d-h.st
Open in
urlscan Pro
23.237.34.58
Public Scan
Submitted URL: http://cdetyi.com/
Effective URL: http://d-h.st/afu.php
Submission: On January 01 via api from DE
Effective URL: http://d-h.st/afu.php
Submission: On January 01 via api from DE
Summary
This website contacted 3 IPs
in 2 countries
across 4 domains to perform 3 HTTP transactions.
The main IP is 23.237.34.58, located in
Los Angeles, United States and
belongs to COGENT-174 - Cogent Communications, US.
The main domain is d-h.st.
This is the only time d-h.st was scanned on urlscan.io!
This is the only time d-h.st was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 52.78.124.149 52.78.124.149 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 1 | 108.168.193.189 108.168.193.189 | 36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.) | |
| 1 | 23.237.34.58 23.237.34.58 | 174 (COGENT-174) (COGENT-174 - Cogent Communications) | |
| 3 | 3 |
1
52.78.124.149
(Incheon, Korea, Republic Of)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-78-124-149.ap-northeast-2.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-78-124-149.ap-northeast-2.compute.amazonaws.com
| cdetyi.com |
1
108.168.193.189
(Dallas, United States)
ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com
ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: bd.c1.a86c.ip4.static.sl-reverse.com
| mybestmv.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 1 |
d-h.st
d-h.st |
136 B |
| 1 |
mybestmv.com
1 redirects
mybestmv.com |
285 B |
| 1 |
cdetyi.com
cdetyi.com |
2 KB |
| 0 |
kromtech.net
Failed
kromtech.net Failed |
|
| 3 | 4 |
| Domain | Requested by | |
|---|---|---|
| 1 | d-h.st |
cdetyi.com
|
| 1 | mybestmv.com | 1 redirects |
| 1 | cdetyi.com | |
| 0 | kromtech.net Failed | |
| 3 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid |
|---|
This page contains 1 frames:
Primary Page:
http://d-h.st/afu.php
Frame ID: EC68BCA83F6E42453CCD99A5ECD4B98A
Requests: 3 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://cdetyi.com/ Page URL
-
http://mybestmv.com/aS/feedclick?s=H6mN1vWY-ScCOPkBC_1JbcRwf_khkulFXQaiCg3BLRusBq9OEqtn251B-kb1v...
HTTP 302
http://d-h.st/afu.php Page URL
Detected technologies
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://cdetyi.com/ Page URL
-
http://mybestmv.com/aS/feedclick?s=H6mN1vWY-ScCOPkBC_1JbcRwf_khkulFXQaiCg3BLRusBq9OEqtn251B-kb1vwChg2RvEwrk2epbC7U30TJp2bAuu7IF3ARLFCBqXiRpw321w0gE8W7ufvb5np8cxJs0YFos_XX7JtPGVWViaJip_qLSPW_qvknWFeEdTc19DbaCCV9NcgUqwipsuiyoCqSw5BpNw1bnah-7xIBMkydsLnSjbImFSiXcay2WZ3rz90oxg7kh6Dom6rnpC12LJYaFpwyKTwhhztoH5oi-ef9a6QfBJyEzXuLg5ybStQUC0pumoclOAwNzn65kcMLlE7nlQi_ccgCC0qOTd6q67pWdLe5f-QiBnGL8ioH6FuYZOHJ3WEK5xczbJ5u5OdLXgskZiCG80HN7gUhuUrCchAUvxAhnaXGZD0Ij0NyuLmCM5CCYYMARK6l6hKYcVoXcpdjWnsBKl_4Zf9XQJ2FuQFOUz21l_0voa9okPAd0EP8ZT0thRvjFHAB4eBj2PcxprRNrY1zcmLntHtB8ijYdVkt41Zr0JUKrx-kdHMvHG1CG5F-0hUVgHXXXVbUPxzkvVUf-Z0XiFrwTU4iBJv2JAP3hUv8WIkTlU08w4RYTQFhl4UudD8OFCExmniUPQ3yEPMW0tTa361YB5OTUeZhTPlWf1tYg5HKHhVqRy_coCLu-KF-TBENSMYjcUerl9HTYH7A43Bt9cef42xJuUpncQJEEWiptyv5mnqeiI0G5Bz9Yd0GFDkFsOTmq0DQpEEdHV73Db0rBU6FyH1oV36vB-WI1BCSwdrAKGSAyciyFr46IVW-ygUVMNLf2gx1pzeoeDPmIiV9XJ7UYzczxUzI7CgjrEd6ZTJk1fseIedozOvh8r9KlsereocjznpcdcdXxMzqVZal1b6EqpLDn7vle8Q_uMN-RN1XHm_WWXxpk6gRTx8y7mhOuLd_FN1GZXxgmhR3INz-QU0tQexivSoHKdo8xF-eCE2hpH3KNW9ZBPHMEK0Q440Q_UTaaxoHjI5vtYE0crmIrP2lNhVXc1TJLY5jgsYGrivroMtcMcqnNvhGdhwxahSsPlvn6vuXaUOR19twER6sOcbHT92xFiK8Yn-iXkwiTVGRtx2HF1StMGW5Glm6eUdaZf__tAEo3cx-Lew0BBXmxjIhB1BrweY83fbrZSO4VY8T-JgTJA83_bcjKx8VdPAhpfpf8ixUMv_pEWd2hmgnFbmutZGNR0H1_WhXi4gKEaeF4kdDffUKJSmhaXS85jDCok9YMrNjz3F3YazpgrSujM-RWlas
HTTP 302
http://d-h.st/afu.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://mybestmv.com/aS/feedclick?s=H6mN1vWY-ScCOPkBC_1JbcRwf_khkulFXQaiCg3BLRusBq9OEqtn251B-kb1vwChg2RvEwrk2epbC7U30TJp2bAuu7IF3ARLFCBqXiRpw321w0gE8W7ufvb5np8cxJs0YFos_XX7JtPGVWViaJip_qLSPW_qvknWFeEdTc19DbaCCV9NcgUqwipsuiyoCqSw5BpNw1bnah-7xIBMkydsLnSjbImFSiXcay2WZ3rz90oxg7kh6Dom6rnpC12LJYaFpwyKTwhhztoH5oi-ef9a6QfBJyEzXuLg5ybStQUC0pumoclOAwNzn65kcMLlE7nlQi_ccgCC0qOTd6q67pWdLe5f-QiBnGL8ioH6FuYZOHJ3WEK5xczbJ5u5OdLXgskZiCG80HN7gUhuUrCchAUvxAhnaXGZD0Ij0NyuLmCM5CCYYMARK6l6hKYcVoXcpdjWnsBKl_4Zf9XQJ2FuQFOUz21l_0voa9okPAd0EP8ZT0thRvjFHAB4eBj2PcxprRNrY1zcmLntHtB8ijYdVkt41Zr0JUKrx-kdHMvHG1CG5F-0hUVgHXXXVbUPxzkvVUf-Z0XiFrwTU4iBJv2JAP3hUv8WIkTlU08w4RYTQFhl4UudD8OFCExmniUPQ3yEPMW0tTa361YB5OTUeZhTPlWf1tYg5HKHhVqRy_coCLu-KF-TBENSMYjcUerl9HTYH7A43Bt9cef42xJuUpncQJEEWiptyv5mnqeiI0G5Bz9Yd0GFDkFsOTmq0DQpEEdHV73Db0rBU6FyH1oV36vB-WI1BCSwdrAKGSAyciyFr46IVW-ygUVMNLf2gx1pzeoeDPmIiV9XJ7UYzczxUzI7CgjrEd6ZTJk1fseIedozOvh8r9KlsereocjznpcdcdXxMzqVZal1b6EqpLDn7vle8Q_uMN-RN1XHm_WWXxpk6gRTx8y7mhOuLd_FN1GZXxgmhR3INz-QU0tQexivSoHKdo8xF-eCE2hpH3KNW9ZBPHMEK0Q440Q_UTaaxoHjI5vtYE0crmIrP2lNhVXc1TJLY5jgsYGrivroMtcMcqnNvhGdhwxahSsPlvn6vuXaUOR19twER6sOcbHT92xFiK8Yn-iXkwiTVGRtx2HF1StMGW5Glm6eUdaZf__tAEo3cx-Lew0BBXmxjIhB1BrweY83fbrZSO4VY8T-JgTJA83_bcjKx8VdPAhpfpf8ixUMv_pEWd2hmgnFbmutZGNR0H1_WhXi4gKEaeF4kdDffUKJSmhaXS85jDCok9YMrNjz3F3YazpgrSujM-RWlas HTTP 302
- http://p277439.mybestmv.com/adServe/domainClick?ai=tlE4X8XUUFZtt5kTdWgADcla0jOjKBCUhnab958TDfIem23nXI0vG1mUg8UKkz1naoMCNvFnMshKJ1RgB4fb_RNecs-9vJK1f_1vyTLYjVsoLuBAIS3oVWWp__riXRnqGrgZs-1hlPTNM0NOOrdqluvaI8tzj08RekntYE_IAqHdXktOEMYNgnaK7r8ZZZHXKtEc1c5TzyWcgFQ_ry4SztkVxkjQiC9V3fjuZ-GA1vFm4Mr4OTbR5CVVEUSS1AFYFp_hfKZ9J0BA4ZJwa0lO9PCseOjB5bqQxWz3ckKbWgUvUwUZm_oKNYW_9plALkDivgUM53Dzny0iZs55fPbhlcov8Rtx3iChKiXhLmiyflhHQ2DhJtv57BYUyjjm9w6UwbN-HQI1TJo&ui=H6mN1vWY-SfvQzslktgg9oBVNmK1S2tVEnRejaId4o6qGltCrYqNrAY5skudIAji-nLW-ptd9p5Lml6Adlq94cJeF6m7CtlKTWP0Myhgs2jxD9FO2L5oAA&si=1&oref=e7de387bc6e3ee3bfaa077a8b9484f5b&rb=CAvjm8pIjLs&rb=0 HTTP 302
- https://kromtech.net/link/85daff6a-0815-11e9-ba01-127369ec21d1&tid_ext=358143846;358143846069446880125 HTTP 302
- https://assets.kromtech.net/lnd?back=aHR0cHM6Ly9rcm9tdGVjaC5uZXQvcGFyYW1zcz04NWRhZmY2YS0wODE1LTExZTktYmEwMS0xMjczNjllYzIxZDEmdGlkX2V4dD0zNTgxNDM4NDY7MzU4MTQzODQ2MDY5NDQ2ODgwMTI1JnJlcWlkPVJvb3Q9MS01YzJiMzJiOC05NDUxOTBmNDNkYWUwMmE1Mzk4MDg5MGY%3D&reqid=Root%3D1-5c2b32b8-945190f43dae02a53980890f&sign=050cff68cd0720fbcc5f326c4cb8d66d18e5fc29 HTTP 302
- https://kromtech.net/paramss=85daff6a-0815-11e9-ba01-127369ec21d1&tid_ext=358143846;358143846069446880125&reqid=Root=1-5c2b32b8-945190f43dae02a53980890f&guid=964bc97d-0da7-11e9-97e6-0ae3f1b5e6bc&adb=0 HTTP 302
- https://kromtech.net/link/7e2ad3be-0822-11e9-ac1a-127369ec21d1?guid=964bc97d-0da7-11e9-97e6-0ae3f1b5e6bc&tid_ext=358143846%3B358143846069446880125
3 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
cdetyi.com/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
7e2ad3be-0822-11e9-ac1a-127369ec21d1
kromtech.net/link/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
afu.php
d-h.st/ Redirect Chain
|
10 B 136 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- kromtech.net
- URL
- https://kromtech.net/link/7e2ad3be-0822-11e9-ac1a-127369ec21d1?guid=964bc97d-0da7-11e9-97e6-0ae3f1b5e6bc&tid_ext=358143846%3B358143846069446880125
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdetyi.com
d-h.st
kromtech.net
mybestmv.com
kromtech.net
108.168.193.189
23.237.34.58
52.78.124.149
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b
5cf3b5a09bcce49e78e56a04bca3bf62636c5eb36542dda7493dee79eb9383c2