ultra-deals.icu
Open in
urlscan Pro
2606:4700:3036::681c:9fa
Public Scan
Submission: On June 15 via automatic, source phishtank
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 26th 2020. Valid for: a year.
This is the only time ultra-deals.icu was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 2606:4700:303... 2606:4700:3036::681c:9fa | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::2003 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
ultra-deals.icu
ultra-deals.icu |
30 KB |
1 |
gstatic.com
fonts.gstatic.com |
16 KB |
4 | 2 |
Domain | Requested by | |
---|---|---|
3 | ultra-deals.icu |
ultra-deals.icu
|
1 | fonts.gstatic.com |
ultra-deals.icu
|
4 | 2 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-05-26 - 2021-05-26 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://ultra-deals.icu/ss/xx/en/s20p/?winner=210.213.81.226&cc=PH&trd=cvtrx.icu&pr=16&cep=WSJNNsKCQkt2iGXzGJrlxl9dLAOBdZbGwxdGl3diN3s7VsKJrtpal2Q3paDCGOsCrWyLhKVWJJ0D2O7J6vnDSp6k-f8Q6kW-X9Qf5DgW6QCX5Hv4X7fQ5053q5pS_dIfBGSIJhDqkW93-h3J8JAEhtZtroFc8gxPvs0e
Frame ID: 1A8DB6F9F7B7A1BE8093113B1E8B17A6
Requests: 4 HTTP requests in this frame
Screenshot
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Claim now!
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ultra-deals.icu/ss/xx/en/s20p/ |
17 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
ultra-deals.icu/ss/xx/en/s20p/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
galaxys20.png
ultra-deals.icu/ss/xx/en/s20p/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ODelI1aHBYDBqgeIAH2zlNV_2ngZ8dMf8fLgjYEouxg.woff2
fonts.gstatic.com/s/sourcesanspro/v11/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| q function| esc function| w object| ccMap string| cc string| countryName string| prize undefined| trd string| offerUrl function| Cookies2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ultra-deals.icu/ | Name: rv Value: 1 |
|
.ultra-deals.icu/ | Name: __cfduid Value: d4be005ac1a96e85fb938fb85b98954fa1592236289 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.gstatic.com
ultra-deals.icu
2606:4700:3036::681c:9fa
2a00:1450:4001:800::2003
092cd15431dfcd450f117efc55392560116bfde4e21e8009278c31b4f2de25a8
3d914f94143ef583e1b998ea7c02ef97fa3cea118316c294db01edb614f6816a
7d13cdbf95a35353242c74c1f23f7fd3fdc3bf30b51bab6a589252932e92ce3e
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2