URL: http://185.141.190.252/
Submission Tags: falconsandbox
Submission: On December 04 via api from US

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 7 HTTP transactions. The main IP is 185.141.190.252, located in United States and belongs to A2HOSTING, US. The main domain is 185.141.190.252.
This is the only time 185.141.190.252 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.141.190.252 55293 (A2HOSTING)
2 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
2 206.41.94.77 22652 (FIBRENOIR...)
2 172.67.38.97 13335 (CLOUDFLAR...)
7 4
Domain Requested by
2 affiliate.deckmedia.im 185.141.190.252
2 47fee4f03182a2437d6d-359a8ec3a1ca7be00e972dc737415516.r50.cf3.rackcdn.com 185.141.190.252
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com 185.141.190.252
7 4

This site contains links to these domains. Also see Links.

Domain
deckaffiliates.com
Subject Issuer Validity Valid
*.deckmedia.im
AlphaSSL CA - SHA256 - G2
2020-09-28 -
2021-10-30
a year crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA
2020-10-13 -
2021-11-13
a year crt.sh

This page contains 1 frames:

Primary Page: http://185.141.190.252/
Frame ID: 0344ABF64C29FC1FABF4FED06657ECC9
Requests: 7 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /statcounter\.com\/counter\/counter/i

Page Statistics

7
Requests

57 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

244 kB
Transfer

268 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
185.141.190.252/
4 KB
2 KB
Document
General
Full URL
http://185.141.190.252/
Protocol
HTTP/1.1
Server
185.141.190.252 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
185.141.190.252.static.a2webhosting.com
Software
Apache /
Resource Hash
cca46e689c19c567deff801fd268b7128a9ad81fb21bcd287ae3f38b3fde88fb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Host
185.141.190.252
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 04 Dec 2020 00:18:34 GMT
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
Last-Modified
Thu, 03 Dec 2020 13:32:42 GMT
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=3600, must-revalidate
Content-Length
1708
Keep-Alive
timeout=3, max=500
Connection
Keep-Alive
Content-Type
text/html
img1.jpg
47fee4f03182a2437d6d-359a8ec3a1ca7be00e972dc737415516.r50.cf3.rackcdn.com/
88 KB
89 KB
Image
General
Full URL
http://47fee4f03182a2437d6d-359a8ec3a1ca7be00e972dc737415516.r50.cf3.rackcdn.com/img1.jpg
Requested by
Host: 185.141.190.252
URL: http://185.141.190.252/
Protocol
HTTP/1.1
Server
2a02:26f0:64::210:6ae1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
aa1be8168dc785732ce5c30fdc912a32d0874a56f1b9eae4b062b0fab0b283a4

Request headers

Referer
http://185.141.190.252/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 04 Dec 2020 00:18:34 GMT
Origin
https://mycloud.rackspace.co.uk
Last-Modified
Sun, 02 Aug 2015 13:55:52 GMT
ETag
b98f3d9ebf60a074f52d6744dab4077f
Content-Type
image/jpeg
X-Timestamp
1438523751.71030
Cache-Control
public, max-age=58545
Content-Length
90445
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx3c21b5d1026544a2b3a86-005fbb9e69lon3
Expires
Fri, 04 Dec 2020 16:34:19 GMT
11_affiliatebanner_downthedrain_468x60.gif
affiliate.deckmedia.im/441128/uploads/
32 KB
33 KB
Image
General
Full URL
https://affiliate.deckmedia.im/441128/uploads/11_affiliatebanner_downthedrain_468x60.gif
Requested by
Host: 185.141.190.252
URL: http://185.141.190.252/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
206.41.94.77 Marieville, Canada, ASN22652 (FIBRENOIRE-INTERNET, CA),
Reverse DNS
atlas-cnx1.intello.com
Software
Microsoft-IIS/8.0 /
Resource Hash
007e40fdf7853a161398b9e6f529e3cb1a721d4b8a950c0aba184500a4c1ba7f

