urlscan.io logo urlscan.io
SecurityTrails logo

cnamgs.net Open in urlscan Pro
2a02:4780:1e:7b8:40f0:2db6:9b29:6ef9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://mediscerdas.com/
Effective URL: https://cnamgs.net/
Submission Tags: phishingrod
Submission: On October 09 via api from DE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 6 HTTP transactions. The main IP is 2a02:4780:1e:7b8:40f0:2db6:9b29:6ef9, located in Asheville, United States and belongs to AS-HOSTINGER, CY. The main domain is cnamgs.net.
TLS certificate: Issued by R11 on September 8th 2024. Valid for: 3 months.
This is the only time cnamgs.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 172.67.174.41 13335 (CLOUDFLAR...)
1 4 2a02:4780:1e:... 47583 (AS-HOSTINGER)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
6 3
Apex Domain
Subdomains		 Transfer
4 cnamgs.net
cnamgs.net
95 KB
2 linkcdn.cloud
images.linkcdn.cloud — Cisco Umbrella Rank: 50920
21 KB
2 mediscerdas.com
mediscerdas.com
www.mediscerdas.com
966 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
31 KB
6 4
Domain Requested by
4 cnamgs.net 1 redirects cnamgs.net
2 images.linkcdn.cloud cnamgs.net
1 code.jquery.com cnamgs.net
1 www.mediscerdas.com 1 redirects
1 mediscerdas.com 1 redirects
6 5

This site contains links to these domains. Also see Links.

Domain
shorten.world
Subject Issuer Validity Valid
cnamgs.net
R11		 2024-09-08 -
2024-12-07		 3 months crt.sh
linkcdn.cloud
WE1		 2024-10-08 -
2025-01-06		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://cnamgs.net/
Frame ID: 20164691335BCB1BD0EA80E14068CB2B
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nagaslot777 >> Link Daftar Resmi Situs Mpo Gacor Slot777 Terbaru

Page URL History Show full URLs

  1. https://mediscerdas.com/ HTTP 301
    https://www.mediscerdas.com/ HTTP 301
    https://cnamgs.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

83 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

3
IPs

1
Countries

145 kB
Transfer

267 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://mediscerdas.com/ HTTP 301
    https://www.mediscerdas.com/ HTTP 301
    https://cnamgs.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://cnamgs.net/Landingapge_assets/qZWiylvY.json HTTP 302
  • https://cnamgs.net/

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cnamgs.net/
Redirect Chain
  • https://mediscerdas.com/
  • https://www.mediscerdas.com/
  • https://cnamgs.net/
41 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cnamgs.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:1e:7b8:40f0:2db6:9b29:6ef9 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
hcdn / PHP/8.2.14
Resource Hash
20d5afcf25f5f3646c149b088cd630f41f4713ea348be38845eebddfa24498c1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-length
8261
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 09 Oct 2024 03:47:34 GMT
panel
hpanel
platform
hostinger
server
hcdn
x-hcdn-cache-status
DYNAMIC
x-hcdn-request-id
2d7dec177479b6de287c882c80bb9e7b-phx-edge6
x-hcdn-upstream-rt
0.094
x-powered-by
PHP/8.2.14

Redirect headers

cache-control
max-age=3600
cf-ray
8cfb63dcbb8b2f76-LAX
content-length
167
content-type
text/html
date
Wed, 09 Oct 2024 03:47:34 GMT
expires
Wed, 09 Oct 2024 04:47:34 GMT
location
https://cnamgs.net/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Ua8o28UN91EACj5%2BFr8EwgQ8pMSO0CYGR8R8s8NxkQPqEA166sBSTmByo3FMgQJBv0aav6G%2F8ZDKhphbJffE%2FoNO8DUm552FuzX5i4AVdUiG881N0Bhpu%2FnhRmS%2B0zxYuWa9ZXw"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
logo-352795892.png
images.linkcdn.cloud/V2/110/logo/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.linkcdn.cloud/V2/110/logo/logo-352795892.png
Requested by
Host: cnamgs.net
URL: https://cnamgs.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2523be423c85075611ffaebe264c98d3d23c617b3204c16dea5e000ac76d819c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://cnamgs.net/

Response headers

cf-bgj
imgq:100,h2pri
etag
"e21976c1f54c54baf61f50c5e6c12986"
age
306200
cf-cache-status
HIT
expires
Thu, 09 Oct 2025 03:47:35 GMT
cf-polished
origFmt=png, origSize=24771
date
Wed, 09 Oct 2024 03:47:35 GMT
content-type
image/webp
content-disposition
inline; filename="logo-352795892.webp"
vary
Accept
last-modified
Tue, 13 Aug 2024 10:52:11 GMT
cache-control
public, max-age=31536000
cf-ray
8cfb63e13dd008ec-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
18486
server
cloudflare
login-nagaslot777.jpg
cnamgs.net/img/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnamgs.net/img/login-nagaslot777.jpg
Requested by
Host: cnamgs.net
URL: https://cnamgs.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:1e:7b8:40f0:2db6:9b29:6ef9 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
hcdn /
Resource Hash
18142e26d03923d6106f9b886012f86237bec1e2b57a7ed03b3a55fc60c47c66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://cnamgs.net/

Response headers

x-hcdn-request-id
20b3934ea4aa1a41f269bb1bba2c66f0-phx-edge6
cache-control
public, max-age=604800
x-hcdn-upstream-rt
0.116
x-hcdn-image-optimizer
f:webp q:85 w:1600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
78358
date
Wed, 09 Oct 2024 03:47:35 GMT
content-type
image/webp
x-hcdn-cache-status
MISS
server
hcdn
jquery-3.6.4.min.js
code.jquery.com/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.4.min.js
Requested by
Host: cnamgs.net
URL: https://cnamgs.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://cnamgs.net/

Response headers

content-encoding
gzip
etag
W/"28feccc0-15ec3"
age
8536952
x-cache
HIT, HIT
date
Wed, 09 Oct 2024 03:47:35 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
134, 44507
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21953-LGA, cache-bur-kbur8200111-BUR
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1728445655.259939,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
31011
server
nginx
/
cnamgs.net/
Redirect Chain
  • https://cnamgs.net/Landingapge_assets/qZWiylvY.json
  • https://cnamgs.net/
41 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cnamgs.net/
Protocol
H2
Server
2a02:4780:1e:7b8:40f0:2db6:9b29:6ef9 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
hcdn / PHP/8.2.14
Resource Hash
20d5afcf25f5f3646c149b088cd630f41f4713ea348be38845eebddfa24498c1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://cnamgs.net/

Response headers

x-hcdn-cache-status
DYNAMIC
content-security-policy
upgrade-insecure-requests
x-hcdn-request-id
02d01b45f4779c2898b50529cdb65655-phx-edge6
content-encoding
br
x-hcdn-upstream-rt
0.596
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
8261
date
Wed, 09 Oct 2024 03:47:36 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.14
server
hcdn
platform
hostinger
panel
hpanel

Redirect headers

content-security-policy
upgrade-insecure-requests
cache-control
no-cache, no-store, must-revalidate, max-age=0
location
https://cnamgs.net/
x-hcdn-request-id
5f579ad501e86e6cb2ebed0c12401a21-phx-edge6
x-hcdn-upstream-rt
0.328
alt-svc
h3=":443"; ma=86400
content-length
771
date
Wed, 09 Oct 2024 03:47:35 GMT
content-type
text/html
x-hcdn-cache-status
MISS
server
hcdn
platform
hostinger
panel
hpanel
favicon-956001495.png
images.linkcdn.cloud/V2/110/favicon/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://images.linkcdn.cloud/V2/110/favicon/favicon-956001495.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
226add735f266b61caed085b469ba50c44e90a1353dca3fa77cbd5e036295e93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://cnamgs.net/

Response headers

cf-bgj
imgq:100,h2pri
etag
"585d1b46d0fc4ff90cf864ef9fbbd755"
age
697606
cf-cache-status
HIT
expires
Thu, 09 Oct 2025 03:47:35 GMT
cf-polished
origFmt=png, origSize=4272
date
Wed, 09 Oct 2024 03:47:35 GMT
content-type
image/webp
content-disposition
inline; filename="favicon-956001495.webp"
vary
Accept
last-modified
Tue, 13 Aug 2024 10:52:21 GMT
cache-control
public, max-age=31536000
cf-ray
8cfb63e3494508ec-LAX
accept-ranges
bytes
access-control-allow-origin
*
content-length
2560
server
cloudflare

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
.linkcdn.cloud/ Name: __cf_bm
Value: 2FdLvQQFke5.qnzP4NhV8f.Qb74EAaR4gXezCCPZ8Ck-1728445655-1.0.1.1-ewjcpNPam.yEUe5BMTkRKcBbByapRyL9bGIajAzZTnH0zieTAuMT9ZfVYsC_F4hDN8UUHL6vRp9G_iDGfY_6ig

1 Console Messages

Source Level URL
Text
other warning URL: https://cnamgs.net/(Line 21)
Message:
<link rel=preload> has an invalid `href` value

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests