Submitted URL: https://ww1.securestratum.co/
Effective URL: https://marabouinternational.com/?utm_source=google
Submission: On November 28 via automatic, source certstream-suspicious — Scanned from US

Summary

This website contacted 6 IPs in 2 countries across 9 domains to perform 13 HTTP transactions. The main IP is 64.225.91.73, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is marabouinternational.com.
TLS certificate: Issued by E6 on October 22nd 2024. Valid for: 3 months.
This is the only time marabouinternational.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 64.190.63.136 47846 (SEDO-AS S...)
1 1 173.239.53.32 27257 (WEBAIR-IN...)
1 2 54.82.7.206 14618 (AMAZON-AES)
1 1 5.161.250.225 213230 (HETZNER-C...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 64.225.91.73 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
13 6
Apex Domain
Subdomains
Transfer
5 securestratum.co
ww1.securestratum.co
4 KB
4 c0nect.com
go.c0nect.com — Cisco Umbrella Rank: 173655
1 KB
2 marabouinternational.com
marabouinternational.com
ww2.marabouinternational.com Failed
1 KB
2 ernus-dop.com
ernus-dop.com
4 KB
1 domaincntrol.com
domaincntrol.com — Cisco Umbrella Rank: 205886
355 B
1 trafficdecisions.com
user-agent.trafficdecisions.com — Cisco Umbrella Rank: 170638
573 B
1 so-gre8.net
so-gre8.net
279 B
1 sedodna.com
xml.sedodna.com — Cisco Umbrella Rank: 301377
309 B
0 sedoparking.com Failed
img.sedoparking.com Failed
13 9
Domain Requested by
5 ww1.securestratum.co 2 redirects ww1.securestratum.co
4 go.c0nect.com ernus-dop.com
2 marabouinternational.com
2 ernus-dop.com 1 redirects ww1.securestratum.co
1 domaincntrol.com marabouinternational.com
1 user-agent.trafficdecisions.com 1 redirects
1 so-gre8.net 1 redirects
1 xml.sedodna.com 1 redirects
0 ww2.marabouinternational.com Failed marabouinternational.com
0 img.sedoparking.com Failed
13 10

This site contains no links.

Subject Issuer Validity Valid
ww1.securestratum.co
Encryption Everywhere DV TLS CA - G2
2024-11-28 -
2025-11-28
a year crt.sh
ernus-dop.com
Amazon RSA 2048 M02
2024-11-22 -
2025-12-22
a year crt.sh
c0nect.com
WE1
2024-10-08 -
2025-01-06
3 months crt.sh
marabouinternational.com
E6
2024-10-22 -
2025-01-20
3 months crt.sh
domaincntrol.com
WE1
2024-11-19 -
2025-02-17
3 months crt.sh

This page contains 1 frames:

Frame: https://ww2.marabouinternational.com/
Frame ID: B6D08F7F82F71E0EC32EEC871757D8C0
Requests: 13 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://ww1.securestratum.co/ Page URL
  2. https://ww1.securestratum.co/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D4OYIh1Zlf1... HTTP 302
    https://ww1.securestratum.co/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D4OYIh1Zlf1... HTTP 302
    https://xml.sedodna.com/click?i=4OYIh1Zlf1M_0 HTTP 302
    https://ernus-dop.com/zclkvisitor/1a2e1954-ad37-11ef-9254-0affdae274bf/9232f590-d991-493f-b95d-d38... Page URL
  3. https://ernus-dop.com/zclkredirect?visitid=1a2e1954-ad37-11ef-9254-0affdae274bf&type=js&browserWid... HTTP 302
    https://so-gre8.net/r/p4kW_M4HogvN-3PqArohx9XZBdsqVV_vy0xaiPFD_iaxz5i6kme1XnSiPyB7rE1hioAyRZX_39... HTTP 302
    https://user-agent.trafficdecisions.com/okay/?d=okay&t=2 HTTP 302
    https://go.c0nect.com/?t=3 Page URL
  4. https://go.c0nect.com/?d=undefined&t=3-post&8s4n53_source=1732763768819&8s4n53_domain=http://marab... Page URL
  5. http://marabouinternational.com/?utm_source=google HTTP 307
    https://marabouinternational.com/?utm_source=google Page URL

Page Statistics

13
Requests

85 %
HTTPS

38 %
IPv6

9
Domains

10
Subdomains

6
IPs

2
Countries

9 kB
Transfer

8 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ww1.securestratum.co/ Page URL
  2. https://ww1.securestratum.co/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D4OYIh1Zlf1M_0&v=MmE1MDQ3NTE5MWNmYTJiZjQzZDcwMDI0Y2Q0ZWZjNGQJMQl3dzEuc2VjdXJlc3RyYXR1bS5jbzY3NDdlMDc0NjU3ODUwLjg2Njk1NjUxCXd3MS5zZWN1cmVzdHJhdHVtLmNvNjc0N2UwNzQ2NTdkNDUuMTg5NzQ2NzcJMTczMjc2Mzc2NglhZF82M18w&l=ogchaiYvn_m2VjY1QEa0CLNG94RA_AHIH1PD0tcH5iM19kqRwIIEeZfpEIxaUvrLg3kpWH6Z2SXe35EEMJ4L28HycoObtQUxzuEzA9bJjCbnmm_WoBDS7xNfoijzROz7eB0ZoLZvVhiJC1z_LddoGkigXm6ovEGLzhPCPyORHcAG3Zg6kti5cUwsODi5pxKos3Y-ktnLVED0EH7DOE1aZj5wJ8aBscQgnA6_k4idWlGIaNkE6azO9ZqX06brbkOeuYdd3mpr0tUfSUPkRBLhmQQXNSMfJN4z0CLc9K0lF3zlUcTxP1FxCLQcpBU8gKzONcR_Vq6NEYIKnOJIexmAci3Xwp2ojyceJfUeuQyGvsy6uZRvb23pgMlInPJm7nkwdLgfjHXky3bzsznSSKXSexgqlu7mAgyEOHRYtuDESKErhIoN_-SYa1s8P_sgRRwRGFbt2BBoGkui31rtA7qDgEMJk3InBc4oLoSSe_PE3RT4zax5GdFnVzSP0utNi6MlnalJzhf2IzcbcYII6jImJlF07X5w0O4rtAhdTTbopA9uRh1EHz6OgaHLLbwUJAhp_ffITrmvsZZGz3J6EREQHhqhA8u8kxXKa3IqY-RWtFXiXFKwqXCtMNDNwALXT02__jKQogyLe7o5INmXLiHD6yoXYvZ_cDmp1Oyef4leeOaPyTbiVX0WlSKRm6sK5F-EWgHt940DKMlBbf7xHpFyjQ HTTP 302
    https://ww1.securestratum.co/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D4OYIh1Zlf1M_0&v=MmE1MDQ3NTE5MWNmYTJiZjQzZDcwMDI0Y2Q0ZWZjNGQJMQl3dzEuc2VjdXJlc3RyYXR1bS5jbzY3NDdlMDc0NjU3ODUwLjg2Njk1NjUxCXd3MS5zZWN1cmVzdHJhdHVtLmNvNjc0N2UwNzQ2NTdkNDUuMTg5NzQ2NzcJMTczMjc2Mzc2NglhZF82M18w&l=ogchaiYvn_m2VjY1QEa0CLNG94RA_AHIH1PD0tcH5iM19kqRwIIEeZfpEIxaUvrLg3kpWH6Z2SXe35EEMJ4L28HycoObtQUxzuEzA9bJjCbnmm_WoBDS7xNfoijzROz7eB0ZoLZvVhiJC1z_LddoGkigXm6ovEGLzhPCPyORHcAG3Zg6kti5cUwsODi5pxKos3Y-ktnLVED0EH7DOE1aZj5wJ8aBscQgnA6_k4idWlGIaNkE6azO9ZqX06brbkOeuYdd3mpr0tUfSUPkRBLhmQQXNSMfJN4z0CLc9K0lF3zlUcTxP1FxCLQcpBU8gKzONcR_Vq6NEYIKnOJIexmAci3Xwp2ojyceJfUeuQyGvsy6uZRvb23pgMlInPJm7nkwdLgfjHXky3bzsznSSKXSexgqlu7mAgyEOHRYtuDESKErhIoN_-SYa1s8P_sgRRwRGFbt2BBoGkui31rtA7qDgEMJk3InBc4oLoSSe_PE3RT4zax5GdFnVzSP0utNi6MlnalJzhf2IzcbcYII6jImJlF07X5w0O4rtAhdTTbopA9uRh1EHz6OgaHLLbwUJAhp_ffITrmvsZZGz3J6EREQHhqhA8u8kxXKa3IqY-RWtFXiXFKwqXCtMNDNwALXT02__jKQogyLe7o5INmXLiHD6yoXYvZ_cDmp1Oyef4leeOaPyTbiVX0WlSKRm6sK5F-EWgHt940DKMlBbf7xHpFyjQ HTTP 302
    https://xml.sedodna.com/click?i=4OYIh1Zlf1M_0 HTTP 302
    https://ernus-dop.com/zclkvisitor/1a2e1954-ad37-11ef-9254-0affdae274bf/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=1a3a4e52-ad37-11ef-9254-0affdae274bf Page URL
  3. https://ernus-dop.com/zclkredirect?visitid=1a2e1954-ad37-11ef-9254-0affdae274bf&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
    https://so-gre8.net/r/p4kW_M4HogvN-3PqArohx9XZBdsqVV_vy0xaiPFD_iaxz5i6kme1XnSiPyB7rE1hioAyRZX_39Q7-k9gKI2UzfcBGDCgbtiji3TrIE4k0yv544B0te5at-6eClkf5xtz4_zQVsFIoNe23ST5W_Ssy_tsTqLphEsGdI7FPL7UwwItech732KWPOtmZdvz9wjq3Es7Y1TYPnJGk0VpfjAQbeU3lwR4m6_JieNSuYOjpd9AEycA2soPMtkcHnM3N5TmPzA5WFJPnV3wPuLvPAy3m70eaTTjxd_rCGziyxyanp9lbZyDE1wNQ8MMgIEgOY6tHl9pSsAGYEojCHM92_xS2sffacXc0i5AdygJy0WPH65SNcYv5iJSFuMBO7lP45rboqbWdr21Pf3fOlrp98pVb46MhN9Lwd3_Y4YOBLlNjZym-cEZkt72BzqmZoaVG7A_ZMLZDfsGmbslmJQsTtvylhF1VgKIGIDbhR1HpQ HTTP 302
    https://user-agent.trafficdecisions.com/okay/?d=okay&t=2 HTTP 302
    https://go.c0nect.com/?t=3 Page URL
  4. https://go.c0nect.com/?d=undefined&t=3-post&8s4n53_source=1732763768819&8s4n53_domain=http://marabouinternational.com?utm_source=google Page URL
  5. http://marabouinternational.com/?utm_source=google HTTP 307
    https://marabouinternational.com/?utm_source=google Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ww1.securestratum.co/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D4OYIh1Zlf1M_0&v=MmE1MDQ3NTE5MWNmYTJiZjQzZDcwMDI0Y2Q0ZWZjNGQJMQl3dzEuc2VjdXJlc3RyYXR1bS5jbzY3NDdlMDc0NjU3ODUwLjg2Njk1NjUxCXd3MS5zZWN1cmVzdHJhdHVtLmNvNjc0N2UwNzQ2NTdkNDUuMTg5NzQ2NzcJMTczMjc2Mzc2NglhZF82M18w&l=ogchaiYvn_m2VjY1QEa0CLNG94RA_AHIH1PD0tcH5iM19kqRwIIEeZfpEIxaUvrLg3kpWH6Z2SXe35EEMJ4L28HycoObtQUxzuEzA9bJjCbnmm_WoBDS7xNfoijzROz7eB0ZoLZvVhiJC1z_LddoGkigXm6ovEGLzhPCPyORHcAG3Zg6kti5cUwsODi5pxKos3Y-ktnLVED0EH7DOE1aZj5wJ8aBscQgnA6_k4idWlGIaNkE6azO9ZqX06brbkOeuYdd3mpr0tUfSUPkRBLhmQQXNSMfJN4z0CLc9K0lF3zlUcTxP1FxCLQcpBU8gKzONcR_Vq6NEYIKnOJIexmAci3Xwp2ojyceJfUeuQyGvsy6uZRvb23pgMlInPJm7nkwdLgfjHXky3bzsznSSKXSexgqlu7mAgyEOHRYtuDESKErhIoN_-SYa1s8P_sgRRwRGFbt2BBoGkui31rtA7qDgEMJk3InBc4oLoSSe_PE3RT4zax5GdFnVzSP0utNi6MlnalJzhf2IzcbcYII6jImJlF07X5w0O4rtAhdTTbopA9uRh1EHz6OgaHLLbwUJAhp_ffITrmvsZZGz3J6EREQHhqhA8u8kxXKa3IqY-RWtFXiXFKwqXCtMNDNwALXT02__jKQogyLe7o5INmXLiHD6yoXYvZ_cDmp1Oyef4leeOaPyTbiVX0WlSKRm6sK5F-EWgHt940DKMlBbf7xHpFyjQ HTTP 302
  • https://ww1.securestratum.co/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D4OYIh1Zlf1M_0&v=MmE1MDQ3NTE5MWNmYTJiZjQzZDcwMDI0Y2Q0ZWZjNGQJMQl3dzEuc2VjdXJlc3RyYXR1bS5jbzY3NDdlMDc0NjU3ODUwLjg2Njk1NjUxCXd3MS5zZWN1cmVzdHJhdHVtLmNvNjc0N2UwNzQ2NTdkNDUuMTg5NzQ2NzcJMTczMjc2Mzc2NglhZF82M18w&l=ogchaiYvn_m2VjY1QEa0CLNG94RA_AHIH1PD0tcH5iM19kqRwIIEeZfpEIxaUvrLg3kpWH6Z2SXe35EEMJ4L28HycoObtQUxzuEzA9bJjCbnmm_WoBDS7xNfoijzROz7eB0ZoLZvVhiJC1z_LddoGkigXm6ovEGLzhPCPyORHcAG3Zg6kti5cUwsODi5pxKos3Y-ktnLVED0EH7DOE1aZj5wJ8aBscQgnA6_k4idWlGIaNkE6azO9ZqX06brbkOeuYdd3mpr0tUfSUPkRBLhmQQXNSMfJN4z0CLc9K0lF3zlUcTxP1FxCLQcpBU8gKzONcR_Vq6NEYIKnOJIexmAci3Xwp2ojyceJfUeuQyGvsy6uZRvb23pgMlInPJm7nkwdLgfjHXky3bzsznSSKXSexgqlu7mAgyEOHRYtuDESKErhIoN_-SYa1s8P_sgRRwRGFbt2BBoGkui31rtA7qDgEMJk3InBc4oLoSSe_PE3RT4zax5GdFnVzSP0utNi6MlnalJzhf2IzcbcYII6jImJlF07X5w0O4rtAhdTTbopA9uRh1EHz6OgaHLLbwUJAhp_ffITrmvsZZGz3J6EREQHhqhA8u8kxXKa3IqY-RWtFXiXFKwqXCtMNDNwALXT02__jKQogyLe7o5INmXLiHD6yoXYvZ_cDmp1Oyef4leeOaPyTbiVX0WlSKRm6sK5F-EWgHt940DKMlBbf7xHpFyjQ HTTP 302
  • https://xml.sedodna.com/click?i=4OYIh1Zlf1M_0 HTTP 302
  • https://ernus-dop.com/zclkvisitor/1a2e1954-ad37-11ef-9254-0affdae274bf/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=1a3a4e52-ad37-11ef-9254-0affdae274bf
Request Chain 5
  • https://ernus-dop.com/zclkredirect?visitid=1a2e1954-ad37-11ef-9254-0affdae274bf&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
  • https://so-gre8.net/r/p4kW_M4HogvN-3PqArohx9XZBdsqVV_vy0xaiPFD_iaxz5i6kme1XnSiPyB7rE1hioAyRZX_39Q7-k9gKI2UzfcBGDCgbtiji3TrIE4k0yv544B0te5at-6eClkf5xtz4_zQVsFIoNe23ST5W_Ssy_tsTqLphEsGdI7FPL7UwwItech732KWPOtmZdvz9wjq3Es7Y1TYPnJGk0VpfjAQbeU3lwR4m6_JieNSuYOjpd9AEycA2soPMtkcHnM3N5TmPzA5WFJPnV3wPuLvPAy3m70eaTTjxd_rCGziyxyanp9lbZyDE1wNQ8MMgIEgOY6tHl9pSsAGYEojCHM92_xS2sffacXc0i5AdygJy0WPH65SNcYv5iJSFuMBO7lP45rboqbWdr21Pf3fOlrp98pVb46MhN9Lwd3_Y4YOBLlNjZym-cEZkt72BzqmZoaVG7A_ZMLZDfsGmbslmJQsTtvylhF1VgKIGIDbhR1HpQ HTTP 302
  • https://user-agent.trafficdecisions.com/okay/?d=okay&t=2 HTTP 302
  • https://go.c0nect.com/?t=3
Request Chain 11
  • http://ww2.marabouinternational.com/ HTTP 307
  • https://ww2.marabouinternational.com/

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
ww1.securestratum.co/
3 KB
2 KB
Document
General
Full URL
https://ww1.securestratum.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.190.63.136 , Germany, ASN47846 (SEDO-AS SEDO GmbH, DE),
Reverse DNS
Software
Parking/1.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 28 Nov 2024 03:16:07 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Thu, 28 Nov 2024 03:16:04 GMT
pragma
no-cache
server
Parking/1.0
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_ltFDrgtLNQpkzi8I4pJvqXegg+qZI/hqsX6II3WPAG8A7HzmBgXc77xpBxy5XVtJz/doNBWsXkFyRhZfoWyVsQ==
x-cache-miss-from
parking-7ffff5845f-h56ch
js_preloader.gif
ww1.securestratum.co/img.sedoparking.com/images/
0
19 B
Image
General
Full URL
https://ww1.securestratum.co/img.sedoparking.com/images/js_preloader.gif
Requested by
Host: ww1.securestratum.co
URL: https://ww1.securestratum.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.190.63.136 , Germany, ASN47846 (SEDO-AS SEDO GmbH, DE),
Reverse DNS
Software
Parking/1.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ww1.securestratum.co/

Response headers

date
Thu, 28 Nov 2024 03:16:07 GMT
server
Parking/1.0
content-length
0
tsc.php
ww1.securestratum.co/search/
0
35 B
XHR
General
Full URL
https://ww1.securestratum.co/search/tsc.php?ses=ogcba5A0KJik73iniu8NkWXtPUcEf2PfMSac_SDUFMz8N4QdNH8wrBPxePsE-v6IQIhmV5dSPsaB6d9WCrm_u25BvxCA6F9nlyCl3nkvG0u8ofobLbBVl1kL8APfCry3V_9hcfuv3IiDislcoanwy3IuQj7WnL84JOJO81-DvK98qndrcsjY1crJXqcbwR4KuWQwLdnC01bhxejT3FXG1oCsn6KQ126cNUlUGvNGnNCT3TkivhS-n3_n7F40Oz5TSRg00Db1MAzv1U6uZTo7MelVU5LyeAAcIe0940na2gRwEBLYrlqgch6F9bN4HQkv7s0WGC_JqDYCIJfibdnInzZVTe3bFiuzDZIw0kKeIzWHEH_ZwaeMyDZ26of0jpF&cv=2
Requested by
Host: ww1.securestratum.co
URL: https://ww1.securestratum.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.190.63.136 , Germany, ASN47846 (SEDO-AS SEDO GmbH, DE),
Reverse DNS
Software
Parking/1.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ww1.securestratum.co/

Response headers

x-cache-miss-from
parking-7ffff5845f-5wfp4
content-length
0
date
Thu, 28 Nov 2024 03:16:07 GMT
content-type
text/html; charset=UTF-8
server
Parking/1.0
sedo_logo.png
img.sedoparking.com/templates/logos/
0
0

9232f590-d991-493f-b95d-d38c0c6cdd28
ernus-dop.com/zclkvisitor/1a2e1954-ad37-11ef-9254-0affdae274bf/
Redirect Chain
  • https://ww1.securestratum.co/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D4OYIh1Zlf1M_0&v=MmE1MDQ3NTE5MWNmYTJiZjQzZDcwMDI0Y2Q0ZWZjNGQJMQl3dzEuc2VjdXJlc3RyYXR1bS5jbzY3NDdlMDc0Nj...
  • https://ww1.securestratum.co/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3D4OYIh1Zlf1M_0&v=MmE1MDQ3NTE5MWNmYTJiZjQzZDcwMDI0Y2Q0ZWZjNGQJMQl3dzEuc2VjdXJlc3RyYXR1bS5jbzY3NDdlMDc0Nj...
  • https://xml.sedodna.com/click?i=4OYIh1Zlf1M_0
  • https://ernus-dop.com/zclkvisitor/1a2e1954-ad37-11ef-9254-0affdae274bf/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=1a3a4e52-ad37-11ef-9254-0affdae274bf
3 KB
3 KB
Document
General
Full URL
https://ernus-dop.com/zclkvisitor/1a2e1954-ad37-11ef-9254-0affdae274bf/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=1a3a4e52-ad37-11ef-9254-0affdae274bf
Requested by
Host: ww1.securestratum.co
URL: https://ww1.securestratum.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.7.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-7-206.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://ww1.securestratum.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Thu, 28 Nov 2024 03:16:08 GMT

Redirect headers

Cache-Control
no-store
Connection
keep-alive
Content-Length
0
Date
Thu, 28 Nov 2024 03:16:08 GMT
Location
https://ernus-dop.com/zclkvisitor/1a2e1954-ad37-11ef-9254-0affdae274bf/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=1a3a4e52-ad37-11ef-9254-0affdae274bf
Server
nginx
/
go.c0nect.com/
Redirect Chain
  • https://ernus-dop.com/zclkredirect?visitid=1a2e1954-ad37-11ef-9254-0affdae274bf&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
  • https://so-gre8.net/r/p4kW_M4HogvN-3PqArohx9XZBdsqVV_vy0xaiPFD_iaxz5i6kme1XnSiPyB7rE1hioAyRZX_39Q7-k9gKI2UzfcBGDCgbtiji3TrIE4k0yv544B0te5at-6eClkf5xtz4_zQVsFIoNe23ST5W_Ssy_tsTqLphEsGdI7FPL7UwwItech...
  • https://user-agent.trafficdecisions.com/okay/?d=okay&t=2
  • https://go.c0nect.com/?t=3
804 B
780 B
Document
General
Full URL
https://go.c0nect.com/?t=3
Requested by
Host: ernus-dop.com
URL: https://ernus-dop.com/zclkvisitor/1a2e1954-ad37-11ef-9254-0affdae274bf/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=1a3a4e52-ad37-11ef-9254-0affdae274bf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c7ac0c27a8977d9bc6458e984fd57c19aae5f7dffda9e8d90f8bc20a6a6fbbb

Request headers

Referer
https://ernus-dop.com/zclkvisitor/1a2e1954-ad37-11ef-9254-0affdae274bf/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=1a3a4e52-ad37-11ef-9254-0affdae274bf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8e97329309f60f70-EWR
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 28 Nov 2024 03:16:08 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8e9732923d958c06-EWR
content-length
143
content-type
text/html
date
Thu, 28 Nov 2024 03:16:08 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
location
https://go.c0nect.com/?t=3
server
cloudflare
vary
Accept-Encoding
favicon.ico
go.c0nect.com/
5 B
128 B
Other
General
Full URL
https://go.c0nect.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a0e8c17ebb21a11f8a25b8042786ef7efe52441e6cc87e92c67e0c4c0c6e78

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-ray
8e973293dac70f70-EWR
alt-svc
h3=":443"; ma=86400
content-length
5
date
Thu, 28 Nov 2024 03:16:08 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
/
go.c0nect.com/
401 B
329 B
Document
General
Full URL
https://go.c0nect.com/?d=undefined&t=3-post&8s4n53_source=1732763768819&8s4n53_domain=http://marabouinternational.com?utm_source=google
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
null
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8e9732949c030f70-EWR
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 28 Nov 2024 03:16:09 GMT
server
cloudflare
vary
Accept-Encoding
Primary Request /
marabouinternational.com/
Redirect Chain
  • http://marabouinternational.com/?utm_source=google
  • https://marabouinternational.com/?utm_source=google
593 B
606 B
Document
General
Full URL
https://marabouinternational.com/?utm_source=google
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.225.91.73 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30

Request headers

Referer
https://go.c0nect.com/?d=undefined&t=3-post&8s4n53_source=1732763768819&8s4n53_domain=http://marabouinternational.com?utm_source=google
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 28 Nov 2024 03:16:09 GMT
ETag
W/"63f68860-251"
Last-Modified
Wed, 22 Feb 2023 21:25:52 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Location
https://marabouinternational.com/?utm_source=google
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
go.c0nect.com/
5 B
128 B
Other
General
Full URL
https://go.c0nect.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e0e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-ray
8e9732952cad0f70-EWR
alt-svc
h3=":443"; ma=86400
content-length
5
date
Thu, 28 Nov 2024 03:16:09 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
/
domaincntrol.com/
37 B
355 B
Fetch
General
Full URL
https://domaincntrol.com/?orighost=https://marabouinternational.com/?utm_source=google
Requested by
Host: marabouinternational.com
URL: https://marabouinternational.com/?utm_source=google
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1b2d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34c5eaf2a148709fd5c94409bdf0d28a016c4630a501db877160d96fd2bea481

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://marabouinternational.com/

Response headers

x_details
{"destination":"sedo","orighost":"marabouinternational.com","type":"arb","finalurl":"http://ww2.marabouinternational.com","browser":"chrome","os":"linux","country":"US","device":"desktop","isbot":false,"botscore":99}
cf-ray
8e973298ab74425b-EWR
access-control-allow-origin
*
content-length
37
date
Thu, 28 Nov 2024 03:16:09 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
favicon.ico
marabouinternational.com/
593 B
606 B
Other
General
Full URL
https://marabouinternational.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.225.91.73 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7392749832c70fcfc2d440d7afc2f880000dd564930d95d634eb1199fa15de30

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://marabouinternational.com/?utm_source=google

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"63f68860-251"
Connection
keep-alive
Date
Thu, 28 Nov 2024 03:16:09 GMT
Content-Type
text/html
Last-Modified
Wed, 22 Feb 2023 21:25:52 GMT
Server
nginx/1.18.0 (Ubuntu)
/
ww2.marabouinternational.com/
Redirect Chain
  • http://ww2.marabouinternational.com/
  • https://ww2.marabouinternational.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img.sedoparking.com
URL
https://img.sedoparking.com/templates/logos/sedo_logo.png
Domain
ww2.marabouinternational.com
URL
https://ww2.marabouinternational.com/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.trafficdecisions.com/ Name: __cf_bm
Value: Xl2195Z0Ow45Q8h.Ovmz2aDq9l4SzCKJL_1oW3rlZo0-1732763768-1.0.1.1-gVNdj_jnZ2TW1JGaQfoN4bz9.FjJgfO35cUqlKgEWFX9wfzJfoyuK4IwVWZg.uc8xHFuH8hrr8XHWMphJIMvYQ
.c0nect.com/ Name: __cf_bm
Value: L3ETpkjyabIBUd1b3WMlR6qNxJjmYJ.o3Jle.nuqoAY-1732763768-1.0.1.1-BeVyrUpKcEVGqfSXN2wZmrMViIb2DZSzW5EkaUO.aSmzzDy6yvozVvsxIVlVzDJyGqXKbzO5ytNJ2t4I23PCgQ

2 Console Messages

Source Level URL
Text
network error URL: https://ww1.securestratum.co/img.sedoparking.com/images/js_preloader.gif
Message:
Failed to load resource: the server responded with a status of 441 ()
rendering warning URL: https://ernus-dop.com/zclkvisitor/1a2e1954-ad37-11ef-9254-0affdae274bf/9232f590-d991-493f-b95d-d38c0c6cdd28?campaignid=1a3a4e52-ad37-11ef-9254-0affdae274bf
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0103F154C1A0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.