z3uwna0j.freeddns.com Open in urlscan Pro
185.104.249.47 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://z3uwna0j.freeddns.com/
Submission: On September 20 via manual (September 20th 2019, 2:59:36 pm UTC) from GB

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 14 domains to perform 16 HTTP transactions. The main IP is 185.104.249.47, located in Russian Federation and belongs to SUPERSERVERSDATACENTER, RU. The main domain is z3uwna0j.freeddns.com.

This is the only time z3uwna0j.freeddns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.104.249.47 185.104.249.47	50113 (SUPERSERV...) (SUPERSERVERSDATACENTER)
1	2606:4700:10:... 2606:4700:10::6814:1ff9	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1 1	37.60.244.138 37.60.244.138	32475 (SINGLEHOP...) (SINGLEHOP-LLC - SingleHop LLC)
1	104.27.168.68 104.27.168.68	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2 4	2606:4700:30:... 2606:4700:30::6812:3e1c	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	176.9.35.55 176.9.35.55	24940 (HETZNER-AS) (HETZNER-AS)
3	52.1.37.202 52.1.37.202	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	143.204.214.52 143.204.214.52	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	184.168.131.241 184.168.131.241	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1	45.40.182.129 45.40.182.129	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1	2.18.235.37 2.18.235.37	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 2	66.155.96.191 66.155.96.191	6640 (CENTURYLI...) (CENTURYLINK-TIER3-CLOUD - CenturyLink Communications)
1	199.19.89.1 199.19.89.1	54105 (SSM-NET) (SSM-NET - Second Street)
16	12

1 185.104.249.47 (Russian Federation)

ASN50113 (SUPERSERVERSDATACENTER, RU)
PTR: plovdiv.pro

z3uwna0j.freeddns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:1ff9 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

getbootstrap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.60.244.138 (Chicago, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: ip-37-60-244-138.siteground.com

www.mrsjanuary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.27.168.68 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

maplemoney.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:30::6812:3e1c (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

smartcanucks.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.35.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: qgrabs.com

qgrabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.1.37.202 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-1-37-202.compute-1.amazonaws.com

www.gosawa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.52 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-52.fra53.r.cloudfront.net

i1225.photobucket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.168.131.241 (Scottsdale, United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net

www.looniecoupons.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.40.182.129 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-45-40-182-129.ip.secureserver.net

looniecoupons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.37 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-235-37.deploy.static.akamaitechnologies.com

img.grouponcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.155.96.191 (Canada) 1 redirects

ASN6640 (CENTURYLINK-TIER3-CLOUD - CenturyLink Communications, LLC, US)
PTR: arc0001.ditcanada.net

www.yogenfruz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.19.89.1 (St Louis, United States)

ASN54105 (SSM-NET - Second Street, US)
PTR: 199-19-89-1.secondstreetmedia.com

eblastengine.upickem.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	smartcanucks.ca 2 redirects smartcanucks.ca	305 KB
3	gosawa.com www.gosawa.com	202 KB
2	yogenfruz.com 1 redirects www.yogenfruz.com	401 KB
2	fontawesome.com use.fontawesome.com	87 KB
1	upickem.net eblastengine.upickem.net	20 KB
1	grouponcdn.com img.grouponcdn.com	38 KB
1	looniecoupons.com looniecoupons.com	12 KB
1	looniecoupons.ca 1 redirects www.looniecoupons.ca	258 B
1	photobucket.com i1225.photobucket.com	8 KB
1	qgrabs.com qgrabs.com	169 KB
1	maplemoney.com maplemoney.com
1	mrsjanuary.com 1 redirects www.mrsjanuary.com	334 B
1	getbootstrap.com getbootstrap.com	21 KB
1	freeddns.com z3uwna0j.freeddns.com	7 KB
16	14

	Domain	Requested by
4	smartcanucks.ca	2 redirects z3uwna0j.freeddns.com
3	www.gosawa.com	z3uwna0j.freeddns.com
2	www.yogenfruz.com	1 redirects z3uwna0j.freeddns.com
2	use.fontawesome.com	z3uwna0j.freeddns.com
1	eblastengine.upickem.net	z3uwna0j.freeddns.com
1	img.grouponcdn.com	z3uwna0j.freeddns.com
1	looniecoupons.com	z3uwna0j.freeddns.com
1	www.looniecoupons.ca	1 redirects
1	i1225.photobucket.com	z3uwna0j.freeddns.com
1	qgrabs.com	z3uwna0j.freeddns.com
1	maplemoney.com	z3uwna0j.freeddns.com
1	www.mrsjanuary.com	1 redirects
1	getbootstrap.com	z3uwna0j.freeddns.com
1	z3uwna0j.freeddns.com
16	14

This site contains no links.

