mycuringdeal.ru - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 4 HTTP transactions. The main IP is 185.38.248.186, located in Poland and belongs to SPRINT-SDC, PL. The main domain is mycuringdeal.ru.

This is the only time mycuringdeal.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	143.95.225.67 143.95.225.67	62729 (ASMALLORA...) (ASMALLORANGE1 - A Small Orange LLC)
2 4	146.185.253.119 146.185.253.119	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1	185.38.248.186 185.38.248.186	197226 (SPRINT-SDC) (SPRINT-SDC)
4	3

1 143.95.225.67 (Los Angeles, United States)

ASN62729 (ASMALLORANGE1 - A Small Orange LLC, US)
PTR: ip-143-95-225-67.iplocal

easecuredsolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.185.253.119 (Dronten, Netherlands) 2 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: nl02.kyble.info

goodlines4burnfat.world	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.38.248.186 (Poland)

ASN197226 (SPRINT-SDC, PL)
PTR: n248h186.sprintdatacenter.net

mycuringdeal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	goodlines4burnfat.world 2 redirects goodlines4burnfat.world	1 KB
1	mycuringdeal.ru mycuringdeal.ru	318 B
1	easecuredsolutions.com easecuredsolutions.com	1 KB
4	3

	Domain	Requested by
4	goodlines4burnfat.world	2 redirects easecuredsolutions.com goodlines4burnfat.world
1	mycuringdeal.ru	goodlines4burnfat.world
1	easecuredsolutions.com
4	3

This site contains no links.

Subject Issuer	Validity	Valid
goodlines4burnfat.world Let's Encrypt Authority X3	`2019-04-04` - `2019-07-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://mycuringdeal.ru/
Frame ID: 1179BFF120CE5352744B6BC273AB8779
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://easecuredsolutions.com/wp/wp-content/uploads/2019/expurgaten.html Page URL
http://goodlines4burnfat.world/?a=401336&c=cpcdiet&s=d08m04y19 HTTP 301
https://goodlines4burnfat.world/?a=401336&c=cpcdiet&s=d08m04y19 HTTP 303
https://goodlines4burnfat.world/all/cqgc/cpc?bhu=spcwjobMJXDh2HBVkcZ1w2N5ETULZRF9hP8DEQ Page URL
http://mycuringdeal.ru/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

4
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

2 kB
Transfer

2 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://easecuredsolutions.com/wp/wp-content/uploads/2019/expurgaten.html Page URL
http://goodlines4burnfat.world/?a=401336&c=cpcdiet&s=d08m04y19 HTTP 301
https://goodlines4burnfat.world/?a=401336&c=cpcdiet&s=d08m04y19 HTTP 303
https://goodlines4burnfat.world/all/cqgc/cpc?bhu=spcwjobMJXDh2HBVkcZ1w2N5ETULZRF9hP8DEQ Page URL
http://mycuringdeal.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://goodlines4burnfat.world/?a=401336&c=cpcdiet&s=d08m04y19 HTTP 301
https://goodlines4burnfat.world/?a=401336&c=cpcdiet&s=d08m04y19 HTTP 303
https://goodlines4burnfat.world/all/cqgc/cpc?bhu=spcwjobMJXDh2HBVkcZ1w2N5ETULZRF9hP8DEQ

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK expurgaten.html Show response
easecuredsolutions.com/wp/wp-content/uploads/2019/ 2 KB
1 KB 407ms
135ms Document
text/html 143.95.225.67
A Small Orange LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://easecuredsolutions.com/wp/wp-content/uploads/2019/expurgaten.html
Protocol: HTTP/1.1
Server: 143.95.225.67 Los Angeles, United States, ASN62729 (ASMALLORANGE1 - A Small Orange LLC, US),
Reverse DNS: ip-143-95-225-67.iplocal
Software: nginx/1.14.2 /
Resource Hash: 600e722b27cacc21e860ca11badec555ca115064d85d40f7af4c3f771ced59b9

Request headers

Host: easecuredsolutions.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx/1.14.2
Date: Thu, 11 Apr 2019 19:55:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 11 Apr 2019 13:13:50 GMT
Content-Encoding: gzip

GET
H2

200

cpc Show response
goodlines4burnfat.world/all/cqgc/
Redirect Chain

http://goodlines4burnfat.world/?a=401336&c=cpcdiet&s=d08m04y19
https://goodlines4burnfat.world/?a=401336&c=cpcdiet&s=d08m04y19
https://goodlines4burnfat.world/all/cqgc/cpc?bhu=spcwjobMJXDh2HBVkcZ1w2N5ETULZRF9hP8DEQ

291 B
535 B

232ms
232ms

Document
text/html

146.185.253.119
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://goodlines4burnfat.world/all/cqgc/cpc?bhu=spcwjobMJXDh2HBVkcZ1w2N5ETULZRF9hP8DEQ

Requested by

Host: easecuredsolutions.com
URL: http://easecuredsolutions.com/wp/wp-content/uploads/2019/expurgaten.html

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.185.253.119 Dronten, Netherlands, ASN50673 (SERVERIUS-AS, NL),

Reverse DNS

nl02.kyble.info

Software

nginx/1.14.2 / ARR/2.5(af00dec92)

