URL: https://ultra-deals.icu/ss/xx/en/s20p/?winner=210.213.81.226&cc=PH&trd=cvtrx.icu&pr=16&cep=WSJNNsKCQkt2i...
Submission: On June 15 via automatic, source phishtank

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3036::681c:9fa, located in United States and belongs to CLOUDFLARENET, US. The main domain is ultra-deals.icu.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 26th 2020. Valid for: a year.
This is the only time ultra-deals.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2
Apex Domain
Subdomains
Transfer
3 ultra-deals.icu
ultra-deals.icu
30 KB
1 gstatic.com
fonts.gstatic.com
16 KB
4 2
Domain Requested by
3 ultra-deals.icu ultra-deals.icu
1 fonts.gstatic.com ultra-deals.icu
4 2

This site contains links to these domains. Also see Links.

Domain
bitly.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-05-26 -
2021-05-26
a year crt.sh
*.gstatic.com
GTS CA 1O1
2020-05-26 -
2020-08-18
3 months crt.sh

This page contains 1 frames:

Primary Page: https://ultra-deals.icu/ss/xx/en/s20p/?winner=210.213.81.226&cc=PH&trd=cvtrx.icu&pr=16&cep=WSJNNsKCQkt2iGXzGJrlxl9dLAOBdZbGwxdGl3diN3s7VsKJrtpal2Q3paDCGOsCrWyLhKVWJJ0D2O7J6vnDSp6k-f8Q6kW-X9Qf5DgW6QCX5Hv4X7fQ5053q5pS_dIfBGSIJhDqkW93-h3J8JAEhtZtroFc8gxPvs0e
Frame ID: 1A8DB6F9F7B7A1BE8093113B1E8B17A6
Requests: 4 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

4
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

46 kB
Transfer

55 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ultra-deals.icu/ss/xx/en/s20p/
17 KB
7 KB
Document
General
Full URL
https://ultra-deals.icu/ss/xx/en/s20p/?winner=210.213.81.226&cc=PH&trd=cvtrx.icu&pr=16&cep=WSJNNsKCQkt2iGXzGJrlxl9dLAOBdZbGwxdGl3diN3s7VsKJrtpal2Q3paDCGOsCrWyLhKVWJJ0D2O7J6vnDSp6k-f8Q6kW-X9Qf5DgW6QCX5Hv4X7fQ5053q5pS_dIfBGSIJhDqkW93-h3J8JAEhtZtroFc8gxPvs0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:9fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d13cdbf95a35353242c74c1f23f7fd3fdc3bf30b51bab6a589252932e92ce3e

Request headers

:method
GET
:authority
ultra-deals.icu
:scheme
https
:path
/ss/xx/en/s20p/?winner=210.213.81.226&cc=PH&trd=cvtrx.icu&pr=16&cep=WSJNNsKCQkt2iGXzGJrlxl9dLAOBdZbGwxdGl3diN3s7VsKJrtpal2Q3paDCGOsCrWyLhKVWJJ0D2O7J6vnDSp6k-f8Q6kW-X9Qf5DgW6QCX5Hv4X7fQ5053q5pS_dIfBGSIJhDqkW93-h3J8JAEhtZtroFc8gxPvs0e
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 15 Jun 2020 15:51:30 GMT
content-type
text/html
set-cookie
__cfduid=d4be005ac1a96e85fb938fb85b98954fa1592236289; expires=Wed, 15-Jul-20 15:51:29 GMT; path=/; domain=.ultra-deals.icu; HttpOnly; SameSite=Lax
last-modified
Sun, 10 May 2020 22:13:57 GMT
cf-cache-status
DYNAMIC
cf-request-id
035a46c75100000c59a99c2200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5a3d73ebbad40c59-AMS
content-encoding
br
logo.png
ultra-deals.icu/ss/xx/en/s20p/
3 KB
3 KB
Image
General
Full URL
https://ultra-deals.icu/ss/xx/en/s20p/logo.png
Requested by
Host: ultra-deals.icu
URL: https://ultra-deals.icu/ss/xx/en/s20p/?winner=210.213.81.226&cc=PH&trd=cvtrx.icu&pr=16&cep=WSJNNsKCQkt2iGXzGJrlxl9dLAOBdZbGwxdGl3diN3s7VsKJrtpal2Q3paDCGOsCrWyLhKVWJJ0D2O7J6vnDSp6k-f8Q6kW-X9Qf5DgW6QCX5Hv4X7fQ5053q5pS_dIfBGSIJhDqkW93-h3J8JAEhtZtroFc8gxPvs0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:9fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d914f94143ef583e1b998ea7c02ef97fa3cea118316c294db01edb614f6816a

Request headers

Referer
https://ultra-deals.icu/ss/xx/en/s20p/?winner=210.213.81.226&cc=PH&trd=cvtrx.icu&pr=16&cep=WSJNNsKCQkt2iGXzGJrlxl9dLAOBdZbGwxdGl3diN3s7VsKJrtpal2Q3paDCGOsCrWyLhKVWJJ0D2O7J6vnDSp6k-f8Q6kW-X9Qf5DgW6QCX5Hv4X7fQ5053q5pS_dIfBGSIJhDqkW93-h3J8JAEhtZtroFc8gxPvs0e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Jun 2020 15:51:30 GMT
cf-cache-status
HIT
last-modified
Tue, 28 Apr 2020 17:40:57 GMT
server
cloudflare
age
6644
etag
"5ea86aa9-a10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5a3d73ed2e6e0c59-AMS
content-length
2576
cf-request-id
035a46c83d00000c59a99cd200000001
galaxys20.png
ultra-deals.icu/ss/xx/en/s20p/
20 KB
20 KB
Image
General
Full URL
https://ultra-deals.icu/ss/xx/en/s20p/galaxys20.png
Requested by
Host: ultra-deals.icu
URL: https://ultra-deals.icu/ss/xx/en/s20p/?winner=210.213.81.226&cc=PH&trd=cvtrx.icu&pr=16&cep=WSJNNsKCQkt2iGXzGJrlxl9dLAOBdZbGwxdGl3diN3s7VsKJrtpal2Q3paDCGOsCrWyLhKVWJJ0D2O7J6vnDSp6k-f8Q6kW-X9Qf5DgW6QCX5Hv4X7fQ5053q5pS_dIfBGSIJhDqkW93-h3J8JAEhtZtroFc8gxPvs0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::681c:9fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
092cd15431dfcd450f117efc55392560116bfde4e21e8009278c31b4f2de25a8

Request headers

Referer
https://ultra-deals.icu/ss/xx/en/s20p/?winner=210.213.81.226&cc=PH&trd=cvtrx.icu&pr=16&cep=WSJNNsKCQkt2iGXzGJrlxl9dLAOBdZbGwxdGl3diN3s7VsKJrtpal2Q3paDCGOsCrWyLhKVWJJ0D2O7J6vnDSp6k-f8Q6kW-X9Qf5DgW6QCX5Hv4X7fQ5053q5pS_dIfBGSIJhDqkW93-h3J8JAEhtZtroFc8gxPvs0e
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Jun 2020 15:51:30 GMT
cf-cache-status
HIT
last-modified
Tue, 28 Apr 2020 17:40:57 GMT
server
cloudflare
age
2606
etag
"5ea86aa9-514a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
5a3d73ed2e710c59-AMS
content-length
20810
cf-request-id
035a46c83d00000c59a99ce200000001
ODelI1aHBYDBqgeIAH2zlNV_2ngZ8dMf8fLgjYEouxg.woff2
fonts.gstatic.com/s/sourcesanspro/v11/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v11/ODelI1aHBYDBqgeIAH2zlNV_2ngZ8dMf8fLgjYEouxg.woff2
Requested by
Host: ultra-deals.icu
URL: https://ultra-deals.icu/ss/xx/en/s20p/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb992eae898417162c48b37712991d9ad8053c4a64fce51aff195edc69dc35f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://ultra-deals.icu/ss/xx/en/s20p/?winner=210.213.81.226&cc=PH&trd=cvtrx.icu&pr=16&cep=WSJNNsKCQkt2iGXzGJrlxl9dLAOBdZbGwxdGl3diN3s7VsKJrtpal2Q3paDCGOsCrWyLhKVWJJ0D2O7J6vnDSp6k-f8Q6kW-X9Qf5DgW6QCX5Hv4X7fQ5053q5pS_dIfBGSIJhDqkW93-h3J8JAEhtZtroFc8gxPvs0e
Origin
https://ultra-deals.icu

Response headers

date
Wed, 10 Jun 2020 18:20:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:26:03 GMT
server
sffe
age
423045
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15908
x-xss-protection
0
expires
Thu, 10 Jun 2021 18:20:45 GMT

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| q function| esc function| w object| ccMap string| cc string| countryName string| prize undefined| trd string| offerUrl function| Cookies

2 Cookies

Domain/Path Name / Value
.ultra-deals.icu/ Name: rv
Value: 1
.ultra-deals.icu/ Name: __cfduid
Value: d4be005ac1a96e85fb938fb85b98954fa1592236289