urlscan.io logo urlscan.io
SecurityTrails logo

www.cessica.com Open in urlscan Pro
93.89.224.193  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/cesx916b
Effective URL: http://www.cessica.com/B/916.php
Submission: On March 06 via api from SA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 18 HTTP transactions. The main IP is 93.89.224.193, located in Turkey and belongs to TR-ISIMTESCIL-20201202, TR. The main domain is www.cessica.com.
This is the only time www.cessica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-PR...)
3 93.89.224.193 51557 (TR-ISIMTE...)
2 192.243.59.20 39572 (ADVANCEDH...)
4 104.19.134.78 13335 (CLOUDFLAR...)
7 104.19.137.80 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 54.154.164.132 16509 (AMAZON-02)
18 6
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
3    93.89.224.193 (Turkey)

ASN51557 (TR-ISIMTESCIL-20201202, TR)
PTR: 93-89-224-193.fbs.com.tr
www.cessica.com
2    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
9xeqynu3gt7c.com
4    104.19.134.78 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
servicer.mgid.com
cm.mgid.com
c.mgid.com
7    104.19.137.80 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.steepto.com
cm.steepto.com
s-img.steepto.com
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    54.154.164.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
Domain Requested by
4 s-img.steepto.com www.cessica.com
3 www.cessica.com www.cessica.com
2 match.adsrvr.org 2 redirects
2 cm.steepto.com jsc.mgid.com
2 fonts.gstatic.com www.cessica.com
2 9xeqynu3gt7c.com www.cessica.com
1 c.mgid.com
1 cm.mgid.com www.cessica.com
1 servicer.mgid.com jsc.mgid.com
1 cdn.steepto.com www.cessica.com
1 jsc.mgid.com www.cessica.com
1 bit.ly 1 redirects
18 12

This site contains links to these domains. Also see Links.

Domain
direct-link.net
9xeqynu3gt7c.com
steepto.com
herbeauty.co
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-09 -
2021-07-09		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-17 -
2021-05-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://www.cessica.com/B/916.php
Frame ID: 46D0CB96129EB5616F8A455CD29B3C01
Requests: 18 HTTP requests in this frame

Frame: https://cm.steepto.com/i-noref.js?cbuster=1615018037164134134433
Frame ID: 0F57F7AF006AF3352DE129BA6E8DBE38
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://bit.ly/cesx916b HTTP 301
    http://www.cessica.com/B/916.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

18
Requests

72 %
HTTPS

14 %
IPv6

7
Domains

12
Subdomains

6
IPs

4
Countries

202 kB
Transfer

384 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/cesx916b HTTP 301
    http://www.cessica.com/B/916.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=577b5b8f-1059-44d5-a912-5b3a3950cf34&ttl=1617610037

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 916.php
www.cessica.com/B/
Redirect Chain
  • https://bit.ly/cesx916b
  • http://www.cessica.com/B/916.php
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.cessica.com/B/916.php
Protocol
HTTP/1.1
Server
93.89.224.193 , Turkey, ASN51557 (TR-ISIMTESCIL-20201202, TR),
Reverse DNS
93-89-224-193.fbs.com.tr
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
34e4f8adeaef61cf7392871c4c1478d0c44d7cdc0beb8d35256c6328f10fad32

Request headers

Host
www.cessica.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html; charset=UTF-8
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
X-Powered-By-Plesk
PleskWin
Date
Sat, 06 Mar 2021 08:07:12 GMT
Cteonnt-Length
1579
Cache-Control
private
Content-Encoding
gzip
Content-Length
867

Redirect headers

server
nginx
date
Sat, 06 Mar 2021 08:07:14 GMT
content-type
text/html; charset=utf-8
content-length
119
cache-control
private, max-age=90
content-security-policy
referrer always;
location
http://www.cessica.com/B/916.php
referrer-policy
unsafe-url
set-cookie
_bit=l2687e-2dbf6ac41d46739638-00o; Domain=bit.ly; Expires=Thu, 02 Sep 2021 08:07:14 GMT
via
1.1 google
alt-svc
clear
portal.css
www.cessica.com/B/ 		1 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.cessica.com/B/portal.css
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
HTTP/1.1
Server
93.89.224.193 , Turkey, ASN51557 (TR-ISIMTESCIL-20201202, TR),
Reverse DNS
93-89-224-193.fbs.com.tr
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b7278b963289b2d498ac700f3932093da66c9dba49c045e7988f47ddabd6f4dc

