urlscan.io logo urlscan.io
SecurityTrails logo

heatermelt.click Open in urlscan Pro
2606:4700:3031::ac43:9080  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://maplelucky.com/rtqoaOMXHyoUjnx
Effective URL: https://heatermelt.click/668503/ow/118900406202/35147501/GIZA04/92a5ca000396de7e2e11edc64f0b0c20x
Submission: On May 30 via manual from CA — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 2606:4700:3031::ac43:9080, located in United States and belongs to CLOUDFLARENET, US. The main domain is heatermelt.click.
TLS certificate: Issued by GTS CA 1P5 on May 23rd 2024. Valid for: 3 months.
This is the only time heatermelt.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.96.191.202 59253 (LEASEWEB-...)
1 193.25.219.155 8100 (ASN-QUADR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
3 2
Apex Domain
Subdomains		 Transfer
2 heatermelt.click
heatermelt.click
1 KB
1 quassinsdip.com
quassinsdip.com
457 B
1 maplelucky.com
maplelucky.com
460 B
3 3
Domain Requested by
2 heatermelt.click quassinsdip.com
1 quassinsdip.com
1 maplelucky.com 1 redirects
3 3

This site contains no links.

Subject Issuer Validity Valid
quassinsdip.com
R3		 2024-05-20 -
2024-08-18		 3 months crt.sh
heatermelt.click
GTS CA 1P5		 2024-05-23 -
2024-08-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://heatermelt.click/668503/ow/118900406202/35147501/GIZA04/92a5ca000396de7e2e11edc64f0b0c20x
Frame ID: 8C9B439F90C7D96EE6C6DF814BF41A96
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://maplelucky.com/rtqoaOMXHyoUjnx HTTP 301
    https://quassinsdip.com/0/0/0/de91b15347670e468d2bdcf3b0351f4d/goro Page URL
  2. https://heatermelt.click/668503/ow/118900406202/35147501/GIZA04/92a5ca000396de7e2e11edc64f0b0c20x Page URL

Page Statistics

3
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://maplelucky.com/rtqoaOMXHyoUjnx HTTP 301
    https://quassinsdip.com/0/0/0/de91b15347670e468d2bdcf3b0351f4d/goro Page URL
  2. https://heatermelt.click/668503/ow/118900406202/35147501/GIZA04/92a5ca000396de7e2e11edc64f0b0c20x Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://maplelucky.com/rtqoaOMXHyoUjnx HTTP 301
  • https://quassinsdip.com/0/0/0/de91b15347670e468d2bdcf3b0351f4d/goro

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
goro
quassinsdip.com/0/0/0/de91b15347670e468d2bdcf3b0351f4d/
Redirect Chain
  • https://maplelucky.com/rtqoaOMXHyoUjnx
  • https://quassinsdip.com/0/0/0/de91b15347670e468d2bdcf3b0351f4d/goro
160 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://quassinsdip.com/0/0/0/de91b15347670e468d2bdcf3b0351f4d/goro
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.25.219.155 Ashburn, United States, ASN8100 (ASN-QUADRANET-GLOBAL, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
160
content-type
text/html; charset=UTF-8
date
Thu, 30 May 2024 22:08:22 GMT
server
Apache

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 30 May 2024 22:08:21 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://quassinsdip.com/0/0/0/de91b15347670e468d2bdcf3b0351f4d/goro
pragma
no-cache
server
LiteSpeed
x-powered-by
PHP/7.4.33
Primary Request 92a5ca000396de7e2e11edc64f0b0c20x
heatermelt.click/668503/ow/118900406202/35147501/GIZA04/ 		552 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://heatermelt.click/668503/ow/118900406202/35147501/GIZA04/92a5ca000396de7e2e11edc64f0b0c20x
Requested by
Host: quassinsdip.com
URL: https://quassinsdip.com/0/0/0/de91b15347670e468d2bdcf3b0351f4d/goro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:9080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba06358e68429145a15d0c1cfb211cb1b82680ef0a0b3efa376c68e9c1e4ea03

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://quassinsdip.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88c20ae0d8ad5f70-SIN
content-encoding
br
content-type
text/html
date
Thu, 30 May 2024 22:08:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mrL4hVsaHcW3Zj5H8gCHs%2FC2ZBqgbcGXG3CL%2BfgifuIjn08BzmtmoyL%2F62poc2hpx4a5gpczhQzK%2FH3DTfJcZ9j0YO1fDpVdi9lWhaDfSF3%2Fj8xazR7K1XJO5iqeevQjOyMKLE1KVHnhPl3zjs3z"}],"group":"cf-nel","max_age":604800}
server
cloudflare
favicon.ico
heatermelt.click/ 		552 B
476 B 		Other
General
Check archive.org
Download Go to
Full URL
https://heatermelt.click/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:9080 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba06358e68429145a15d0c1cfb211cb1b82680ef0a0b3efa376c68e9c1e4ea03

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://heatermelt.click/668503/ow/118900406202/35147501/GIZA04/92a5ca000396de7e2e11edc64f0b0c20x
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 22:08:24 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zOFhrBNvygyINuBDqhWwtncoI4bbmG7t2RkXIdGvFH054JW%2BWKUWqM4HLH6PIiHN3%2BjkGxe6dwl2%2FgsKC%2BzujR0Ztozra%2BAa9Bl%2FjxjqQ%2FcGX4q4MqANU4j3efvyw2lUYBZvILGNqCRw%2Bp%2B%2FDGKZ"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
88c20ae68b4c5f70-SIN
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
maplelucky.com/ Name: PHPSESSID
Value: 7a747565050b4adb71829d069894b52e
maplelucky.com/ Name: short_2232
Value: 1
quassinsdip.com/ Name: uid6685
Value: 1189004062-20240530180822-e6ac6d10f05c36931dfdf840e1e2c7bb-3654

2 Console Messages

Source Level URL
Text
network error URL: https://heatermelt.click/668503/ow/118900406202/35147501/GIZA04/92a5ca000396de7e2e11edc64f0b0c20x
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://heatermelt.click/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

heatermelt.click
maplelucky.com
quassinsdip.com
172.96.191.202
193.25.219.155
2606:4700:3031::ac43:9080
ba06358e68429145a15d0c1cfb211cb1b82680ef0a0b3efa376c68e9c1e4ea03