track.magicaladsolutions.net Open in urlscan Pro
195.201.106.161 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://googesites.com/
Effective URL:
https://track.magicaladsolutions.net/link?&z=104381
Submission: On September 21 via api (September 21st 2024, 12:26:16 pm UTC) from BE — Scanned from DE

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 11 domains to perform 7 HTTP transactions. The main IP is 195.201.106.161, located in Germany and belongs to HETZNER-AS, DE. The main domain is track.magicaladsolutions.net. The Cisco Umbrella rank of the primary domain is 227817.
TLS certificate: Issued by R11 on August 27th 2024. Valid for: 3 months.

This is the only time track.magicaladsolutions.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	64.225.91.73 64.225.91.73	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700::68... 2606:4700::6812:1b2d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2604:9e00:1:1... 2604:9e00:1:129::2:b2a	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	207.174.61.1 207.174.61.1	16509 (AMAZON-02) (AMAZON-02)
1 1	75.102.22.187 75.102.22.187	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2a02:128:7:49... 2a02:128:7:4910::2	50245 (SERVEREL-AS) (SERVEREL-AS)
2 2	94.130.197.239 94.130.197.239	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:128:7:54... 2a02:128:7:5417::2	50245 (SERVEREL-AS) (SERVEREL-AS)
1	195.201.106.161 195.201.106.161	24940 (HETZNER-AS) (HETZNER-AS)
1 1	172.67.179.172 172.67.179.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
7	5

2 64.225.91.73 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

googesites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1b2d (United States)

ASN13335 (CLOUDFLARENET, US)

domaincntrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2604:9e00:1:129::2:b2a (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

click.exclkplat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.174.61.1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

go.advertia.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.102.22.187 (Chicago, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: bh7106.banahosting.com

iiiiiii.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:4910::2 (Czech Republic)

ASN50245 (SERVEREL-AS, US)

flowerbooms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.130.197.239 (Bendorf, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.239.197.130.94.clients.your-server.de

cmpuwps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:128:7:5417::2 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, US)

kts.vasstycom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.106.161 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz3.infra

track.magicaladsolutions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.179.172 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

track.amon1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

s.pemsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	pemsrv.com s.pemsrv.com — Cisco Umbrella Rank: 28381	426 B
2	cmpuwps.com 2 redirects cmpuwps.com — Cisco Umbrella Rank: 48864	4 KB
2	googesites.com googesites.com	1 KB
1	amon1.net 1 redirects track.amon1.net — Cisco Umbrella Rank: 125382	727 B
1	magicaladsolutions.net track.magicaladsolutions.net — Cisco Umbrella Rank: 227817	1 KB
1	vasstycom.com 1 redirects kts.vasstycom.com — Cisco Umbrella Rank: 116312	293 B
1	flowerbooms.com flowerbooms.com	3 KB
1	iiiiiii.online 1 redirects iiiiiii.online	1 KB
1	advertia.click 1 redirects go.advertia.click	72 B
1	exclkplat.com 1 redirects click.exclkplat.com	186 B
1	domaincntrol.com domaincntrol.com — Cisco Umbrella Rank: 253854	409 B
7	11

	Domain	Requested by
2	s.pemsrv.com	track.magicaladsolutions.net
2	cmpuwps.com	2 redirects
2	googesites.com
1	track.amon1.net	1 redirects
1	track.magicaladsolutions.net	flowerbooms.com
1	kts.vasstycom.com	1 redirects
1	flowerbooms.com	googesites.com
1	iiiiiii.online	1 redirects
1	go.advertia.click	1 redirects
1	click.exclkplat.com	1 redirects
1	domaincntrol.com	googesites.com
7	11

This site contains no links.

Subject Issuer	Validity	Valid
googesites.com E5	`2024-09-05` - `2024-12-04`	3 months	crt.sh
domaincntrol.com WE1	`2024-09-21` - `2024-12-20`	3 months	crt.sh
flowerbooms.com E5	`2024-09-11` - `2024-12-10`	3 months	crt.sh
track.magicaladsolutions.net R11	`2024-08-27` - `2024-11-25`	3 months	crt.sh
pemsrv.com E5	`2024-09-12` - `2024-12-11`	3 months	crt.sh

This page contains 1 frames:

Frame: https://s.pemsrv.com/splash.php?idzone=5417968&type=8
Frame ID: 546EFF7801059F885C18E526337B4398
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://googesites.com/ Page URL
http://click.exclkplat.com/click?i=ek9ErpuqpvY_0 HTTP 307
https://click.exclkplat.com/click?i=ek9ErpuqpvY_0 HTTP 302
https://go.advertia.click/active HTTP 302
http://iiiiiii.online/go/public/rotator HTTP 307
https://iiiiiii.online/go/public/rotator HTTP 301
https://flowerbooms.com/in/p/?spot_id=1414518&cat=25&sub_id=4346068 Page URL
https://cmpuwps.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoic... HTTP 302
https://cmpuwps.com/popunder/in/click/?mid=8764654079586711108&pid=0&site=1414518&sc=DE&usage_ty... HTTP 302
https://kts.vasstycom.com/in/2660/?katds_ep=zVzfX10JwS1Sbr7Ay-nNX_O9Jyx38gxq2q5qri1kyK_bnRzV0gxEI32Sgz... HTTP 302
https://track.magicaladsolutions.net/link?&z=104381 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

7
Requests

100 %
HTTPS

36 %
IPv6

11
Domains

11
Subdomains

5
IPs

4
Countries

6 kB
Transfer

8 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://googesites.com/ Page URL
http://click.exclkplat.com/click?i=ek9ErpuqpvY_0 HTTP 307
https://click.exclkplat.com/click?i=ek9ErpuqpvY_0 HTTP 302
https://go.advertia.click/active HTTP 302
http://iiiiiii.online/go/public/rotator HTTP 307
https://iiiiiii.online/go/public/rotator HTTP 301
https://flowerbooms.com/in/p/?spot_id=1414518&cat=25&sub_id=4346068 Page URL
https://cmpuwps.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI0MzQ2MDY4Iiwic3NwIjozNzU4LCJzcG90X2lkIjoxNDE0NTE4LCJyY2hhbmdlIjpmYWxzZX19XSwic2l0ZSI6eyJpZCI6IjE0MTQ1MTgiLCJwYWdlIjoiaHR0cHM6Ly9mbG93ZXJib29tcy5jb20vaW4vcC8/c3BvdF9pZD0xNDE0NTE4JmNhdD0yNSZzdWJfaWQ9NDM0NjA2OCIsImNhdCI6WyJJQUIyNSJdfSwiZGV2aWNlIjp7InciOjE2MDAsImgiOjEyMDB9LCJ1c2VyIjp7ImlkIjoiZjZra2IxanZ0bDducGZnbXE2OGwyIn0sImV4dCI6eyJkdCI6MTcyNjkyMTU3NDI4NH19 HTTP 302
https://cmpuwps.com/popunder/in/click/?mid=8764654079586711108&pid=0&site=1414518&sc=DE&usage_type=DCH&subid=4346068&sid=0&cid=14747&price=0.06340726956594638&is_cpm=0&cpm=0.09003431841039083&ecpm=0.07555680179595944&crid=&crtid=d41d8cd98f00b204e9800998ecf8427e&tcid=0&out_id=&ver=&ver_c=&refdom=flowerbooms.com&hostname=auc-popunder-hz-2&site_id=0&spot_id=1414518&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&burl=http%3A%2F%2Ftcimp.zog.link%2Fin%2Fwin%3Fkatds_ep%3D-6OyfsOTfK-HnRkWAzVq7q0sVxTYP0m-3EBnqla_Sa3CacEYaAyoHX-i4pUo57_GzbdGeZYgeo5Edj33j9IV6edOymYjg11tXJ01DVoXyKmvoSKQsYM4hC5iIfLxWeKITLx3ceCRMaKGc8uOGBBPejnZW11bXwmOw_PqnogXb22mTzm-Jg6sZYxmfjsmYpvw7p18Twd4gxm02N_DeTkEHiHW09r5D8KpQj7VeKkomwDhahMz10DQoF3U7eZR0HHb0Gol4mPhjNzRjIsmuqmFftjJOE4vmbAk816ObEEE2r7ijO9m4-IRCRT5P9oupa1Sw0IAl7y8MdJq6kEEBCR3QDDeam7vIUjESw&pop_winurl=&ip=78.159.108.27&testab=&px_id=1414518&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=39861651f939262816e86354e508d14b3f4b9038cd3e3032648086932858b3c4&exp=20&resp_type=&iabcat=IAB25&min_cpm=0.04170638604944494&placement_type_id=7&skin_test=&verify_hash=5bb444c21d20558bc958ffe035908b22&score=11.739835327481266&durl=&ml=&tag_ab=&original_bid=0.323&user_fp=0&v2=0&pop_type=0&space_id=1095&real_bid=&skin_id=&vertical_id=&stratagem=&accel=0&gyr=0&iabcat=IAB25&ip_mismatch=78.159.108.27&ua_mismatch=false&ssp=3758&rc=0&v2_track=0&otype=0&mn=0&priority=0&bb=0.035&url=https%3A%2F%2Fkts.vasstycom.com%2Fin%2F2660%2F%3Fkatds_ep%3DzVzfX10JwS1Sbr7Ay-nNX_O9Jyx38gxq2q5qri1kyK_bnRzV0gxEI32Sgzg9PcUMPD6ekIui-c-mYKLgSv-nItYcVh-szWiN17Qmzzw67k0NoTChnvLK3KFVYjd9GwcfSjBVyVPI5O5LYs25IYn7dlhP6-L9ckTuKYRoNFO9OeX-kyNfvHAn3Lip7B7y8gdNPMNDsc94n5xbxfsalTAd9afu1iWo2-CSE-8n5VrRZCWu0PwhPcSrV-JVphntEyGgjjE_Uxq9_vricsHjD-KkqInRHqRU9MdCnOuUz8jd_2XLun2N4Ytexke2PNiS4df_ZWRBBATENECnfxIsYQeIztZKM4YE-C3bywXdts1SFjlb9B0CazX_MZL8qMcX8-o8ugbt4QqLgFF6X3ubmZDOEALJpc9UcztEI1KV0gQDBriVZI7yPm6yGEtEyGMs5Aq4dXcG7nWptw0Tq4tqv9M5PYmYuIhKKqLFpFFXreR7XWgMK3grzgqZlxNW0lTg-nNlsY3D3FmNmxjw4JVUXIPFRw8687ThyiaKhw-b8jrpMW7jCMCYWV74lIA1DgB4PWgo3cQnx0G662snamFMJgxrO5wwBcaUsZwZpgXjsglLPXfcTLRDYm61tnrZDw07pxmHSRrNK1Tl-t5dfw0ITipRexBr-dsMb16j_CWtEZAHSExCOgp0__igULt36lNveBd6HDnWmVRea4FgtunEiPIqPbRXocZbXmFS1N4E6Zu7QdizM-FEgzu2qCxGTD0MltlYdaAplscKzXgylCHKaRFfqh4fQhAQllCkF_dh59SdDd9ueMU7diXqXwxOKtCZ7T9Tqx00uGUn1fVvrRP_TK0WADk5BtX72IG6e_oYvIBqkszHAtta8VqvAdX-vU-nbTHZo5wv9KS1J2Cbfa3fWCllrqyKbyZOWl1FpvO1crMBfvF4v0WZsp2sjErJNZBZtWlqzlo3cRbKgy6FkKY2YRN_IMmk0LsHZzo9MOUud-TnezJMLlye1Zw9AAMlbMtUXdjFcPIgL2ABOX4Vr8bH_-4Iy54TslPoEnNxLHuFUJA5vGiFojpE3DPuEUt8glhOKY3ifAbg8jQ80jqiW9ehJFtFUFYsiVKHV5NMzT0C-35Bl0bwnkMMQ8c0hDwNe99KutUtTQNHcaXSa2TnHg%26bid%3D0.09003431841039083&pr=&bid_crid=&bid_cid=&ad_tags=&is_interstitial=0&is_direct=1&label_ids=4,77,7&site_id64=&sp_cl=0&act_sess=0&sp_scr=0&intes=&izb=&ang=0&act_su=0&interest_vertical_ids=&v_scroll_freq=&time_sess=&ext_campaign_id=287464&scroll_percent=0&empty_clicks=0&aid=2022&high_freq_clicks=0&dev_console_activity=0&topics=&client_price=0.3188960075378434&direct_client_price=0&o_d=&is_webview=0&timezone_olson=&timezone_ip=Europe/Berlin&offer_label_ids=4,77,7&client_payment_model=cpcm&auction_time=1726921574&is_in_app=0 HTTP 302
https://kts.vasstycom.com/in/2660/?katds_ep=zVzfX10JwS1Sbr7Ay-nNX_O9Jyx38gxq2q5qri1kyK_bnRzV0gxEI32Sgzg9PcUMPD6ekIui-c-mYKLgSv-nItYcVh-szWiN17Qmzzw67k0NoTChnvLK3KFVYjd9GwcfSjBVyVPI5O5LYs25IYn7dlhP6-L9ckTuKYRoNFO9OeX-kyNfvHAn3Lip7B7y8gdNPMNDsc94n5xbxfsalTAd9afu1iWo2-CSE-8n5VrRZCWu0PwhPcSrV-JVphntEyGgjjE_Uxq9_vricsHjD-KkqInRHqRU9MdCnOuUz8jd_2XLun2N4Ytexke2PNiS4df_ZWRBBATENECnfxIsYQeIztZKM4YE-C3bywXdts1SFjlb9B0CazX_MZL8qMcX8-o8ugbt4QqLgFF6X3ubmZDOEALJpc9UcztEI1KV0gQDBriVZI7yPm6yGEtEyGMs5Aq4dXcG7nWptw0Tq4tqv9M5PYmYuIhKKqLFpFFXreR7XWgMK3grzgqZlxNW0lTg-nNlsY3D3FmNmxjw4JVUXIPFRw8687ThyiaKhw-b8jrpMW7jCMCYWV74lIA1DgB4PWgo3cQnx0G662snamFMJgxrO5wwBcaUsZwZpgXjsglLPXfcTLRDYm61tnrZDw07pxmHSRrNK1Tl-t5dfw0ITipRexBr-dsMb16j_CWtEZAHSExCOgp0__igULt36lNveBd6HDnWmVRea4FgtunEiPIqPbRXocZbXmFS1N4E6Zu7QdizM-FEgzu2qCxGTD0MltlYdaAplscKzXgylCHKaRFfqh4fQhAQllCkF_dh59SdDd9ueMU7diXqXwxOKtCZ7T9Tqx00uGUn1fVvrRP_TK0WADk5BtX72IG6e_oYvIBqkszHAtta8VqvAdX-vU-nbTHZo5wv9KS1J2Cbfa3fWCllrqyKbyZOWl1FpvO1crMBfvF4v0WZsp2sjErJNZBZtWlqzlo3cRbKgy6FkKY2YRN_IMmk0LsHZzo9MOUud-TnezJMLlye1Zw9AAMlbMtUXdjFcPIgL2ABOX4Vr8bH_-4Iy54TslPoEnNxLHuFUJA5vGiFojpE3DPuEUt8glhOKY3ifAbg8jQ80jqiW9ehJFtFUFYsiVKHV5NMzT0C-35Bl0bwnkMMQ8c0hDwNe99KutUtTQNHcaXSa2TnHg&bid=0.09003431841039083 HTTP 302
https://track.magicaladsolutions.net/link?&z=104381 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://click.exclkplat.com/click?i=ek9ErpuqpvY_0 HTTP 307
https://click.exclkplat.com/click?i=ek9ErpuqpvY_0 HTTP 302
https://go.advertia.click/active HTTP 302
http://iiiiiii.online/go/public/rotator HTTP 307
https://iiiiiii.online/go/public/rotator HTTP 301
https://flowerbooms.com/in/p/?spot_id=1414518&cat=25&sub_id=4346068

Request Chain 4

https://track.amon1.net/link?z=121194&pu=1&cs=O71ZSRsswTb98msmJ6MyNg HTTP 302
https://s.pemsrv.com/splash.php?idzone=5417968&type=8

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response googesites.com/	593 B 606 B	573ms 159ms	Document text/html	64.225.91.73 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://googesites.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 64.225.91.73 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sat, 21 Sep 2024 12:26:11 GMT ETag W/"63f68860-251" Last-Modified Wed, 22 Feb 2023 21:25:52 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked
GET H2	200	/ domaincntrol.com/	50 B 409 B	1090ms 993ms	Fetch text/javascript	2606:4700::6812:1b2d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://domaincntrol.com/?orighost=https://googesites.com/ Requested by Host: googesites.com URL: https://googesites.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1b2d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://googesites.com/ Response headers content-encoding gzip x_details {"bid":0.000069,"destination":"explor","orighost":"googesites.com","type":"org","finalurl":"http://click.exclkplat.com/click?i=ek9ErpuqpvY_0","browser":"chrome","os":"linux","country":"DE","device":"desktop","isbot":false,"botscore":99} cf-ray 8c6a0ad10ac939d6-FRA access-control-allow-origin * date Sat, 21 Sep 2024 12:26:12 GMT content-type text/javascript;charset=UTF-8 vary Accept-Encoding server cloudflare
GET H/1.1	200 OK	favicon.ico googesites.com/	593 B 606 B	164ms 164ms	Other text/html	64.225.91.73 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://googesites.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 64.225.91.73 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash `7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://googesites.com/ Response headers Transfer-Encoding chunked Content-Encoding gzip ETag W/"63f68860-251" Connection keep-alive Date Sat, 21 Sep 2024 12:26:11 GMT Content-Type text/html Last-Modified Wed, 22 Feb 2023 21:25:52 GMT Server nginx/1.18.0 (Ubuntu)
GET H2	200	/ Show response flowerbooms.com/in/p/ Redirect Chain http://click.exclkplat.com/click?i=ek9ErpuqpvY_0 https://click.exclkplat.com/click?i=ek9ErpuqpvY_0 https://go.advertia.click/active http://iiiiiii.online/go/public/rotator https://iiiiiii.online/go/public/rotator https://flowerbooms.com/in/p/?spot_id=1414518&cat=25&sub_id=4346068	6 KB 3 KB	84ms 22ms	Document text/html	2a02:128:7:4910::2 SERVEREL-AS
General Check archive.org Show headers Download Go to Full URL https://flowerbooms.com/in/p/?spot_id=1414518&cat=25&sub_id=4346068 Requested by Host: googesites.com URL: https://googesites.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:128:7:4910::2 , Czech Republic, ASN50245 (SERVEREL-AS, US), Reverse DNS Software nginx/1.20.1 / Resource Hash `54916c0f325c4e55a192b85ed76542d63f9469697c41835a813012228ed349e3` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 21 Sep 2024 12:26:14 GMT pragma no-cache server nginx/1.20.1 vary Accept-Encoding * Redirect headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" cache-control must-revalidate, no-cache, no-store, private content-encoding br content-length 202 content-type text/html; charset=utf-8 date Sat, 21 Sep 2024 12:26:13 GMT location https://flowerbooms.com/in/p/?spot_id=1414518&cat=25&sub_id=4346068 vary Accept-Encoding
GET H/1.1	200 OK	Primary Request link track.magicaladsolutions.net/ Redirect Chain https://cmpuwps.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7ImlkIjoxMDk1LCJ0eXBlIjoicG9wIiwic3BhY2VpZCI6MTA5NSwic3ViaWQiOiI0MzQ2MDY4Iiwic3NwIjozNzU4LCJzcG90X2lkIjoxNDE0NTE4LCJyY2hhbmdlIj... https://cmpuwps.com/popunder/in/click/?mid=8764654079586711108&pid=0&site=1414518&sc=DE&usage_type=DCH&subid=4346068&sid=0&cid=14747&price=0.06340726956594638&is_cpm=0&cpm=0.09003431841039083&ecpm=... https://kts.vasstycom.com/in/2660/?katds_ep=zVzfX10JwS1Sbr7Ay-nNX_O9Jyx38gxq2q5qri1kyK_bnRzV0gxEI32Sgzg9PcUMPD6ekIui-c-mYKLgSv-nItYcVh-szWiN17Qmzzw67k0NoTChnvLK3KFVYjd9GwcfSjBVyVPI5O5LYs25IYn7dlhP6... https://track.magicaladsolutions.net/link?&z=104381	553 B 1 KB	82ms 15ms	Document text/html	195.201.106.161 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://track.magicaladsolutions.net/link?&z=104381 Requested by Host: flowerbooms.com URL: https://flowerbooms.com/in/p/?spot_id=1414518&cat=25&sub_id=4346068 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 195.201.106.161 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS hz3.infra Software nginx / Resource Hash Request headers Referer https://flowerbooms.com/in/p/?spot_id=1414518&cat=25&sub_id=4346068 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Cache-Control no-store, max-age=0 Connection keep-alive Content-Type text/html; charset=UTF-8 Date Sat, 21 Sep 2024 12:26:15 GMT Expires Sun, 27 May 1979 00:00:00 GMT Pragma no-cache Server nginx Transfer-Encoding chunked Redirect headers access-control-allow-credentials true access-control-allow-origin * cache-control no-cache, no-store, must-revalidate content-length 0 content-type text/html; charset=UTF-8 date Sat, 21 Sep 2024 12:26:15 GMT location https://track.magicaladsolutions.net/link?&z=104381 pragma no-cache server nginx/1.20.1 vary *
GET H/1.1	200 OK	splash.php Show response s.pemsrv.com/ Redirect Chain https://track.amon1.net/link?z=121194&pu=1&cs=O71ZSRsswTb98msmJ6MyNg https://s.pemsrv.com/splash.php?idzone=5417968&type=8	0 292 B	56ms 17ms	Document text/html	95.211.229.247 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://s.pemsrv.com/splash.php?idzone=5417968&type=8 Requested by Host: track.magicaladsolutions.net URL: https://track.magicaladsolutions.net/link?&z=104381 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://track.magicaladsolutions.net/link?&z=104381 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Headers X-CH-VALUES Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Sat, 21 Sep 2024 12:26:15 GMT Server nginx Transfer-Encoding chunked X-Robots-Tag noindex, follow Redirect headers cache-control no-store, max-age=0 cf-cache-status DYNAMIC cf-ray 8c6a0ae4b86e9a2a-FRA content-type text/html; charset=UTF-8 date Sat, 21 Sep 2024 12:26:15 GMT expires Sun, 27 May 1979 00:00:00 GMT location https://s.pemsrv.com/splash.php?idzone=5417968&type=8 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lEZvWL59n3LSGf2VZ4VICUKHRZ9ix5tYipERMCpAjBcMyrtINSWv4ytBVCSOUnURnCw2iL8NPnZYX2sqzCe8qHbWavkBNOfrpeheWQG7oOaXCGScaELpnsancBqImEH7LM4%3D"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation"
GET H/1.1	204 No Content	favicon.ico s.pemsrv.com/	0 134 B	14ms 13ms	Other text/plain	95.211.229.247 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Full URL https://s.pemsrv.com/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://s.pemsrv.com/splash.php?idzone=5417968&type=8 Response headers X-Robots-Tag noindex, follow Date Sat, 21 Sep 2024 12:26:15 GMT Server nginx Connection keep-alive

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
iiiiiii.online/	1970-01-20 23:42:08	Name: XSRF-TOKEN Value: eyJpdiI6ImZVWTY4THlLYTVJbWZBdlpiQklBaEE9PSIsInZhbHVlIjoiZTVYMHRMZmZPbjJqQzhpTGZxRS9IWkFjblNDeGxJandkSGJYT3Z1MzJKdE5TTGhMOVcrVnFpMmpIN0paZXFtQm0vQThVYUNjZ2c4SndIbmY3THhEcXBKTGtBb2ZIcFN0YWx4a0tuQ0xjV2w5Z1JnZjh6bEhEMkFCWW1oTUZrVmYiLCJtYWMiOiI4NzI1ZjQ0NTA4ODFkMDQwZTQzY2ViMjY1OTg1YTNiNTRjZmVjZmU4MTMzMDRkYmZkNDNkNjE4YTMzZTgwNmRiIiwidGFnIjoiIn0%3D
iiiiiii.online/	1970-01-20 23:42:08	Name: phpshort_session Value: eyJpdiI6ImlxbFJxRTRteGVnc29DbHhVdmhqUWc9PSIsInZhbHVlIjoiYjBlUVJsRllSQUZuNml6Nkp3SkphbFluVk1Td3ZJRTdPTHpmQ1ZMN0cxaXYxS3J4bDRFT1Jkb0JYcUxLSHVoRzVRN25ZZUVyeTJKWEZ3M2FSSVVlbmJOY1E5bk0ySGJZQjloQzF5bzJZRElsQzBPenJIVjBUc2JNazRWeTVCVlUiLCJtYWMiOiIzNjg4Y2YwMzYzMjc1NjY5NDU2ZjBiOTFhZDY5Y2VmMzY2YmJlYWRkNDE1MWQwZTVkN2Q4NGMwNTRjZDQ0Njk0IiwidGFnIjoiIn0%3D
flowerbooms.com/	1970-01-20 23:43:27	Name: 1095.0 Value: 1
cmpuwps.com/	1970-01-20 23:42:02	Name: feed_click:14747 Value: 1
kts.vasstycom.com/	1970-01-20 23:43:27	Name: 2660.287464 Value: 1
.magicaladsolutions.net/	1970-01-21 08:27:37	Name: aso_uid Value: 78ed791a140aa81cc5ee2365fc102962ebf673a4
.magicaladsolutions.net/	1970-01-21 00:25:13	Name: aso_ui Value: 59yx_slph7r
.magicaladsolutions.net/	1970-01-21 00:25:13	Name: aso_ur Value: g91_slph7r
.amon1.net/	1970-01-21 00:25:13	Name: aso_ui Value: 5bgt_slph7r
.amon1.net/	1970-01-21 00:25:13	Name: aso_ur Value: cyh_slph7r

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.exclkplat.com
cmpuwps.com
domaincntrol.com
flowerbooms.com
go.advertia.click
googesites.com
iiiiiii.online
kts.vasstycom.com
s.pemsrv.com
track.amon1.net
track.magicaladsolutions.net
172.67.179.172
195.201.106.161
207.174.61.1
2604:9e00:1:129::2:b2a
2606:4700::6812:1b2d
2a02:128:7:4910::2
2a02:128:7:5417::2
64.225.91.73
75.102.22.187
94.130.197.239
95.211.229.247
54916c0f325c4e55a192b85ed76542d63f9469697c41835a813012228ed349e3
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

track.magicaladsolutions.net Open in urlscan Pro 195.201.106.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

36 %IPv6

11 Domains

11 Subdomains

5 IPs

4 Countries

6 kBTransfer

8 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

10 Cookies

Indicators

track.magicaladsolutions.net Open in urlscan Pro
195.201.106.161 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

36 %
IPv6

11
Domains

11
Subdomains

5
IPs

4
Countries

6 kB
Transfer

8 kB
Size

10
Cookies

7 HTTP transactions
0 data transactions