Request headers

Referer
http://185.141.190.252/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 04 Dec 2020 00:18:34 GMT
Cache-Control
private
Server
Microsoft-IIS/8.0
Content-Length
33055
Content-Type
image/gif
img2.jpg
47fee4f03182a2437d6d-359a8ec3a1ca7be00e972dc737415516.r50.cf3.rackcdn.com/
84 KB
85 KB
Image
General
Full URL
http://47fee4f03182a2437d6d-359a8ec3a1ca7be00e972dc737415516.r50.cf3.rackcdn.com/img2.jpg
Requested by
Host: 185.141.190.252
URL: http://185.141.190.252/
Protocol
HTTP/1.1
Server
2a02:26f0:64::210:6ae1 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
d958f319e7f22a3c5ed51e0eeae3dc13bd40ad46bdfb18dff2a3b2e9811b616f

Request headers

Referer
http://185.141.190.252/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 04 Dec 2020 00:18:34 GMT
Origin
https://mycloud.rackspace.co.uk
Last-Modified
Sun, 02 Aug 2015 13:55:52 GMT
ETag
8d458a265f512cc828fd43e82080a549
Content-Type
image/jpeg
X-Timestamp
1438523751.80168
Cache-Control
public, max-age=53695
Content-Length
86097
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx60dbe7a9ba5c43cf8b447-005fb7eecblon3
Expires
Fri, 04 Dec 2020 15:13:29 GMT
468x60.99.gif
affiliate.deckmedia.im/441127/uploads/
23 KB
23 KB
Image
General
Full URL
https://affiliate.deckmedia.im/441127/uploads/468x60.99.gif
Requested by
Host: 185.141.190.252
URL: http://185.141.190.252/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
206.41.94.77 Marieville, Canada, ASN22652 (FIBRENOIRE-INTERNET, CA),
Reverse DNS
atlas-cnx1.intello.com
Software
Microsoft-IIS/8.0 /
Resource Hash
d2fcc3942884e27cd3c87a2cfc9c7cbced6d9069ecee3964316adbf3debdd826

Request headers

Referer
http://185.141.190.252/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 04 Dec 2020 00:18:34 GMT
Cache-Control
private
Server
Microsoft-IIS/8.0
Content-Length
23650
Content-Type
image/gif
counter.js
www.statcounter.com/counter/
36 KB
12 KB
Script
General
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: 185.141.190.252
URL: http://185.141.190.252/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8593c89b438890c48a5fa3e1ff55b271bae62fdc5be96d71daf78f35c078ce0

Request headers

Referer
http://185.141.190.252/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 00:18:34 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 02 Dec 2020 15:37:37 GMT
server
cloudflare
age
30651
etag
W/"5fc7b4c1-910c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=43200
cf-ray
5fc159d54f4e0c71-AMS
cf-request-id
06ccb6794900000c713e824000000001
expires
Fri, 04 Dec 2020 04:17:42 GMT
t.php
c.statcounter.com/
162 B
573 B
XHR
General
Full URL
https://c.statcounter.com/t.php?sc_project=12433933&java=1&security=83858bc5&u1=C5161E1E99064FF561293361F9208D30&sc_rum_f_s=0&sc_rum_f_e=354&sc_rum_e_s=357&sc_rum_e_e=362&sc_random=0.46383681242334074&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//185.141.190.252/&t=A%20mighty%20gift%20awaits%20inside%20this%20mail!&rcat=d&rdom=d&rdomg=new&bb=1&sc_snum=1&sess=48a5b1&p=0&invisible=1&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.38.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0564d20c6662fa83c89b22ef3e1185cede3d6e4dfbc1525e936930e8ea58fb13

Request headers

Referer
http://185.141.190.252/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 04 Dec 2020 00:18:34 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
5fc159d57f8f0c71-AMS
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
http://185.141.190.252
access-control-allow-credentials
true
content-type
application/json
cf-request-id
06ccb6796c00000c7178a6e000000001
expires
Mon, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated string| popunder string| winfeatures number| once_per_session function| get_cookie function| loadornot function| loadpopunder object| win2 number| sc_project number| sc_invisible string| sc_security number| sc_https function| _statcounter

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN