cd-down.com - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 3 HTTP transactions. The main IP is 2a05:d018:483:6130:c386:82c4:1a2d:b043, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is cd-down.com.

This is the only time cd-down.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.8.176.120 185.8.176.120	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1 2	2a05:d018:483... 2a05:d018:483:6130:c386:82c4:1a2d:b043	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:483... 2a05:d018:483:6120:813f:12dd:7e10:98e6	16509 (AMAZON-02) (AMAZON-02)
1 1	185.177.92.54 185.177.92.54	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	52.210.174.128 52.210.174.128	16509 (AMAZON-02) (AMAZON-02)
3	3

1 185.8.176.120 (Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: prod-vip.eu-nl.waf

gg.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:483:6130:c386:82c4:1a2d:b043 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

cd-down.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:483:6120:813f:12dd:7e10:98e6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

gdmconvtrck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.92.54 (Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

r.camsads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.174.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-174-128.eu-west-1.compute.amazonaws.com

cam4com.go2cloud.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	cd-down.com 1 redirects cd-down.com	6 KB
1	go2cloud.org cam4com.go2cloud.org	430 B
1	camsads.com 1 redirects r.camsads.com	303 B
1	gdmconvtrck.com gdmconvtrck.com	1 KB
1	gg.gg 1 redirects gg.gg	1 KB
3	5

	Domain	Requested by
2	cd-down.com	1 redirects
1	cam4com.go2cloud.org	gdmconvtrck.com
1	r.camsads.com	1 redirects
1	gdmconvtrck.com	cd-down.com
1	gg.gg	1 redirects
3	5

This site contains no links.

Subject Issuer	Validity	Valid
*.go2cloud.org Amazon	`2020-05-20` - `2021-06-20`	a year	crt.sh

This page contains 1 frames:

Frame: https://cam4com.go2cloud.org/aff_c?offer_id=15&aff_id=1541&aff_sub2=81&aff_click_id=13426754&utm_term=b25f0586169c4fe4b930aae30390c4c113a16&utm_source=60219
Frame ID: DE3152EEAD5CD3E44CC3107096BEA4F9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://gg.gg/jhigc HTTP 301
http://cd-down.com/?a=60219&c=218333&s1=80406-BENJO Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

3
Requests

33 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

3 kB
Transfer

3 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gg.gg/jhigc HTTP 301
http://cd-down.com/?a=60219&c=218333&s1=80406-BENJO Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://cd-down.com/?a=60219&c=218333&oc=107639&sr=t&s1=80406-BENJO&vt=1593223663046&h=eeaa999236a2017b9cf1ea2aba44026e5fb02577&req=http%3A%2F%2Fcd-down.com%2F%3Fa%3D60219%26c%3D218333%26s1%3D80406-BENJO&us=9fa1edcb343841c98b1a024c6321be8b HTTP 302
https://r.camsads.com/go232?utm_term=b25f0586169c4fe4b930aae30390c4c113a16&utm_source=60219 HTTP 302
https://cam4com.go2cloud.org/aff_c?offer_id=15&aff_id=1541&aff_sub2=81&aff_click_id=13426754&utm_term=b25f0586169c4fe4b930aae30390c4c113a16&utm_source=60219

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response cd-down.com/ Redirect Chain http://gg.gg/jhigc http://cd-down.com/?a=60219&c=218333&s1=80406-BENJO	2 KB 1 KB	95ms 32ms	Document text/html	2a05:d018:483:6130:c386:82c4:1a2d:b043 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://cd-down.com/?a=60219&c=218333&s1=80406-BENJO Protocol HTTP/1.1 Server 2a05:d018:483:6130:c386:82c4:1a2d:b043 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash `1d7c342b6f54c82006f29200c28c39396a74654be0ea4327b55ee5a806ee3e84` Request headers Host cd-down.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Sat, 27 Jun 2020 02:07:43 GMT Content-Type text/html;charset=utf-8 Transfer-Encoding chunked Connection keep-alive Server nginx Vary Accept-Encoding Cache-Control no-cache, must-revalidate Pragma no-cache Expires Sat, 1 May 2020 12:00:00 GMT Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob Content-Encoding gzip Redirect headers Cache-Control no-store, no-cache, must-revalidate post-check=0, pre-check=0 Content-Type text/html; charset=UTF-8 Date Sat, 27 Jun 2020 02:07:42 GMT Expires Mon, 26 Jul 1997 05:00:00 GMT Last-Modified Sat, 27 Jun 2020 02:07:42 GMT Location http://cd-down.com/?a=60219&c=218333&s1=80406-BENJO Pragma no-cache Referrer-Policy same-origin Set-Cookie SWAFS=eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJfIjoiZ2cuZ2cxODUuMjIwLjcwLjY4In0.c5XAvHomEt4T51fheFI83sLkf1VcuH8qIQXQ6SjRSwUSFJt5O7Rc13LmFxH27SH6-M4mscIle5qVCPo1mS7nEQ; Path=/; Expires=Sun, 28 Jun 2020 02:07:42 GMT; HttpOnly XWAFLB=55a0bb239f8325479f781c87fa25f493; Path=/; Expires=Sat, 27 Jun 2020 02:22:42 GMT; HttpOnly ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%2239686da70d244591bb96cd6d6c059c1b%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A13%3A%22185.220.70.68%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A120%3A%22Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F83.0.4103.61+Safari%2F537.36%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1593223662%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7D9d23bf04db580eafa5bb95a5aed0395d; expires=Sat, 27-Jun-2020 04:07:42 GMT; path=/ gg_token=f474e7682b481c07d6a423a84ed0be015ef6a9eeea6493.37604425; expires=Fri, 25-Sep-2020 02:07:42 GMT; path=/; domain=.gg.gg X-Content-Type-Options nosniff X-Waf-Req-Id 8e76a90a-5a2f-44f0-8ca9-79877e2faa5a-1792020 Content-Length 0
GET H/1.1	200 OK	user Show response gdmconvtrck.com/	1 KB 1 KB	88ms 30ms	Script text/javascript	2a05:d018:483:6120:813f:12dd:7e10:98e6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://gdmconvtrck.com/user?a=60219&c=218333 Requested by Host: cd-down.com URL: http://cd-down.com/?a=60219&c=218333&s1=80406-BENJO Protocol HTTP/1.1 Server 2a05:d018:483:6120:813f:12dd:7e10:98e6 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash `ea81fba31d664714120b56fc2df5b31e52f27e9fbb984d9fcbcc3b4e8b26ca92` Request headers Referer http://cd-down.com/?a=60219&c=218333&s1=80406-BENJO User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Sat, 27 Jun 2020 02:07:43 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding Access-Control-Allow-Methods GET, POST, PUT, DELETE, OPTIONS Content-Type text/javascript;charset=utf-8 Access-Control-Allow-Origin , Cache-Control no-cache, must-revalidate Transfer-Encoding chunked Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Headers Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With,X-Auth,Pasha-Jlob Expires Sat, 1 May 2020 12:00:00 GMT
GET H/1.1	200 OK	aff_c Show response cam4com.go2cloud.org/ Redirect Chain http://cd-down.com/?a=60219&c=218333&oc=107639&sr=t&s1=80406-BENJO&vt=1593223663046&h=eeaa999236a2017b9cf1ea2aba44026e5fb02577&req=http%3A%2F%2Fcd-down.com%2F%3Fa%3D60219%26c%3D218333%26s1%3D80406-... https://r.camsads.com/go232?utm_term=b25f0586169c4fe4b930aae30390c4c113a16&utm_source=60219 https://cam4com.go2cloud.org/aff_c?offer_id=15&aff_id=1541&aff_sub2=81&aff_click_id=13426754&utm_term=b25f0586169c4fe4b930aae30390c4c113a16&utm_source=60219	0 430 B	138ms 31ms	Document text/plain	52.210.174.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cam4com.go2cloud.org/aff_c?offer_id=15&aff_id=1541&aff_sub2=81&aff_click_id=13426754&utm_term=b25f0586169c4fe4b930aae30390c4c113a16&utm_source=60219 Requested by Host: gdmconvtrck.com URL: http://gdmconvtrck.com/user?a=60219&c=218333 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.210.174.128 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-210-174-128.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Host cam4com.go2cloud.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer http://cd-down.com/?a=60219&c=218333&s1=80406-BENJO Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://cd-down.com/?a=60219&c=218333&s1=80406-BENJO Response headers Server nginx Date Sat, 27 Jun 2020 02:07:43 GMT Content-Length 0 Connection keep-alive Expires Sat, 26 Jul 1997 05:00:00 GMT Pragma no-cache Cache-Control no-cache, no-store, must-revalidate X-Robots-Tag noindex, nofollow tracking_id 1022c7ff4dff3ecbc85b128481db1a Access-Control-Allow-Origin * X-Request-Id 72b4cafb8acb07e93cfc330efa908221 Access-Control-Allow-Headers Tune-SDK-Version Redirect headers status 302 server nginx date Sat, 27 Jun 2020 02:07:43 GMT content-type text/html; charset=utf-8 location https://cam4com.go2cloud.org/aff_c?offer_id=15&aff_id=1541&aff_sub2=81&aff_click_id=13426754&utm_term=b25f0586169c4fe4b930aae30390c4c113a16&utm_source=60219 set-cookie tds2=29; expires=Sat, 27-Jun-2020 02:17:43 GMT; Max-Age=600; path=/ site72=232; expires=Sun, 28-Jun-2020 02:07:43 GMT; Max-Age=86400; path=/

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cam4com.go2cloud.org
cd-down.com
gdmconvtrck.com
gg.gg
r.camsads.com
185.177.92.54
185.8.176.120
2a05:d018:483:6120:813f:12dd:7e10:98e6
2a05:d018:483:6130:c386:82c4:1a2d:b043
52.210.174.128
1d7c342b6f54c82006f29200c28c39396a74654be0ea4327b55ee5a806ee3e84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea81fba31d664714120b56fc2df5b31e52f27e9fbb984d9fcbcc3b4e8b26ca92

cd-down.com Open in urlscan Pro 2a05:d018:483:6130:c386:82c4:1a2d:b043 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

33 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

3 IPs

2 Countries

3 kBTransfer

3 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

cd-down.com Open in urlscan Pro
2a05:d018:483:6130:c386:82c4:1a2d:b043 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

33 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

3 kB
Transfer

3 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions