urlscan.io logo urlscan.io
SecurityTrails logo

www.cessica.com Open in urlscan Pro
93.89.224.193  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/cesx916b
Effective URL: http://www.cessica.com/B/916.php
Submission: On March 06 via api from SA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 18 HTTP transactions. The main IP is 93.89.224.193, located in Turkey and belongs to TR-ISIMTESCIL-20201202, TR. The main domain is www.cessica.com.
This is the only time www.cessica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.11 396982 (GOOGLE-PR...)
3 93.89.224.193 51557 (TR-ISIMTE...)
2 192.243.59.12 39572 (ADVANCEDH...)
4 104.19.135.78 13335 (CLOUDFLAR...)
7 104.19.135.80 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 54.72.52.19 16509 (AMAZON-02)
18 6
1    67.199.248.11 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
3    93.89.224.193 (Turkey)

ASN51557 (TR-ISIMTESCIL-20201202, TR)
PTR: 93-89-224-193.fbs.com.tr
www.cessica.com
2    192.243.59.12 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
9xeqynu3gt7c.com
4    104.19.135.78 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
servicer.mgid.com
cm.mgid.com
c.mgid.com
7    104.19.135.80 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.steepto.com
cm.steepto.com
s-img.steepto.com
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    54.72.52.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-52-19.eu-west-1.compute.amazonaws.com
match.adsrvr.org
Domain Requested by
4 s-img.steepto.com www.cessica.com
3 www.cessica.com www.cessica.com
2 match.adsrvr.org 2 redirects
2 cm.steepto.com jsc.mgid.com
2 fonts.gstatic.com www.cessica.com
2 9xeqynu3gt7c.com www.cessica.com
1 c.mgid.com
1 cm.mgid.com www.cessica.com
1 servicer.mgid.com jsc.mgid.com
1 cdn.steepto.com www.cessica.com
1 jsc.mgid.com www.cessica.com
1 bit.ly 1 redirects
18 12

This site contains links to these domains. Also see Links.

Domain
direct-link.net
9xeqynu3gt7c.com
steepto.com
herbeauty.co
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-09 -
2021-07-09		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://www.cessica.com/B/916.php
Frame ID: 8257B2934A3CE6B8C34C3F436AB88605
Requests: 18 HTTP requests in this frame

Frame: https://cm.steepto.com/i-noref.js?cbuster=1615018459569742742750
Frame ID: EB9B2AF6C98E3ABD9F4EF6D3D15D51EE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/cesx916b HTTP 301
    http://www.cessica.com/B/916.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

18
Requests

72 %
HTTPS

14 %
IPv6

7
Domains

12
Subdomains

6
IPs

4
Countries

193 kB
Transfer

374 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/cesx916b HTTP 301
    http://www.cessica.com/B/916.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=bff0fd44-bfba-4ece-bdd7-190e528b0385&ttl=1617610459

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 916.php
www.cessica.com/B/
Redirect Chain
  • https://bit.ly/cesx916b
  • http://www.cessica.com/B/916.php
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.cessica.com/B/916.php
Protocol
HTTP/1.1
Server
93.89.224.193 , Turkey, ASN51557 (TR-ISIMTESCIL-20201202, TR),
Reverse DNS
93-89-224-193.fbs.com.tr
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
34e4f8adeaef61cf7392871c4c1478d0c44d7cdc0beb8d35256c6328f10fad32

Request headers

Host
www.cessica.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html; charset=UTF-8
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
Date
Sat, 06 Mar 2021 08:14:14 GMT
Cteonnt-Length
1579
Cache-Control
private
Content-Encoding
gzip
Content-Length
867

Redirect headers

server
nginx
date
Sat, 06 Mar 2021 08:14:18 GMT
content-type
text/html; charset=utf-8
content-length
119
cache-control
private, max-age=90
content-security-policy
referrer always;
location
http://www.cessica.com/B/916.php
referrer-policy
unsafe-url
set-cookie
_bit=l268ei-1db2c4c55c570f0dd5-00E; Domain=bit.ly; Expires=Thu, 02 Sep 2021 08:14:18 GMT
via
1.1 google
alt-svc
clear
portal.css
www.cessica.com/B/ 		1 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.cessica.com/B/portal.css
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
HTTP/1.1
Server
93.89.224.193 , Turkey, ASN51557 (TR-ISIMTESCIL-20201202, TR),
Reverse DNS
93-89-224-193.fbs.com.tr
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b7278b963289b2d498ac700f3932093da66c9dba49c045e7988f47ddabd6f4dc

Request headers

Referer
http://www.cessica.com/B/916.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Cteonnt-Length
1093
Date
Sat, 06 Mar 2021 08:14:15 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Mar 2020 10:43:02 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"a0788c7d244d61:0"
Content-Type
text/css
Cache-Control
private
Accept-Ranges
bytes
Content-Length
414
147a7870f4fb3eecf2c7e2bcd36187c2.js
9xeqynu3gt7c.com/14/7a/78/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://9xeqynu3gt7c.com/14/7a/78/147a7870f4fb3eecf2c7e2bcd36187c2.js
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
HTTP/1.1
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 06 Mar 2021 08:14:18 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
video.gif
www.cessica.com/B/images/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.cessica.com/B/images/video.gif
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
HTTP/1.1
Server
93.89.224.193 , Turkey, ASN51557 (TR-ISIMTESCIL-20201202, TR),
Reverse DNS
93-89-224-193.fbs.com.tr
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ab5208d95c64715bf62b2382d8ffb9712d3463a7ed0bdb57a34f528a23f8f9e6

Request headers

Referer
http://www.cessica.com/B/916.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 06 Mar 2021 08:14:15 GMT
Last-Modified
Fri, 27 Mar 2020 10:43:48 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"5cf72b99244d61:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
33250
cessica.com.752338.js
jsc.mgid.com/c/e/ 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/c/e/cessica.com.752338.js
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efcc30ae4e540a2bce3d95235660354ce5fcb0b2d024f0c5df7be157051c0886

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 08:14:18 GMT
content-encoding
br
cf-cache-status
HIT
age
6929
cf-polished
origSize=254474
last-modified
Tue, 02 Mar 2021 12:22:40 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
C44A94EE4A02E4A9
x-amz-id-2
RLbt0XeHF3zbSmQKrKspjC60d37zoq6fpI1dORFDBa7WLYJtCAgyOm023QutY9SmK9Xhj5dsmT4=
cf-bgj
minify
server
cloudflare
etag
W/"1ce123205ac7a1b81cdf2634cf929ca8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
08a833161400004be22390a000000001
cf-ray
62ba213688c04be2-AMS
expires
Sat, 06 Mar 2021 11:14:18 GMT
invoke.js
9xeqynu3gt7c.com/aee11b6d4361aedf9af15bd1e8073e74/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://9xeqynu3gt7c.com/aee11b6d4361aedf9af15bd1e8073e74/invoke.js
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
HTTP/1.1
Server
192.243.59.12 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 06 Mar 2021 08:14:18 GMT
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 08:14:19 GMT
cf-cache-status
HIT
age
5084
cf-ray
62ba213a9d7dbdb9-AMS
content-length
2745
x-amz-id-2
pRVDkfT7spEAmoQ80mTNjnTf1J6dyOnMn3MIsdO+6ucbuHueZQBcoxgsa49SlgTs5GH8BiI6vjE=
last-modified
Mon, 04 May 2020 12:16:55 GMT
server
cloudflare
etag
"7e16c555b09abddb8088e5bfca7a1cde"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
A8C8BFEAF4F3C429
cache-control
public, max-age=14400
cf-request-id
08a83318a20000bdb9b9ae7000000001
accept-ranges
bytes
content-type
image/png
expires
Sat, 06 Mar 2021 12:14:19 GMT
truncated
/ 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.cessica.com
Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:26 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:08:16 GMT
server
sffe
age
131573
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16224
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:26 GMT
1
servicer.mgid.com/752338/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/752338/1?w=905&h=230&cols=4&pv=5&cbuster=1615018459405495727628&uniqId=163e5&niet=4g&nisd=false&ref=&cxurl=http%3A%2F%2Fwww.cessica.com%2FB%2F916.php&lu=http%3A%2F%2Fwww.cessica.com%2FB%2F916.php&pageView=1&pvid=178069a011c92ce8035&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/e/cessica.com.752338.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e45e3f1054bed72e69886bbf7326218e9f76a051d0b2a343476cb7323282c71

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 08:14:19 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ba213b7a414be2-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a833193000004be2ecb02000000001
cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v10/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.cessica.com
Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 21:23:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:06:58 GMT
server
sffe
age
211834
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15556
x-xss-protection
0
expires
Thu, 03 Mar 2022 21:23:45 GMT
i.js
cm.steepto.com/ 		130 B
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.steepto.com/i.js?&cbuster=1615018459563168522122
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/e/cessica.com.752338.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81b1b2a0681e16cf1650dbe71dcf27ef0a1273ffabd259c9f4aab63b1fdb7c04

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 08:14:19 GMT
content-encoding
br
cf-cache-status
MISS
x-mg-request-uuid
a8be365a-7fdc-44cd-9a9d-af8369ebb2ae
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
62ba213c8e3ebdb9-AMS
cf-request-id
08a83319d30000bdb9dfb21000000001
server
cloudflare
i-noref.js
cm.steepto.com/ Frame EB9B 		19 B
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.steepto.com/i-noref.js?cbuster=1615018459569742742750
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/e/cessica.com.752338.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 08:14:19 GMT
cf-cache-status
MISS
x-mg-request-uuid
24ce9324-cef3-4da6-a119-dcc12dd33cd0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
62ba213c8e3dbdb9-AMS
content-length
19
cf-request-id
08a83319d20000bdb9e38ee000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.steepto.com/g/8193525/492x328/0x311x684x456/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8193525/492x328/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1615018459-9RZPzj-lWFjUuCXgQvlBB01sVPpps2vjurXyXmPzJOk
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32288afbbd582a50540b8ff709114b8ecc273d16be5364e4e5e0ad9f8904630a

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 08:14:19 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2021 07:15:18 GMT
x-mg-request-uuid
8bc64cf9-f1ed-41ae-9553-600a63f28a60
age
2076627
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62ba213c8e41bdb9-AMS
content-length
16692
cf-request-id
08a83319d30000bdb9be16c000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp
s-img.steepto.com/g/8193521/492x328/0x168x565x376/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8193521/492x328/0x168x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2M0NjQ1ZjgwN2MzMDJlZmNiYzQxZWVhZWRmNGE5MmZjLmpwZw.webp?v=1615018459-a3IZFmuReZZF5uKMbvjNbEyqkyfPtPQ58757-AYUw8I
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e18e7cd260a222b1afd64c7b0be9a9b0c7e43110cfeffcc98d23cb6b17a85b08

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 08:14:19 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2021 07:15:58 GMT
x-mg-request-uuid
83a10429-fea1-4896-a5a3-ff7b48604a1a
age
2076397
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62ba213c8e3fbdb9-AMS
content-length
12378
cf-request-id
08a83319d50000bdb9dfb22000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2ZkNjNmZDY4NmUwMGVjZTk0NWNkZmI5MzgzOWVkMmEzLmpwZWc.webp
s-img.steepto.com/g/8164911/492x328/32x5x928x618/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8164911/492x328/32x5x928x618/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2ZkNjNmZDY4NmUwMGVjZTk0NWNkZmI5MzgzOWVkMmEzLmpwZWc.webp?v=1615018459-27dOj-DHhV5MXja_-jUYDgy9Pv0fljX-tQz7ASLfyKU
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af2d1eefa16495893f5cfbed9041d42ba3851f52c117931ae5196f81a5777f7b

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 08:14:19 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Feb 2021 10:20:17 GMT
x-mg-request-uuid
cdbdef9b-d6ba-4714-80c8-53707b11f352
age
2238718
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62ba213c8e42bdb9-AMS
content-length
6484
cf-request-id
08a83319d40000bdb9bb35b000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp
s-img.steepto.com/g/8193526/492x328/0x26x798x532/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8193526/492x328/0x26x798x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzRlODVkMWNkOWEzZTVmYmNlMGViM2QwOWZiNjU3ODM4LmpwZWc.webp?v=1615018459-J3CFty_7Cu3TvpyX218NzQIj1o_fJKzcxHvnQrwDkow
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8882124ecc46145f8dd2c4723888f2510a0ef0fc2ad527786b21b7ea6801361a

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 08:14:19 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2021 07:15:16 GMT
x-mg-request-uuid
42d9c90e-a6e5-43ea-8ca6-90ba038cf0dd
age
2076625
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62ba213c8e40bdb9-AMS
content-length
19080
cf-request-id
08a83319d30000bdb9e98f6000000001
server
cloudflare
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=bff0fd44-bfba-4ece-bdd7-190e528b0385&ttl=1617610459
43 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=bff0fd44-bfba-4ece-bdd7-190e528b0385&ttl=1617610459
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 08:14:19 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
898a349a-0a92-4b81-bf14-a3c659f81e71
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ba213e0f2f4be2-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a8331ac200004be214bea000000001
server
cloudflare

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 08:14:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=bff0fd44-bfba-4ece-bdd7-190e528b0385&ttl=1617610459
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
c
c.mgid.com/ 		43 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=217|204|12|TBjNxEG0TkUdaDkrOvFauOmYTFUyM94TbbS8C2fHcLSL4Idl2zZZHvVffDXrkFZl&fw=1&extjs=66044&v=217|204|12|TBjNxEG0TkUdaDkrOvFauAyTLjJM0opF7GHR6N70-LTGMq_faT1iCAp9jcroQrKQ&v=217|204|12|TBjNxEG0TkUdaDkrOvFauHMHpExjR_FzdvwH9ZcMSYDfUxbrcrLkegTyeaRmMTOa&v=217|204|12|TBjNxEG0TkUdaDkrOvFauCgtFzCuBeCy9iutwYi7KXJbAN1j4ECA2FqdEZZCM20R&cid=752338&h2=tmW5e_Mo1OmtR0hcrE3R1p0E8tuL9qrv4pLwBcxucfc*&rid=f353bd9d-7e53-11eb-9071-d09466576dad&tt=Direct&iv=11&pageImp=1&cbuster=1615018460788975931338&tpl=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.135.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 08:14:20 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
ee796236-c765-4b76-a3f9-7a27e1d791db
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ba21440b434be2-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a8331e8200004be2b796c000000001
server
cloudflare

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| atOptions boolean| mgCanLoad752338 boolean| mgFallback752338 boolean| mgShortWidget752338 boolean| mgUseConvertedCode752338 string| mgRootId752338 object| div752338 string| rootDiv752338 string| mgPreloadId752338 object| _mgIntExchangeNews object| MarketGidInfC752338 function| MarketGidCContextBlock752338 function| MarketGidCMainBlock752338 function| MarketGidCAdvertLinkBlock752338 function| MarketGidCInternalExchangeBlock752338 function| MarketGidCColorBlock752338 function| MarketGidCUtilsBlock752338 function| MarketGidCMonitorBlock752338 function| MarketGidCRejectBlock752338 function| MarketGidCCriteoBlock752338 function| MarketGidCAmpRenderBlock752338 function| MarketGidCInternalExchangeLoggerBlock752338 function| MarketGidCObserverBlock752338 function| MarketGidCSspDoubleClickBlock752338 function| MarketGidCSendDimensionsBlock752338 function| MarketGidCAntifraudBlock752338 function| MarketGidCAntifraudStatisticsBlock752338 function| MarketGidCRtbBlock752338 function| MarketGidCActivateDelayBlock752338 function| MarketGidCIframeSizeChangerBlock752338 function| MarketGidCAccidentalClicksBlock752338 function| MarketGidCExternalCountersBlock752338 function| MarketGidCYandexTurboBlock752338 function| MarketGidCContentPreviewBlock752338 function| MarketGidCCountersBlock752338 function| MarketGidCGradientBlock752338 function| MarketGidCResponsiveBlock752338 object| onClickExcludes function| mgReject752338 function| mgLoadAds752338_163e5 function| MarketGidCReject752338 function| MarketGidLoadGoods752338_163e5 function| AdskeeperCReject752338 function| AdskeeperLoadGoods752338_163e5 function| LentaInformCReject752338 function| LentaInformLoadGoods752338_163e5 function| IdealMediaCReject752338 function| IdealMediaLoadGoods752338_163e5 boolean| mg_loaded_499651_752338 string| _mgCanonicalUri boolean| _mgPageView499651 object| _mgq function| _mgqp number| _mgqt number| _mgqi function| LoadCriteoAllPlaces752338_163e5 boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgwcapping boolean| _mgPageImp499651

1 Cookies

Domain/Path Name / Value
www.cessica.com/ Name: MarketGidStorage
Value: %7B%220%22%3A%7B%7D%2C%22C752338%22%3A%7B%22page%22%3A1%2C%22time%22%3A1615018459523%7D%7D

1 Console Messages

Source Level URL
Text
console-api debug URL: https://jsc.mgid.com/c/e/cessica.com.752338.js(Line 1)
Message:
[object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9xeqynu3gt7c.com
bit.ly
c.mgid.com
cdn.steepto.com
cm.mgid.com
cm.steepto.com
fonts.gstatic.com
jsc.mgid.com
match.adsrvr.org
s-img.steepto.com
servicer.mgid.com
www.cessica.com
104.19.135.78
104.19.135.80
192.243.59.12
2a00:1450:4001:800::2003
54.72.52.19
67.199.248.11
93.89.224.193
0e45e3f1054bed72e69886bbf7326218e9f76a051d0b2a343476cb7323282c71
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32288afbbd582a50540b8ff709114b8ecc273d16be5364e4e5e0ad9f8904630a
34e4f8adeaef61cf7392871c4c1478d0c44d7cdc0beb8d35256c6328f10fad32
81b1b2a0681e16cf1650dbe71dcf27ef0a1273ffabd259c9f4aab63b1fdb7c04
8882124ecc46145f8dd2c4723888f2510a0ef0fc2ad527786b21b7ea6801361a
a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab5208d95c64715bf62b2382d8ffb9712d3463a7ed0bdb57a34f528a23f8f9e6
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
af2d1eefa16495893f5cfbed9041d42ba3851f52c117931ae5196f81a5777f7b
b7278b963289b2d498ac700f3932093da66c9dba49c045e7988f47ddabd6f4dc
e18e7cd260a222b1afd64c7b0be9a9b0c7e43110cfeffcc98d23cb6b17a85b08
efcc30ae4e540a2bce3d95235660354ce5fcb0b2d024f0c5df7be157051c0886