Subject Issuer	Validity	Valid
ssl516043.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-06-19` - `2019-12-26`	6 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2018-09-17` - `2019-11-21`	a year	crt.sh
sni98186.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-03` - `2020-03-11`	6 months	crt.sh
sni10887.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-04` - `2020-03-12`	6 months	crt.sh
qgrabs.com DigiCert SHA2 Secure Server CA	`2019-05-01` - `2021-07-30`	2 years	crt.sh
www.yogenfruz.com Thawte RSA CA 2018	`2018-10-02` - `2019-11-01`	a year	crt.sh
*.upickem.net Sectigo RSA Domain Validation Secure Server CA	`2019-01-24` - `2021-01-23`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://z3uwna0j.freeddns.com/
Frame ID: EA09A7B87FE85F58930CBC5CC6BF4DBC
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

16
Requests

56 %
HTTPS

14 %
IPv6

14
Domains

14
Subdomains

12
IPs

5
Countries

1269 kB
Transfer

1434 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://www.mrsjanuary.com/wp-content/uploads/2012/07/Yogen-Fruz-Canada-10-off.jpg HTTP 301
https://maplemoney.com/wp-content/uploads/2012/07/Yogen-Fruz-Canada-10-off.jpg

Request Chain 3

http://smartcanucks.ca/wp-content/uploads/2014/07/yogen-fruz.jpg HTTP 301
https://smartcanucks.ca/wp-content/uploads/2014/07/yogen-fruz.jpg

Request Chain 4

http://smartcanucks.ca/wp-content/uploads/2010/09/yogen_fruz_canada-500x220.jpg HTTP 301
https://smartcanucks.ca/wp-content/uploads/2010/09/yogen_fruz_canada-500x220.jpg

Request Chain 9

http://www.looniecoupons.ca/printablecoupons/Yogen-Fruz-Saskatoon.jpg HTTP 301
http://looniecoupons.com/printablecoupons/Yogen-Fruz-Saskatoon.jpg

Request Chain 12

http://www.yogenfruz.com/wp-content/uploads/yf.DateNight.2015.F1a-OL.jpg HTTP 301
https://www.yogenfruz.com/wp-content/uploads/yf.DateNight.2015.F1a-OL.jpg

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
z3uwna0j.freeddns.com/ 7 KB
7 KB 134ms
117ms Document
text/html 185.104.249.47
SUPERSERVERSDATAC...

General

Check archive.org

Show headers Download Go to

Full URL: http://z3uwna0j.freeddns.com/
Protocol: HTTP/1.1
Server: 185.104.249.47 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, RU),
Reverse DNS: plovdiv.pro
Software: nginx/1.15.12 /
Resource Hash: 04352642387a8d5157cd66a268634997e5dbab9eac3f6c409f430d1de91db694

Request headers

Host: z3uwna0j.freeddns.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx/1.15.12
Date: Fri, 20 Sep 2019 14:59:19 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 6694
Last-Modified: Wed, 22 May 2019 03:46:09 GMT
Connection: keep-alive
ETag: "5ce4c601-1a26"
Accept-Ranges: bytes

GET
H2 200 bootstrap.min.css
getbootstrap.com/docs/4.2/dist/css/ 150 KB
21 KB 54ms
20ms Stylesheet
text/css 2606:4700:10::6814:1ff9
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://getbootstrap.com/docs/4.2/dist/css/bootstrap.min.css

Requested by

Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:1ff9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://z3uwna0j.freeddns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 14:59:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8
status: 200
vary: Accept-Encoding
last-modified: Tue, 13 Aug 2019 22:04:29 GMT
server: cloudflare
x-github-request-id: CC5C:5E0B:2A834:3ABCC:5D5335B8
etag: W/"5d5333ed-2565e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 5194a99d486dcbc0-VIE
x-proxy-cache: HIT
expires: Fri, 20 Sep 2019 18:59:19 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ 54 KB
14 KB 78ms
35ms Stylesheet
text/css 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Sec-Fetch-Mode: cors
Referer: http://z3uwna0j.freeddns.com/
Origin: http://z3uwna0j.freeddns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 14:59:19 GMT
content-encoding: gzip
last-modified: Thu, 21 Mar 2019 21:31:35 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2

404

Yogen-Fruz-Canada-10-off.jpg
maplemoney.com/wp-content/uploads/2012/07/
Redirect Chain

http://www.mrsjanuary.com/wp-content/uploads/2012/07/Yogen-Fruz-Canada-10-off.jpg
https://maplemoney.com/wp-content/uploads/2012/07/Yogen-Fruz-Canada-10-off.jpg

0
0

95ms
34ms

Image
text/html

104.27.168.68
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maplemoney.com/wp-content/uploads/2012/07/Yogen-Fruz-Canada-10-off.jpg
Requested by: Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.168.68 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://z3uwna0j.freeddns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Date: Fri, 20 Sep 2019 14:59:19 GMT
Server: nginx
Content-Type: text/html; charset=iso-8859-1
Location: https://maplemoney.com/wp-content/uploads/2012/07/Yogen-Fruz-Canada-10-off.jpg
Connection: keep-alive
Host-Header: 624d5be7be38418a3e2a818cc8b7029b
Content-Length: 286
X-Proxy-Cache: MISS

GET
H2

200

yogen-fruz.jpg
smartcanucks.ca/wp-content/uploads/2014/07/
Redirect Chain

http://smartcanucks.ca/wp-content/uploads/2014/07/yogen-fruz.jpg
https://smartcanucks.ca/wp-content/uploads/2014/07/yogen-fruz.jpg

281 KB
281 KB

100ms
61ms

Image
image/jpeg

2606:4700:30::6812:3e1c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcanucks.ca/wp-content/uploads/2014/07/yogen-fruz.jpg
Requested by: Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:3e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e850766d8cdf7e2f15262cd776789456402953f11e51b917a716751ed155eda4

Request headers

Referer: http://z3uwna0j.freeddns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 14:59:19 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Jul 2016 14:19:00 GMT
server: cloudflare
age: 8
etag: "577bc1d4-4621e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 5194a99d8cdd8c68-VIE
content-length: 287262
expires: Fri, 27 Sep 2019 14:59:19 GMT

Redirect headers

Date: Fri, 20 Sep 2019 14:59:19 GMT
CF-Cache-Status: HIT
Server: cloudflare
Age: 8
Vary: Accept-Encoding
Content-Type: text/html
Location: https://smartcanucks.ca/wp-content/uploads/2014/07/yogen-fruz.jpg
Cache-Control: public, max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5194a99d28cdcb9c-VIE
Expires: Fri, 20 Sep 2019 15:29:19 GMT

GET
H2

200

yogen_fruz_canada-500x220.jpg
smartcanucks.ca/wp-content/uploads/2010/09/
Redirect Chain

http://smartcanucks.ca/wp-content/uploads/2010/09/yogen_fruz_canada-500x220.jpg
https://smartcanucks.ca/wp-content/uploads/2010/09/yogen_fruz_canada-500x220.jpg

23 KB
23 KB

94ms
60ms

Image
image/jpeg

2606:4700:30::6812:3e1c
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartcanucks.ca/wp-content/uploads/2010/09/yogen_fruz_canada-500x220.jpg
Requested by: Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:3e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e85c5d02f41e383ed6407abbe9971e580ea5632eb360f1e4193423900e1ca397

Request headers

Referer: http://z3uwna0j.freeddns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 14:59:19 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Jul 2016 14:12:14 GMT
server: cloudflare
age: 8
etag: "577bc03e-5b03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 5194a99d8cde8c68-VIE
content-length: 23299
expires: Fri, 27 Sep 2019 14:59:19 GMT

Redirect headers

Date: Fri, 20 Sep 2019 14:59:19 GMT
CF-Cache-Status: HIT
Server: cloudflare
Age: 8
Vary: Accept-Encoding
Content-Type: text/html
Location: https://smartcanucks.ca/wp-content/uploads/2010/09/yogen_fruz_canada-500x220.jpg
Cache-Control: public, max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5194a99d285a5a00-VIE
Expires: Fri, 20 Sep 2019 15:29:19 GMT

GET
H/1.1 200
OK main_440x440.png
qgrabs.com/media/a24b367c8d5f976e/ 168 KB
169 KB 112ms
48ms Image
image/png 176.9.35.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qgrabs.com/media/a24b367c8d5f976e/main_440x440.png
Requested by: Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.35.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: qgrabs.com
Software: nginx /
Resource Hash: ec6191c1f2565df44b4c1502eea30fe21230265a08736f7bc09c4bfbe9413981

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://z3uwna0j.freeddns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 20 Sep 2019 14:59:19 GMT
Last-Modified: Tue, 23 Apr 2013 11:02:10 GMT
Server: nginx
Connection: keep-alive
Content-Length: 172381
Alternate-Protocol: 443:npn-spdy/2
Content-Type: image/png

GET
H/1.1 200
OK aba41d5b1e9695685655bd6ef1fe5686.jpg
www.gosawa.com/storage/32000/857/ 61 KB
61 KB 219ms
201ms Image
image/jpeg 52.1.37.202
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gosawa.com/storage/32000/857/aba41d5b1e9695685655bd6ef1fe5686.jpg
Requested by: Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol: HTTP/1.1
Server: 52.1.37.202 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-1-37-202.compute-1.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 6f4eafab4c9e61a923e9a772ba1fdefb6d2707536d5be438d883dc85cd4b69ff

Request headers

Referer: http://z3uwna0j.freeddns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 20 Sep 2019 14:59:19 GMT
Last-Modified: Thu, 21 Feb 2013 20:43:57 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "f4df-4d64222361d40"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62687

GET
H/1.1 200
OK 8bf2e460e1c3fd071fb0e24ca58e0201.jpg
www.gosawa.com/storage/32000/857/ 62 KB
63 KB 219ms
200ms Image
image/jpeg 52.1.37.202
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gosawa.com/storage/32000/857/8bf2e460e1c3fd071fb0e24ca58e0201.jpg
Requested by: Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol: HTTP/1.1
Server: 52.1.37.202 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-1-37-202.compute-1.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: da9d69758fe6d3f37552a77c6a3078a482bf8e5d152359614d3bc8456762a6ce

Request headers

Referer: http://z3uwna0j.freeddns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 20 Sep 2019 14:59:19 GMT
Last-Modified: Thu, 21 Feb 2013 20:44:04 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "f90c-4d64222a0ed00"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63756

GET
H/1.1 200
OK yogen-fruz-des_zpsa539946b.jpg
i1225.photobucket.com/albums/ee381/goSawaTeam/ 8 KB
8 KB 72ms
53ms Image
image/webp 143.204.214.52
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://i1225.photobucket.com/albums/ee381/goSawaTeam/yogen-fruz-des_zpsa539946b.jpg
Requested by: Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol: HTTP/1.1
Server: 143.204.214.52 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-52.fra53.r.cloudfront.net
Software: imgproxy /
Resource Hash: d04e8fc568f03b4bf9de056ff4d8f0eafc36ed93dd55a31cf30800aeed2b8616

Request headers

Referer: http://z3uwna0j.freeddns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 20 Sep 2019 14:59:13 GMT
Content-Encoding: gzip
Age: 6
X-Cache: Hit from cloudfront
Content-Disposition: inline; filename="yogen-fruz-des_zpsa539946b.webp"
Connection: keep-alive
Content-Length: 8010
X-Request-Id: GlDBoX7ZtoYl-Z-me12Ifh
Access-Control-Allow-Origin: *
Server: imgproxy
Vary: Accept,Accept-Encoding
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: image/webp
Via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
Cache-Control: max-age=3600, public
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: holpatM5s5ndc4mEXnjT8slyIRx_nn73td8rbWFzpJTXndH0c65yfg==
Expires: Fri, 20 Sep 2019 15:59:13 GMT

GET
H/1.1

200
OK

Yogen-Fruz-Saskatoon.jpg
looniecoupons.com/printablecoupons/
Redirect Chain

http://www.looniecoupons.ca/printablecoupons/Yogen-Fruz-Saskatoon.jpg
http://looniecoupons.com/printablecoupons/Yogen-Fruz-Saskatoon.jpg

12 KB
12 KB

304ms
286ms

Image
image/jpeg

45.40.182.129
GoDaddy.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://looniecoupons.com/printablecoupons/Yogen-Fruz-Saskatoon.jpg
Requested by: Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol: HTTP/1.1
Server: 45.40.182.129 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-45-40-182-129.ip.secureserver.net
Software: Apache /
Resource Hash: 246a8439b43938da23294b6847347cfb9c447c3e567fb47c9a110f94b51f0322

Request headers

Referer: http://z3uwna0j.freeddns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 20 Sep 2019 14:59:19 GMT
Last-Modified: Sat, 19 Oct 2013 04:54:15 GMT
Server: Apache
ETag: "3037-4e910d7bbcbc0"
Content-Type: image/jpeg
Cache-Control: max-age=5184000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12343
Expires: Tue, 19 Nov 2019 14:59:19 GMT

Redirect headers

Location: http://looniecoupons.com/printablecoupons/Yogen-Fruz-Saskatoon.jpg
Date: Fri, 20 Sep 2019 14:59:19 GMT
Server: nginx/1.12.2
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK t460x279.jpg
img.grouponcdn.com/deal/c95735194d444004bcee935cbf54297a/7a/v1/ 37 KB
38 KB 57ms
39ms Image
image/jpeg 2.18.235.37
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.grouponcdn.com/deal/c95735194d444004bcee935cbf54297a/7a/v1/t460x279.jpg
Requested by: Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol: HTTP/1.1
Server: 2.18.235.37 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-235-37.deploy.static.akamaitechnologies.com
Software: nginx/1.12.2 /
Resource Hash: 4a53d8c806ed627ff685fb57d79072c4b8725fd2d7038e99e4f176546934cdda

Request headers

Referer: http://z3uwna0j.freeddns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 20 Sep 2019 14:59:19 GMT
Last-Modified: Thu, 24 Jan 2013 19:53:11 GMT
Server: nginx/1.12.2
ETag: "846a20fe92e2a0a2940b9511d7d5cdb8"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Connection: keep-alive
Content-Length: 38309
Expires: Sun, 20 Oct 2019 14:59:19 GMT

GET
H/1.1 200
OK 34da4a3ff60779178b777a5ce45c9aa7.jpg
www.gosawa.com/storage/32000/857/ 78 KB
78 KB 219ms
201ms Image
image/jpeg 52.1.37.202
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.gosawa.com/storage/32000/857/34da4a3ff60779178b777a5ce45c9aa7.jpg
Requested by: Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol: HTTP/1.1
Server: 52.1.37.202 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-1-37-202.compute-1.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 342e7128d72ddd9f97b74cc7bb2b703116236147dbcbb7225b2e8c91a49f32df

Request headers

Referer: http://z3uwna0j.freeddns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 20 Sep 2019 14:59:19 GMT
Last-Modified: Thu, 21 Feb 2013 20:43:53 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "137ab-4d64221f91440"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79787

GET
H/1.1

200
OK

yf.DateNight.2015.F1a-OL.jpg
www.yogenfruz.com/wp-content/uploads/
Redirect Chain

http://www.yogenfruz.com/wp-content/uploads/yf.DateNight.2015.F1a-OL.jpg
https://www.yogenfruz.com/wp-content/uploads/yf.DateNight.2015.F1a-OL.jpg

401 KB
401 KB

452ms
113ms

Image
image/jpeg

66.155.96.191
CenturyLink Commu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.yogenfruz.com/wp-content/uploads/yf.DateNight.2015.F1a-OL.jpg
Requested by: Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 66.155.96.191 , Canada, ASN6640 (CENTURYLINK-TIER3-CLOUD - CenturyLink Communications, LLC, US),
Reverse DNS: arc0001.ditcanada.net
Software: Apache / PleskLin
Resource Hash: d3ed8d8bf10f7e150aa5570b32e1a8fc39da74daaaa80735bba1ef8cbf8fd3af

Request headers

Referer: http://z3uwna0j.freeddns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 20 Sep 2019 14:59:19 GMT
Last-Modified: Thu, 29 Jan 2015 21:06:21 GMT
Server: Apache
X-Powered-By: PleskLin
ETag: "64394-50dd0dc200d40"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 410516

Redirect headers

Location: https://www.yogenfruz.com/wp-content/uploads/yf.DateNight.2015.F1a-OL.jpg
Date: Fri, 20 Sep 2019 14:59:19 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 281
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK 17013.jpg
eblastengine.upickem.net/EmailImages/ 20 KB
20 KB 496ms
126ms Image
image/jpeg 199.19.89.1
Second Street

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eblastengine.upickem.net/EmailImages/17013.jpg
Requested by: Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.19.89.1 St Louis, United States, ASN54105 (SSM-NET - Second Street, US),
Reverse DNS: 199-19-89-1.secondstreetmedia.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: d2231335b8f9644f7700f24c2cce53c7386371c717cab36a15e8a7b5bd5100fa

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://z3uwna0j.freeddns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 20 Sep 2019 14:59:18 GMT
Last-Modified: Thu, 04 Aug 2011 22:15:58 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "5b41f815f452cc1:0"
P3P: CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Cache-Control: public
Accept-Ranges: bytes
Content-Type: image/jpeg
X-PP: 2
Content-Length: 20491

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 73 KB
73 KB 36ms
36ms Font
font/woff2 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-brands-400.woff2
Requested by: Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed

Request headers

Sec-Fetch-Mode: cors
Referer: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin: http://z3uwna0j.freeddns.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 20 Sep 2019 14:59:19 GMT
last-modified: Thu, 21 Mar 2019 21:32:11 GMT
server: NetDNA-cache/2.2
status: 200
etag: "5e2f92123d241cabecf0b289b9b08d4a"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 74768

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eblastengine.upickem.net
getbootstrap.com
i1225.photobucket.com
img.grouponcdn.com
looniecoupons.com
maplemoney.com
qgrabs.com
smartcanucks.ca
use.fontawesome.com
www.gosawa.com
www.looniecoupons.ca
www.mrsjanuary.com
www.yogenfruz.com
z3uwna0j.freeddns.com
104.27.168.68
143.204.214.52
176.9.35.55
184.168.131.241
185.104.249.47
199.19.89.1
2.18.235.37
23.111.9.35
2606:4700:10::6814:1ff9
2606:4700:30::6812:3e1c
37.60.244.138
45.40.182.129
52.1.37.202
66.155.96.191
04352642387a8d5157cd66a268634997e5dbab9eac3f6c409f430d1de91db694
246a8439b43938da23294b6847347cfb9c447c3e567fb47c9a110f94b51f0322
342e7128d72ddd9f97b74cc7bb2b703116236147dbcbb7225b2e8c91a49f32df
4a53d8c806ed627ff685fb57d79072c4b8725fd2d7038e99e4f176546934cdda
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
6f4eafab4c9e61a923e9a772ba1fdefb6d2707536d5be438d883dc85cd4b69ff
d04e8fc568f03b4bf9de056ff4d8f0eafc36ed93dd55a31cf30800aeed2b8616
d2231335b8f9644f7700f24c2cce53c7386371c717cab36a15e8a7b5bd5100fa
d3ed8d8bf10f7e150aa5570b32e1a8fc39da74daaaa80735bba1ef8cbf8fd3af
da9d69758fe6d3f37552a77c6a3078a482bf8e5d152359614d3bc8456762a6ce
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e850766d8cdf7e2f15262cd776789456402953f11e51b917a716751ed155eda4
e85c5d02f41e383ed6407abbe9971e580ea5632eb360f1e4193423900e1ca397
ec6191c1f2565df44b4c1502eea30fe21230265a08736f7bc09c4bfbe9413981
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

z3uwna0j.freeddns.com Open in urlscan Pro 185.104.249.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

56 %HTTPS

14 %IPv6

14 Domains

14 Subdomains

12 IPs

5 Countries

1269 kBTransfer

1434 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

z3uwna0j.freeddns.com Open in urlscan Pro
185.104.249.47 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

56 %
HTTPS

14 %
IPv6

14
Domains

14
Subdomains

12
IPs

5
Countries

1269 kB
Transfer

1434 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions