crmentjg.com Open in urlscan Pro
93.93.51.223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kennaroads.buzz/data/Update365.zip
Effective URL:
https://crmentjg.com/pu/?psid=ed_dprmntdtt2&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=...
Submission: On January 17 via manual (January 17th 2024, 12:13:02 am UTC) from PT — Scanned from PT

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 8 HTTP transactions. The main IP is 93.93.51.223, located in and belongs to . The main domain is crmentjg.com.
TLS certificate: Issued by R3 on December 9th 2023. Valid for: 3 months.

This is the only time crmentjg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	64.225.91.73 64.225.91.73	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	104.18.27.45 104.18.27.45	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	64.190.63.136 64.190.63.136	47846 (SEDO-AS) (SEDO-AS)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
1 1	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 2	178.162.151.164 178.162.151.164	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	198.134.116.17 198.134.116.17	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	104.19.161.92 104.19.161.92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	93.93.51.223 93.93.51.223	() ()
8	7

1 64.225.91.73 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

kennaroads.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.27.45 (None, )

ASN13335 (CLOUDFLARENET, US)

domaincntrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 64.190.63.136 (Germany) 2 redirects

ASN47846 (SEDO-AS, DE)

ww2.kennaroads.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

img.sedoparking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.sedodna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.151.164 (Rhenen, Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

q3.quotes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.134.116.17 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

click-v4.junmediadirect1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.161.92 (None, )

ASN13335 (CLOUDFLARENET, US)

impactserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.93.51.223 (None, )

ASN- ()

crmentjg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	kennaroads.buzz 2 redirects kennaroads.buzz ww2.kennaroads.buzz	4 KB
2	quotes.com 1 redirects q3.quotes.com	607 B
1	crmentjg.com crmentjg.com	788 B
1	impactserving.com impactserving.com — Cisco Umbrella Rank: 48433	23 KB
1	junmediadirect1.com 1 redirects click-v4.junmediadirect1.com — Cisco Umbrella Rank: 143384	1 KB
1	sedodna.com 1 redirects xml.sedodna.com — Cisco Umbrella Rank: 411554	159 B
1	sedoparking.com img.sedoparking.com — Cisco Umbrella Rank: 56281	5 KB
1	domaincntrol.com domaincntrol.com — Cisco Umbrella Rank: 274157	337 B
8	8

	Domain	Requested by
4	ww2.kennaroads.buzz	2 redirects kennaroads.buzz ww2.kennaroads.buzz
2	q3.quotes.com	1 redirects ww2.kennaroads.buzz
1	crmentjg.com	impactserving.com
1	impactserving.com
1	click-v4.junmediadirect1.com	1 redirects
1	xml.sedodna.com	1 redirects
1	img.sedoparking.com	ww2.kennaroads.buzz
1	domaincntrol.com	kennaroads.buzz
1	kennaroads.buzz
8	9

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-28`	a year	crt.sh
crmentjg.com R3	`2023-12-09` - `2024-03-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://crmentjg.com/pu/?psid=ed_dprmntdtt2&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=network&subAffId=13944&sub_source=Domain%20Parking
Frame ID: CFF49DF72DE4CEC0149E0E3E30F1DC02
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://kennaroads.buzz/data/Update365.zip Page URL
http://ww2.kennaroads.buzz/ Page URL
http://ww2.kennaroads.buzz/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D1U9z0v-tRjg... HTTP 302
http://ww2.kennaroads.buzz/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D1U9z0v-tRjg... HTTP 302
http://xml.sedodna.com/click?i=1U9z0v-tRjg_0 HTTP 302
http://q3.quotes.com/2be1cc86-b4cd-11ee-9d75-4cf239d4c62f Page URL
http://q3.quotes.com/2be1cc86-b4cd-11ee-9d75-4cf239d4c62f?hr=1 HTTP 302
http://click-v4.junmediadirect1.com/click?i=LC4vGe8PbW4_0 HTTP 302
https://impactserving.com/Redirect.eng?MediaSegmentId=30079&dcid=3_ctx_91fcf9f3-3c22-4adb-92b0-85b229e... Page URL
https://crmentjg.com/pu/?psid=ed_dprmntdtt2&utm_source=tr&ms_notrack=1&category=girl&site=jsm&tar... Page URL

Page Statistics

8
Requests

38 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

7
IPs

4
Countries

32 kB
Transfer

64 kB
Size

32
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kennaroads.buzz/data/Update365.zip Page URL
http://ww2.kennaroads.buzz/ Page URL
http://ww2.kennaroads.buzz/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D1U9z0v-tRjg_0&v=MzM1NGE1NWQ0MDZkN2QwY2M3ZTA4YTU3ZTUxZGFlOTMJMQl3dzIua2VubmFyb2Fkcy5idXp6NjVhNzFiOGIwODNhNzIuNjQ3MzUzNjUJd3cyLmtlbm5hcm9hZHMuYnV6ejY1YTcxYjhiMDgzZTgxLjc1OTA2NjU2CTE3MDU0NTAzNzkJYWRfNjNfMA%3D%3D&l=OAk1NTU2OGMxOTY2OWYyYzg2M2ZmZDAwMzYxODM0MzFlNgkwCTUyCTAJOTkzNDlmZGJjODExN2YyYmEzNWJlMzEzOGM1YzkxNTcJNTIxNTc5NTg5CWtlbm5hcm9hZHMJMAk2MwkxMgkzNgkxNzA1NDUwMzc5CTUuNUUtNQlOCTAJMQk4MzAJMTIwNQk1MDk0Mzc1MTAJMTg1LjEyOC45LjI0CTA%253D HTTP 302
http://ww2.kennaroads.buzz/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D1U9z0v-tRjg_0&v=MzM1NGE1NWQ0MDZkN2QwY2M3ZTA4YTU3ZTUxZGFlOTMJMQl3dzIua2VubmFyb2Fkcy5idXp6NjVhNzFiOGIwODNhNzIuNjQ3MzUzNjUJd3cyLmtlbm5hcm9hZHMuYnV6ejY1YTcxYjhiMDgzZTgxLjc1OTA2NjU2CTE3MDU0NTAzNzkJYWRfNjNfMA%3D%3D&l=OAk1NTU2OGMxOTY2OWYyYzg2M2ZmZDAwMzYxODM0MzFlNgkwCTUyCTAJOTkzNDlmZGJjODExN2YyYmEzNWJlMzEzOGM1YzkxNTcJNTIxNTc5NTg5CWtlbm5hcm9hZHMJMAk2MwkxMgkzNgkxNzA1NDUwMzc5CTUuNUUtNQlOCTAJMQk4MzAJMTIwNQk1MDk0Mzc1MTAJMTg1LjEyOC45LjI0CTA%253D HTTP 302
http://xml.sedodna.com/click?i=1U9z0v-tRjg_0 HTTP 302
http://q3.quotes.com/2be1cc86-b4cd-11ee-9d75-4cf239d4c62f Page URL
http://q3.quotes.com/2be1cc86-b4cd-11ee-9d75-4cf239d4c62f?hr=1 HTTP 302
http://click-v4.junmediadirect1.com/click?i=LC4vGe8PbW4_0 HTTP 302
https://impactserving.com/Redirect.eng?MediaSegmentId=30079&dcid=3_ctx_91fcf9f3-3c22-4adb-92b0-85b229e1b31f&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=u_o505qjVhhpne79AN4xuTGq8CkQqMueHx9GgGy-MMezKyt0wm8kDSOojKk18HMK-szIujS-lif824lMpndVy3TjIOoYBaM4oXbYrnyJ4Dj2bkN-Bhb3bBNTxiLTxoxEcBXsoO0g4BC5FTxFdfQ7ZKgTzKK8qUEXc0-ZhyGlm4ifNyWiFuQmLT7wWP-jQHlMgOxwZPm51td_ZHsRqzPBxTL0nsxg35uQ4EgpwsZwcFj94qGk1UMC-xfdsS8-Gx738e1VBfU66FyvWZfqX3ywrUgyuaZv-fgB9WklFKrPaUbvK4_MTChgr-UpLXfEAmDPZoTENJ4a_oYA4CzALxHRGxHLv9WDyVj5zZ95ncwMx4F9Y-sjKh901_Ee0I-zfgO7dq56KyoBf7JD3qRkdtzXweFq3lUd9V3wcYfuP4xM0RWExG4Nuk7sIXR_dUmloS37KxR2RMjhI-zQQCL5PTHw_qpOLMZ7MblM46CSCow_AlW7k27OIeMNKmPIQNXDcb-vGhiYKvNar5j3n6ma2f1bwyf9H256rtBCrl9ea6hmEF2VKX5TQY1TlJdqoI1u765qFA60h0Xq_Bi7aqfacTfuJZcoGXpI_7F4qaqjocrD-cRVxucLIP800d7VojO60gx_3doN2rkm3q9-E7MdOZjDM5yqA_SiAhqoIDuu_oXqGBDNGS2eze71W4R7eW1fJv5dBrR13vK-npp3k08Id3ZEMQyen-GaZhUKGspIMe_y9jxsVG2cckcA8VIs2S1qLh7vuzxXl471XYOWdpAr4TQAUBuqvreLlyGKf1xfGJiRFaIPISFmq5y37vkpvCOZGhhsYLSMHDGdcD1UA0I62x-6HNr9kSNDL57QZCChV2dMZ6YV-eykgIXd4Isn8FMhVfODj1MKOAtDk8FCCcMxVwNGrWfHF8I_LRbvrNBMp0fVkKLAw7Qyrz1-E5HAPZw8LElkeANXOtNtJ_4Ji_Bmg6ggteEXyx2Kgh23vLsY3JlE0_T4RgCfjFqOalBCwhrPZFBNaJvab-HB2_IU8cAPx24P6g2&kw=kennaroads&mw=1024&mh=768&xml=1 Page URL
https://crmentjg.com/pu/?psid=ed_dprmntdtt2&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=network&subAffId=13944&sub_source=Domain%20Parking Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

http://ww2.kennaroads.buzz/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D1U9z0v-tRjg_0&v=MzM1NGE1NWQ0MDZkN2QwY2M3ZTA4YTU3ZTUxZGFlOTMJMQl3dzIua2VubmFyb2Fkcy5idXp6NjVhNzFiOGIwODNhNzIuNjQ3MzUzNjUJd3cyLmtlbm5hcm9hZHMuYnV6ejY1YTcxYjhiMDgzZTgxLjc1OTA2NjU2CTE3MDU0NTAzNzkJYWRfNjNfMA%3D%3D&l=OAk1NTU2OGMxOTY2OWYyYzg2M2ZmZDAwMzYxODM0MzFlNgkwCTUyCTAJOTkzNDlmZGJjODExN2YyYmEzNWJlMzEzOGM1YzkxNTcJNTIxNTc5NTg5CWtlbm5hcm9hZHMJMAk2MwkxMgkzNgkxNzA1NDUwMzc5CTUuNUUtNQlOCTAJMQk4MzAJMTIwNQk1MDk0Mzc1MTAJMTg1LjEyOC45LjI0CTA%253D HTTP 302
http://ww2.kennaroads.buzz/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D1U9z0v-tRjg_0&v=MzM1NGE1NWQ0MDZkN2QwY2M3ZTA4YTU3ZTUxZGFlOTMJMQl3dzIua2VubmFyb2Fkcy5idXp6NjVhNzFiOGIwODNhNzIuNjQ3MzUzNjUJd3cyLmtlbm5hcm9hZHMuYnV6ejY1YTcxYjhiMDgzZTgxLjc1OTA2NjU2CTE3MDU0NTAzNzkJYWRfNjNfMA%3D%3D&l=OAk1NTU2OGMxOTY2OWYyYzg2M2ZmZDAwMzYxODM0MzFlNgkwCTUyCTAJOTkzNDlmZGJjODExN2YyYmEzNWJlMzEzOGM1YzkxNTcJNTIxNTc5NTg5CWtlbm5hcm9hZHMJMAk2MwkxMgkzNgkxNzA1NDUwMzc5CTUuNUUtNQlOCTAJMQk4MzAJMTIwNQk1MDk0Mzc1MTAJMTg1LjEyOC45LjI0CTA%253D HTTP 302
http://xml.sedodna.com/click?i=1U9z0v-tRjg_0 HTTP 302
http://q3.quotes.com/2be1cc86-b4cd-11ee-9d75-4cf239d4c62f

Request Chain 6

http://q3.quotes.com/2be1cc86-b4cd-11ee-9d75-4cf239d4c62f?hr=1 HTTP 302
http://click-v4.junmediadirect1.com/click?i=LC4vGe8PbW4_0 HTTP 302
https://impactserving.com/Redirect.eng?MediaSegmentId=30079&dcid=3_ctx_91fcf9f3-3c22-4adb-92b0-85b229e1b31f&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=u_o505qjVhhpne79AN4xuTGq8CkQqMueHx9GgGy-MMezKyt0wm8kDSOojKk18HMK-szIujS-lif824lMpndVy3TjIOoYBaM4oXbYrnyJ4Dj2bkN-Bhb3bBNTxiLTxoxEcBXsoO0g4BC5FTxFdfQ7ZKgTzKK8qUEXc0-ZhyGlm4ifNyWiFuQmLT7wWP-jQHlMgOxwZPm51td_ZHsRqzPBxTL0nsxg35uQ4EgpwsZwcFj94qGk1UMC-xfdsS8-Gx738e1VBfU66FyvWZfqX3ywrUgyuaZv-fgB9WklFKrPaUbvK4_MTChgr-UpLXfEAmDPZoTENJ4a_oYA4CzALxHRGxHLv9WDyVj5zZ95ncwMx4F9Y-sjKh901_Ee0I-zfgO7dq56KyoBf7JD3qRkdtzXweFq3lUd9V3wcYfuP4xM0RWExG4Nuk7sIXR_dUmloS37KxR2RMjhI-zQQCL5PTHw_qpOLMZ7MblM46CSCow_AlW7k27OIeMNKmPIQNXDcb-vGhiYKvNar5j3n6ma2f1bwyf9H256rtBCrl9ea6hmEF2VKX5TQY1TlJdqoI1u765qFA60h0Xq_Bi7aqfacTfuJZcoGXpI_7F4qaqjocrD-cRVxucLIP800d7VojO60gx_3doN2rkm3q9-E7MdOZjDM5yqA_SiAhqoIDuu_oXqGBDNGS2eze71W4R7eW1fJv5dBrR13vK-npp3k08Id3ZEMQyen-GaZhUKGspIMe_y9jxsVG2cckcA8VIs2S1qLh7vuzxXl471XYOWdpAr4TQAUBuqvreLlyGKf1xfGJiRFaIPISFmq5y37vkpvCOZGhhsYLSMHDGdcD1UA0I62x-6HNr9kSNDL57QZCChV2dMZ6YV-eykgIXd4Isn8FMhVfODj1MKOAtDk8FCCcMxVwNGrWfHF8I_LRbvrNBMp0fVkKLAw7Qyrz1-E5HAPZw8LElkeANXOtNtJ_4Ji_Bmg6ggteEXyx2Kgh23vLsY3JlE0_T4RgCfjFqOalBCwhrPZFBNaJvab-HB2_IU8cAPx24P6g2&kw=kennaroads&mw=1024&mh=768&xml=1

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Update365.zip Show response kennaroads.buzz/data/	593 B 582 B	440ms 392ms	Document text/html	64.225.91.73 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL http://kennaroads.buzz/data/Update365.zip Protocol HTTP/1.1 Server 64.225.91.73 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language pt-PT,pt;q=0.9 Response headers content-encoding gzip content-type text/html date Wed, 17 Jan 2024 00:12:58 GMT etag W/"63f68860-251" last-modified Wed, 22 Feb 2023 21:25:52 GMT server nginx/1.18.0 (Ubuntu) transfer-encoding chunked
GET H2	200	/ domaincntrol.com/	28 B 337 B	513ms 411ms	Fetch text/javascript	104.18.27.45 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://domaincntrol.com/?orighost=http://kennaroads.buzz/data/Update365.zip Requested by Host: kennaroads.buzz URL: http://kennaroads.buzz/data/Update365.zip Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.27.45 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language pt-PT,pt;q=0.9 Referer http://kennaroads.buzz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers x_details {"destination":"sedo","orighost":"kennaroads.buzz","type":"org","finalurl":"http://ww2.kennaroads.buzz","browser":"chrome","os":"windows","country":"PT","device":"desktop","isbot":false,"botscore":99} date Wed, 17 Jan 2024 00:12:58 GMT server cloudflare vary Accept-Encoding content-type text/javascript;charset=UTF-8 access-control-allow-origin * cf-ray 846a63c18b70489b-LIS content-length 28
GET H/1.1	200 OK	/ Show response ww2.kennaroads.buzz/	2 KB 2 KB	1073ms 1025ms	Document text/html	64.190.63.136 SEDO-AS
General Check archive.org Show headers Download Go to Full URL http://ww2.kennaroads.buzz/ Requested by Host: kennaroads.buzz URL: http://kennaroads.buzz/data/Update365.zip Protocol HTTP/1.1 Server 64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE), Reverse DNS Software NginX / PHP/8.1.17 Resource Hash `c6a0885e2dd33cc952ebf423a3283134f5600621b228e7de2c0e1d8b185940ef` Request headers Referer http://kennaroads.buzz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language pt-PT,pt;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 17 Jan 2024 00:12:59 GMT expires Mon, 26 Jul 1997 05:00:00 GMT last-modified Wed, 17 Jan 2024 00:12:59 GMT pragma no-cache server NginX transfer-encoding chunked vary Accept-Encoding x-adblock-key MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_cjCaXiy6HXgrEs29LTlUCJf855NUqh0hxr3OaiK9c/k1R1IhX/TdgrQjiCPnDGqHHJeox9Vm6L9z/ZMj0BF5TA== x-cache-miss-from parking-6685b94bc9-lkmgz x-powered-by PHP/8.1.17
GET H/1.1	200 OK	js_preloader.gif img.sedoparking.com/images/	4 KB 5 KB	111ms 63ms	Image image/gif	205.234.175.175 CACHENETWORKS
General Check archive.org Show headers Download Go to Show image Full URL http://img.sedoparking.com/images/js_preloader.gif Requested by Host: ww2.kennaroads.buzz URL: http://ww2.kennaroads.buzz/ Protocol HTTP/1.1 Server 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US), Reverse DNS vip1.G-anycast1.cachefly.net Software CFS 0215 / Resource Hash Request headers accept-language pt-PT,pt;q=0.9 Referer http://ww2.kennaroads.buzz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Wed, 17 Jan 2024 00:13:00 GMT x-cf-tsc 1698786559 X-CF3 H CF4ttl 31536000.000 X-CF1 11696:fC.mad1:cf:cacheN.mad1-01:H X-CF-ReqID 724f010c3d2b55eb72966102791f75cf Connection keep-alive Content-Length 4254 X-CF2 H Last-Modified Fri, 15 Mar 2019 12:24:07 GMT Server CFS 0215 X-CFF B Content-Type image/gif Access-Control-Allow-Origin * X-CFHash "90c93102a88c2ab94bff1575b7a6e86e" Cache-Control max-age=604800 CF4Age 1482859 Accept-Ranges bytes Expires Wed, 24 Jan 2024 00:13:00 GMT
GET H/1.1	200 OK	tsc.php ww2.kennaroads.buzz/search/	0 201 B	97ms 97ms	XHR text/html	64.190.63.136 SEDO-AS
General Check archive.org Show headers Download Go to Full URL http://ww2.kennaroads.buzz/search/tsc.php?200=NTIxNTc5NTg5&21=MTg1LjEyOC45LjI0&681=MTcwNTQ1MDM3OWIzZDVhMGE0NjliMzczMTUwOWMxM2U1ZWRjZTkwOGI5&crc=989c3b1c68359ce40acdc6f443cfe623329ef8dc&cv=1 Requested by Host: ww2.kennaroads.buzz URL: http://ww2.kennaroads.buzz/ Protocol HTTP/1.1 Server 64.190.63.136 , Germany, ASN47846 (SEDO-AS, DE), Reverse DNS Software NginX / PHP/8.1.17 Resource Hash Request headers accept-language pt-PT,pt;q=0.9 Referer http://ww2.kennaroads.buzz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Wed, 17 Jan 2024 00:13:00 GMT x-cache-miss-from parking-6685b94bc9-x74wx server NginX x-powered-by PHP/8.1.17 content-length 0 content-type text/html; charset=UTF-8
GET H/1.1	200 OK	2be1cc86-b4cd-11ee-9d75-4cf239d4c62f Show response q3.quotes.com/ Redirect Chain http://ww2.kennaroads.buzz/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D1U9z0v-tRjg_0&v=MzM1NGE1NWQ0MDZkN2QwY2M3ZTA4YTU3ZTUxZGFlOTMJMQl3dzIua2VubmFyb2Fkcy5idXp6NjVhNzFiOGIwODNhN... http://ww2.kennaroads.buzz/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D1U9z0v-tRjg_0&v=MzM1NGE1NWQ0MDZkN2QwY2M3ZTA4YTU3ZTUxZGFlOTMJMQl3dzIua2VubmFyb2Fkcy5idXp6NjVhNzFiOGIwODNhN... http://xml.sedodna.com/click?i=1U9z0v-tRjg_0 http://q3.quotes.com/2be1cc86-b4cd-11ee-9d75-4cf239d4c62f	170 B 373 B	200ms 137ms	Document text/html	178.162.151.164 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL http://q3.quotes.com/2be1cc86-b4cd-11ee-9d75-4cf239d4c62f Requested by Host: ww2.kennaroads.buzz URL: http://ww2.kennaroads.buzz/ Protocol HTTP/1.1 Server 178.162.151.164 Rhenen, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `a06900c2ee04165681080da9c2424289810c1bfb62bb9028f0a9daa14629960b` Request headers Referer http://ww2.kennaroads.buzz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language pt-PT,pt;q=0.9 Response headers cache-control max-age=0, private, must-revalidate connection close content-length 170 content-type text/html; charset=utf-8 date Wed, 17 Jan 2024 00:12:59 GMT server nginx Redirect headers Cache-Control no-store Connection keep-alive Content-Length 0 Location http://q3.quotes.com/2be1cc86-b4cd-11ee-9d75-4cf239d4c62f
GET H2	200	Redirect.eng Show response impactserving.com/ Redirect Chain http://q3.quotes.com/2be1cc86-b4cd-11ee-9d75-4cf239d4c62f?hr=1 http://click-v4.junmediadirect1.com/click?i=LC4vGe8PbW4_0 https://impactserving.com/Redirect.eng?MediaSegmentId=30079&dcid=3_ctx_91fcf9f3-3c22-4adb-92b0-85b229e1b31f&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=u_o505qjVhhpne79AN4...	55 KB 23 KB	477ms 368ms	Document text/html	104.19.161.92 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://impactserving.com/Redirect.eng?MediaSegmentId=30079&dcid=3_ctx_91fcf9f3-3c22-4adb-92b0-85b229e1b31f&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=u_o505qjVhhpne79AN4xuTGq8CkQqMueHx9GgGy-MMezKyt0wm8kDSOojKk18HMK-szIujS-lif824lMpndVy3TjIOoYBaM4oXbYrnyJ4Dj2bkN-Bhb3bBNTxiLTxoxEcBXsoO0g4BC5FTxFdfQ7ZKgTzKK8qUEXc0-ZhyGlm4ifNyWiFuQmLT7wWP-jQHlMgOxwZPm51td_ZHsRqzPBxTL0nsxg35uQ4EgpwsZwcFj94qGk1UMC-xfdsS8-Gx738e1VBfU66FyvWZfqX3ywrUgyuaZv-fgB9WklFKrPaUbvK4_MTChgr-UpLXfEAmDPZoTENJ4a_oYA4CzALxHRGxHLv9WDyVj5zZ95ncwMx4F9Y-sjKh901_Ee0I-zfgO7dq56KyoBf7JD3qRkdtzXweFq3lUd9V3wcYfuP4xM0RWExG4Nuk7sIXR_dUmloS37KxR2RMjhI-zQQCL5PTHw_qpOLMZ7MblM46CSCow_AlW7k27OIeMNKmPIQNXDcb-vGhiYKvNar5j3n6ma2f1bwyf9H256rtBCrl9ea6hmEF2VKX5TQY1TlJdqoI1u765qFA60h0Xq_Bi7aqfacTfuJZcoGXpI_7F4qaqjocrD-cRVxucLIP800d7VojO60gx_3doN2rkm3q9-E7MdOZjDM5yqA_SiAhqoIDuu_oXqGBDNGS2eze71W4R7eW1fJv5dBrR13vK-npp3k08Id3ZEMQyen-GaZhUKGspIMe_y9jxsVG2cckcA8VIs2S1qLh7vuzxXl471XYOWdpAr4TQAUBuqvreLlyGKf1xfGJiRFaIPISFmq5y37vkpvCOZGhhsYLSMHDGdcD1UA0I62x-6HNr9kSNDL57QZCChV2dMZ6YV-eykgIXd4Isn8FMhVfODj1MKOAtDk8FCCcMxVwNGrWfHF8I_LRbvrNBMp0fVkKLAw7Qyrz1-E5HAPZw8LElkeANXOtNtJ_4Ji_Bmg6ggteEXyx2Kgh23vLsY3JlE0_T4RgCfjFqOalBCwhrPZFBNaJvab-HB2_IU8cAPx24P6g2&kw=kennaroads&mw=1024&mh=768&xml=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.19.161.92 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `47102f53751b7e93999d6a35fc1baf34c2521533a907446b97985c0b91d60adc` Request headers Referer http://q3.quotes.com/2be1cc86-b4cd-11ee-9d75-4cf239d4c62f Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language pt-PT,pt;q=0.9 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control private, no-transform cf-cache-status DYNAMIC cf-ray 846a63d3dcad34b4-LIS content-encoding gzip content-type text/html; charset=utf-8 date Wed, 17 Jan 2024 00:13:01 GMT p3p CP="CAO PSA OUR IND" server cloudflare vary Accept-Encoding Redirect headers Cache-Control no-store Connection keep-alive Content-Length 0 Location https://impactserving.com/Redirect.eng?MediaSegmentId=30079&dcid=3_ctx_91fcf9f3-3c22-4adb-92b0-85b229e1b31f&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=u_o505qjVhhpne79AN4xuTGq8CkQqMueHx9GgGy-MMezKyt0wm8kDSOojKk18HMK-szIujS-lif824lMpndVy3TjIOoYBaM4oXbYrnyJ4Dj2bkN-Bhb3bBNTxiLTxoxEcBXsoO0g4BC5FTxFdfQ7ZKgTzKK8qUEXc0-ZhyGlm4ifNyWiFuQmLT7wWP-jQHlMgOxwZPm51td_ZHsRqzPBxTL0nsxg35uQ4EgpwsZwcFj94qGk1UMC-xfdsS8-Gx738e1VBfU66FyvWZfqX3ywrUgyuaZv-fgB9WklFKrPaUbvK4_MTChgr-UpLXfEAmDPZoTENJ4a_oYA4CzALxHRGxHLv9WDyVj5zZ95ncwMx4F9Y-sjKh901_Ee0I-zfgO7dq56KyoBf7JD3qRkdtzXweFq3lUd9V3wcYfuP4xM0RWExG4Nuk7sIXR_dUmloS37KxR2RMjhI-zQQCL5PTHw_qpOLMZ7MblM46CSCow_AlW7k27OIeMNKmPIQNXDcb-vGhiYKvNar5j3n6ma2f1bwyf9H256rtBCrl9ea6hmEF2VKX5TQY1TlJdqoI1u765qFA60h0Xq_Bi7aqfacTfuJZcoGXpI_7F4qaqjocrD-cRVxucLIP800d7VojO60gx_3doN2rkm3q9-E7MdOZjDM5yqA_SiAhqoIDuu_oXqGBDNGS2eze71W4R7eW1fJv5dBrR13vK-npp3k08Id3ZEMQyen-GaZhUKGspIMe_y9jxsVG2cckcA8VIs2S1qLh7vuzxXl471XYOWdpAr4TQAUBuqvreLlyGKf1xfGJiRFaIPISFmq5y37vkpvCOZGhhsYLSMHDGdcD1UA0I62x-6HNr9kSNDL57QZCChV2dMZ6YV-eykgIXd4Isn8FMhVfODj1MKOAtDk8FCCcMxVwNGrWfHF8I_LRbvrNBMp0fVkKLAw7Qyrz1-E5HAPZw8LElkeANXOtNtJ_4Ji_Bmg6ggteEXyx2Kgh23vLsY3JlE0_T4RgCfjFqOalBCwhrPZFBNaJvab-HB2_IU8cAPx24P6g2&kw=kennaroads&mw=1024&mh=768&xml=1
GET H2	200	Primary Request / Show response crmentjg.com/pu/	2 KB 788 B	264ms 97ms	Document text/html	93.93.51.223
General Check archive.org Show headers Download Go to Full URL https://crmentjg.com/pu/?psid=ed_dprmntdtt2&utm_source=tr&ms_notrack=1&category=girl&site=jsm&target=rttr&utm_medium=network&subAffId=13944&sub_source=Domain%20Parking Requested by Host: impactserving.com URL: https://impactserving.com/Redirect.eng?MediaSegmentId=30079&dcid=3_ctx_91fcf9f3-3c22-4adb-92b0-85b229e1b31f&vmId=00000000-0000-0000-0000-000000000000&abr=false&timeZoneOffset=&v=u_o505qjVhhpne79AN4xuTGq8CkQqMueHx9GgGy-MMezKyt0wm8kDSOojKk18HMK-szIujS-lif824lMpndVy3TjIOoYBaM4oXbYrnyJ4Dj2bkN-Bhb3bBNTxiLTxoxEcBXsoO0g4BC5FTxFdfQ7ZKgTzKK8qUEXc0-ZhyGlm4ifNyWiFuQmLT7wWP-jQHlMgOxwZPm51td_ZHsRqzPBxTL0nsxg35uQ4EgpwsZwcFj94qGk1UMC-xfdsS8-Gx738e1VBfU66FyvWZfqX3ywrUgyuaZv-fgB9WklFKrPaUbvK4_MTChgr-UpLXfEAmDPZoTENJ4a_oYA4CzALxHRGxHLv9WDyVj5zZ95ncwMx4F9Y-sjKh901_Ee0I-zfgO7dq56KyoBf7JD3qRkdtzXweFq3lUd9V3wcYfuP4xM0RWExG4Nuk7sIXR_dUmloS37KxR2RMjhI-zQQCL5PTHw_qpOLMZ7MblM46CSCow_AlW7k27OIeMNKmPIQNXDcb-vGhiYKvNar5j3n6ma2f1bwyf9H256rtBCrl9ea6hmEF2VKX5TQY1TlJdqoI1u765qFA60h0Xq_Bi7aqfacTfuJZcoGXpI_7F4qaqjocrD-cRVxucLIP800d7VojO60gx_3doN2rkm3q9-E7MdOZjDM5yqA_SiAhqoIDuu_oXqGBDNGS2eze71W4R7eW1fJv5dBrR13vK-npp3k08Id3ZEMQyen-GaZhUKGspIMe_y9jxsVG2cckcA8VIs2S1qLh7vuzxXl471XYOWdpAr4TQAUBuqvreLlyGKf1xfGJiRFaIPISFmq5y37vkpvCOZGhhsYLSMHDGdcD1UA0I62x-6HNr9kSNDL57QZCChV2dMZ6YV-eykgIXd4Isn8FMhVfODj1MKOAtDk8FCCcMxVwNGrWfHF8I_LRbvrNBMp0fVkKLAw7Qyrz1-E5HAPZw8LElkeANXOtNtJ_4Ji_Bmg6ggteEXyx2Kgh23vLsY3JlE0_T4RgCfjFqOalBCwhrPZFBNaJvab-HB2_IU8cAPx24P6g2&kw=kennaroads&mw=1024&mh=768&xml=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 93.93.51.223 -, , ASN (), Reverse DNS Software unknown / Resource Hash `d7e84dd4b957eccb45fab4d3775f155f19d5f9e52382ad932a9a3474ec2059ca` Request headers Referer https://impactserving.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language pt-PT,pt;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 17 Jan 2024 00:13:02 GMT server unknown vary Accept-Encoding x-target-pstool 300_317

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
impactserving.com/	1969-12-31 23:59:59	Name: IKSR Value: {}
impactserving.com/	1969-12-31 23:59:59	Name: INF_DFL8 Value: false
impactserving.com/	1970-01-21 03:20:10	Name: IUID Value: 93e30b9f-9b9f-4817-aa33-20c46281cdae
impactserving.com/	1969-12-31 23:59:59	Name: ISSH Value: 70B0CD
impactserving.com/	1969-12-31 23:59:59	Name: VMI Value: d1754d4d-c5ba-4360-a585-d70de1dedc6b
impactserving.com/	1970-01-21 03:20:10	Name: IPLH Value: #{"38414":[{"SId":"70B0CD","D":"24/1/16T16:13:1"}]}
impactserving.com/	1970-01-21 03:20:10	Name: IPLH_Q Value: #[38414]
impactserving.com/	1970-01-21 03:20:10	Name: CHN Value: #[]
impactserving.com/	1970-01-21 03:20:10	Name: MSSH Value: #{}
impactserving.com/	1970-01-21 03:20:10	Name: MSRH Value: #{}
impactserving.com/	1970-01-21 03:20:10	Name: ILP Value: null
impactserving.com/	1970-01-21 03:20:10	Name: ILPLU Value: #1/1/0001 12:00:00 AM
impactserving.com/	1970-01-21 03:20:10	Name: ILEALC Value: #1/1/0001 12:00:00 AM
impactserving.com/	1970-01-20 17:44:24	Name: ILMPF Value: #False
impactserving.com/	1970-01-21 03:20:10	Name: IPMPLU Value: #1/1/0001 12:00:00 AM
impactserving.com/	1970-01-21 03:20:10	Name: IPMUID Value: #
impactserving.com/	1970-01-21 03:20:10	Name: BSWUID Value: #
impactserving.com/	1970-01-21 03:20:10	Name: IBL Value: #[]
impactserving.com/	1970-01-21 03:20:10	Name: IPLSH Value: #{}
impactserving.com/	1970-01-21 03:20:10	Name: IPLSH_Q Value: #[]
impactserving.com/	1970-01-21 03:20:10	Name: IZH Value: #{"54842":[{"SId":"70B0CD","D":"24/1/16T16:13:1"}]}
impactserving.com/	1970-01-21 03:20:10	Name: IZH_Q Value: #[54842]
impactserving.com/	1970-01-21 03:20:10	Name: IMCH Value: #{}
impactserving.com/	1970-01-21 03:20:10	Name: IMCH_Q Value: #[]
impactserving.com/	1970-01-21 03:20:10	Name: IMH Value: #{"51238":[{"SId":"70B0CD","D":"24/1/16T16:13:1"}]}
impactserving.com/	1970-01-21 03:20:10	Name: IMH_Q Value: #[51238]
impactserving.com/	1970-01-21 03:20:10	Name: ISH Value: #{}
impactserving.com/	1970-01-21 03:20:10	Name: ISH_Q Value: #[]
impactserving.com/	1970-01-21 03:20:10	Name: ISPH Value: #{"13944":[{"SId":"70B0CD","D":"24/1/16T16:13:1"}]}
impactserving.com/	1970-01-21 03:20:10	Name: ISPH_Q Value: #[13944]
impactserving.com/	1970-01-21 03:20:10	Name: ICH Value: #{"21882":[{"SId":"70B0CD","D":"24/1/16T16:13:1"}]}
impactserving.com/	1970-01-21 03:20:10	Name: ICH_Q Value: #[21882]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click-v4.junmediadirect1.com
crmentjg.com
domaincntrol.com
img.sedoparking.com
impactserving.com
kennaroads.buzz
q3.quotes.com
ww2.kennaroads.buzz
xml.sedodna.com
104.18.27.45
104.19.161.92
173.239.53.32
178.162.151.164
198.134.116.17
205.234.175.175
64.190.63.136
64.225.91.73
93.93.51.223
47102f53751b7e93999d6a35fc1baf34c2521533a907446b97985c0b91d60adc
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30
a06900c2ee04165681080da9c2424289810c1bfb62bb9028f0a9daa14629960b
c6a0885e2dd33cc952ebf423a3283134f5600621b228e7de2c0e1d8b185940ef
d7e84dd4b957eccb45fab4d3775f155f19d5f9e52382ad932a9a3474ec2059ca

crmentjg.com Open in urlscan Pro 93.93.51.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

8 Requests

38 %HTTPS

0 %IPv6

8 Domains

9 Subdomains

7 IPs

4 Countries

32 kBTransfer

64 kBSize

32 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

32 Cookies

Indicators

crmentjg.com Open in urlscan Pro
93.93.51.223 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

38 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

7
IPs

4
Countries

32 kB
Transfer

64 kB
Size

32
Cookies

8 HTTP transactions
0 data transactions