Request headers

Referer
http://www.cessica.com/B/916.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Cteonnt-Length
1093
Date
Sat, 06 Mar 2021 08:07:12 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Mar 2020 10:43:02 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"a0788c7d244d61:0"
Content-Type
text/css
Cache-Control
private
Accept-Ranges
bytes
Content-Length
414
147a7870f4fb3eecf2c7e2bcd36187c2.js
9xeqynu3gt7c.com/14/7a/78/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://9xeqynu3gt7c.com/14/7a/78/147a7870f4fb3eecf2c7e2bcd36187c2.js
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
HTTP/1.1
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 06 Mar 2021 08:07:15 GMT
Server
nginx/1.17.9
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
video.gif
www.cessica.com/B/images/ 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.cessica.com/B/images/video.gif
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
HTTP/1.1
Server
93.89.224.193 , Turkey, ASN51557 (TR-ISIMTESCIL-20201202, TR),
Reverse DNS
93-89-224-193.fbs.com.tr
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ab5208d95c64715bf62b2382d8ffb9712d3463a7ed0bdb57a34f528a23f8f9e6

Request headers

Referer
http://www.cessica.com/B/916.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Powered-By-Plesk
PleskWin
Date
Sat, 06 Mar 2021 08:07:12 GMT
Last-Modified
Fri, 27 Mar 2020 10:43:48 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
ETag
"5cf72b99244d61:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
33250
cessica.com.752338.js
jsc.mgid.com/c/e/ 		248 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/c/e/cessica.com.752338.js
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efcc30ae4e540a2bce3d95235660354ce5fcb0b2d024f0c5df7be157051c0886

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 08:07:15 GMT
content-encoding
br
cf-cache-status
HIT
age
2270
cf-polished
origSize=254474
last-modified
Tue, 02 Mar 2021 12:22:40 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
C44A94EE4A02E4A9
x-amz-id-2
RLbt0XeHF3zbSmQKrKspjC60d37zoq6fpI1dORFDBa7WLYJtCAgyOm023QutY9SmK9Xhj5dsmT4=
cf-bgj
minify
server
cloudflare
etag
W/"1ce123205ac7a1b81cdf2634cf929ca8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
08a82ca13b00001d1ed736f000000001
cf-ray
62ba16e1fcfc1d1e-CPH
expires
Sat, 06 Mar 2021 11:07:15 GMT
invoke.js
9xeqynu3gt7c.com/aee11b6d4361aedf9af15bd1e8073e74/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://9xeqynu3gt7c.com/aee11b6d4361aedf9af15bd1e8073e74/invoke.js
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
HTTP/1.1
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 06 Mar 2021 08:07:15 GMT
Server
nginx/1.17.9
Connection
keep-alive
Content-Type
application/javascript
Content-Length
0
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
steepto_logo_mini_45.png
cdn.steepto.com/images/steepto/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.steepto.com/images/steepto/steepto_logo_mini_45.png
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.137.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 08:07:17 GMT
cf-cache-status
HIT
age
5643
cf-ray
62ba16ebc8ded8a9-CPH
content-length
2745
x-amz-id-2
D9iOMP45/y0UkZLGbxL/c0iJYqGOH5/pg7+69U07n9HFUMfhqXDHZ5VK5BXzUoZGNjwtqaTEGIE=
last-modified
Mon, 04 May 2020 12:16:55 GMT
server
cloudflare
etag
"7e16c555b09abddb8088e5bfca7a1cde"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
EA5FA32AE70E6CD8
cache-control
public, max-age=14400
cf-request-id
08a82ca7580000d8a9af00b000000001
accept-ranges
bytes
content-type
image/png
expires
Sat, 06 Mar 2021 12:07:17 GMT
truncated
/ 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v10/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v10/k3k702ZOKiLJc3WVjuplzOgdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.cessica.com
Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 19:41:26 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:08:16 GMT
server
sffe
age
131150
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16224
x-xss-protection
0
expires
Fri, 04 Mar 2022 19:41:26 GMT
1
servicer.mgid.com/752338/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/752338/1?w=905&h=226&cols=4&pv=5&cbuster=1615018036357313727504&uniqId=0271d&niet=4g&nisd=false&ref=&cxurl=http%3A%2F%2Fwww.cessica.com%2FB%2F916.php&lu=http%3A%2F%2Fwww.cessica.com%2FB%2F916.php&pageView=1&pvid=17806938c87b8523c92&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/e/cessica.com.752338.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a468416cdbbbc3e82e9c62d9e3b2d576656e66a9ab85b07edc6417f0b7cca322

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 08:07:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ba16e77e671d1e-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a82ca4a700001d1ef291c000000001
cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v10/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
http://www.cessica.com
Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 03 Mar 2021 21:23:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 21 Aug 2014 18:06:58 GMT
server
sffe
age
211412
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15556
x-xss-protection
0
expires
Thu, 03 Mar 2022 21:23:45 GMT
i.js
cm.steepto.com/ 		130 B
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.steepto.com/i.js?&cbuster=1615018037127998984143
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/e/cessica.com.752338.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.137.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81b1b2a0681e16cf1650dbe71dcf27ef0a1273ffabd259c9f4aab63b1fdb7c04

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 08:07:17 GMT
content-encoding
br
cf-cache-status
MISS
x-mg-request-uuid
50130089-c962-4f8e-a3ba-735487e4a548
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
62ba16ec3960d8a9-CPH
cf-request-id
08a82ca7a40000d8a99c812000000001
server
cloudflare
i-noref.js
cm.steepto.com/ Frame 0F57 		19 B
238 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.steepto.com/i-noref.js?cbuster=1615018037164134134433
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/c/e/cessica.com.752338.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.137.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 08:07:17 GMT
cf-cache-status
MISS
x-mg-request-uuid
467cb581-5748-4888-ac16-f3a6cc95201e
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
62ba16ec5996d8a9-CPH
content-length
19
cf-request-id
08a82ca7b70000d8a982b36000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp
s-img.steepto.com/g/8164889/492x328/0x124x565x376/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8164889/492x328/0x124x565x376/aHR0cDovL2ltZ2hvc3RzLmNvbS90Yy8yMDE5LTA2LzEwMTkyNC9hY2JhYmRlMmRjNTkzODFkMzAyYzhkMmM4ODEyOWE2Ny5qcGc.webp?v=1615018036-EqntF9gqb7JqEua916N9UtfZrO2OaXLFA8y9m0N36nQ
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.137.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9147e56702cac804cff4b646db96efe455be370caeba029965acd0f375d00da1

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 08:07:17 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Feb 2021 10:20:16 GMT
x-mg-request-uuid
ef027a81-f99c-4f5c-abeb-e451af84d8e1
age
2236848
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62ba16ec99d4d8a9-CPH
content-length
18200
cf-request-id
08a82ca7e00000d8a94c8db000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.steepto.com/g/8164912/492x328/0x0x1081x720/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8164912/492x328/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1615018036-D2j-MDsbTRuRoVQvcq6tnTKPlmfPJcRJjCG9c9-T6NE
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.137.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9890b523125c63685ab6e157e022072740363afb75a023b694cec0b986a25481

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 08:07:17 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Feb 2021 10:20:18 GMT
x-mg-request-uuid
1c41c12c-f3b3-46ab-90e6-5994098643f2
age
2236003
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62ba16eca9dcd8a9-CPH
content-length
12790
cf-request-id
08a82ca7e50000d8a95c3a1000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2QzMDdkY2YwNmZiMzUwMjQ5NmZiMjNmMzA4MzMwNjc2LmpwZWc.webp
s-img.steepto.com/g/8164894/492x328/72x0x1009x672/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8164894/492x328/72x0x1009x672/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTAvMTAxOTI0L2QzMDdkY2YwNmZiMzUwMjQ5NmZiMjNmMzA4MzMwNjc2LmpwZWc.webp?v=1615018036-cC_grIsrlkrZPtuyhOLs4w4LNrFmdVjy3pZjnq0cTps
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.137.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c855da7d6a9ea7c971ed9cb6a6c9005cae2914ac88337feed3f8202c678e87c

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 08:07:17 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Feb 2021 10:20:21 GMT
x-mg-request-uuid
088e8ba8-2480-4744-8ffa-2a39145a7d27
age
2235052
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62ba16eca9e1d8a9-CPH
content-length
16950
cf-request-id
08a82ca7e60000d8a99fae5000000001
server
cloudflare
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp
s-img.steepto.com/g/8193525/492x328/0x311x684x456/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.steepto.com/g/8193525/492x328/0x311x684x456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDcvMTAxOTI0L2Y3YjcyMzU4OWJiMjVhMzQ1ZTNmZWQxM2ZjZTA0NzE2LmpwZWc.webp?v=1615018036-QfK8Zg9YhKD_4JHu_JLPf9EOrAO-UvleR0FcdvBiW4g
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.137.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32288afbbd582a50540b8ff709114b8ecc273d16be5364e4e5e0ad9f8904630a

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Mar 2021 08:07:17 GMT
cf-cache-status
HIT
last-modified
Wed, 10 Feb 2021 07:15:18 GMT
x-mg-request-uuid
303917f5-c98a-4d30-a1d6-ef1162b67054
age
2074944
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
62ba16eca9ead8a9-CPH
content-length
16692
cf-request-id
08a82ca7ec0000d8a969067000000001
server
cloudflare
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=577b5b8f-1059-44d5-a912-5b3a3950cf34&ttl=1617610037
43 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=577b5b8f-1059-44d5-a912-5b3a3950cf34&ttl=1617610037
Requested by
Host: www.cessica.com
URL: http://www.cessica.com/B/916.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 08:07:17 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
65f7ab27-dab7-4897-a66f-d6fbd9cee894
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ba16eeaac31d1e-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a82ca92500001d1ee58b6000000001
server
cloudflare

Redirect headers

pragma
no-cache
date
Sat, 06 Mar 2021 08:07:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=577b5b8f-1059-44d5-a912-5b3a3950cf34&ttl=1617610037
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
c
c.mgid.com/ 		43 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.mgid.com/c?f=1&pv=3&v=217|218|12|D8OcK-Ya0mwCxYIxs_m_5Q7zr7Me1DCuhq_-J8tHNSdz1LXxuLONpqiZ6CBw8GJE&fw=1&extjs=66044&v=217|218|12|D8OcK-Ya0mwCxYIxs_m_5YrqLZS5l3LJFa1nWh5hZnMypphwdiDl1J6uIuCYUg69&v=217|218|12|D8OcK-Ya0mwCxYIxs_m_5Ugvkr7KUFjmTgE9tKV5B27FuGAyfqQ_HjICPep2jzIC&v=217|218|12|D8OcK-Ya0mwCxYIxs_m_5QyTLjJM0opF7GHR6N70-LR_5jHZzjGNhj-LptHxdvnA&cid=752338&h2=si8YD9Y-EMh_uDaTkW6cpPipXWmXoyK9uPIj9YLUXmQ*&rid=f72ad9c7-7e52-11eb-8227-d094662c24f7&tt=Direct&iv=11&pageImp=1&cbuster=161501803846227713163&tpl=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
http://www.cessica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 06 Mar 2021 08:07:18 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
03fd8caf-4421-48aa-8e2c-8b3e192921ae
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
62ba16f48d361d1e-CPH
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08a82cacd600001d1ee1069000000001
server
cloudflare

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated object| atOptions boolean| mgCanLoad752338 boolean| mgFallback752338 boolean| mgShortWidget752338 boolean| mgUseConvertedCode752338 string| mgRootId752338 object| div752338 string| rootDiv752338 string| mgPreloadId752338 object| _mgIntExchangeNews object| MarketGidInfC752338 function| MarketGidCContextBlock752338 function| MarketGidCMainBlock752338 function| MarketGidCAdvertLinkBlock752338 function| MarketGidCInternalExchangeBlock752338 function| MarketGidCColorBlock752338 function| MarketGidCUtilsBlock752338 function| MarketGidCMonitorBlock752338 function| MarketGidCRejectBlock752338 function| MarketGidCCriteoBlock752338 function| MarketGidCAmpRenderBlock752338 function| MarketGidCInternalExchangeLoggerBlock752338 function| MarketGidCObserverBlock752338 function| MarketGidCSspDoubleClickBlock752338 function| MarketGidCSendDimensionsBlock752338 function| MarketGidCAntifraudBlock752338 function| MarketGidCAntifraudStatisticsBlock752338 function| MarketGidCRtbBlock752338 function| MarketGidCActivateDelayBlock752338 function| MarketGidCIframeSizeChangerBlock752338 function| MarketGidCAccidentalClicksBlock752338 function| MarketGidCExternalCountersBlock752338 function| MarketGidCYandexTurboBlock752338 function| MarketGidCContentPreviewBlock752338 function| MarketGidCCountersBlock752338 function| MarketGidCGradientBlock752338 function| MarketGidCResponsiveBlock752338 object| onClickExcludes function| mgReject752338 function| mgLoadAds752338_0271d function| MarketGidCReject752338 function| MarketGidLoadGoods752338_0271d function| AdskeeperCReject752338 function| AdskeeperLoadGoods752338_0271d function| LentaInformCReject752338 function| LentaInformLoadGoods752338_0271d function| IdealMediaCReject752338 function| IdealMediaLoadGoods752338_0271d boolean| mg_loaded_499651_752338 string| _mgCanonicalUri boolean| _mgPageView499651 object| _mgq function| _mgqp number| _mgqt number| _mgqi function| LoadCriteoAllPlaces752338_0271d boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgwcapping boolean| _mgPageImp499651

0 Cookies

1 Console Messages

Source Level URL
Text
console-api debug URL: https://jsc.mgid.com/c/e/cessica.com.752338.js(Line 1)
Message:
[object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9xeqynu3gt7c.com
bit.ly
c.mgid.com
cdn.steepto.com
cm.mgid.com
cm.steepto.com
fonts.gstatic.com
jsc.mgid.com
match.adsrvr.org
s-img.steepto.com
servicer.mgid.com
www.cessica.com
104.19.134.78
104.19.137.80
192.243.59.20
2a00:1450:4001:812::2003
54.154.164.132
67.199.248.10
93.89.224.193
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32288afbbd582a50540b8ff709114b8ecc273d16be5364e4e5e0ad9f8904630a
34e4f8adeaef61cf7392871c4c1478d0c44d7cdc0beb8d35256c6328f10fad32
5c855da7d6a9ea7c971ed9cb6a6c9005cae2914ac88337feed3f8202c678e87c
81b1b2a0681e16cf1650dbe71dcf27ef0a1273ffabd259c9f4aab63b1fdb7c04
9147e56702cac804cff4b646db96efe455be370caeba029965acd0f375d00da1
9890b523125c63685ab6e157e022072740363afb75a023b694cec0b986a25481
a25a570158e49fe829d9c77d2e0400d0c822ef464d40f55eba7ef71b98f98745
a468416cdbbbc3e82e9c62d9e3b2d576656e66a9ab85b07edc6417f0b7cca322
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab5208d95c64715bf62b2382d8ffb9712d3463a7ed0bdb57a34f528a23f8f9e6
abcbe0423061bbf5caca8b070eb57c5ea831fde8cca4af206f8b48938142b4e1
b7278b963289b2d498ac700f3932093da66c9dba49c045e7988f47ddabd6f4dc
efcc30ae4e540a2bce3d95235660354ce5fcb0b2d024f0c5df7be157051c0886