urlscan.io logo urlscan.io
SecurityTrails logo

www.primarkingfun.giving Open in urlscan Pro
51.68.85.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1268a7faa213.megaprizegowin.xyz/?p=20277&wid=145510&wid_hmac=827f81768def854042d5cadd0aecbf70&click_id=fwa47ufhgjuudmitfc312a&co...
Effective URL: https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7399513255502151723&site=13260-8b39e85a-f474ca8c&pub_sub_id=13260
Submission: On August 05 via api from US — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 5 countries across 7 domains to perform 7 HTTP transactions. The main IP is 51.68.85.158, located in United Kingdom and belongs to OVH, FR. The main domain is www.primarkingfun.giving.
TLS certificate: Issued by R10 on July 29th 2024. Valid for: 3 months.
This is the only time www.primarkingfun.giving was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a04:3542:100... 202053 (UPCLOUD)
1 1 185.32.28.169 15699 (AS_ADAM A...)
1 188.114.97.3 13335 (CLOUDFLAR...)
1 172.67.185.188 13335 (CLOUDFLAR...)
3 99.198.106.194 32475 (SINGLEHOP...)
1 51.68.85.158 16276 (OVH)
7 5
1    2a04:3542:1000:910:80c8:eeff:fe8b:1e5b (Madrid, Spain)

ASN202053 (UPCLOUD, FI)
1268a7faa213.megaprizegowin.xyz
1    185.32.28.169 (Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
adsgoa.com
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
f56cfab1.myofferplus.com
1    172.67.185.188 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.addlnk.com
3    99.198.106.194 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
tuk.kutberg.com
1    51.68.85.158 (United Kingdom)

ASN16276 (OVH, FR)
www.primarkingfun.giving
Apex Domain
Subdomains		 Transfer
3 kutberg.com
tuk.kutberg.com
5 KB
1 primarkingfun.giving
www.primarkingfun.giving
4 KB
1 addlnk.com
cdn.addlnk.com — Cisco Umbrella Rank: 438249
1 KB
1 myofferplus.com
f56cfab1.myofferplus.com
1012 B
1 adsgoa.com
adsgoa.com
281 B
1 megaprizegowin.xyz
1268a7faa213.megaprizegowin.xyz
700 B
0 suftinyou.com Failed
suftinyou.com Failed
7 7
Domain Requested by
3 tuk.kutberg.com f56cfab1.myofferplus.com
1 www.primarkingfun.giving tuk.kutberg.com
1 cdn.addlnk.com f56cfab1.myofferplus.com
1 f56cfab1.myofferplus.com
1 adsgoa.com 1 redirects
1 1268a7faa213.megaprizegowin.xyz 1 redirects
0 suftinyou.com Failed www.primarkingfun.giving
7 7

This site contains no links.

Subject Issuer Validity Valid
myofferplus.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
addlnk.com
WE1		 2024-07-30 -
2024-10-28		 3 months crt.sh
tuk.kutberg.com
E5		 2024-07-06 -
2024-10-04		 3 months crt.sh
www.primarkingfun.giving
R10		 2024-07-29 -
2024-10-27		 3 months crt.sh

This page contains 1 frames:

Frame: https://suftinyou.com/?cat=2&groupds=102&clientId=168&productId=1676&publisher_id=1B7fmUHKE&tracking=2043avocrKzzom9ptV36YYSRdeNKow4Rt2P4QbSgi7xkbSi3mQmNSD6d9kq6KSUx3yAV15
Frame ID: 48092726EA6618952D8FE2D1D8B1AFE3
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://1268a7faa213.megaprizegowin.xyz/?p=20277&wid=145510&wid_hmac=827f81768def854042d5cadd0aecbf70&click_id=fwa47... HTTP 307
    https://1268a7faa213.megaprizegowin.xyz/?p=20277&wid=145510&wid_hmac=827f81768def854042d5cadd0aecbf70&click_id=fwa47... HTTP 302
    https://adsgoa.com/tracking.php?hash=3544fcf9c077586a1127b08e6e17864f&aff_sub=63ul5foqgah28mqgu... HTTP 302
    https://f56cfab1.myofferplus.com/rc/e244e8f2f8?affclick=1722833429goa66b05a15a26a3&pubid=22 Page URL
  2. https://tuk.kutberg.com/?utm_medium=d3ca3460d7f36250b207d930496f80c0c7058403&utm_campaign=mainstream... Page URL
  3. https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7399513255502151723&site=13260-8b39e85a-f474... Page URL

Page Statistics

7
Requests

86 %
HTTPS

17 %
IPv6

7
Domains

7
Subdomains

5
IPs

5
Countries

11 kB
Transfer

18 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1268a7faa213.megaprizegowin.xyz/?p=20277&wid=145510&wid_hmac=827f81768def854042d5cadd0aecbf70&click_id=fwa47ufhgjuudmitfc312a&co=1&noback=1 HTTP 307
    https://1268a7faa213.megaprizegowin.xyz/?p=20277&wid=145510&wid_hmac=827f81768def854042d5cadd0aecbf70&click_id=fwa47ufhgjuudmitfc312a&co=1&noback=1 HTTP 302
    https://adsgoa.com/tracking.php?hash=3544fcf9c077586a1127b08e6e17864f&aff_sub=63ul5foqgah28mqguq20oo40k,17911663,5,20277&source=20277 HTTP 302
    https://f56cfab1.myofferplus.com/rc/e244e8f2f8?affclick=1722833429goa66b05a15a26a3&pubid=22 Page URL
  2. https://tuk.kutberg.com/?utm_medium=d3ca3460d7f36250b207d930496f80c0c7058403&utm_campaign=mainstream_redirect&1=47d5b00e&cid=pubb89fcfc5f37c41c38df05aeb511e6e42&2=22 Page URL
  3. https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7399513255502151723&site=13260-8b39e85a-f474ca8c&pub_sub_id=13260 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://1268a7faa213.megaprizegowin.xyz/?p=20277&wid=145510&wid_hmac=827f81768def854042d5cadd0aecbf70&click_id=fwa47ufhgjuudmitfc312a&co=1&noback=1 HTTP 307
  • https://1268a7faa213.megaprizegowin.xyz/?p=20277&wid=145510&wid_hmac=827f81768def854042d5cadd0aecbf70&click_id=fwa47ufhgjuudmitfc312a&co=1&noback=1 HTTP 302
  • https://adsgoa.com/tracking.php?hash=3544fcf9c077586a1127b08e6e17864f&aff_sub=63ul5foqgah28mqguq20oo40k,17911663,5,20277&source=20277 HTTP 302
  • https://f56cfab1.myofferplus.com/rc/e244e8f2f8?affclick=1722833429goa66b05a15a26a3&pubid=22
Request Chain 5
  • https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7399513255502151723&site=13260-8b39e85a-f474ca8c&pub_sub_id=13260&eyeg=f2cc6f655fe4fb70eb015fdb4f163776&eyer=0.7308901855928112&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=tuk.kutberg.com HTTP 302
  • https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7399513255502151723&site=13260-8b39e85a-f474ca8c&pub_sub_id=13260&eyeg=3&eyer=0.7308901855928112&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=tuk.kutberg.com HTTP 302
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330009263345748c3f221049b82d5cae040af0805-202408-flb*5827987-2afce**sl_5827987-2afce*6d8ee39f8164a5c2d9808344840723267ac1f9f0** HTTP 302
  • https://suftinyou.com/?cat=2&groupds=102&clientId=168&productId=1676&publisher_id=1B7fmUHKE&tracking=2043avocrKzzom9ptV36YYSRdeNKow4Rt2P4QbSgi7xkbSi3mQmNSD6d9kq6KSUx3yAV15

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
e244e8f2f8
f56cfab1.myofferplus.com/rc/
Redirect Chain
  • http://1268a7faa213.megaprizegowin.xyz/?p=20277&wid=145510&wid_hmac=827f81768def854042d5cadd0aecbf70&click_id=fwa47ufhgjuudmitfc312a&co=1&noback=1
  • https://1268a7faa213.megaprizegowin.xyz/?p=20277&wid=145510&wid_hmac=827f81768def854042d5cadd0aecbf70&click_id=fwa47ufhgjuudmitfc312a&co=1&noback=1
  • https://adsgoa.com/tracking.php?hash=3544fcf9c077586a1127b08e6e17864f&aff_sub=63ul5foqgah28mqguq20oo40k,17911663,5,20277&source=20277
  • https://f56cfab1.myofferplus.com/rc/e244e8f2f8?affclick=1722833429goa66b05a15a26a3&pubid=22
1 KB
1012 B 		Document
General
Check archive.org
Download Go to
Full URL
https://f56cfab1.myofferplus.com/rc/e244e8f2f8?affclick=1722833429goa66b05a15a26a3&pubid=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e0284f0108a596a1cf57c7c69e6f52e8620ab9dbd4ac6938c83bb2f1d3723b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ae42abf0e7cca44-KBP
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Mon, 05 Aug 2024 04:50:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8KogXlVpI2NpaKhP8O%2Bz3D7vLbNwApFWZqunHYVqEN8VioICXz7%2BQMm%2BL1rieGN82CYoM8YMKkrRrdNf1mZLki73iKC61ICTCodS3cJSeKxiKDlsTVm0UsQvC2Ik2ly187jzopB7Ese7qBA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 05 Aug 2024 04:50:29 GMT
Location
https://f56cfab1.myofferplus.com/rc/e244e8f2f8?affclick=1722833429goa66b05a15a26a3&pubid=22
Server
nginx
Transfer-Encoding
chunked
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: f56cfab1.myofferplus.com
URL: https://f56cfab1.myofferplus.com/rc/e244e8f2f8?affclick=1722833429goa66b05a15a26a3&pubid=22
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 04:50:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
EYJ567R8EAHSP475
age
7044
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400
x-amz-id-2
DXgbilja8s4JIE3IKKSxezBxtYmp4tAWFYlAFPuNOXg7WpRiKO3aHu83SDvwOrA8RjL3NzkDU5wcYLiOOdaF4eNHwQvbEob4
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3rk2UfVdOFoRBsZ%2FuSYdCaZbmYIWeYC2mQVpbpjCZgI%2Ft04celAQ8t1RpNgoQIVG1JpcDWfueuVU9C5cCMZ9Xh6aKSBdh%2BA65Y917vDNhIYeXTcXe0Q5P3A9JCx4lakY8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
8ae42ac3cca62d37-KBP
/
tuk.kutberg.com/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tuk.kutberg.com/?utm_medium=d3ca3460d7f36250b207d930496f80c0c7058403&utm_campaign=mainstream_redirect&1=47d5b00e&cid=pubb89fcfc5f37c41c38df05aeb511e6e42&2=22
Requested by
Host: f56cfab1.myofferplus.com
URL: https://f56cfab1.myofferplus.com/rc/e244e8f2f8?affclick=1722833429goa66b05a15a26a3&pubid=22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.106.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
ccc075565b3625d0ccb4de76aa41cd48096459be3576b956bf5b0b034ef6c2a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version
alt-svc
h3=":443"; ma=604800; persist=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 05 Aug 2024 04:50:34 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
favicon.ico
tuk.kutberg.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tuk.kutberg.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.106.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://tuk.kutberg.com/?utm_medium=d3ca3460d7f36250b207d930496f80c0c7058403&utm_campaign=mainstream_redirect&1=47d5b00e&cid=pubb89fcfc5f37c41c38df05aeb511e6e42&2=22
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 04:50:34 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
etag
"64d60f4e-47e"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
expires
Tue, 06 Aug 2024 04:50:34 GMT
favicon.ico
tuk.kutberg.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tuk.kutberg.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.198.106.194 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc

Request headers

Referer
https://tuk.kutberg.com/?utm_medium=d3ca3460d7f36250b207d930496f80c0c7058403&utm_campaign=mainstream_redirect&1=47d5b00e&cid=pubb89fcfc5f37c41c38df05aeb511e6e42&2=22
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 05 Aug 2024 04:50:34 GMT
last-modified
Fri, 11 Aug 2023 10:37:02 GMT
server
nginx
etag
"64d60f4e-47e"
content-type
image/x-icon
cache-control
max-age=86400
accept-ranges
bytes
alt-svc
h3=":443"; ma=604800; persist=1
content-length
1150
expires
Tue, 06 Aug 2024 04:50:34 GMT
Primary Request /
www.primarkingfun.giving/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7399513255502151723&site=13260-8b39e85a-f474ca8c&pub_sub_id=13260
Requested by
Host: tuk.kutberg.com
URL: https://tuk.kutberg.com/?utm_medium=d3ca3460d7f36250b207d930496f80c0c7058403&utm_campaign=mainstream_redirect&1=47d5b00e&cid=pubb89fcfc5f37c41c38df05aeb511e6e42&2=22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.85.158 , United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
099ca7297438fe3ae8c93d97b6916b252848eec3ed3a9750864729b2463a7aba

Request headers

Referer
https://tuk.kutberg.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Mon, 05 Aug 2024 04:50:36 GMT
Transfer-Encoding
chunked
/
suftinyou.com/
Redirect Chain
  • https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7399513255502151723&site=13260-8b39e85a-f474ca8c&pub_sub_id=13260&eyeg=f2cc6f655fe4fb70eb015fdb4f163776&eyer=0.7308901855928112&eyei...
  • https://www.primarkingfun.giving/?sl=5827987-2afce&pub_click_id=M7399513255502151723&site=13260-8b39e85a-f474ca8c&pub_sub_id=13260&eyeg=3&eyer=0.7308901855928112&eyei=0&eyew=1600&eyeh=1200&eyetd=21...
  • https://admoustache.aftrad-visit.com/track/smartlink?smartlink_id=1&publisher_id=441&network_id=5&click_id=330009263345748c3f221049b82d5cae040af0805-202408-flb*5827987-2afce**sl_5827987-2afce*6d8ee...
  • https://suftinyou.com/?cat=2&groupds=102&clientId=168&productId=1676&publisher_id=1B7fmUHKE&tracking=2043avocrKzzom9ptV36YYSRdeNKow4Rt2P4QbSgi7xkbSi3mQmNSD6d9kq6KSUx3yAV15
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
suftinyou.com
URL
https://suftinyou.com/?cat=2&groupds=102&clientId=168&productId=1676&publisher_id=1B7fmUHKE&tracking=2043avocrKzzom9ptV36YYSRdeNKow4Rt2P4QbSgi7xkbSi3mQmNSD6d9kq6KSUx3yAV15

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _0x46a0 function| _0x25cf string| baseUrl string| baseId string| baseReferer string| url function| inIframe function| getWidth function| getHeight function| detectMobile function| detectBrowserProductSub function| detectConnectionType function| deviceDetection function| extractHostname function| build

3 Cookies

Domain/Path Name / Value
.1268a7faa213.megaprizegowin.xyz/ Name: rts-trck
Value: 1
.1268a7faa213.megaprizegowin.xyz/ Name: t-uuid
Value: 63ul5foqjb2hhteyqr4g8kc4s
.1268a7faa213.megaprizegowin.xyz/ Name: traffic-back
Value: ok