usmagazine-trends.com Open in urlscan Pro
2606:4700:30::681b:af22 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www12.teaparty.org/t/10287728/273413041/171129/4/
Effective URL:
https://usmagazine-trends.com/3hgj7w6-CO/?txt=1&click=9&cep=D88dyp1wSBd-KHBe7QAwEG777S74Ub4qK8tJGZsX64jcZFEwG0vj73dmdR3MztZCcg...
Submission: On July 25 via manual (July 25th 2019, 2:56:29 pm UTC) from US

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 37 HTTP transactions. The main IP is 2606:4700:30::681b:af22, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is usmagazine-trends.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on June 27th 2019. Valid for: 6 months.

This is the only time usmagazine-trends.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Weightloss Scam (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 1	64.31.153.81 64.31.153.81	3356 (LEVEL3) (LEVEL3 - Level 3 Parent)
1 1	52.59.185.192 52.59.185.192	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
34	2606:4700:30:... 2606:4700:30::681b:af22	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
37	3

1 64.31.153.81 (Wesley Chapel, United States) 1 redirects

ASN3356 (LEVEL3 - Level 3 Parent, LLC, US)
PTR: net-64-27-153-31-64.dmsgs.com

www12.teaparty.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.185.192 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-185-192.eu-central-1.compute.amazonaws.com

go.usmagazine-trends.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2606:4700:30::681b:af22 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

usmagazine-trends.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	usmagazine-trends.com 1 redirects go.usmagazine-trends.com usmagazine-trends.com	2 MB
1	googleapis.com fonts.googleapis.com	737 B
1	teaparty.org 1 redirects www12.teaparty.org	600 B
0	pushnami.com Failed api.pushnami.com Failed
0	jquery.com Failed code.jquery.com Failed
37	5

	Domain	Requested by
34	usmagazine-trends.com	usmagazine-trends.com
1	fonts.googleapis.com	usmagazine-trends.com
1	go.usmagazine-trends.com	1 redirects
1	www12.teaparty.org	1 redirects
0	api.pushnami.com Failed	usmagazine-trends.com
0	code.jquery.com Failed	usmagazine-trends.com
37	6

This site contains no links.

Subject Issuer	Validity	Valid
sni55143.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-06-27` - `2020-01-03`	6 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-06-18` - `2019-09-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://usmagazine-trends.com/3hgj7w6-CO/?txt=1&click=9&cep=D88dyp1wSBd-KHBe7QAwEG777S74Ub4qK8tJGZsX64jcZFEwG0vj73dmdR3MztZCcgEblYkwEpYqobc6nR_T4tdAAlTpLsOiPsdOZ_ATNn6B3jQa7vCCLVnlIQoZBOWbqHjNIp10CKOuM-z1vCaTu0B985onh_0RTtHWlvt-BOugewk4aMxgM_0AUFoTTJGTr-MU3CtMKje8dH1F_iT-kf0dCVQTeAL7jCdyhUG7umiFbNJbc0jMWa4JWuaaln7-bfF67lcyt8CyXqrx-QUeYvSmcHl9z1RJi6dxhdRRSkA&lptoken=15016407061f832456da
Frame ID: D782B462B0BFFE20F66C584EC9BD3970
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www12.teaparty.org/t/10287728/273413041/171129/4/ HTTP 302
http://go.usmagazine-trends.com/c9de605c-1a7f-45a1-8248-e672bac09a1f HTTP 302
https://usmagazine-trends.com/3hgj7w6-CO/?txt=1&click=9&cep=D88dyp1wSBd-KHBe7QAwEG777S74Ub4qK8tJGZsX64jcZF... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

37
Requests

95 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

3
IPs

2
Countries

1818 kB
Transfer

1935 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www12.teaparty.org/t/10287728/273413041/171129/4/ HTTP 302
http://go.usmagazine-trends.com/c9de605c-1a7f-45a1-8248-e672bac09a1f HTTP 302
https://usmagazine-trends.com/3hgj7w6-CO/?txt=1&click=9&cep=D88dyp1wSBd-KHBe7QAwEG777S74Ub4qK8tJGZsX64jcZFEwG0vj73dmdR3MztZCcgEblYkwEpYqobc6nR_T4tdAAlTpLsOiPsdOZ_ATNn6B3jQa7vCCLVnlIQoZBOWbqHjNIp10CKOuM-z1vCaTu0B985onh_0RTtHWlvt-BOugewk4aMxgM_0AUFoTTJGTr-MU3CtMKje8dH1F_iT-kf0dCVQTeAL7jCdyhUG7umiFbNJbc0jMWa4JWuaaln7-bfF67lcyt8CyXqrx-QUeYvSmcHl9z1RJi6dxhdRRSkA&lptoken=15016407061f832456da Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
usmagazine-trends.com/3hgj7w6-CO/
Redirect Chain

http://www12.teaparty.org/t/10287728/273413041/171129/4/
http://go.usmagazine-trends.com/c9de605c-1a7f-45a1-8248-e672bac09a1f
https://usmagazine-trends.com/3hgj7w6-CO/?txt=1&click=9&cep=D88dyp1wSBd-KHBe7QAwEG777S74Ub4qK8tJGZsX64jcZFEwG0vj73dmdR3MztZCcgEblYkwEpYqobc6nR_T4tdAAlTpLsOiPsdOZ_ATNn6B3jQa7vCCLVnlIQoZBOWbqHjNIp10C...

41 KB
12 KB

296ms
220ms

Document
text/html

2606:4700:30::681b:af22
Cloudflare

General

usmagazine-trends.com Open in urlscan Pro 2606:4700:30::681b:af22 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

95 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

3 IPs

2 Countries

1818 kBTransfer

1935 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

usmagazine-trends.com Open in urlscan Pro
2606:4700:30::681b:af22 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

95 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

3
IPs

2
Countries

1818 kB
Transfer

1935 kB
Size

0
Cookies

37 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!