madrid778a.store - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 4 HTTP transactions. The main IP is 172.67.182.184, located in United States and belongs to CLOUDFLARENET, US. The main domain is madrid778a.store.
TLS certificate: Issued by WE1 on September 30th 2024. Valid for: 3 months.

This is the only time madrid778a.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.164.16 172.67.164.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	216.69.166.175 216.69.166.175	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
2 4	172.67.182.184 172.67.182.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:21:... 2606:4700:21::681b:c959	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2

1 172.67.164.16 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

feji.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.69.166.175 (United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 175.166.69.216.host.secureserver.net

img4up.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.182.184 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

madrid778a.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:21::681b:c959 (United States)

ASN13335 (CLOUDFLARENET, US)

nx-cdn.trgwl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	madrid778a.store 2 redirects madrid778a.store	6 KB
2	trgwl.com nx-cdn.trgwl.com — Cisco Umbrella Rank: 759888	78 KB
1	img4up.com 1 redirects img4up.com	396 B
1	feji.us 1 redirects feji.us — Cisco Umbrella Rank: 870439	700 B
4	4

	Domain	Requested by
4	madrid778a.store	2 redirects
2	nx-cdn.trgwl.com	madrid778a.store
1	img4up.com	1 redirects
1	feji.us	1 redirects
4	4

This site contains no links.

Subject Issuer	Validity	Valid
madrid778a.store WE1	`2024-09-30` - `2024-12-29`	3 months	crt.sh
trgwl.com WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://madrid778a.store/not-found?request=/ib/Vt8sto4KMgcltWp_1728362221.jpg
Frame ID: 710425C37738497960D867AF360EAC19
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 Page Not Found

Page URL History Show full URLs

http://feji.us/ddkwms HTTP 307
https://feji.us/ddkwms HTTP 301
https://img4up.com/ib/Vt8sto4KMgcltWp_1728362221.jpg HTTP 301
https://madrid778a.store/ib/Vt8sto4KMgcltWp_1728362221.jpg HTTP 302
https://madrid778a.store/not-found?request=/ib/Vt8sto4KMgcltWp_1728362221.jpg Page URL

Page Statistics

4
Requests

75 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

82 kB
Transfer

81 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://feji.us/ddkwms HTTP 307
https://feji.us/ddkwms HTTP 301
https://img4up.com/ib/Vt8sto4KMgcltWp_1728362221.jpg HTTP 301
https://madrid778a.store/ib/Vt8sto4KMgcltWp_1728362221.jpg HTTP 302
https://madrid778a.store/not-found?request=/ib/Vt8sto4KMgcltWp_1728362221.jpg Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://madrid778a.store/favicon.ico HTTP 302
https://madrid778a.store/not-found?request=/favicon.ico

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

404

Primary Request not-found Show response
madrid778a.store/
Redirect Chain

http://feji.us/ddkwms
https://feji.us/ddkwms
https://img4up.com/ib/Vt8sto4KMgcltWp_1728362221.jpg
https://madrid778a.store/ib/Vt8sto4KMgcltWp_1728362221.jpg
https://madrid778a.store/not-found?request=/ib/Vt8sto4KMgcltWp_1728362221.jpg

3 KB
2 KB

370ms
370ms

Document
text/html

172.67.182.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://madrid778a.store/not-found?request=/ib/Vt8sto4KMgcltWp_1728362221.jpg

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

172.67.182.184 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a57405cf118a3a3cdc63a62cafacacbcdb1c9c9b513ac67f798b29aa2f491be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8daa135bac4a9aeb-MIA
content-encoding: br
content-type: text/html
date: Wed, 30 Oct 2024 08:36:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RxBPmm8owcIMVffNWIESzSHI6JHViCKAohdEcFVS%2FWiyinIL6CBECvn7w15hymWj8DUDi2Vi3KMSTwbfPd%2BZpxH%2FCj0t9OH1WJZjvuk83DlHVIo4oeduWNPwSl2Yj1Jm%2B3Ii"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=33409&sent=17&recv=14&lost=0&retrans=0&sent_bytes=5914&recv_bytes=5372&delivery_rate=440&cwnd=12000&unsent_bytes=0&cid=99f5971ed3b59be3&ts=752&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=15552001; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: BYPASS
cf-ray: 8daa13595b679aeb-MIA
content-type: text/html; charset=utf-8
date: Wed, 30 Oct 2024 08:36:05 GMT
location: /not-found?request=/ib/Vt8sto4KMgcltWp_1728362221.jpg
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O8KlskvunZTszA2abXL7XmAiV3tLqe2LKpywqq8mtLHau%2Fkom3kLMCoOKmfk7k7iVJUTI4di%2BvkzDvDtToav446Mc13dK9CE5fWhvse1H80MVIflIOZg88EBP7sINaBlBUhf"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=33083&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4169&recv_bytes=4510&delivery_rate=511&cwnd=12000&unsent_bytes=0&cid=99f5971ed3b59be3&ts=380&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=15552001; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 background.jpg
nx-cdn.trgwl.com/Images/maintenance/ 48 KB
50 KB 331ms
215ms Image
image/jpeg 2606:4700:21::681b:c959
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/maintenance/background.jpg

Requested by

Host: madrid778a.store
URL: https://madrid778a.store/not-found?request=/ib/Vt8sto4KMgcltWp_1728362221.jpg

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:21::681b:c959 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fb09730ae98006a320b65aefc77f6fc7045f0d22542a1b8fc326aa1f9b8d78b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://madrid778a.store/

Response headers

cf-cache-status: BYPASS
etag: "0f7d85abc9d61:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oZjoJ8D8pk2COWoPmS9W6WOGV5lksdNzau2QssepJjT8HL460dJnFrANQJE%2BlA8tGLBrgpLlT6T1%2FNLxTb%2FmvGjLqN572lOIndElYGKWD3MaRiptsdX05ZUNC53oZEoo2eqHBHVMfAx3FDEcRPg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Wed, 30 Oct 2024 08:36:05 GMT
content-type: image/jpeg
last-modified: Thu, 03 Dec 2020 00:29:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8daa135f6af221df-MIA
accept-ranges: bytes
content-length: 49373
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 stripe-bar-2.webp
nx-cdn.trgwl.com/Images/maintenance/ 27 KB
28 KB 348ms
253ms Image
image/webp 2606:4700:21::681b:c959
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nx-cdn.trgwl.com/Images/maintenance/stripe-bar-2.webp

Requested by

Host: madrid778a.store
URL: https://madrid778a.store/not-found?request=/ib/Vt8sto4KMgcltWp_1728362221.jpg

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:21::681b:c959 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f30c960ad7e1a3f21f8ace5532bc4d0c47b4794ae7639d1cce40bcd1536ef30c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://madrid778a.store/

Response headers

cf-cache-status: BYPASS
etag: "0699b568ced61:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pOAVvGO4pk%2FIOMslr0OgiowsypYwrenbh9Rg0ZtLwIhNv%2FJ6pnjNOvZ46Rh5wg9ZsOecvLgafXeUi1AQdxN81XW12pl2ak%2BFt9Fu21eZ5F8VLW%2B3%2F6OYACrLraJRr%2Bp7OyNGN7%2F6BdwXmCQ688I%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
date: Wed, 30 Oct 2024 08:36:05 GMT
content-type: image/webp
last-modified: Wed, 09 Dec 2020 20:15:22 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15552001; includeSubDomains; preload
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8daa135f6af321df-MIA
accept-ranges: bytes
content-length: 27968
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3

404

not-found
madrid778a.store/
Redirect Chain

https://madrid778a.store/favicon.ico
https://madrid778a.store/not-found?request=/favicon.ico

3 KB
2 KB

366ms
365ms

Other
text/html

172.67.182.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://madrid778a.store/not-found?request=/favicon.ico

Protocol

H3

Server

172.67.182.184 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a57405cf118a3a3cdc63a62cafacacbcdb1c9c9b513ac67f798b29aa2f491be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://madrid778a.store/not-found?request=/ib/Vt8sto4KMgcltWp_1728362221.jpg

Response headers

strict-transport-security: max-age=15552001; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tT4xrDh%2BDZrUT0s5521ku0svOPXfGD9Hw%2BCixeEimijDs9NGK6lzy1tAaqTIhDK%2B8%2FdBrLa%2FXLi3zmlTZscq0pUDkBkGo4%2F%2Bg0LtsFzXSKOrz7EDDpsXW83EZR8Aaib4eZg2"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8daa1363382c9aeb-MIA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=33645&sent=26&recv=21&lost=0&retrans=0&sent_bytes=9528&recv_bytes=6986&delivery_rate=433&cwnd=12000&unsent_bytes=0&cid=99f5971ed3b59be3&ts=1963&x=1", cfHdrFlush;dur=0
date: Wed, 30 Oct 2024 08:36:06 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare

Redirect headers

cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=av2a8wcUm6D04uCofATMC1%2BLYTZCbv7HbQHMAWcoJrk21DEe5z4RCzO1x67%2FtFXFh6jQGev%2FCIRjzoe%2FQ9X%2FZo7xHp%2FQT3cZyYFZJPLs6v4Aj%2BqEAvmNbwoLLIuyKtUxPVXE"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=32917&sent=21&recv=17&lost=0&retrans=0&sent_bytes=7903&recv_bytes=6146&delivery_rate=63396&cwnd=12000&unsent_bytes=0&cid=99f5971ed3b59be3&ts=1594&x=1", cfHdrFlush;dur=0
date: Wed, 30 Oct 2024 08:36:06 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552001; includeSubDomains
cache-control: private
location: /not-found?request=/favicon.ico
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8daa1360df179aeb-MIA
x-xss-protection: 1; mode=block
server: cloudflare

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
madrid778a.store/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: zvvmnjy5lzxtqwqtbqzcg2bg
madrid778a.store/	1970-01-21 00:48:02	Name: AWSALB Value: cwh7sZWfJq+QTEP4F0bFA5tqgAoMsmYs46fMHhOk+P7f+nawDCYO+S/kot19ZSYveMmbDnttilVmYfHauFYEuOf3GX93EZQhpGx50GbtPQ95ZKksbpWLSzfAa7Cn
madrid778a.store/	1970-01-21 00:48:02	Name: AWSALBTG Value: 7qfZPzRg3l0RsnGk6m+lSzi/1olOVu2LhmaU9raHqwuJHZcckIFMq9pye8iBIRrK7QrUhQabE3jneRa3SL7Rn+vGs/1TAnUHLHRoeYqayW0PQ3g1RAOvJnqlseILFhZvbKZUzHSkF2deBSm4HKJtsVMMUOaLZ1wYiZ0aF/yQxwlW9mjak9c=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://madrid778a.store/not-found?request=/ib/Vt8sto4KMgcltWp_1728362221.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://madrid778a.store/not-found?request=/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

feji.us
img4up.com
madrid778a.store
nx-cdn.trgwl.com
172.67.164.16
172.67.182.184
216.69.166.175
2606:4700:21::681b:c959
1fb09730ae98006a320b65aefc77f6fc7045f0d22542a1b8fc326aa1f9b8d78b
3a57405cf118a3a3cdc63a62cafacacbcdb1c9c9b513ac67f798b29aa2f491be
f30c960ad7e1a3f21f8ace5532bc4d0c47b4794ae7639d1cce40bcd1536ef30c

madrid778a.store Open in urlscan Pro 172.67.182.184 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

4 Requests

75 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

2 IPs

1 Countries

82 kBTransfer

81 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

3 Cookies

2 Console Messages

Security Headers

Indicators

madrid778a.store Open in urlscan Pro
172.67.182.184 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

75 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

82 kB
Transfer

81 kB
Size

3
Cookies

4 HTTP transactions
0 data transactions