173.252.193.34 Open in urlscan Pro
173.252.193.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://173.252.193.34/KHEQ.foyvtwdf?dCLqD9fcZjqqczg7ccGcVCcGcG31XkWRxcbbb55
Effective URL:
http://173.252.193.34/unsubscribe.php
Submission: On March 31 via api (March 31st 2024, 12:04:40 pm UTC) from BE — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 0 domains to perform 12 HTTP transactions. The main IP is 173.252.193.34, located in United States and belongs to TAKE2, US. The main domain is 173.252.193.34.

This is the only time 173.252.193.34 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 13	173.252.193.34 173.252.193.34		20248 (TAKE2) (TAKE2)
12	1

13 173.252.193.34 (United States) 1 redirects

ASN20248 (TAKE2, US)
PTR: underfriends.net

173.252.193.34	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	0

	Domain	Requested by
12	0

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://173.252.193.34/unsubscribe.php
Frame ID: B01147E2F5D16A12F46166A75B8C1193
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Coming Soon

Page URL History Show full URLs

http://173.252.193.34/KHEQ.foyvtwdf?dCLqD9fcZjqqczg7ccGcVCcGcG31XkWRxcbbb55 HTTP 307
https://173.252.193.34/KHEQ.foyvtwdf?dCLqD9fcZjqqczg7ccGcVCcGcG31XkWRxcbbb55 HTTP 307
http://173.252.193.34/KHEQ.foyvtwdf?dCLqD9fcZjqqczg7ccGcVCcGcG31XkWRxcbbb55 HTTP 302
http://173.252.193.34/unsubscribe.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Cufon (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

cufon-yui\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

1
IPs

1
Countries

236 kB
Transfer

234 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://173.252.193.34/KHEQ.foyvtwdf?dCLqD9fcZjqqczg7ccGcVCcGcG31XkWRxcbbb55 HTTP 307
https://173.252.193.34/KHEQ.foyvtwdf?dCLqD9fcZjqqczg7ccGcVCcGcG31XkWRxcbbb55 HTTP 307
http://173.252.193.34/KHEQ.foyvtwdf?dCLqD9fcZjqqczg7ccGcVCcGcG31XkWRxcbbb55 HTTP 302
http://173.252.193.34/unsubscribe.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request unsubscribe.php Show response 173.252.193.34/ Redirect Chain http://173.252.193.34/KHEQ.foyvtwdf?dCLqD9fcZjqqczg7ccGcVCcGcG31XkWRxcbbb55 https://173.252.193.34/KHEQ.foyvtwdf?dCLqD9fcZjqqczg7ccGcVCcGcG31XkWRxcbbb55 http://173.252.193.34/KHEQ.foyvtwdf?dCLqD9fcZjqqczg7ccGcVCcGcG31XkWRxcbbb55 http://173.252.193.34/unsubscribe.php	2 KB 2 KB	300ms 150ms	Document text/html	173.252.193.34 TAKE2
General Check archive.org Show headers Download Go to Full URL http://173.252.193.34/unsubscribe.php Protocol HTTP/1.1 Server 173.252.193.34 , United States, ASN20248 (TAKE2, US), Reverse DNS underfriends.net Software Apache / Resource Hash `7c28846c73ac10e1f836dfbd7f9fb390b5e57c0ff8fac0cda1b98163c3376ad0` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection close Content-Length 2082 Content-Type text/html; charset=UTF-8 Date Sun, 31 Mar 2024 12:04:35 GMT Server Apache Redirect headers Connection close Content-Length 0 Content-Type text/html; charset=UTF-8 Date Sun, 31 Mar 2024 12:04:33 GMT Location ./unsubscribe.php Server Apache
GET H/1.1	200 OK	style.css 173.252.193.34/tools/	3 KB 3 KB	300ms 150ms	Stylesheet text/css	173.252.193.34 TAKE2
General Check archive.org Show headers Download Go to Full URL http://173.252.193.34/tools/style.css Requested by Host: 173.252.193.34 URL: http://173.252.193.34/unsubscribe.php Protocol HTTP/1.1 Server 173.252.193.34 , United States, ASN20248 (TAKE2, US), Reverse DNS underfriends.net Software Apache / Resource Hash `bedd958240b7dc3b1d12cdd638da13c14b00fb3870406412205f05698a554b77` Request headers accept-language de-DE,de;q=0.9 Referer http://173.252.193.34/unsubscribe.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Sun, 31 Mar 2024 12:04:35 GMT Last-Modified Mon, 25 Dec 2023 09:48:08 GMT Server Apache ETag "af5-60d527699a3d3" Content-Type text/css Connection close Accept-Ranges bytes Content-Length 2805
GET H/1.1	200 OK	jquery.min.js Show response 173.252.193.34/tools/	91 KB 91 KB	301ms 152ms	Script application/javascript	173.252.193.34 TAKE2
General Check archive.org Show headers Download Go to Full URL http://173.252.193.34/tools/jquery.min.js Requested by Host: 173.252.193.34 URL: http://173.252.193.34/unsubscribe.php Protocol HTTP/1.1 Server 173.252.193.34 , United States, ASN20248 (TAKE2, US), Reverse DNS underfriends.net Software Apache / Resource Hash `f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729` Request headers accept-language de-DE,de;q=0.9 Referer http://173.252.193.34/unsubscribe.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Sun, 31 Mar 2024 12:04:35 GMT Last-Modified Mon, 25 Dec 2023 09:48:08 GMT Server Apache ETag "16cfb-60d527692b27b" Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 93435
GET H/1.1	200 OK	cufon-yui.js Show response 173.252.193.34/tools/	18 KB 18 KB	302ms 153ms	Script application/javascript	173.252.193.34 TAKE2
General Check archive.org Show headers Download Go to Full URL http://173.252.193.34/tools/cufon-yui.js Requested by Host: 173.252.193.34 URL: http://173.252.193.34/unsubscribe.php Protocol HTTP/1.1 Server 173.252.193.34 , United States, ASN20248 (TAKE2, US), Reverse DNS underfriends.net Software Apache / Resource Hash `186707c7ae0d45cba1490a5556f59fc371f6ab88cc16c452fef8b70072cb5e54` Request headers accept-language de-DE,de;q=0.9 Referer http://173.252.193.34/unsubscribe.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Sun, 31 Mar 2024 12:04:35 GMT Last-Modified Mon, 25 Dec 2023 09:48:07 GMT Server Apache ETag "4751-60d52768ba9b3" Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 18257
GET H/1.1	200 OK	Bebas_400.font.js Show response 173.252.193.34/tools/	32 KB 32 KB	303ms 154ms	Script application/javascript	173.252.193.34 TAKE2
General Check archive.org Show headers Download Go to Full URL http://173.252.193.34/tools/Bebas_400.font.js Requested by Host: 173.252.193.34 URL: http://173.252.193.34/unsubscribe.php Protocol HTTP/1.1 Server 173.252.193.34 , United States, ASN20248 (TAKE2, US), Reverse DNS underfriends.net Software Apache / Resource Hash `723a14a017216078ff4287742364ae5663d3f44ab8639c9860105d522f5c80cd` Request headers accept-language de-DE,de;q=0.9 Referer http://173.252.193.34/unsubscribe.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Sun, 31 Mar 2024 12:04:35 GMT Last-Modified Mon, 25 Dec 2023 09:48:06 GMT Server Apache ETag "8026-60d52767b986b" Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 32806
GET H/1.1	200 OK	Bell_Gothic_Std_300.font.js Show response 173.252.193.34/tools/	17 KB 17 KB	385ms 235ms	Script application/javascript	173.252.193.34 TAKE2
General Check archive.org Show headers Download Go to Full URL http://173.252.193.34/tools/Bell_Gothic_Std_300.font.js Requested by Host: 173.252.193.34 URL: http://173.252.193.34/unsubscribe.php Protocol HTTP/1.1 Server 173.252.193.34 , United States, ASN20248 (TAKE2, US), Reverse DNS underfriends.net Software Apache / Resource Hash `797d88bb4bb81be2791246a6d55c736a1935601a5b10ceb047b93e1bef939c5d` Request headers accept-language de-DE,de;q=0.9 Referer http://173.252.193.34/unsubscribe.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Sun, 31 Mar 2024 12:04:35 GMT Last-Modified Mon, 25 Dec 2023 09:48:07 GMT Server Apache ETag "4364-60d5276836483" Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 17252
GET H/1.1	200 OK	bg.png 173.252.193.34/images/	49 KB 49 KB	293ms 147ms	Image image/png	173.252.193.34 TAKE2
General Check archive.org Show headers Download Go to Show image Full URL http://173.252.193.34/images/bg.png Requested by Host: 173.252.193.34 URL: http://173.252.193.34/tools/style.css Protocol HTTP/1.1 Server 173.252.193.34 , United States, ASN20248 (TAKE2, US), Reverse DNS underfriends.net Software Apache / Resource Hash `75de116f617dfa6a817b539142d87398ed991c8c2d2d4c369712c82aca2c15ad` Request headers accept-language de-DE,de;q=0.9 Referer http://173.252.193.34/tools/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Sun, 31 Mar 2024 12:04:36 GMT Last-Modified Mon, 25 Dec 2023 09:48:15 GMT Server Apache ETag "c294-60d52770af3a3" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 49812
GET H/1.1	200 OK	logo.png 173.252.193.34/images/	11 KB 11 KB	296ms 148ms	Image image/png	173.252.193.34 TAKE2
General Check archive.org Show headers Download Go to Show image Full URL http://173.252.193.34/images/logo.png Requested by Host: 173.252.193.34 URL: http://173.252.193.34/tools/style.css Protocol HTTP/1.1 Server 173.252.193.34 , United States, ASN20248 (TAKE2, US), Reverse DNS underfriends.net Software Apache / Resource Hash `81c1cbeac5dbae23de8968535fbd52501e792a70e5d86df2bbca2e876befd732` Request headers accept-language de-DE,de;q=0.9 Referer http://173.252.193.34/tools/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Sun, 31 Mar 2024 12:04:36 GMT Last-Modified Mon, 25 Dec 2023 09:48:17 GMT Server Apache ETag "2a25-60d5277246b2b" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 10789
GET H/1.1	200 OK	divider.png 173.252.193.34/images/	1 KB 1 KB	297ms 149ms	Image image/png	173.252.193.34 TAKE2
General Check archive.org Show headers Download Go to Show image Full URL http://173.252.193.34/images/divider.png Requested by Host: 173.252.193.34 URL: http://173.252.193.34/tools/style.css Protocol HTTP/1.1 Server 173.252.193.34 , United States, ASN20248 (TAKE2, US), Reverse DNS underfriends.net Software Apache / Resource Hash `772281f01a63ed1ba41d538c4fe9765de53d72f2bee0d9d1a0e04dd5a53db6b1` Request headers accept-language de-DE,de;q=0.9 Referer http://173.252.193.34/tools/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Sun, 31 Mar 2024 12:04:36 GMT Last-Modified Mon, 25 Dec 2023 09:48:16 GMT Server Apache ETag "4a8-60d5277142b03" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 1192
GET H/1.1	200 OK	s_icons.png 173.252.193.34/images/	9 KB 9 KB	296ms 149ms	Image image/png	173.252.193.34 TAKE2
General Check archive.org Show headers Download Go to Show image Full URL http://173.252.193.34/images/s_icons.png Requested by Host: 173.252.193.34 URL: http://173.252.193.34/tools/style.css Protocol HTTP/1.1 Server 173.252.193.34 , United States, ASN20248 (TAKE2, US), Reverse DNS underfriends.net Software Apache / Resource Hash `74149575814f9979550d2346552b1d958ffc704553a8ff4e8f374c6c189c8074` Request headers accept-language de-DE,de;q=0.9 Referer http://173.252.193.34/tools/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Sun, 31 Mar 2024 12:04:36 GMT Last-Modified Mon, 25 Dec 2023 09:48:18 GMT Server Apache ETag "2350-60d52772c8564" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 9040
GET H/1.1	200 OK	field.png 173.252.193.34/images/	2 KB 2 KB	297ms 149ms	Image image/png	173.252.193.34 TAKE2
General Check archive.org Show headers Download Go to Show image Full URL http://173.252.193.34/images/field.png Requested by Host: 173.252.193.34 URL: http://173.252.193.34/tools/style.css Protocol HTTP/1.1 Server 173.252.193.34 , United States, ASN20248 (TAKE2, US), Reverse DNS underfriends.net Software Apache / Resource Hash `3ae9d067b14126e6ac42cc7a783209d7d97130568cf8ca35cbd44951bf76939f` Request headers accept-language de-DE,de;q=0.9 Referer http://173.252.193.34/tools/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Date Sun, 31 Mar 2024 12:04:36 GMT Last-Modified Mon, 25 Dec 2023 09:48:17 GMT Server Apache ETag "647-60d52771b4753" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 1607
GET H/1.1	404 Not Found	favicon.ico 173.252.193.34/	146 B 328 B	304ms 155ms	Other text/html	173.252.193.34 TAKE2
General Check archive.org Show headers Download Go to Full URL http://173.252.193.34/favicon.ico Protocol HTTP/1.1 Server 173.252.193.34 , United States, ASN20248 (TAKE2, US), Reverse DNS underfriends.net Software Apache / Resource Hash `6b1515cf6376a9b5e9fa32223e21f4834f36ed29c8815d95f997de76dac7fef0` Request headers accept-language de-DE,de;q=0.9 Referer http://173.252.193.34/unsubscribe.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Status 404 Not Found Date Sun, 31 Mar 2024 12:04:36 GMT Server Apache Connection close Content-Length 146 Content-Type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal function| $ function| jQuery function| Cufon

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://173.252.193.34/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

173.252.193.34
186707c7ae0d45cba1490a5556f59fc371f6ab88cc16c452fef8b70072cb5e54
3ae9d067b14126e6ac42cc7a783209d7d97130568cf8ca35cbd44951bf76939f
6b1515cf6376a9b5e9fa32223e21f4834f36ed29c8815d95f997de76dac7fef0
723a14a017216078ff4287742364ae5663d3f44ab8639c9860105d522f5c80cd
74149575814f9979550d2346552b1d958ffc704553a8ff4e8f374c6c189c8074
75de116f617dfa6a817b539142d87398ed991c8c2d2d4c369712c82aca2c15ad
772281f01a63ed1ba41d538c4fe9765de53d72f2bee0d9d1a0e04dd5a53db6b1
797d88bb4bb81be2791246a6d55c736a1935601a5b10ceb047b93e1bef939c5d
7c28846c73ac10e1f836dfbd7f9fb390b5e57c0ff8fac0cda1b98163c3376ad0
81c1cbeac5dbae23de8968535fbd52501e792a70e5d86df2bbca2e876befd732
bedd958240b7dc3b1d12cdd638da13c14b00fb3870406412205f05698a554b77
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729

173.252.193.34 Open in urlscan Pro 173.252.193.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

0 %HTTPS

0 %IPv6

0 Domains

0 Subdomains

1 IPs

1 Countries

236 kBTransfer

234 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

173.252.193.34 Open in urlscan Pro
173.252.193.34 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

1
IPs

1
Countries

236 kB
Transfer

234 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions