date-her-now.xyz Open in urlscan Pro
52.28.41.225 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://avtomir04.ru/YXB0dXJAaG90bWFpbC5jb20=
Effective URL:
https://date-her-now.xyz/jump?tds_campaign=p1165zad&tds_id=p1165zad_jump_a_574428011274&tds_oid=23775&tds_cid=a0093c707b4...
Submission: On December 03 via manual (December 3rd 2019, 1:28:47 am UTC) from MX

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 50 HTTP transactions. The main IP is 52.28.41.225, located in Frankfurt am Main, Germany and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is date-her-now.xyz.
TLS certificate: Issued by Amazon on June 5th 2019. Valid for: a year.

This is the only time date-her-now.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	92.63.192.151 92.63.192.151	47981 (FOPSERVER) (FOPSERVER)
2 10	52.28.41.225 52.28.41.225	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	52.29.68.89 52.29.68.89	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
8	2600:9000:215... 2600:9000:2156:fe00:a:cd44:7f80:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
11	18.196.70.125 18.196.70.125	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
50	9

12 92.63.192.151 (Russian Federation)

ASN47981 (FOPSERVER, UA)

avtomir04.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.28.41.225 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-28-41-225.eu-central-1.compute.amazonaws.com

date-her-now.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.68.89 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-68-89.eu-central-1.compute.amazonaws.com

retargetcore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2156:fe00:a:cd44:7f80:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

www.cdnreference.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.196.70.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-70-125.eu-central-1.compute.amazonaws.com

uf.noclef.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	avtomir04.ru avtomir04.ru	190 KB
11	noclef.com uf.noclef.com Failed	7 KB
10	date-her-now.xyz 2 redirects date-her-now.xyz	22 KB
8	cdnreference.com www.cdnreference.com	226 KB
3	gstatic.com fonts.gstatic.com	33 KB
3	retargetcore.com retargetcore.com	3 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	googletagmanager.com www.googletagmanager.com	24 KB
50	8

	Domain	Requested by
12	avtomir04.ru	avtomir04.ru
11	uf.noclef.com	date-her-now.xyz retargetcore.com uf.noclef.com
10	date-her-now.xyz	2 redirects avtomir04.ru date-her-now.xyz retargetcore.com
8	www.cdnreference.com	date-her-now.xyz
3	fonts.gstatic.com	date-her-now.xyz
3	retargetcore.com	date-her-now.xyz www.cdnreference.com
2	fonts.googleapis.com	date-her-now.xyz
1	www.googletagmanager.com	date-her-now.xyz
50	8

This site contains no links.

Subject Issuer	Validity	Valid
date-her-now.xyz Amazon	`2019-06-05` - `2020-07-05`	a year	crt.sh
retargetcore.com Amazon	`2019-06-05` - `2020-07-05`	a year	crt.sh
cdnreference.com Amazon	`2019-06-06` - `2020-07-06`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
noclef.com Amazon	`2019-01-09` - `2020-02-09`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://date-her-now.xyz/jump?tds_campaign=p1165zad&tds_id=p1165zad_jump_a_574428011274&tds_oid=23775&tds_cid=a0093c707b40155daa3490c0fd9bfd25c44e7ea1&tds_host=date-her-now.xyz&dci=03047554eb4f9e4b9dc49b9ccf5f70fecb1dee4f&id=23775&utm_campaign=9741b68b&utm_source=int&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&_tgUrl=aHR0cHM6Ly9kYXRlLWhlci1ub3cueHl6L3Rkcy9jcGE%2FaWQ9MjM3NzUmZGNpPTAzMDQ3NTU0ZWI0ZjllNGI5ZGM0OWI5Y2NmNWY3MGZlY2IxZGVlNGYmdGRzX2hvc3Q9ZGF0ZS1oZXItbm93Lnh5eiZ0ZHNJZD1wMTE2NXphZF90ZHNfc2l0ZV9ncm91cF9hXzU3NDQyODAxMTI3NCZ0ZHNfY2FtcGFpZ249cDExNjV6YWQmdXRtX3NvdXJjZT1pbnQmdXRtX2NhbXBhaWduPTk3NDFiNjhiJnV0bV9jb250ZW50PSU3QnV0bV9jb250ZW50JTdEJmRhdGEyPSU3QmRhdGEyJTdEJnV0bV9zdWI9b3BuZm5sJm09cHMmdGRzX2lkPXAxMTY1emFkX2p1bXBfYV81NzQ0MjgwMTEyNzQmdGRzX29pZD0yMzc3NSZ0ZHNfY2lkPWEwMDkzYzcwN2I0MDE1NWRhYTM0OTBjMGZkOWJmZDI1YzQ0ZTdlYTEmcF90ZHNfY2lkPWQyNGVjNmVlNDQ2NTMxNjljOGQ3YzdmODg5ZDk3YTdmZTQ2ODkxYzUmdGRzX3JlYXNvbj1kaXJlY3QmdGRzX3NwbGl0PWE%3D&tds_rt=
Frame ID: 08A83BC8B361E4B04CD607AF2EF7F89E
Requests: 47 HTTP requests in this frame

Frame: https://uf.noclef.com/c_js/rtSlot/init?event=jumpVisit0Sec
Frame ID: F5A8EEAFE05FF4204733920C7C177CB4
Requests: 1 HTTP requests in this frame

Frame: https://uf.noclef.com/c_js/rtSlot/init?event=complVisit0Sec
Frame ID: DA38889D86BCC12472513BD1FBD8FBA0
Requests: 1 HTTP requests in this frame

Frame: https://uf.noclef.com/c_js/rtSlot/init?event=jumpVisit10Sec
Frame ID: AC642E4D4648BB4228F8DBFF9072450F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://avtomir04.ru/YXB0dXJAaG90bWFpbC5jb20= Page URL
https://date-her-now.xyz/tds/cpa?tdsId=p3957zhu_r&tds_campaign=p3957zhu&utm_source=int&utm_campaign=9... HTTP 302
https://date-her-now.xyz/fg/s/82230d4e9397fa0a0402daa305db7233?utm_campaign=9741b68b&utm_source=int&t... Page URL
https://date-her-now.xyz/fg/tds/cpa?utm_campaign=9741b68b&utm_source=int&tds_campaign=p3957zhu&tds_ci... HTTP 302
https://date-her-now.xyz/jump?tds_campaign=p1165zad&tds_id=p1165zad_jump_a_574428011274&tds_oid=23775... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

50
Requests

72 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

504 kB
Transfer

851 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://avtomir04.ru/YXB0dXJAaG90bWFpbC5jb20= Page URL
https://date-her-now.xyz/tds/cpa?tdsId=p3957zhu_r&tds_campaign=p3957zhu&utm_source=int&utm_campaign=9741b68b&utm_content={utm_content}&data2={data2}&utm_sub=opnfnl&m=ps HTTP 302
https://date-her-now.xyz/fg/s/82230d4e9397fa0a0402daa305db7233?utm_campaign=9741b68b&utm_source=int&tds_campaign=p3957zhu&tds_cid=d24ec6ee44653169c8d7c7f889d97a7fe46891c5&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1575336508456&__l=60&tds_id=p3957zhu_r&tds_oid=a Page URL
https://date-her-now.xyz/fg/tds/cpa?utm_campaign=9741b68b&utm_source=int&tds_campaign=p3957zhu&tds_cid=d24ec6ee44653169c8d7c7f889d97a7fe46891c5&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&tds_id=p3957zhu_r&tds_oid=a&dci=03047554eb4f9e4b9dc49b9ccf5f70fecb1dee4f&tds_host=date-her-now.xyz&tdsId=p3957zhu_targeting_a&utm_sub=opnfnl&m=ps&p_tds_cid=&tds_reason=direct HTTP 302
https://date-her-now.xyz/jump?tds_campaign=p1165zad&tds_id=p1165zad_jump_a_574428011274&tds_oid=23775&tds_cid=a0093c707b40155daa3490c0fd9bfd25c44e7ea1&tds_host=date-her-now.xyz&dci=03047554eb4f9e4b9dc49b9ccf5f70fecb1dee4f&id=23775&utm_campaign=9741b68b&utm_source=int&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&_tgUrl=aHR0cHM6Ly9kYXRlLWhlci1ub3cueHl6L3Rkcy9jcGE%2FaWQ9MjM3NzUmZGNpPTAzMDQ3NTU0ZWI0ZjllNGI5ZGM0OWI5Y2NmNWY3MGZlY2IxZGVlNGYmdGRzX2hvc3Q9ZGF0ZS1oZXItbm93Lnh5eiZ0ZHNJZD1wMTE2NXphZF90ZHNfc2l0ZV9ncm91cF9hXzU3NDQyODAxMTI3NCZ0ZHNfY2FtcGFpZ249cDExNjV6YWQmdXRtX3NvdXJjZT1pbnQmdXRtX2NhbXBhaWduPTk3NDFiNjhiJnV0bV9jb250ZW50PSU3QnV0bV9jb250ZW50JTdEJmRhdGEyPSU3QmRhdGEyJTdEJnV0bV9zdWI9b3BuZm5sJm09cHMmdGRzX2lkPXAxMTY1emFkX2p1bXBfYV81NzQ0MjgwMTEyNzQmdGRzX29pZD0yMzc3NSZ0ZHNfY2lkPWEwMDkzYzcwN2I0MDE1NWRhYTM0OTBjMGZkOWJmZDI1YzQ0ZTdlYTEmcF90ZHNfY2lkPWQyNGVjNmVlNDQ2NTMxNjljOGQ3YzdmODg5ZDk3YTdmZTQ2ODkxYzUmdGRzX3JlYXNvbj1kaXJlY3QmdGRzX3NwbGl0PWE%3D&tds_rt= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://date-her-now.xyz/tds/cpa?tdsId=p3957zhu_r&tds_campaign=p3957zhu&utm_source=int&utm_campaign=9741b68b&utm_content={utm_content}&data2={data2}&utm_sub=opnfnl&m=ps HTTP 302
https://date-her-now.xyz/fg/s/82230d4e9397fa0a0402daa305db7233?utm_campaign=9741b68b&utm_source=int&tds_campaign=p3957zhu&tds_cid=d24ec6ee44653169c8d7c7f889d97a7fe46891c5&utm_content=%7Butm_content%7D&data2=%7Bdata2%7D&__t=1575336508456&__l=60&tds_id=p3957zhu_r&tds_oid=a

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK YXB0dXJAaG90bWFpbC5jb20= Show response
avtomir04.ru/ 2 KB
1 KB 322ms
108ms Document
text/html 92.63.192.151
FOPSERVER

General

Domain/Path	Expires	Name / Value
uf.noclef.com/	1970-01-19 05:55:46	Name: visitor_id Value: 5de5ba3d0b085b002c1ab938
date-her-now.xyz/	1970-01-19 05:45:41	Name: AWSALB Value: lEjbLRVywadwZ8wcdLaqaHt8BW2S3ofsVI4IbdKoOXD5Myw09qmtC0M1ndqMf5tav0QEcMl2N/cLufwswm/STEMee1I2J/HSOmcpyj5kVZ5c6E8GEENQt7JQucaZ
.date-her-now.xyz/	1970-01-19 14:21:12	Name: dci Value: 03047554eb4f9e4b9dc49b9ccf5f70fecb1dee4f

date-her-now.xyz Open in urlscan Pro 52.28.41.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

72 %HTTPS

50 %IPv6

8 Domains

8 Subdomains

9 IPs

3 Countries

504 kBTransfer

851 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

date-her-now.xyz Open in urlscan Pro
52.28.41.225 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

72 %
HTTPS

50 %
IPv6

8
Domains

8
Subdomains

9
IPs

3
Countries

504 kB
Transfer

851 kB
Size

3
Cookies

50 HTTP transactions
0 data transactions