glizoakri.net
Open in
urlscan Pro
139.45.196.64
Public Scan
Effective URL: https://glizoakri.net/link?z=7980691&var=panda&ymid=66eec99e693c443c26a9ac00
Submission Tags: @phish_report
Submission: On September 21 via api from FI — Scanned from AU
Summary
TLS certificate: Issued by R11 on August 12th 2024. Valid for: 3 months.
This is the only time glizoakri.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 172.67.148.196 172.67.148.196 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 209.58.171.123 209.58.171.123 | 59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD.) | |
3 | 139.45.196.64 139.45.196.64 | 9002 (RETN-AS) (RETN-AS) | |
2 | 139.45.195.8 139.45.195.8 | 9002 (RETN-AS) (RETN-AS) | |
1 | 104.18.22.222 104.18.22.222 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 4 |
ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
PTR: 209.58.171.123.rdtk.io
ads.lbtrack.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
glizoakri.net
glizoakri.net — Cisco Umbrella Rank: 372336 |
15 KB |
2 |
rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10867 |
995 B |
1 |
vurtaichu.net
vurtaichu.net — Cisco Umbrella Rank: 323876 Failed |
|
1 |
lbtrack.com
1 redirects
ads.lbtrack.com |
891 B |
1 |
zipcodes.lat
1 redirects
zipcodes.lat |
499 B |
7 | 5 |
Domain | Requested by | |
---|---|---|
3 | glizoakri.net |
glizoakri.net
|
2 | my.rtmark.net |
glizoakri.net
|
1 | vurtaichu.net |
glizoakri.net
|
1 | ads.lbtrack.com | 1 redirects |
1 | zipcodes.lat | 1 redirects |
7 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
glizoakri.net R11 |
2024-08-12 - 2024-11-10 |
3 months | crt.sh |
rtmark.net R11 |
2024-08-30 - 2024-11-28 |
3 months | crt.sh |
vurtaichu.net WE1 |
2024-09-10 - 2024-12-09 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://vurtaichu.net/?z=7980692&syncedCookie=true&rhd=false
Frame ID: 6ED49EAA062884A64ACB0E3D223631FB
Requests: 7 HTTP requests in this frame
Screenshot
Page Title
RedirectPage URL History Show full URLs
-
http://zipcodes.lat/
HTTP 307
https://zipcodes.lat/ HTTP 302
https://ads.lbtrack.com/667dc055f745d2000112fdb4?sub1=panda&sub2={adset_name}&ref_id={clickid} HTTP 302
https://glizoakri.net/link?z=7980691&var=panda&ymid=66eec99e693c443c26a9ac00 Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://zipcodes.lat/
HTTP 307
https://zipcodes.lat/ HTTP 302
https://ads.lbtrack.com/667dc055f745d2000112fdb4?sub1=panda&sub2={adset_name}&ref_id={clickid} HTTP 302
https://glizoakri.net/link?z=7980691&var=panda&ymid=66eec99e693c443c26a9ac00 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
link
glizoakri.net/ Redirect Chain
|
29 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img.gif
my.rtmark.net/ |
43 B 490 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
add
glizoakri.net/log/ |
12 B 383 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sftouch
vurtaichu.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
add
glizoakri.net/async_log/ |
0 337 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
img.gif
my.rtmark.net/ |
43 B 505 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
vurtaichu.net/ |
0 0 |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- vurtaichu.net
- URL
- https://vurtaichu.net/sftouch?userId=0080de22a25a4a8be47de562c2d732b5&z=7980692&p_rid=98144136-31db-45e0-9ee4-7ad60f41f7f1&p_src=sf&branchId=0&rb=orlc4TPncURM7qSBAFHcTbqcqWttbVNLDP_cJJPbz80bpRsidY9DrTWUFozr5SmRIvYdSq4SpMjq3ueXnhcggHOD6ClZRbjEgF3KHm3Rdbll3rpNQ1rHNVxnHR79GlM5MDR5dneJHYPHl5i2sDyLzSyAns2D-VhYATdXJWz1PFKoxQRWZc7mDFDDqwEAe4yjMlkSUp3L65UIS-ePs3PqVKy13KxJssQVcLMk83Pp1OHTm-t7rmwx88KRSWpehvt3I8dKFUIy5FW0BhJremCdnB4lV8bzo5yqBk7REJNrB4IQ6qpbuJBWMXwTw7-DjLHyRyKuCj0wSloqgeauquPenFWz3CDFz1FvrlSxS01z0ZVAX86auoW-li9FRVFeSaXh
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| onLazyPixel object| _nvksp5rgq function| nvksp5rgq6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ads.lbtrack.com/ | Name: redcmps Value: W3siaWQiOiI2NjdkYzA1NWY3NDVkMjAwMDExMmZkYjQiLCJ0IjoiMjAyNC0wOS0yMVQxMzoyNjo1NC41NTk5ODE3OTVaIn1d |
|
.ads.lbtrack.com/ | Name: redhash Value: NjZlZWM5OWU2OTNjNDQzYzI2YTlhYzAwfDF8NjY3ZGMwNTVmNzQ1ZDIwMDAxMTJmZGI0fHxiYTFiZmE5NC1iZDY1LTRmMTgtYmI5Zi1jNmZkY2U5MDJiYzl8MTcyNjkyNTIxNA== |
|
glizoakri.net/ | Name: OAID Value: 0080de22a25a4a8be47de562c2d732b5 |
|
glizoakri.net/ | Name: oaidts Value: 1726925215 |
|
glizoakri.net/ | Name: allcnt Value: 1 |
|
my.rtmark.net/ | Name: ID Value: 0080de22a25a4a8be47de562c2d732b5 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=1 |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ads.lbtrack.com
glizoakri.net
my.rtmark.net
vurtaichu.net
zipcodes.lat
vurtaichu.net
104.18.22.222
139.45.195.8
139.45.196.64
172.67.148.196
209.58.171.123
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
7c072211057f8627b77524a922097abe146419c468f022f2d9ae66f1401082dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855