columnstoodth.com/ |
0 126 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.facebook.com
- URL
- https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
- Domain
- accounts.google.com
- URL
- https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-cMTQIwKH5JJyC6IppcccOI0i6s48zjAImdogDn6SlQQVQSBXlaALLzuVsj3GIGOZQRAFJnPQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1172304014%3A1731610068512739&ddm=1
- Domain
- accounts.google.com
- URL
- https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AcMMx-d5-Szg2FHA1yEs2Vj3R5wpfM_v2Nkx1I0HPDWw_o5ecfqfrn0fJd-ijPWzLyuLqVepX7W_VQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S538372319%3A1731610068516395&ddm=1
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| B977 function| A7mm boolean| A function| get_args function| f function| origPushState object| languages string| lang function| v9a2Z function| g4lu16 function| k0ii string| title string| holder function| before_redirect_block2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| pectationselea.info/ | Name: csu Value: 5b32dfd0-b820-4f54-abc4-48cef9a6f6cc |
|
| mwccg.columnstoodth.com/ | Name: 65dfd689a896d19032fa32b1e4790b4c Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
fonts.googleapis.com
fonts.gstatic.com
hc5c0.columnstoodth.com
hut90.columnstoodth.com
mwccg.columnstoodth.com
pectationselea.info
pzdzt.columnstoodth.com
www.facebook.com
xml.xmlwolf.com
accounts.google.com
www.facebook.com
13.35.58.34
172.217.18.3
2604:9e00:1:129::2:b10
2a00:1450:4001:802::200a
34.195.224.242
54.225.185.110
1a9f8eb1108ab1c28020bc59b590034b169320d59c38551ecd70a717f0bf222d
3f5f7987c0670dbfd4cb334268bd749ead413f56daf7f5dfda780720301d06e1
6ca04b92db5128e4ab44ec9f09eb4654b891423aafb263a2f2fd9c09e7a630c8
93eecfc91a9de10e852830bad1d67918ee3b8ad9981a55e5b1b112d8020b7778
b46dd2e1798c48857aafe4f8b33111a6e2351303eddf1e8ab84af38c727769cb
c162b4a6705d5b1b982f520f7d5400aa7861dfe236b07ab89df7ed98ddeb25ac
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f6ac446345e9379f1da4d812545ecb917992bbba176d0facb590f0c8cf2ac97b