grupomartini.com Open in urlscan Pro
91.213.50.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ecs1.engageya.com/gas-api/click.json?spid=0&swebid=94608&ssubid=1120_3896&dpid=29541674&dwebid=107198&wid=54971&ll...
Effective URL:
https://grupomartini.com/p/155485431246748248233703416679193092786805727044098645471482
Submission: On June 26 via api (June 26th 2023, 1:18:00 am UTC) from BE — Scanned from DE

Summary HTTP 3 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 3 HTTP transactions. The main IP is 91.213.50.68, located in and belongs to . The main domain is grupomartini.com.
TLS certificate: Issued by R3 on June 20th 2023. Valid for: 3 months.

This is the only time grupomartini.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	95.142.20.17 95.142.20.17	20645 (PUREPEAK-ASN) (PUREPEAK-ASN)
1	91.213.50.68 91.213.50.68	() ()
3	3

1 95.142.20.17 (Israel)

ASN20645 (PUREPEAK-ASN, IL)

ecs1.engageya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.213.50.68 (None, )

ASN- ()

grupomartini.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	grupomartini.com grupomartini.com	405 B
1	engageya.com ecs1.engageya.com	644 B
0	nuddek.com Failed dhl.00094545684248-id.nuddek.com Failed
3	3

	Domain	Requested by
1	grupomartini.com	ecs1.engageya.com
1	ecs1.engageya.com
0	dhl.00094545684248-id.nuddek.com Failed	grupomartini.com
3	3

This site contains no links.

Subject Issuer	Validity	Valid
grupomartini.com R3	`2023-06-20` - `2023-09-18`	3 months	crt.sh

This page contains 1 frames:

Frame: https://dhl.00094545684248-id.nuddek.com/tracking/4240393?page=307
Frame ID: 559BECFDEAD0F8C4598F3308D5572593
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ecs1.engageya.com/gas-api/click.json?spid=0&swebid=94608&ssubid=1120_3896&dpid=29541674&dwebid... Page URL
https://grupomartini.com/p/155485431246748248233703416679193092786805727044098645471482 Page URL

Page Statistics

3
Requests

33 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1 kB
Transfer

0 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ecs1.engageya.com/gas-api/click.json?spid=0&swebid=94608&ssubid=1120_3896&dpid=29541674&dwebid=107198&wid=54971&ll=1&target=https://grupomartini.com/p/155485431246748248233703416679193092786805727044098645471482 Page URL
https://grupomartini.com/p/155485431246748248233703416679193092786805727044098645471482 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://dhl.00094545684248-id.nuddek.com/dlogin.php?page=307 HTTP 302
https://dhl.00094545684248-id.nuddek.com/tracking/4240393?page=307

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	click.json ecs1.engageya.com/gas-api/	162 B 644 B	94ms 59ms	Document text/html	95.142.20.17 PUREPEAK-ASN
General Check archive.org Show headers Download Go to Full URL http://ecs1.engageya.com/gas-api/click.json?spid=0&swebid=94608&ssubid=1120_3896&dpid=29541674&dwebid=107198&wid=54971&ll=1&target=https://grupomartini.com/p/155485431246748248233703416679193092786805727044098645471482 Protocol HTTP/1.1 Server 95.142.20.17 , Israel, ASN20645 (PUREPEAK-ASN, IL), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers date Mon, 26 Jun 2023 01:17:48 GMT server Apache-Coyote/1.1 transfer-encoding chunked
GET H/1.1	200 OK	Primary Request 155485431246748248233703416679193092786805727044098645471482 grupomartini.com/p/	144 B 405 B	9930ms 9480ms	Document text/html	91.213.50.68
General Check archive.org Show headers Download Go to Full URL https://grupomartini.com/p/155485431246748248233703416679193092786805727044098645471482 Requested by Host: ecs1.engageya.com URL: http://ecs1.engageya.com/gas-api/click.json?spid=0&swebid=94608&ssubid=1120_3896&dpid=29541674&dwebid=107198&wid=54971&ll=1&target=https://grupomartini.com/p/155485431246748248233703416679193092786805727044098645471482 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.213.50.68 -, , ASN (), Reverse DNS Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16 Resource Hash Request headers Referer http://ecs1.engageya.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Length 144 Content-Type text/html; charset=utf-8 Date Mon, 26 Jun 2023 01:17:49 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 X-Powered-By PHP/5.4.16
GET		4240393 dhl.00094545684248-id.nuddek.com/tracking/ Redirect Chain https://dhl.00094545684248-id.nuddek.com/dlogin.php?page=307 https://dhl.00094545684248-id.nuddek.com/tracking/4240393?page=307	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dhl.00094545684248-id.nuddek.com
URL: https://dhl.00094545684248-id.nuddek.com/tracking/4240393?page=307

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.engageya.com/	1970-01-20 21:34:38	Name: gituid Value: 40cfd78f-1a8f-47f9-aa54-f304818b2291
.engageya.com/	1970-01-20 21:34:38	Name: gitct Value: AAGivgHCxSoRFyJx
.engageya.com/	1970-01-20 21:34:38	Name: gitvps Value: "AcLFKg=="

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dhl.00094545684248-id.nuddek.com
ecs1.engageya.com
grupomartini.com
dhl.00094545684248-id.nuddek.com
91.213.50.68
95.142.20.17

grupomartini.com Open in urlscan Pro 91.213.50.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

3 Requests

33 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

1 kBTransfer

0 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

3 Cookies

Indicators

grupomartini.com Open in urlscan Pro
91.213.50.68 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

33 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

1 kB
Transfer

0 kB
Size

3
Cookies

3 HTTP transactions
0 data transactions