Submitted URL: http://www.mbgmhn.us/9356fu239y5bg86S11a187qbJ6feO18Vcivs8stfDvDZsrEIw7pQJnQSQ5qj1z05BX@ib/Liverpudlian-convect
Effective URL: https://zona.vitalizewave.com/fuzafodo/vi/nawiwawo/jezihezo/index.php
Submission: On September 05 via manual from ES — Scanned from US

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 3 HTTP transactions. The main IP is 2606:4700:3032::6815:2c4a, located in and belongs to . The main domain is zona.vitalizewave.com.
TLS certificate: Issued by E1 on July 29th 2023. Valid for: 3 months.
This is the only time zona.vitalizewave.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 34.36.47.115 396982 (GOOGLE-CL...)
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... ()
3 2
Apex Domain
Subdomains
Transfer
3 vitalforge.cr
t5.vitalforge.cr
19 KB
1 vitalizewave.com
zona.vitalizewave.com
1 acgt18trk.com
www.acgt18trk.com
492 B
1 mbgmhn.us
www.mbgmhn.us
687 B
3 4
Domain Requested by
3 t5.vitalforge.cr 1 redirects t5.vitalforge.cr
1 zona.vitalizewave.com t5.vitalforge.cr
1 www.acgt18trk.com 1 redirects
1 www.mbgmhn.us 1 redirects
3 4

This site contains no links.

Subject Issuer Validity Valid
vitalforge.cr
E1
2023-07-21 -
2023-10-19
3 months crt.sh
vitalizewave.com
E1
2023-07-29 -
2023-10-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://zona.vitalizewave.com/fuzafodo/vi/nawiwawo/jezihezo/index.php
Frame ID: 71BE76D1DB665EBF3E271994BAF48127
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://www.mbgmhn.us/9356fu239y5bg86S11a187qbJ6feO18Vcivs8stfDvDZsrEIw7pQJnQSQ5qj1z05BX@ib/Liverp... HTTP 302
    https://www.acgt18trk.com/2BNX1Z5DN/2MRWXQ5/?sub1=project HTTP 302
    https://t5.vitalforge.cr/aff_c?offer_id=437&aff_id=1547&aff_sub=homedepot&aff_sub2=3b3a1dec721b48739a... Page URL
  2. https://t5.vitalforge.cr/aff_c?offer_id=437&aff_id=1547&aff_sub=homedepot&aff_sub2=3b3a1dec721b48739a... HTTP 302
    https://zona.vitalizewave.com/fuzafodo/vi/nawiwawo/jezihezo/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

3
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

15 kB
Transfer

37 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.mbgmhn.us/9356fu239y5bg86S11a187qbJ6feO18Vcivs8stfDvDZsrEIw7pQJnQSQ5qj1z05BX@ib/Liverpudlian-convect HTTP 302
    https://www.acgt18trk.com/2BNX1Z5DN/2MRWXQ5/?sub1=project HTTP 302
    https://t5.vitalforge.cr/aff_c?offer_id=437&aff_id=1547&aff_sub=homedepot&aff_sub2=3b3a1dec721b48739a1d9119add4929a&aff_sub3=651239 Page URL
  2. https://t5.vitalforge.cr/aff_c?offer_id=437&aff_id=1547&aff_sub=homedepot&aff_sub2=3b3a1dec721b48739a1d9119add4929a&aff_sub3=651239&view=d2333a872d27121e92a3d8678fe09e82_0 HTTP 302
    https://zona.vitalizewave.com/fuzafodo/vi/nawiwawo/jezihezo/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.mbgmhn.us/9356fu239y5bg86S11a187qbJ6feO18Vcivs8stfDvDZsrEIw7pQJnQSQ5qj1z05BX@ib/Liverpudlian-convect HTTP 302
  • https://www.acgt18trk.com/2BNX1Z5DN/2MRWXQ5/?sub1=project HTTP 302
  • https://t5.vitalforge.cr/aff_c?offer_id=437&aff_id=1547&aff_sub=homedepot&aff_sub2=3b3a1dec721b48739a1d9119add4929a&aff_sub3=651239

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
aff_c
t5.vitalforge.cr/
Redirect Chain
  • http://www.mbgmhn.us/9356fu239y5bg86S11a187qbJ6feO18Vcivs8stfDvDZsrEIw7pQJnQSQ5qj1z05BX@ib/Liverpudlian-convect
  • https://www.acgt18trk.com/2BNX1Z5DN/2MRWXQ5/?sub1=project
  • https://t5.vitalforge.cr/aff_c?offer_id=437&aff_id=1547&aff_sub=homedepot&aff_sub2=3b3a1dec721b48739a1d9119add4929a&aff_sub3=651239
5 KB
2 KB
Document
General
Full URL
https://t5.vitalforge.cr/aff_c?offer_id=437&aff_id=1547&aff_sub=homedepot&aff_sub2=3b3a1dec721b48739a1d9119add4929a&aff_sub3=651239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:20ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86cf05d546e6604dd5cd5d5d5684fe14f6f9af9f1c56235eddd223941b168f0f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
801fa3ab2e1fd9c9-MIA
content-encoding
br
content-type
text/html
date
Tue, 05 Sep 2023 15:52:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csxkQRopEAGwb5iZivUXLktZT1JvWkzkj9dN3HuIPWScNZ23JKX82AgUrSydeDd0y5tbO57j4CeUVq9j77bn1Az0K0KQ7ln0GdqkQAE%2B%2F0xdgW80f5W%2FShFkmTFe48M8tVF8vQ9inb20Z3DaEwgx"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
content-type
text/html; charset=utf-8
date
Tue, 05 Sep 2023 15:52:25 GMT
location
https://t5.vitalforge.cr/aff_c?offer_id=437&aff_id=1547&aff_sub=homedepot&aff_sub2=3b3a1dec721b48739a1d9119add4929a&aff_sub3=651239
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
1728836d-37d5-446e-9db6-09d188867f86
ads.js
t5.vitalforge.cr/js/
31 KB
13 KB
Script
General
Full URL
https://t5.vitalforge.cr/js/ads.js
Requested by
Host: t5.vitalforge.cr
URL: https://t5.vitalforge.cr/aff_c?offer_id=437&aff_id=1547&aff_sub=homedepot&aff_sub2=3b3a1dec721b48739a1d9119add4929a&aff_sub3=651239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:20ed , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d88c72596233ee490491b90016b2949657136d29762153ea2284ac1926adf3a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t5.vitalforge.cr/aff_c?offer_id=437&aff_id=1547&aff_sub=homedepot&aff_sub2=3b3a1dec721b48739a1d9119add4929a&aff_sub3=651239
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:52:26 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 May 2022 12:29:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2609
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZF3jjmnxUCiGVJhlewf51gALcv1pberS0slfP8U4q%2Fv2yH%2F0ZipjwYXM335pmCj9Htz%2FFx9LSDwAOUW0nz2PxioyMDmzReR9AuxKoSOO%2BMPaiYGan0Zp%2BlxmyUbuEp%2BH4WiF1%2BQlLapk8J7PRNdL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
801fa3ae4c00d9c9-MIA
alt-svc
h3=":443"; ma=86400
Primary Request index.php
zona.vitalizewave.com/fuzafodo/vi/nawiwawo/jezihezo/
Redirect Chain
  • https://t5.vitalforge.cr/aff_c?offer_id=437&aff_id=1547&aff_sub=homedepot&aff_sub2=3b3a1dec721b48739a1d9119add4929a&aff_sub3=651239&view=d2333a872d27121e92a3d8678fe09e82_0
  • https://zona.vitalizewave.com/fuzafodo/vi/nawiwawo/jezihezo/index.php
1 KB
0
Document
General
Full URL
https://zona.vitalizewave.com/fuzafodo/vi/nawiwawo/jezihezo/index.php
Requested by
Host: t5.vitalforge.cr
URL: https://t5.vitalforge.cr/aff_c?offer_id=437&aff_id=1547&aff_sub=homedepot&aff_sub2=3b3a1dec721b48739a1d9119add4929a&aff_sub3=651239
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:2c4a -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://t5.vitalforge.cr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
801fa3cd9d9d0a0e-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 05 Sep 2023 15:52:32 GMT
location
https://zona.vitalizewave.com/fuzafodo/vi/nawiwawo/jezihezo/index.php?sihona=wofomomuroyuxa
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2Bcljy8aD9ff49yz%2BIG5aRLqFaMXy1Ktp2No7Mg2CDBJhmuSvXP5o8eIJOM8uWQ29D6pjkMtDXTMK1K6bMoha9df0aiGAXq2ydeaRcevJp5%2Bu7%2BbWJeAdXyefb1XOPAnaGcSZqIdCHL%2F2p52U6JsA3be3rA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
801fa3afacd40a2e-MIA
content-length
0
content-type
text/plain; charset=utf-8; SameSite=None; Secure
date
Tue, 05 Sep 2023 15:52:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://zona.vitalizewave.com/fuzafodo/vi/nawiwawo/jezihezo/index.php#/fuzafodo/vi/nawiwawo/jezihezo/index.php?rpclk=EMsIOPUXZ2agTkSZrwDgSBcpydyIhv87CxyE9L6BC8uw1tPg8XZrk56nk3ID1Nstr8TsnufZSpyms250Lt7iE2HDtYCAaiDwxL4ar3AGr5GBoszRDw2oqmbZYk7oBM5Sx%2FzcgSpDx2N3AwImvEbtvxKyMMSfO%2FyGgpmDaiIy6L882uSuxd%2BJYaB5OmtOt8PJxHRUR4Dsvd%2BuQya9ntsz75ubDTOkWLfZkQlPWXlfS3%2F9%2BqvLJx0EOqDflIq1P7zGE86BZYunt7sh1gbMZcfKKyhZV0TYK0og2N0%2BTMvJkP844Ti19snxh0i6ORS5v1d07yQHUPFR3sOfa59%2BCN0AMzNhOz5DcyIwT1S9PjFFnB%2FZDFY2iUzRHnHl6s9YzDiT6jn8jh5kgvNeqb6zo54X19KE2DunL30Mjg9D6GGq079cGL70hNkdOCwx8hnLPymILTBqgBLA17x3msitToDkwvgaH1QxHW6MX4bXmnKSbGrWlZbzJC%2BnTYBnQKknbgXziobjGDSW3NksRZV2GMgPf%2B30PPYcTu1KMoUeh5NGqv41SvjVAijGY2BjbkZgPcwWojzB2NwxYHkivPhrOstK%2FwwPK6AtaClr5B%2F78RydVpq0PYciO%2FpzmPx1g646nrQwEy%2BImUhZVOoonsS%2B7C3n3rhRhjtEXK1nmPDhHfsaM4gSrRkPx%2Bsx0Dc%2FCp8bjbWLWkJFDBhSBvGK6gzZ7Ib%2B6WFa0VkXQf0JyP%2FFBaLqj2bC4N6zNJbK42xJUra%2BK9RtocHjisVDb9OAFwgDuVau%2BXj2%2Bimt91fMBwdWINxOWOgKB8innsfrLN8LfZftQDyPwadRbv%2B4Cctp1u3g%2BAUdwG3hTVmedF4pyh2KHAq4kVqy1JXiXsWVb6eLQjJKbASa9wf6sLJvYlwgCmLHzi2eNrAq8JTZVHvKShweA8Zz3ALSUU54wHDoHBaSboPSqjOrs6LjeyLcM%2B9%2BM%2F2OXSoMSgEGMn3QT7a%2Ft0wVPmLR50l67lHewbHkprQV9BdWAWY1EL1vtk8UMCoIa24p8%2Fvom3A1VYkdGyQ1IbatfEeLvXeesJTixTqZdRWz837vYCmVGXuiuPmXgkCn9MX3JRzUdOKrAx0AAMtgWOq7WhJrD6x9cEnUh%2BDfRfR1%2F8%2Fyr9zI2NQCGwewMkGv0D6HHdVvS779jHicbHshTqeBNqrR0otxUj7dkiB6lXTLCdvjc6RU%2Fk%2BnoyTtUebeJd5vlRDMyt6bgCwVJeR0QmAKZ%2BrWgYfATDbAnPuuqY6ER%2BJEZo%2BYzE9mn94qIHXpkCCcl0%2F79lWLCUP44h7NMlWj%2BG7rMLKycOIsIYJjhfUGypwCPZv0YmSz3ky79FIO9r8fqTo7Lof3qR1sHqK4jWXa399dEJMHzY58SIVZ8ZzKTS411iPEyiLZ5yV8OazKl8HcLAb7eb3o6lwTroiv%2BKbziuvZ3eIhjPvk7txoKcaFY64hmiG9WEc6yeBfVCmw8i5UzuFmeNkaq3OL7LimZoldxZzuInu0q9mGrr%2B1A1yHNOWKViEUo5TfIQgjQc0hPmZp9TMlTHVKim8knOmbDXX3ZC3znPfzEsTEphOfNNd7O3fetd%2Fn1mwk%2BW1zbGOLq%2FvzUjtwrA8s4LXgE3u0t45reKoDPNFSeJZ7OiZt8E5j36cO%2F4mqSpGFqf%2BwFKL2ucz9DrPGb9QJvZyidV0oGdqh3q6rXOkMva84vYt6zQYBj7%2Fukbb1PWYbwm%2B24mVx7%2Fh1UNAFI0nLyUVOh8lMKxLSuD%2F0ZYWUrWWuXc0Xa2LpnF06DYgyLhgtTnVhwgL%2BmITUr2vHGGqYMpRD3uda%2Fki7Fs8ct3PkGCt6gGs9tHRHp1MbP%2BBI1AHVXDFkDrgxuToGxEHgekcTetrMPDSyXpLaqiOtxjQw5eor1q24%2Bmdka2AMYRG0WfqBvDBqbchryelsqWdrrE6zvjHg0UisclJo9od67JOiFjvPBCDAd2ZAAIX0%2Fp1oa7iYCSSKjkiY6TbxXISfTE2bxszFsqQUnBHpQe5dzUc2Gdga2sMBI23FmqvghG94QH4AP6hTYW6LW6lX96HIJccKJHvOE5wqjQrwvF1XmTGsCHGMvzhTwc8N2KImQb%2BquaARnK8FeJ6voie0Hh0s65QTgQpH%2Bg3FXkVpeMfhI9NQVPoDLeaf41E7vYnIzfKryPm0vqfvpEHdh6N3%2Bzt6Yc22byWGiTYXQVz1W8XBSXGAy3GBwugxb4x8MaSeiGt6SvsNM8yrYrIVSrquEXR1s3W0m9A%2FOsmj4Q6%2BTGin%2FP4cuh0c0W0WASh%2F1WI%2Bv%2BkNHfHyKeKdItycjS0F38Onla2s5%2FrZhp1nB56zyEtq7KE7lgmF0rZljTxWMFM8kv%2Fy1D8YHJMHIhShxqMR%2FO6p1zfzfXdyVi0wXBGgS%2FO2qfKn8KV9sgYDxs6fiiI2%2BOrCsC%2BjJvOSok5PoNAj%2BUrMadgOYne5GWsiOZX6pmJiro7GkajTX5gUl82iELvlsHpTdG9QBUYfjs7CyHDvH24dY%2FiWoemsm4%2BAyVcsrfrEJwAjvtgAmji673AS5t9xYDkA9%2BjcaJ82rE6f3qhS3mqk46hE63dJ8oaPnbCUznM17zSwsZoDVMKwFp3q92urx%2BLshvFBil%2B20Zh7XIAM5jhTqaZF1wvamKEqfxf0Yn0ZCGi%2FEMpgrcJ41w%3D%3D%3A%3A66140415fe6a58423574e470f179e8ac&p=ooSpBprg0V8Q2CDR5TPW1SrJEWdLcA%3D%3D%3A%3A33556b498767d8721a4942a56c8c81dc&oho=t5.vitalforge.cr&ptf=d2ee55ec7d7d927125e8f8c1fb18f2de
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
nrid
527151059
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psYsygbEuSEcJvmyTAoYzuWmIw77HB47vELJqPsPpjpZGIt%2BBzR36jYE9j863eFviWT4VvxwwZhL%2FllOn2h%2B2144HqTGW1zQi9eAbZOTEHZDAboaE3sDPctVe5XkxWVar%2BBVMxZbxDs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

3 Cookies

Domain/Path Name / Value
www.acgt18trk.com/ Name: uniqueClick_2MRWXQ5
Value: 85c8d80a-fef9-4ba3-98ec-39c48749212a:1693929145
www.acgt18trk.com/ Name: transaction_id
Value: 3b3a1dec721b48739a1d9119add4929a
t5.vitalforge.cr/ Name: C
Value: d2ee55ec7d7d927125e8f8c1fb18f2de