Resource Hash

8438d31fc147ba1432f4eaa83749710654873aa77705c8acea328da5a9fec282

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: goodlines4burnfat.world
:scheme: https
:path: /all/cqgc/cpc?bhu=spcwjobMJXDh2HBVkcZ1w2N5ETULZRF9hP8DEQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://easecuredsolutions.com/wp/wp-content/uploads/2019/expurgaten.html
accept-encoding: gzip, deflate, br
cookie: UUID=U1813-90-1934-401336-1952791; _data=2suFRKf93JCTpPa5GDLRCep7qLLHE4sBXTQgF5ofULL
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://easecuredsolutions.com/wp/wp-content/uploads/2019/expurgaten.html

Response headers

status: 200
server: nginx/1.14.2
date: Thu, 11 Apr 2019 19:55:26 GMT
content-type: text/html; charset=UTF-8
content-length: 291
x-powered-by: ARR/2.5(af00dec92)
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-robots-tag: none
strict-transport-security: max-age=15768000; includeSubDomains; preload

Redirect headers

status: 303
server: nginx/1.14.2
date: Thu, 11 Apr 2019 19:55:25 GMT
content-length: 0
location: https://goodlines4burnfat.world/all/cqgc/cpc?bhu=spcwjobMJXDh2HBVkcZ1w2N5ETULZRF9hP8DEQ
set-cookie: UUID=U1813-90-1934-401336-1952791; expires=Fri, 12 Apr 2019 19:55:25 GMT; path=/ _data=2suFRKf93JCTpPa5GDLRCep7qLLHE4sBXTQgF5ofULL
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-robots-tag: none
strict-transport-security: max-age=15768000; includeSubDomains; preload

GET
H2 200 theme_93i1bs.css
goodlines4burnfat.world/assets/spcwjobMJXDh2HBVkcZ1w2N5ETULZRF9hP8DEQ/ 21 B
279 B 315ms
314ms Stylesheet
text/css 146.185.253.119
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://goodlines4burnfat.world/assets/spcwjobMJXDh2HBVkcZ1w2N5ETULZRF9hP8DEQ/theme_93i1bs.css?CID=411298&ADID=2129826

Requested by

Host: goodlines4burnfat.world
URL: https://goodlines4burnfat.world/all/cqgc/cpc?bhu=spcwjobMJXDh2HBVkcZ1w2N5ETULZRF9hP8DEQ

Protocol

H2

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.185.253.119 Dronten, Netherlands, ASN50673 (SERVERIUS-AS, NL),

Reverse DNS

nl02.kyble.info

Software

nginx/1.14.2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/spcwjobMJXDh2HBVkcZ1w2N5ETULZRF9hP8DEQ/theme_93i1bs.css?CID=411298&ADID=2129826
pragma: no-cache
cookie: UUID=U1813-90-1934-401336-1952791; _data=2suFRKf93JCTpPa5GDLRCep7qLLHE4sBXTQgF5ofULL
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: goodlines4burnfat.world
referer: https://goodlines4burnfat.world/all/cqgc/cpc?bhu=spcwjobMJXDh2HBVkcZ1w2N5ETULZRF9hP8DEQ
:scheme: https
:method: GET
Referer: https://goodlines4burnfat.world/all/cqgc/cpc?bhu=spcwjobMJXDh2HBVkcZ1w2N5ETULZRF9hP8DEQ
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Thu, 11 Apr 2019 19:55:26 GMT
x-content-type-options: nosniff
server: nginx/1.14.2
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15768000; includeSubDomains; preload
content-type: text/css
status: 200
set-cookie: _view=true; expires=Fri, 12 Apr 2019 19:55:26 GMT; path=/
x-robots-tag: none
content-length: 21
x-xss-protection: 1; mode=block

GET
H/1.1 403
Forbidden Primary Request / Show response
mycuringdeal.ru/ 168 B
318 B 654ms
111ms Document
text/html 185.38.248.186
SPRINT-SDC

General

Check archive.org

Show headers Download Go to

Full URL: http://mycuringdeal.ru/
Requested by: Host: goodlines4burnfat.world
URL: https://goodlines4burnfat.world/all/cqgc/cpc?bhu=spcwjobMJXDh2HBVkcZ1w2N5ETULZRF9hP8DEQ
Protocol: HTTP/1.1
Server: 185.38.248.186 , Poland, ASN197226 (SPRINT-SDC, PL),
Reverse DNS: n248h186.sprintdatacenter.net
Software: nginx/1.14.2 /
Resource Hash: 27206ffd56275f7d34ccb063b151d93e531fe2b82c1fd3420077aaccd664bc24

Request headers

Host: mycuringdeal.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx/1.14.2
Date: Thu, 11 Apr 2019 19:55:27 GMT
Content-Type: text/html
Content-Length: 168
Connection: close

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

easecuredsolutions.com
goodlines4burnfat.world
mycuringdeal.ru
143.95.225.67
146.185.253.119
185.38.248.186
27206ffd56275f7d34ccb063b151d93e531fe2b82c1fd3420077aaccd664bc24
600e722b27cacc21e860ca11badec555ca115064d85d40f7af4c3f771ced59b9
8438d31fc147ba1432f4eaa83749710654873aa77705c8acea328da5a9fec282

mycuringdeal.ru Open in urlscan Pro 185.38.248.186 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

50 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

2 kBTransfer

2 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Indicators

mycuringdeal.ru Open in urlscan Pro
185.38.248.186 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

2 kB
Transfer

2 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions