airmnio.xyz
Open in
urlscan Pro
165.227.148.68
Public Scan
Submitted URL: https://www.a-muse.tv/out.php?out=https://msipartes.cl%2Fnew%2Fauth%2FsaD1%2F%2F%2F%2FdEB0ZXN0LmNvbQ==
Effective URL: https://airmnio.xyz/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvv...
Submission: On July 25 via manual from DE — Scanned from DE
Effective URL: https://airmnio.xyz/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvv...
Submission: On July 25 via manual from DE — Scanned from DE
Summary
This website contacted 4 IPs
in 3 countries
across 5 domains to perform 7 HTTP transactions.
The main IP is 165.227.148.68, located in
Frankfurt am Main, Germany and
belongs to DIGITALOCEAN-ASN, US.
The main domain is airmnio.xyz.
TLS certificate: Issued by R3 on July 24th 2023. Valid for: 3 months.
This is the only time airmnio.xyz was scanned on urlscan.io!
TLS certificate: Issued by R3 on July 24th 2023. Valid for: 3 months.
This is the only time airmnio.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 54.65.34.10 54.65.34.10 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:801::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 190.107.177.32 190.107.177.32 | 265831 (SOC. COME...) (SOC. COMERCIAL WIRENET CHILE LTDA.) | |
| 3 6 | 165.227.148.68 165.227.148.68 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 7 | 4 |
1
54.65.34.10
(Tokyo, Japan)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-34-10.ap-northeast-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-34-10.ap-northeast-1.compute.amazonaws.com
| www.a-muse.tv |
2
2a00:1450:4001:801::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| ssl.google-analytics.com |
1
190.107.177.32
(Chile)
ASN265831 (SOC. COMERCIAL WIRENET CHILE LTDA., CL)
PTR: srv22.cpanelhost.cl
ASN265831 (SOC. COMERCIAL WIRENET CHILE LTDA., CL)
PTR: srv22.cpanelhost.cl
| msipartes.cl |
6
165.227.148.68
(Frankfurt am Main, Germany)
ASN14061 (DIGITALOCEAN-ASN, US)
ASN14061 (DIGITALOCEAN-ASN, US)
| itameriica.com | |
| airmnio.xyz |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
airmnio.xyz
2 redirects
airmnio.xyz |
64 KB |
| 2 |
google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 501 |
17 KB |
| 1 |
itameriica.com
1 redirects
itameriica.com |
583 B |
| 1 |
msipartes.cl
msipartes.cl |
277 B |
| 1 |
a-muse.tv
www.a-muse.tv |
817 B |
| 7 | 5 |
| Domain | Requested by | |
|---|---|---|
| 5 | airmnio.xyz |
2 redirects
airmnio.xyz
|
| 2 | ssl.google-analytics.com |
www.a-muse.tv
|
| 1 | itameriica.com | 1 redirects |
| 1 | msipartes.cl | |
| 1 | www.a-muse.tv | |
| 7 | 5 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| autodiscover.a-muse.tv R3 |
2023-06-18 - 2023-09-16 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-07-03 - 2023-09-25 |
3 months | crt.sh |
| msipartes.cl cPanel, Inc. Certification Authority |
2023-06-05 - 2023-09-03 |
3 months | crt.sh |
| airmnio.xyz R3 |
2023-07-24 - 2023-10-22 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://airmnio.xyz/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5saXZlLmNvbS9vYXV0aDIwX2F1dGhvcml6ZS5zcmY/Y2xpZW50X2lkPTQ3NjU0NDViLTMyYzYtNDliMC04M2U2LTFkOTM3NjUyNzZjYSZzY29wZT1vcGVuaWQrcHJvZmlsZStodHRwcyUzYSUyZiUyZnd3dy5vZmZpY2UuY29tJTJmdjIlMmZPZmZpY2VIb21lLkFsbCZyZWRpcmVjdF91cmk9aHR0cHMlM2ElMmYlMmZ3d3cub2ZmaWNlLmNvbSUyZmxhbmRpbmd2MiZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc3RhdGU9Ry1WbHFjdHlYSm9RYXpOZHM2UFduVzdHSEJfSlJNTkNRTklzY21ObTQ5eTh3eUJtMGlvQWJQSHpCRTNqelBMR0N5azJ4TEtPQXFiSnR3VExUTERVcW5BSkZ1TjVTaThBRmpCWEt5ZHpoYjZ4NEVJaTNfTjBvRnk5dlZOSFlCaldCeURQNjZ0NW01UmEwMWZTSWc1Q19TaW1JcThvMW5wbHpFank5WWg1enpKTTZZUmlFSTgySUs2UHpYeXkzMkhBXzQycGJ4MER2Wnc1MjVIcGN1VmdNQTFWV1BaaUNLRmx5M0pFbk1QVGg3TGRmb282dy00eEprVWhreXdabFAtV3VsbXBPM3ByUnNlR1lLQklWVnBsSncmcmVzcG9uc2VfbW9kZT1mb3JtX3Bvc3Qmbm9uY2U9NjM3OTI5OTAzNzc2NDY2NjgxLlkyWTRZak5qT1dJdE5XUmxNaTAwTldSbUxXRXlOR0V0TkdNeE0yUmhOamhtTW1ZMU5USTNZbU01T1RNdE9XRXlOaTAwWVdKakxUZzVaREF0WW1ZeU1qZ3dPV0ZqTVdVeCZsb2dpbl9oaW50PXQlNDB0ZXN0LmNvbSZ4LWNsaWVudC1TS1U9SURfTkVUU1RBTkRBUkQyXzAmeC1jbGllbnQtVmVyPTYuMTIuMS4wJnVhaWQ9ZjRhMGNmNWJmNTk0NGFjMzhhZjljODk5OTE1MDc5ODkmbXNwcm94eT0xJmlzc3Vlcj1tc28mdGVuYW50PWNvbW1vbiZ1aV9sb2NhbGVzPWVuLVVTJmVwY3Q9UEFRQUJBQUVBQUFELS1ETEEzVk83UXJkZGdKZzdXZXZydXctVW9Id2xaaGQ0am85LUd2QVAxcE1DR24tQkRvbThvSGRwQlhGQzVDclcwR0JsSjY0S2RfX1B6TG9TNzFpZHhGTFFiQWtOcDR2bnltTFptSkZtTHNSX3N6QWtWRVF2U0NoWGo4bzhDWVpTaWZwMDVhbUU2RXNXMk4wTzJuWE5Dd2JUTy1vcU43aEhHZXBKVUw0VmNiYllhbVFPb1NfNjc2MzBjaUJJaGt0c1lGb2FWQkRGRmhIN01TT0hDZHZka3Jza1R4YWlhMHA4eDdneWlIY0VuQ0FBJmpzaHM9MCM=
Frame ID: 66C99CCA7F094FA0F1788B0DC8A016CA
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.a-muse.tv/out.php?out=https://msipartes.cl%2Fnew%2Fauth%2FsaD1%2F%2F%2F%2FdEB0ZXN0LmNv... Page URL
-
https://itameriica.com/?sykhhavq&qrc=t@test.com
HTTP 302
https://airmnio.xyz/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2Fpcm1uaW8ue... HTTP 302
https://airmnio.xyz/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f9376527... Page URL
Detected technologies
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.a-muse.tv/out.php?out=https://msipartes.cl%2Fnew%2Fauth%2FsaD1%2F%2F%2F%2FdEB0ZXN0LmNvbQ== Page URL
-
https://itameriica.com/?sykhhavq&qrc=t@test.com
HTTP 302
https://airmnio.xyz/?sign=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1cmwiOiJodHRwczovL2Fpcm1uaW8ueHl6IiwiZG9tYWluIjoiYWlybW5pby54eXoiLCJrZXkiOiJLU01Kd2JIVDVxekEiLCJxcmMiOiJ0QHRlc3QuY29tIiwiaWF0IjoxNjkwMjY5NDQwLCJleHAiOjE2OTAyNjk1NjB9.h0jgbMyd8tqiAxqx0uewwl2pPB-C2O21RW1ls0Hic5c HTTP 302
https://airmnio.xyz/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=v%40vguv.eqo Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://airmnio.xyz/__//eqooqp/qcwvj2/x2.0/cwvjqtkbg?enkgpv_kf=4765445d-32e6-49d0-83g6-1f93765276ec&tgfktgev_wtk=jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hncpfkpix2&tgurqpug_varg=eqfg%20kf_vqmgp&ueqrg=qrgpkf%20rtqhkng%20jvvru%3C%2H%2Hyyy.qhhkeg.eqo%2Hx2%2HQhhkegJqog.Cnn&tgurqpug_oqfg=hqto_rquv&pqpeg=637929903776466681.A2A4AlPlQYKvPYTnOk00PYToNYGaPIGvPIOzO2TjPljoOoA1PVK3AoO5QVOvQYGaPk00AYLlNVi5BFCvAoAaOliyQYHlOYWz&wk_nqecngu=gp-WU&omv=gp-WU&uvcvg=I-XnsevaZLqScbPfu6RYpY7IJD_LTOPESPKueoPo49a8yaDo0kqCdRJbDG3lbRNIEam2zNMQCsdLvyVNVNFWspCLHwP5Uk8CHlDZMafbjd6z4GKk3_P0qHa9xXPJADlYDaFR66v5o5Tc01hUKi5E_UkoKs8q1prnbGla9Aj5bbLO6ATkGK82KM6RbZaa32JC_42rdz0FxBy525JrewXiOC1XYRBkEMHna3LGpORVj7Nfhqq6y-4zLmWjmayBnR-YwnorQ3rtTugIAMDKXXrnLy&z-enkgpv-UMW=KF_PGVUVCPFCTF2_0&z-enkgpv-xgt=6.12.1.0&ste=v%40vguv.eqo&sso_reload=true HTTP 302
- https://airmnio.xyz/redirect.cgi?ref=aHR0cHM6Ly9sb2dpbi5saXZlLmNvbS9vYXV0aDIwX2F1dGhvcml6ZS5zcmY/Y2xpZW50X2lkPTQ3NjU0NDViLTMyYzYtNDliMC04M2U2LTFkOTM3NjUyNzZjYSZzY29wZT1vcGVuaWQrcHJvZmlsZStodHRwcyUzYSUyZiUyZnd3dy5vZmZpY2UuY29tJTJmdjIlMmZPZmZpY2VIb21lLkFsbCZyZWRpcmVjdF91cmk9aHR0cHMlM2ElMmYlMmZ3d3cub2ZmaWNlLmNvbSUyZmxhbmRpbmd2MiZyZXNwb25zZV90eXBlPWNvZGUraWRfdG9rZW4mc3RhdGU9Ry1WbHFjdHlYSm9RYXpOZHM2UFduVzdHSEJfSlJNTkNRTklzY21ObTQ5eTh3eUJtMGlvQWJQSHpCRTNqelBMR0N5azJ4TEtPQXFiSnR3VExUTERVcW5BSkZ1TjVTaThBRmpCWEt5ZHpoYjZ4NEVJaTNfTjBvRnk5dlZOSFlCaldCeURQNjZ0NW01UmEwMWZTSWc1Q19TaW1JcThvMW5wbHpFank5WWg1enpKTTZZUmlFSTgySUs2UHpYeXkzMkhBXzQycGJ4MER2Wnc1MjVIcGN1VmdNQTFWV1BaaUNLRmx5M0pFbk1QVGg3TGRmb282dy00eEprVWhreXdabFAtV3VsbXBPM3ByUnNlR1lLQklWVnBsSncmcmVzcG9uc2VfbW9kZT1mb3JtX3Bvc3Qmbm9uY2U9NjM3OTI5OTAzNzc2NDY2NjgxLlkyWTRZak5qT1dJdE5XUmxNaTAwTldSbUxXRXlOR0V0TkdNeE0yUmhOamhtTW1ZMU5USTNZbU01T1RNdE9XRXlOaTAwWVdKakxUZzVaREF0WW1ZeU1qZ3dPV0ZqTVdVeCZsb2dpbl9oaW50PXQlNDB0ZXN0LmNvbSZ4LWNsaWVudC1TS1U9SURfTkVUU1RBTkRBUkQyXzAmeC1jbGllbnQtVmVyPTYuMTIuMS4wJnVhaWQ9ZjRhMGNmNWJmNTk0NGFjMzhhZjljODk5OTE1MDc5ODkmbXNwcm94eT0xJmlzc3Vlcj1tc28mdGVuYW50PWNvbW1vbiZ1aV9sb2NhbGVzPWVuLVVTJmVwY3Q9UEFRQUJBQUVBQUFELS1ETEEzVk83UXJkZGdKZzdXZXZydXctVW9Id2xaaGQ0am85LUd2QVAxcE1DR24tQkRvbThvSGRwQlhGQzVDclcwR0JsSjY0S2RfX1B6TG9TNzFpZHhGTFFiQWtOcDR2bnltTFptSkZtTHNSX3N6QWtWRVF2U0NoWGo4bzhDWVpTaWZwMDVhbUU2RXNXMk4wTzJuWE5Dd2JUTy1vcU43aEhHZXBKVUw0VmNiYllhbVFPb1NfNjc2MzBjaUJJaGt0c1lGb2FWQkRGRmhIN01TT0hDZHZka3Jza1R4YWlhMHA4eDdneWlIY0VuQ0FBJmpzaHM9MCM=
7 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
out.php
www.a-muse.tv/ |
607 B 817 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
__utm.gif
ssl.google-analytics.com/r/ |
35 B 197 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dEB0ZXN0LmNvbQ==
msipartes.cl/new/auth/saD1//// |
0 277 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
cwvjqtkbg
airmnio.xyz/__//eqooqp/qcwvj2/x2.0/ Redirect Chain
|
20 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
BssoInterrupt_Core_Idq2Hj-dVynnBd7zEp44UQ2.js
airmnio.xyz/aadcdn.msftauth.net/~/shared/1.0/content/js/ |
135 KB 49 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
redirect.cgi
airmnio.xyz/ Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=571735373&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~){kind=link}
%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=571735373&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~){kind=link}
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .a-muse.tv/ | Name: __utma Value: 97203727.1430195058.1690269439.1690269439.1690269439.1 |
|
| .a-muse.tv/ | Name: __utmc Value: 97203727 |
|
| .a-muse.tv/ | Name: __utmz Value: 97203727.1690269439.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
| .a-muse.tv/ | Name: __utmt Value: 1 |
|
| .a-muse.tv/ | Name: __utmb Value: 97203727.1.10.1690269439 |
|
| itameriica.com/ | Name: qPdM Value: KSMJwbHT5qzA |
|
| itameriica.com/ | Name: qPdM.sig Value: D7iWykyUKC3os6iERR2tIiCL0ic |
|
| airmnio.xyz/ | Name: qPdM Value: KSMJwbHT5qzA |
|
| airmnio.xyz/ | Name: qPdM.sig Value: D7iWykyUKC3os6iERR2tIiCL0ic |
|
| airmnio.xyz/ | Name: fpc Value: AmqOZapCZkZAoyw38Pn9fy0 |
|
| airmnio.xyz/ | Name: x-ms-gateway-slice Value: estsfd |
|
| airmnio.xyz/ | Name: stsservicecookie Value: estsfd |
|
| .airmnio.xyz/ | Name: AADSSO Value: NA|NoExtension |
|
| airmnio.xyz/ | Name: SSOCOOKIEPULLED Value: 1 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
airmnio.xyz
itameriica.com
msipartes.cl
ssl.google-analytics.com
www.a-muse.tv
165.227.148.68
190.107.177.32
2a00:1450:4001:801::2008
54.65.34.10
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
413ad729c7af4583ace9ef31c9b1e425b24751c4f5baeb6a42fc3e5745acbcf3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5820e6ce7873ac8e376f3175b4d57fcd4a65c1426b36e3de80f96fabc388060
e9f4e5a7c6ce58c1c8c922973b7f9731de0aa82b61430cfee369d971d34425dd