thisweekf1.live
Open in
urlscan Pro
46.101.221.17
Public Scan
Submitted URL: http://sh0w-me-how.com/clk/VvtGAifRgy69Dz-2_88A1iV7kGsupyDjmIE8nQ59zlHsZ0czVJCPABk4SB6cifIzdOpyYHCbVJ5d-GvKWfBZZDE6DC-E...
Effective URL: https://thisweekf1.live/mt39djS/mc/rd23/lp.php?isp=Keyweb%20AG&ip=217.114.218.21&g=us&city=Unknown&browser=Chrome&os=Win...
Submission: On June 12 via manual from US — Scanned from DE
Effective URL: https://thisweekf1.live/mt39djS/mc/rd23/lp.php?isp=Keyweb%20AG&ip=217.114.218.21&g=us&city=Unknown&browser=Chrome&os=Win...
Submission: On June 12 via manual from US — Scanned from DE
Summary
This website contacted 2 IPs
in 2 countries
across 4 domains to perform 5 HTTP transactions.
The main IP is 46.101.221.17, located in
Frankfurt am Main, Germany and
belongs to DIGITALOCEAN-ASN, US.
The main domain is thisweekf1.live.
TLS certificate: Issued by R3 on June 12th 2023. Valid for: 3 months.
This is the only time thisweekf1.live was scanned on urlscan.io!
TLS certificate: Issued by R3 on June 12th 2023. Valid for: 3 months.
This is the only time thisweekf1.live was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 157.90.33.78 157.90.33.78 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 1 1 | 94.130.51.235 94.130.51.235 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 4 | 46.101.221.17 46.101.221.17 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
| 1 | 2a04:4e42:200... 2a04:4e42:200::485 | 54113 (FASTLY) (FASTLY) | |
| 5 | 2 |
1
94.130.51.235
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.235.51.130.94.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.235.51.130.94.clients.your-server.de
| bananatrk.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 4 |
thisweekf1.live
thisweekf1.live |
17 KB |
| 1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 377 |
26 KB |
| 1 |
bananatrk.com
1 redirects
bananatrk.com |
544 B |
| 1 |
sh0w-me-how.com
1 redirects
sh0w-me-how.com — Cisco Umbrella Rank: 4896 |
598 B |
| 5 | 4 |
| Domain | Requested by | |
|---|---|---|
| 4 | thisweekf1.live |
thisweekf1.live
|
| 1 | cdn.jsdelivr.net |
thisweekf1.live
|
| 1 | bananatrk.com | 1 redirects |
| 1 | sh0w-me-how.com | 1 redirects |
| 5 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| giftmania.click R3 |
2023-06-12 - 2023-09-10 |
3 months | crt.sh |
| jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4 |
2022-12-23 - 2024-01-24 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://thisweekf1.live/mt39djS/mc/rd23/lp.php?isp=Keyweb%20AG&ip=217.114.218.21&g=us&city=Unknown&browser=Chrome&os=Windows&trk=V1cxR2RWbFhOV2hrU0VweVRHMU9kbUpSUFQwPQ==&tsid=13&lpkey=166786b1602845f569&lng=en&t1=885115&t2=1333006&uclick=pma9k2a0fe&uclickhash=pma9k2a0fe-pma9k2a0fe-8w8w-k2i4-376o-b7qe-xosy-790fbb
Frame ID: 05F75EACEEBB64C37C2F215D8D584DCC
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
McAfee® Total ProtectionPage URL History Show full URLs
-
http://sh0w-me-how.com/clk/VvtGAifRgy69Dz-2_88A1iV7kGsupyDjmIE8nQ59zlHsZ0czVJCPABk4SB6cifIzdOpyYHCb...
HTTP 302
https://bananatrk.com/rdr.php?k=0aapr01drvikm9ob2kt3&clickid=GBI45who-ucecI6uUegB-4I2gAKn1-Dxi-_vZ... HTTP 302
https://thisweekf1.live/mt39djS/mc/rd23/lp.php?isp=Keyweb%20AG&ip=217.114.218.21&g=us&city=Unknown&b... Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://sh0w-me-how.com/clk/VvtGAifRgy69Dz-2_88A1iV7kGsupyDjmIE8nQ59zlHsZ0czVJCPABk4SB6cifIzdOpyYHCbVJ5d-GvKWfBZZDE6DC-E5D0iv8eeoXKBmknCFNbdBNycjZC5f71pHeocASoeCEMxsH-eAOxD7FhQIaoNOQGt95vb2NTfyfsfO5dpumOWYfdbLmHDxgerpI7BdfQBmUb9SoGCGfEOjFO1Uuv_S2dSRUZKIgvegVVHfMxJTqaU4D-29VIJXksYXRxoN2IAm2gdwznGOOj301BNPnIC2ech8kQ3jpg_1fVYbpH0OTxN5Pug26kt7lnDue9i-a8MYI2AAOyFD1Iopse6YB5DzbaAyopFH0LKFzZGCqJGWb2Rg2kp7bu_FycUZ-9pbgF2k3p1N1MdfUCRhRkdB12QJJ0Bc6sGFO2rJqLkAlP3iyZ5OioAHT8EeJaNSREqrDysH8fTJAcg1d0g0db_XtCxXlXO3n_9QRJYoTl_1XeAxUF2abg1hUrjwoiLjG_d4xaaTx5rwSG-wPW7HcgYMDpWEVtP5Npy3ElMpuks64uENOcNea498V3p8JUMwMB6_U5JErLaf-ic7NzTFZ78Gj7Qko72mmVdw-wjgshnkpyTZBaFaw1IVoeBjxYsWop3xxlQFSoVaKB2fLbns58G4ZZQ8ipb9mwrdv76LVlYJsixMQVrFDjj7K2KUnvdnFUKuqvEzfKybCQvJ1Hrtt_P016QlZHH9Y5Ske3a11mkDpY
HTTP 302
https://bananatrk.com/rdr.php?k=0aapr01drvikm9ob2kt3&clickid=GBI45who-ucecI6uUegB-4I2gAKn1-Dxi-_vZA&cost=0.2620&zoneid=885115&creativeid=1333006&agegroup=OLD&browser=Chrome&device=desktop&isp=Keyweb+AG&carrier=Keyweb+AG&feedid=18 HTTP 302
https://thisweekf1.live/mt39djS/mc/rd23/lp.php?isp=Keyweb%20AG&ip=217.114.218.21&g=us&city=Unknown&browser=Chrome&os=Windows&trk=V1cxR2RWbFhOV2hrU0VweVRHMU9kbUpSUFQwPQ==&tsid=13&lpkey=166786b1602845f569&lng=en&t1=885115&t2=1333006&uclick=pma9k2a0fe&uclickhash=pma9k2a0fe-pma9k2a0fe-8w8w-k2i4-376o-b7qe-xosy-790fbb Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
lp.php
thisweekf1.live/mt39djS/mc/rd23/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ |
157 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
functions.js
thisweekf1.live/mt39djS/mc/rd23/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
product.png
thisweekf1.live/mt39djS/mc/rd23/img/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en.js
thisweekf1.live/mt39djS/mc/rd23/js/f/ |
782 B 467 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend function| _0x584913 function| getURLParameter function| _0x367a string| hjck function| _0x4df4 function| followCTA object| script object| s2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| bananatrk.com/ | Name: uclick Value: pma9k2a0fe |
|
| bananatrk.com/ | Name: uclickhash Value: pma9k2a0fe-pma9k2a0fe-8w8w-k2i4-376o-b7qe-xosy-790fbb |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bananatrk.com
cdn.jsdelivr.net
sh0w-me-how.com
thisweekf1.live
157.90.33.78
2a04:4e42:200::485
46.101.221.17
94.130.51.235
3f3903921a4e0f71c358f1dc22d31028414082e956d167ee394b6ec619424025
627f42d7a7c9dac4de4e6f9fd23e29428d75d9c03cf85aec26d89c728dac5846
9a64ea364b332c1186cfb9ad62cc9261a6d05e709bcda706ba68c68d733b030f
c30599b731c7509ba80d59657d887771c5b7370929a2dc51acbff821993abbd9
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194