59.glawandius.com - urlscan.io

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 5 HTTP transactions. The main IP is 88.208.46.19, located in Netherlands and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is 59.glawandius.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 7th 2020. Valid for: 3 months.

This is the only time 59.glawandius.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::681c:1e39	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	88.208.46.19 88.208.46.19	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	88.208.46.60 88.208.46.60	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5	2

1 2606:4700:3032::681c:1e39 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bravolius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.208.46.19 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

59.glawandius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.208.46.60 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

battepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	glawandius.com 59.glawandius.com	31 KB
2	battepush.com battepush.com	4 KB
1	bravolius.com 1 redirects bravolius.com	521 B
5	3

	Domain	Requested by
3	59.glawandius.com	59.glawandius.com
2	battepush.com	59.glawandius.com
1	bravolius.com	1 redirects
5	3

This site contains links to these domains. Also see Links.

Domain
ru.files.fm

Subject Issuer	Validity	Valid
glawandius.com Let's Encrypt Authority X3	`2020-04-07` - `2020-07-06`	3 months	crt.sh
battepush.com Let's Encrypt Authority X3	`2020-04-07` - `2020-07-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://59.glawandius.com/index/d2?diff=0&source=og&campaign=23620&content=&clickid=k5qw8ijub8u5yzsg&aurl=https%3A%2F%2Fru.files.fm%2Ff%2Fm5gq92ka&an=&term=&site=
Frame ID: B05022CB7AE924DA139D11F36B6BC2E5
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bravolius.com/6-3tn8h-e1b-gi84-bic?deeplink=https%3A%2F%2Fru.files.fm%2Ff%2Fm5gq92ka HTTP 302
https://59.glawandius.com/index/d2?diff=0&source=og&campaign=23620&content=&clickid=k5qw8ijub8u5yzsg&a... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

5
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

35 kB
Transfer

73 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ru.files.fm/f/m5gq92ka
Title: Download

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bravolius.com/6-3tn8h-e1b-gi84-bic?deeplink=https%3A%2F%2Fru.files.fm%2Ff%2Fm5gq92ka HTTP 302
https://59.glawandius.com/index/d2?diff=0&source=og&campaign=23620&content=&clickid=k5qw8ijub8u5yzsg&aurl=https%3A%2F%2Fru.files.fm%2Ff%2Fm5gq92ka&an=&term=&site= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request d2 Show response 59.glawandius.com/index/ Redirect Chain https://bravolius.com/6-3tn8h-e1b-gi84-bic?deeplink=https%3A%2F%2Fru.files.fm%2Ff%2Fm5gq92ka https://59.glawandius.com/index/d2?diff=0&source=og&campaign=23620&content=&clickid=k5qw8ijub8u5yzsg&aurl=https%3A%2F%2Fru.files.fm%2Ff%2Fm5gq92ka&an=&term=&site=	46 KB 21 KB	81ms 38ms	Document text/html	88.208.46.19 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://59.glawandius.com/index/d2?diff=0&source=og&campaign=23620&content=&clickid=k5qw8ijub8u5yzsg&aurl=https%3A%2F%2Fru.files.fm%2Ff%2Fm5gq92ka&an=&term=&site= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.208.46.19 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash `9e68eb839b8a03f593c5710a76308c1e3e9dbdd340f8f7d6d60d3ebe258d2c79` Request headers Host 59.glawandius.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx Date Wed, 20 May 2020 06:29:23 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Cache-Control no-transform Content-Encoding gzip Redirect headers status 302 date Wed, 20 May 2020 06:29:23 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d1feba3e4414d65363783cb737801e0341589956163; expires=Fri, 19-Jun-20 06:29:23 GMT; path=/; domain=.bravolius.com; HttpOnly; SameSite=Lax; Secure visitId=k5qw8ijub8u5yzsg; expires=Fri, 22-May-2020 06:29:23 GMT; Max-Age=172800; path=/ location https://59.glawandius.com/index/d2?diff=0&source=og&campaign=23620&content=&clickid=k5qw8ijub8u5yzsg&aurl=https%3A%2F%2Fru.files.fm%2Ff%2Fm5gq92ka&an=&term=&site= cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 596400c77cf605f5-FRA cf-request-id 02d25ed0aa000005f5df0b4200000001
GET H/1.1	200 OK	14750.js Show response 59.glawandius.com/	24 KB 10 KB	32ms 31ms	Script application/javascript	88.208.46.19 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://59.glawandius.com/14750.js?gray=1 Requested by Host: 59.glawandius.com URL: https://59.glawandius.com/index/d2?diff=0&source=og&campaign=23620&content=&clickid=k5qw8ijub8u5yzsg&aurl=https%3A%2F%2Fru.files.fm%2Ff%2Fm5gq92ka&an=&term=&site= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.208.46.19 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash `2059ccac9860e033be65ff57cf1f5370c19e6675c451e0ca8a0b8a00d0258c71` Request headers Referer https://59.glawandius.com/index/d2?diff=0&source=og&campaign=23620&content=&clickid=k5qw8ijub8u5yzsg&aurl=https%3A%2F%2Fru.files.fm%2Ff%2Fm5gq92ka&an=&term=&site= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Wed, 20 May 2020 06:29:23 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Expires 0
GET H/1.1	404 Not Found	download-arrow.gif 59.glawandius.com/download2/img/	15 B 15 B	48ms 20ms	Image text/html	88.208.46.19 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Show image Full URL https://59.glawandius.com/download2/img/download-arrow.gif Requested by Host: 59.glawandius.com URL: https://59.glawandius.com/index/d2?diff=0&source=og&campaign=23620&content=&clickid=k5qw8ijub8u5yzsg&aurl=https%3A%2F%2Fru.files.fm%2Ff%2Fm5gq92ka&an=&term=&site= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.208.46.19 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash `2d857a3660e0240bac3ae9f98e2287f46eb6aebf724775fe130af2a6c7dfc3c4` Request headers Referer https://59.glawandius.com/index/d2?diff=0&source=og&campaign=23620&content=&clickid=k5qw8ijub8u5yzsg&aurl=https%3A%2F%2Fru.files.fm%2Ff%2Fm5gq92ka&an=&term=&site= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 20 May 2020 06:29:23 GMT Content-Encoding gzip Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	96617 Show response battepush.com/	3 KB 4 KB	90ms 33ms	Fetch application/json	88.208.46.60 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://battepush.com/96617 Requested by Host: 59.glawandius.com URL: https://59.glawandius.com/14750.js?gray=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.208.46.60 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash `fe5019b706615da6bb3b0e610e4f3550ff967c0ae837d1f4b1fd6d3f256e2cf8` Request headers Referer https://59.glawandius.com/index/d2?diff=0&source=og&campaign=23620&content=&clickid=k5qw8ijub8u5yzsg&aurl=https%3A%2F%2Fru.files.fm%2Ff%2Fm5gq92ka&an=&term=&site= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Pragma no-cache Date Wed, 20 May 2020 06:29:24 GMT Server nginx Transfer-Encoding chunked Content-Type application/json Access-Control-Allow-Origin https://59.glawandius.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Expires 0
POST H/1.1	200 OK	set battepush.com/event/	0 0	24ms 24ms	Fetch text/html	88.208.46.60 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://battepush.com/event/set Requested by Host: 59.glawandius.com URL: https://59.glawandius.com/14750.js?gray=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 88.208.46.60 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx / Resource Hash Request headers Referer https://59.glawandius.com/index/d2?diff=0&source=og&campaign=23620&content=&clickid=k5qw8ijub8u5yzsg&aurl=https%3A%2F%2Fru.files.fm%2Ff%2Fm5gq92ka&an=&term=&site= User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Wed, 20 May 2020 06:29:24 GMT Content-Encoding gzip Server nginx Transfer-Encoding chunked Access-Control-Allow-Methods PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin https://59.glawandius.com Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.glawandius.com/index	1970-01-19 10:22:28	Name: wpnshowa Value: 1
			.glawandius.com/index	1970-01-19 10:22:28	Name: allready Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

59.glawandius.com
battepush.com
bravolius.com
2606:4700:3032::681c:1e39
88.208.46.19
88.208.46.60
2059ccac9860e033be65ff57cf1f5370c19e6675c451e0ca8a0b8a00d0258c71
2d857a3660e0240bac3ae9f98e2287f46eb6aebf724775fe130af2a6c7dfc3c4
9e68eb839b8a03f593c5710a76308c1e3e9dbdd340f8f7d6d60d3ebe258d2c79
fe5019b706615da6bb3b0e610e4f3550ff967c0ae837d1f4b1fd6d3f256e2cf8

59.glawandius.com Open in urlscan Pro 88.208.46.19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

35 kBTransfer

73 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

2 Cookies

Indicators

59.glawandius.com Open in urlscan Pro
88.208.46.19 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

35 kB
Transfer

73 kB
Size

2
Cookies

5 HTTP transactions
0 data transactions