urlscan.io logo urlscan.io
SecurityTrails logo

687323.xmlfeed.adtelligent.com Open in urlscan Pro
185.239.172.114  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://to.purpleanemone.com/
Effective URL: https://687323.xmlfeed.adtelligent.com/?ss=1&subid=687323-adt-662731&domain=https%3A%2F%2Fwww.cryptoweb.xyz&site_page_url=https%3A%2F%2...
Submission Tags: falconsandbox
Submission: On November 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 3 countries across 3 domains to perform 1 HTTP transactions. The main IP is 185.239.172.114, located in United Kingdom and belongs to 24SHELLS, US. The main domain is 687323.xmlfeed.adtelligent.com.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on October 29th 2021. Valid for: 3 months.
This is the only time 687323.xmlfeed.adtelligent.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.248.51.205 14061 (DIGITALOC...)
1 1 185.83.70.2 55081 (24SHELLS)
1 1 51.161.115.163 16276 (OVH)
1 185.239.172.114 55081 (24SHELLS)
1 1
Domain Requested by
1 687323.xmlfeed.adtelligent.com
1 t2.coolsoftbreeze.xyz 1 redirects
1 665495.xmlfeed.adtelligent.com 1 redirects
1 to.purpleanemone.com 1 redirects
1 4

This site contains no links.

Subject Issuer Validity Valid
687323.xmlfeed.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-10-29 -
2022-01-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://687323.xmlfeed.adtelligent.com/?ss=1&subid=687323-adt-662731&domain=https%3A%2F%2Fwww.cryptoweb.xyz&site_page_url=https%3A%2F%2Fwww.cryptoweb.xyz&click_id=6180ffdca52b301259490976
Frame ID: 6874CFF43402CAE72FC63492A6AA2537
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://to.purpleanemone.com/ HTTP 302
    https://665495.xmlfeed.adtelligent.com/?ss=1&subid=665495-&domain=to.purpleanemone.com&site_page_url=to.purpleanemo... HTTP 302
    https://t2.coolsoftbreeze.xyz/j.php?p=c:ewuvqob33166djmno&d=616ff110d7bc0e61ec076704&s=adt-662731 HTTP 302
    https://687323.xmlfeed.adtelligent.com/?ss=1&subid=687323-adt-662731&domain=https%3A%2F%2Fwww.cryptoweb.xyz&site_pa... Page URL

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

1
IPs

3
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://to.purpleanemone.com/ HTTP 302
    https://665495.xmlfeed.adtelligent.com/?ss=1&subid=665495-&domain=to.purpleanemone.com&site_page_url=to.purpleanemone.com&click_id= HTTP 302
    https://t2.coolsoftbreeze.xyz/j.php?p=c:ewuvqob33166djmno&d=616ff110d7bc0e61ec076704&s=adt-662731 HTTP 302
    https://687323.xmlfeed.adtelligent.com/?ss=1&subid=687323-adt-662731&domain=https%3A%2F%2Fwww.cryptoweb.xyz&site_page_url=https%3A%2F%2Fwww.cryptoweb.xyz&click_id=6180ffdca52b301259490976 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
687323.xmlfeed.adtelligent.com/
Redirect Chain
  • http://to.purpleanemone.com/
  • https://665495.xmlfeed.adtelligent.com/?ss=1&subid=665495-&domain=to.purpleanemone.com&site_page_url=to.purpleanemone.com&click_id=
  • https://t2.coolsoftbreeze.xyz/j.php?p=c:ewuvqob33166djmno&d=616ff110d7bc0e61ec076704&s=adt-662731
  • https://687323.xmlfeed.adtelligent.com/?ss=1&subid=687323-adt-662731&domain=https%3A%2F%2Fwww.cryptoweb.xyz&site_page_url=https%3A%2F%2Fwww.cryptoweb.xyz&click_id=6180ffdca52b301259490976
26 B
261 B 		Document
General
Check archive.org
Download Go to
Full URL
https://687323.xmlfeed.adtelligent.com/?ss=1&subid=687323-adt-662731&domain=https%3A%2F%2Fwww.cryptoweb.xyz&site_page_url=https%3A%2F%2Fwww.cryptoweb.xyz&click_id=6180ffdca52b301259490976
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.114 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
c0156824da4fc3ec3767aee4f3eb8807dca71584525ff71a60756c42ca332dcf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
VertaMedia 1.0
Date
Tue, 02 Nov 2021 09:07:40 GMT
Content-Type
text/xml; charset=UTF-8
Content-Length
26
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
Keep-Alive

Redirect headers

Server
nginx
Date
Tue, 02 Nov 2021 09:07:40 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Round
11zruwma15
Raund
v9
Location
https://687323.xmlfeed.adtelligent.com/?ss=1&subid=687323-adt-662731&domain=https%3A%2F%2Fwww.cryptoweb.xyz&site_page_url=https%3A%2F%2Fwww.cryptoweb.xyz&click_id=6180ffdca52b301259490976

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

665495.xmlfeed.adtelligent.com
687323.xmlfeed.adtelligent.com
t2.coolsoftbreeze.xyz
to.purpleanemone.com
104.248.51.205
185.239.172.114
185.83.70.2
51.161.115.163
c0156824da4fc3ec3767aee4f3eb8807dca71584525ff71a60756c42ca332dcf