dadmariseds.info - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 104.18.4.34, located in United States and belongs to CLOUDFLARENET, US. The main domain is dadmariseds.info.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 12th 2020. Valid for: 7 months.

This is the only time dadmariseds.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	104.18.4.34 104.18.4.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	194.58.56.22 194.58.56.22	197695 (AS-REG) (AS-REG)
1	54.210.31.189 54.210.31.189	14618 (AMAZON-AES) (AMAZON-AES)
6	3

4 104.18.4.34 (United States)

ASN13335 (CLOUDFLARENET, US)

dadmariseds.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.58.56.22 (Russian Federation)

ASN197695 (AS-REG, RU)

feenotifyfriends.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.210.31.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-31-189.compute-1.amazonaws.com

uthorner.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	dadmariseds.info dadmariseds.info	22 KB
1	uthorner.info uthorner.info
1	feenotifyfriends.info feenotifyfriends.info
6	3

	Domain	Requested by
4	dadmariseds.info	dadmariseds.info
1	uthorner.info	dadmariseds.info
1	feenotifyfriends.info	dadmariseds.info
6	3

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-12` - `2020-10-09`	7 months	crt.sh
*.reg.ru AlphaSSL CA - SHA256 - G2	`2020-02-12` - `2021-02-12`	a year	crt.sh
uthorner.info Amazon	`2020-01-01` - `2021-02-01`	a year	crt.sh

This page contains 1 frames:

Frame: https://uthorner.info/?tid=744402&noocp=1&subid=405931083
Frame ID: EAE60E0B33DB8C8854FA0B624E205F1D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

22 kB
Transfer

57 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set ZCIC Show response dadmariseds.info/	12 KB 5 KB	158ms 106ms	Document text/html	104.18.4.34 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dadmariseds.info/ZCIC?tag_id=744401&sub_id1=405931083&sub_id2=1400123549210377751&cookie_id=51195a16-2f98-4cfb-825d-02eafd224d6d&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Futhorner.info%2F%3Ftid%3D744402%26noocp%3D1%26subid%3D405931083&hop=7&geo=DE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.4.34 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `10c1eec21d13c86e06a5dc478d7f14d22c709088ba47bcebea558f81a2ca9ab6` Request headers Host dadmariseds.info Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers Date Fri, 20 Mar 2020 00:13:11 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d6491a842f3aba75fd3312033ce729e5a1584663191; expires=Sun, 19-Apr-20 00:13:11 GMT; path=/; domain=.dadmariseds.info; HttpOnly; SameSite=Lax; Secure X-Powered-By Express Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, POST Access-Control-Allow-Headers X-Requested-With,content-type Vary Accept-Encoding CF-Cache-Status DYNAMIC Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server cloudflare CF-RAY 576b39d3e8bf72bd-AMS Content-Encoding br
GET H/1.1	200 OK	dlp Show response dadmariseds.info/	45 KB 16 KB	117ms 117ms	XHR text/html	104.18.4.34 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dadmariseds.info/dlp?st=1&lp=not_robot_3&geo=DE Requested by Host: dadmariseds.info URL: https://dadmariseds.info/ZCIC?tag_id=744401&sub_id1=405931083&sub_id2=1400123549210377751&cookie_id=51195a16-2f98-4cfb-825d-02eafd224d6d&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Futhorner.info%2F%3Ftid%3D744402%26noocp%3D1%26subid%3D405931083&hop=7&geo=DE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.4.34 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `2202fe7254d9c1101ea9130052b66936044c058588d40b97ae0d5b43145e45fa` Request headers Referer https://dadmariseds.info/ZCIC?tag_id=744401&sub_id1=405931083&sub_id2=1400123549210377751&cookie_id=51195a16-2f98-4cfb-825d-02eafd224d6d&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Futhorner.info%2F%3Ftid%3D744402%26noocp%3D1%26subid%3D405931083&hop=7&geo=DE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest empty Response headers Date Fri, 20 Mar 2020 00:13:11 GMT Content-Encoding br CF-Cache-Status DYNAMIC Server cloudflare X-Powered-By Express Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive CF-RAY 576b39d4e94b72bd-AMS Access-Control-Allow-Headers X-Requested-With,content-type
GET H/1.1	200 OK	push-wrap.js Show response dadmariseds.info/	0 474 B	23ms 23ms	Script text/plain	104.18.4.34 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dadmariseds.info/push-wrap.js?b=8 Requested by Host: dadmariseds.info URL: https://dadmariseds.info/ZCIC?tag_id=744401&sub_id1=405931083&sub_id2=1400123549210377751&cookie_id=51195a16-2f98-4cfb-825d-02eafd224d6d&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Futhorner.info%2F%3Ftid%3D744402%26noocp%3D1%26subid%3D405931083&hop=7&geo=DE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.4.34 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://dadmariseds.info/ZCIC?tag_id=744401&sub_id1=405931083&sub_id2=1400123549210377751&cookie_id=51195a16-2f98-4cfb-825d-02eafd224d6d&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Futhorner.info%2F%3Ftid%3D744402%26noocp%3D1%26subid%3D405931083&hop=7&geo=DE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Fri, 20 Mar 2020 00:13:11 GMT CF-Cache-Status HIT Server cloudflare Age 60 X-Powered-By Express Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive CF-RAY 576b39d5a96872bd-AMS Access-Control-Allow-Headers X-Requested-With,content-type
GET H/1.1	200 OK	block.js Show response dadmariseds.info/	0 474 B	45ms 22ms	Script text/plain	104.18.4.34 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dadmariseds.info/block.js?b=4 Requested by Host: dadmariseds.info URL: https://dadmariseds.info/ZCIC?tag_id=744401&sub_id1=405931083&sub_id2=1400123549210377751&cookie_id=51195a16-2f98-4cfb-825d-02eafd224d6d&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Futhorner.info%2F%3Ftid%3D744402%26noocp%3D1%26subid%3D405931083&hop=7&geo=DE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.18.4.34 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://dadmariseds.info/ZCIC?tag_id=744401&sub_id1=405931083&sub_id2=1400123549210377751&cookie_id=51195a16-2f98-4cfb-825d-02eafd224d6d&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Futhorner.info%2F%3Ftid%3D744402%26noocp%3D1%26subid%3D405931083&hop=7&geo=DE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers Date Fri, 20 Mar 2020 00:13:11 GMT CF-Cache-Status HIT Server cloudflare Age 60 X-Powered-By Express Expect-CT max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Vary Accept-Encoding Access-Control-Allow-Methods GET, POST Access-Control-Allow-Origin * Transfer-Encoding chunked Connection keep-alive CF-RAY 576b39d5c96e72bd-AMS Access-Control-Allow-Headers X-Requested-With,content-type
GET H/1.1	502 Bad Gateway	robo_img.jpg feenotifyfriends.info/media/landings/bot/images/	0 0	334ms 52ms	Image text/html	194.58.56.22 AS-REG
General Check archive.org Show headers Download Go to Show image Full URL https://feenotifyfriends.info/media/landings/bot/images/robo_img.jpg?b=7 Requested by Host: dadmariseds.info URL: https://dadmariseds.info/ZCIC?tag_id=744401&sub_id1=405931083&sub_id2=1400123549210377751&cookie_id=51195a16-2f98-4cfb-825d-02eafd224d6d&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Futhorner.info%2F%3Ftid%3D744402%26noocp%3D1%26subid%3D405931083&hop=7&geo=DE Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 194.58.56.22 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://dadmariseds.info/ZCIC?tag_id=744401&sub_id1=405931083&sub_id2=1400123549210377751&cookie_id=51195a16-2f98-4cfb-825d-02eafd224d6d&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Futhorner.info%2F%3Ftid%3D744402%26noocp%3D1%26subid%3D405931083&hop=7&geo=DE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers
GET H2	204	/ uthorner.info/	0 0	568ms 114ms	Document text/plain	54.210.31.189 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://uthorner.info/?tid=744402&noocp=1&subid=405931083 Requested by Host: dadmariseds.info URL: https://dadmariseds.info/ZCIC?tag_id=744401&sub_id1=405931083&sub_id2=1400123549210377751&cookie_id=51195a16-2f98-4cfb-825d-02eafd224d6d&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Futhorner.info%2F%3Ftid%3D744402%26noocp%3D1%26subid%3D405931083&hop=7&geo=DE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.210.31.189 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-210-31-189.compute-1.amazonaws.com Software openresty/1.15.8.2 / Resource Hash Request headers :method GET :authority uthorner.info :scheme https :path /?tid=744402&noocp=1&subid=405931083 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate referer https://dadmariseds.info/ZCIC?tag_id=744401&sub_id1=405931083&sub_id2=1400123549210377751&cookie_id=51195a16-2f98-4cfb-825d-02eafd224d6d&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Futhorner.info%2F%3Ftid%3D744402%26noocp%3D1%26subid%3D405931083&hop=7&geo=DE accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Referer https://dadmariseds.info/ZCIC?tag_id=744401&sub_id1=405931083&sub_id2=1400123549210377751&cookie_id=51195a16-2f98-4cfb-825d-02eafd224d6d&lp=not_robot_3&tb=redirect&allb=redirect&ob=redirect&href=https%3A%2F%2Futhorner.info%2F%3Ftid%3D744402%26noocp%3D1%26subid%3D405931083&hop=7&geo=DE Response headers status 204 date Fri, 20 Mar 2020 00:13:12 GMT server openresty/1.15.8.2 cache-control no-store, no-cache, must-revalidate, no-transform pragma no-cache p3p CP="NID DSP ALL COR" set-cookie csu=027ad5ad-ff3a-4776-91e3-1d2b0027887a fv=rjk5qdg7rHw4rSEFqjY9qTgHrjUGvdw=; Expires=Sat, 20 Mar 2021 00:13:12 GMT; Max-Age=31536000; Domain=.uthorner.info; Path=/; Version=1

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dadmariseds.info/	1970-01-19 08:54:15	Name: __cfduid Value: d6491a842f3aba75fd3312033ce729e5a1584663191

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dadmariseds.info
feenotifyfriends.info
uthorner.info
104.18.4.34
194.58.56.22
54.210.31.189
10c1eec21d13c86e06a5dc478d7f14d22c709088ba47bcebea558f81a2ca9ab6
2202fe7254d9c1101ea9130052b66936044c058588d40b97ae0d5b43145e45fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

dadmariseds.info Open in urlscan Pro 104.18.4.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

6 Requests

83 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

22 kBTransfer

57 kBSize

1 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

1 Cookies

Indicators

dadmariseds.info Open in urlscan Pro
104.18.4.34 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

22 kB
Transfer

57 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions