desadov.com Open in urlscan Pro
104.21.234.108 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://desadov.com/
Submission: On October 18 via manual (October 18th 2021, 6:16:50 pm UTC) from CO — Scanned from DE

Summary HTTP 14 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 7 IPs in 7 countries across 9 domains to perform 14 HTTP transactions. The main IP is 104.21.234.108, located in United States and belongs to CLOUDFLARENET, US. The main domain is desadov.com.

This is the only time desadov.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	104.21.234.108 104.21.234.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	190.2.139.23 190.2.139.23	49981 (WORLDSTREAM) (WORLDSTREAM)
2	185.203.72.224 185.203.72.224	42240 (VARITI-IN...) (VARITI-INT-AS)
1	192.102.6.72 192.102.6.72	57682 (HVDS-AS) (HVDS-AS)
3	217.23.10.44 217.23.10.44	49981 (WORLDSTREAM) (WORLDSTREAM)
2	193.176.1.9 193.176.1.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
6 7	89.208.236.251 89.208.236.251	12695 (DINET-AS) (DINET-AS)
2 2	185.15.175.157 185.15.175.157	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
2 2	136.243.148.229 136.243.148.229	24940 (HETZNER-AS) (HETZNER-AS)
14	7

4 104.21.234.108 (United States)

ASN13335 (CLOUDFLARENET, US)

desadov.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.2.139.23 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: server73-vm12.openfrost.com

cppgf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.203.72.224 (Switzerland)

ASN42240 (VARITI-INT-AS, CH)

elnpe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.102.6.72 (Kyiv, Ukraine)

ASN57682 (HVDS-AS, UA)
PTR: s1.zevshost.net

nvjqm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.23.10.44 (Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: server45-vm01-old.openfrost.com

cleverjump.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.176.1.9 (None, )

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ip.stat.zevshost.net

100widgets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 89.208.236.251 (Reutov, Russian Federation) 6 redirects

ASN12695 (DINET-AS, RU)

hit2.hotlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.157 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.148.229 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.229.148.243.136.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	hotlog.ru 6 redirects hit2.hotlog.ru	3 KB
4	desadov.com desadov.com	46 KB
3	cleverjump.org cleverjump.org	6 KB
2	1dmp.io 2 redirects sync.1dmp.io	925 B
2	digitaltarget.ru 2 redirects dmg.digitaltarget.ru	1 KB
2	100widgets.com 100widgets.com	932 B
2	elnpe.com elnpe.com	23 KB
1	nvjqm.com nvjqm.com	546 B
1	cppgf.com cppgf.com	9 KB
14	9

	Domain	Requested by
7	hit2.hotlog.ru	6 redirects desadov.com
4	desadov.com	desadov.com
3	cleverjump.org	cppgf.com desadov.com cleverjump.org
2	sync.1dmp.io	2 redirects
2	dmg.digitaltarget.ru	2 redirects
2	100widgets.com	nvjqm.com 100widgets.com
2	elnpe.com	desadov.com elnpe.com
1	nvjqm.com	desadov.com
1	cppgf.com	desadov.com
14	9

This site contains links to these domains. Also see Links.

Domain
sex-paradise.com.ua
click.hotlog.ru
yakutsk4.putanu.com
sex.pornline.porn
orgazmo.ru

Subject Issuer	Validity	Valid
cleverjump.org R3	`2021-10-02` - `2021-12-31`	3 months	crt.sh
*.hotlog.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-28` - `2022-10-25`	a year	crt.sh
100widgets.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-19` - `2021-11-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://desadov.com/
Frame ID: 6DA72090276388A93AEB163FD0732FBE
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Эротические рассказы бдсм комиксы видео порно клипы порнорассказы порноклипы

Page Statistics

14
Requests

36 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

7
IPs

7
Countries

86 kB
Transfer

160 kB
Size

4
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://sex-paradise.com.ua/
Title: секс шоп

Search URL Search Domain Scan URL

URL: http://click.hotlog.ru/?18956

Search URL Search Domain Scan URL

URL: https://yakutsk4.putanu.com/
Title: индивидуалки и проститутки Якутска

Search URL Search Domain Scan URL

URL: https://sex.pornline.porn/
Title: видео онлайн

Search URL Search Domain Scan URL

URL: http://orgazmo.ru/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://hit2.hotlog.ru/cgi-bin/hotlog/count?0.8012778371882567&s=18956&im=101&r=&pg=http%3A//desadov.com/&c=Y&j=N&wh=1600x1200&px=24&js=1.3& HTTP 302
http://hit2.hotlog.ru/cgi-bin/hotlog/count?0.8012778371882567&s=18956&im=101&r=&pg=http%3A//desadov.com/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&&hl_ignore=Y HTTP 302
http://hit2.hotlog.ru/cgi-bin/hotlog/count?0.8012778371882567&s=18956&im=101&r=&pg=http%3A//desadov.com/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&&hl_ignore=Y&hl_ignore=Y HTTP 302
https://dmg.digitaltarget.ru/1/19/i/i?a=19&e=a2ca58c0f0c472a5e4c669c7c5bf9a59&i=939583107&r=https://hit2.hotlog.ru/cgi-bin/hotlog/count?s%3D18956%26im%3D101%26hl_hitback%3DY HTTP 307
https://dmg.digitaltarget.ru/awg/custom/19/i/i?call_source=awg&a=19&e=a2ca58c0f0c472a5e4c669c7c5bf9a59&i=939583107&r=https://hit2.hotlog.ru/cgi-bin/hotlog/count?s%3D18956%26im%3D101%26hl_hitback%3DY HTTP 307
https://hit2.hotlog.ru/cgi-bin/hotlog/count?s=18956&im=101&hl_hitback=Y HTTP 302
https://hit2.hotlog.ru/cgi-bin/hotlog/count?s=18956&im=101&hl_hitback=Y&hl_ignore=Y HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3dc39d61-7763-4229-855c-5bb89c069683&pid=w&uid=a2ca58c0f0c472a5e4c669c7c5bf9a59&ru=https://hit2.hotlog.ru/cgi-bin/hotlog/count?s%3D18956%26im%3D101%26hl_hitback%3D2 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=3dc39d61-7763-4229-855c-5bb89c069683&pid=w&uid=a2ca58c0f0c472a5e4c669c7c5bf9a59&ru=https://hit2.hotlog.ru/cgi-bin/hotlog/count?s%3D18956%26im%3D101%26hl_hitback%3D2&cs=1 HTTP 302
https://hit2.hotlog.ru/cgi-bin/hotlog/count?s=18956&im=101&hl_hitback=2 HTTP 302
https://hit2.hotlog.ru/cgi-bin/hotlog/count?s=18956&im=101&hl_hitback=2&hl_ignore=Y

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response desadov.com/	8 KB 4 KB	85ms 62ms	Document text/html	104.21.234.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://desadov.com/ Protocol HTTP/1.1 Server 104.21.234.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `56e0107f0082446ba296374038848e6d473012e9339268e03162c5a4bf44c21b` Request headers Host desadov.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Mon, 18 Oct 2021 18:16:46 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive last-modified Tue, 07 Sep 2021 07:18:10 GMT vary Accept-Encoding cache-control max-age=0 expires Mon, 18 Oct 2021 18:16:46 GMT CF-Cache-Status DYNAMIC Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Imkl%2BKhSDK16EA1QR3kYo9hQdxX3yjYPnPDVtGnymGNEoattQJjnl0QSRJandHSKDo9rZ9t4hX5rZj%2Fz9kiYON%2By0ix%2FczXjx6sl1NYGiVX2mev49D545ox6H0UNg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare CF-RAY 6a03c2794c5227bc-PRG Content-Encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	dd9a.js Show response cppgf.com/2e611/0/8/02/c/85/	45 KB 9 KB	73ms 34ms	Script application/javascript	190.2.139.23 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL http://cppgf.com/2e611/0/8/02/c/85/dd9a.js Requested by Host: desadov.com URL: http://desadov.com/ Protocol HTTP/1.1 Server 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server73-vm12.openfrost.com Software nginx/1.18.0 / PHP/7.2.34 Resource Hash `da40c9e337d0d91d4537dfa6fd1a42602f919eaa2e6d5631ff2bf0b39cde8aeb` Request headers Accept-Language de-DE,de;q=0.9 Referer http://desadov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:16:46 GMT Content-Encoding gzip Server nginx/1.18.0 X-Powered-By PHP/7.2.34 Vary Accept-Encoding, Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	2qtaw2uql.js Show response elnpe.com/vcllonuvq54ji1u/j5479i4j5/onl/7a9f9x5j4/912bw8j7b/	60 KB 21 KB	50ms 21ms	Script application/javascript	185.203.72.224 VARITI-INT-AS
General Check archive.org Show headers Download Go to Full URL http://elnpe.com/vcllonuvq54ji1u/j5479i4j5/onl/7a9f9x5j4/912bw8j7b/2qtaw2uql.js?p=99045&b=640262 Requested by Host: desadov.com URL: http://desadov.com/ Protocol HTTP/1.1 Server 185.203.72.224 , Switzerland, ASN42240 (VARITI-INT-AS, CH), Reverse DNS Software nginx / Resource Hash `132c5f6c6b35d30137002eec9eed3d16c62a0867b96584117d5cd4a4d9c2803b` Request headers Accept-Language de-DE,de;q=0.9 Referer http://desadov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:16:46 GMT Content-Encoding gzip Last-Modified Wed, 16 Jan 2019 07:27:00 GMT Server nginx ETag "5c3edcc4-51bf" P3P policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Connection keep-alive Content-Length 20927 Content-Type application/javascript; charset=utf-8 Keep-Alive timeout=15 X-VARITI-CCR 503491593:1
GET H/1.1	200 OK	logotitul.gif desadov.com/support/bar/	38 KB 39 KB	20ms 20ms	Image image/gif	104.21.234.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://desadov.com/support/bar/logotitul.gif Requested by Host: desadov.com URL: http://desadov.com/ Protocol HTTP/1.1 Server 104.21.234.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `703632b0afdda1259473ec9a2fbab965cad3ffc92fa317a373f78c19eaa49b22` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host desadov.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://desadov.com/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://desadov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:16:46 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 170710 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 38739 last-modified Sat, 13 May 2017 11:57:28 GMT Server cloudflare etag "5916f4a8-9753" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNLyVdScdu%2Fo8DLp1N%2BfcoZTtJzkkRF3xx1FXzydomUKWhSnuKADW7YRM91PhvTdSr5YAoua76xnUCnu%2F0rDb7tM5rPLD1Y9k0yjI1Kn6H2YWWQKRjOZqGGkGz5LYQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/gif cache-control max-age=2592000 Accept-Ranges bytes CF-RAY 6a03c279dd8627bc-PRG expires Mon, 15 Nov 2021 18:51:36 GMT
GET H/1.1	200 OK	HeT.gif desadov.com/support/bar/	540 B 1 KB	55ms 38ms	Image image/gif	104.21.234.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://desadov.com/support/bar/HeT.gif Requested by Host: desadov.com URL: http://desadov.com/ Protocol HTTP/1.1 Server 104.21.234.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1e547834409d55b1b392df4ea97089df83fd10f1c1e9cc846358635b453fc547` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host desadov.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://desadov.com/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://desadov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:16:46 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2457993 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 540 Last-Modified Sat, 13 May 2017 11:57:28 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snyjvjWTvA8PpLzcMPze%2BosSQ%2F38SyPyx637bDkCP87J0nAtJXClE7Fe3AeqhI31XY2Xdnwz%2BSWeYz5TMAe19IeWQ4bZMe2MbUtXhbweZTpvpb88QMksf2bas0MKvg%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/gif X-Accel-Version 0.01 Cache-Control max-age=2592000 Accept-Ranges bytes CF-RAY 6a03c279fbac278c-PRG Expires Wed, 20 Oct 2021 07:30:13 GMT
GET H/1.1	200 OK	ba.js Show response nvjqm.com/90u3fde8/8/853525/	325 B 546 B	247ms 132ms	Script application/javascript	192.102.6.72 HVDS-AS
General Check archive.org Show headers Download Go to Full URL http://nvjqm.com/90u3fde8/8/853525/ba.js Requested by Host: desadov.com URL: http://desadov.com/ Protocol HTTP/1.1 Server 192.102.6.72 Kyiv, Ukraine, ASN57682 (HVDS-AS, UA), Reverse DNS s1.zevshost.net Software nginx/1.16.1 / PHP/7.4.15 Resource Hash `a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09` Request headers Accept-Language de-DE,de;q=0.9 Referer http://desadov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:16:46 GMT Server nginx/1.16.1 Connection keep-alive X-Powered-By PHP/7.4.15 Transfer-Encoding chunked Content-Type application/javascript; charset=UTF-8
GET H/1.1	200 OK	orgazmo.gif desadov.com/support/bar/	1 KB 2 KB	46ms 28ms	Image image/gif	104.21.234.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://desadov.com/support/bar/orgazmo.gif Requested by Host: desadov.com URL: http://desadov.com/ Protocol HTTP/1.1 Server 104.21.234.108 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2ded382093fc52f2537afb619f8256992f5396728dfb03cbc6fc4415d730e8ee` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host desadov.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://desadov.com/ Connection keep-alive Cache-Control no-cache Accept-Language de-DE,de;q=0.9 Referer http://desadov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:16:46 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 2457993 Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 1145 last-modified Sat, 13 May 2017 11:57:28 GMT Server cloudflare etag "5916f4a8-479" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpvbErXgJ6O6aDqRtCOSeYmD6Ehpj%2BrO5aQTdKy3qIQWNDBxqtZ3G2c%2FXSb8TXoy2si6VGtEOTTXGgZN3J6Nc69KKLwx1snVJWTUPc%2FHhFE3hrsYzjOtXDDLmNAJhw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/gif cache-control max-age=2592000 Accept-Ranges bytes CF-RAY 6a03c279f8d72780-PRG expires Wed, 20 Oct 2021 07:30:13 GMT
GET H/1.1	200 OK	cu3.php Show response elnpe.com/	704 B 2 KB	53ms 52ms	Script application/javascript	185.203.72.224 VARITI-INT-AS
General Check archive.org Show headers Download Go to Full URL http://elnpe.com/cu3.php?eyJibG9ja19kYXRhIjp7ImN1Ijp7InAiOiI5OTA0NSIsImIiOiI2NDAyNjIiLCJkZWxheV9jb29raWVfdmFsdWUiOmZhbHNlfX0sInNvY2lhbCI6MCwidGFyZ2V0aW5nX3R5cGVzIjpbMSwyXSwiY2FsbGJhY2siOiJ0bjk5ODc1MyJ9 Requested by Host: elnpe.com URL: http://elnpe.com/vcllonuvq54ji1u/j5479i4j5/onl/7a9f9x5j4/912bw8j7b/2qtaw2uql.js?p=99045&b=640262 Protocol HTTP/1.1 Server 185.203.72.224 , Switzerland, ASN42240 (VARITI-INT-AS, CH), Reverse DNS Software nginx / Resource Hash `99bf77a4a350285f52960f1416724adb43a8405b69da4ae5826bd21cc004170b` Request headers Accept-Language de-DE,de;q=0.9 Referer http://desadov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Mon, 18 Oct 2021 18:16:46 GMT Content-Encoding gzip Last-Modified Mon, 18 Oct 2021 18:16:46 GMT Server nginx Vary Accept-Encoding P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" Cache-Control post-check=0, pre-check=0 Transfer-Encoding chunked Connection keep-alive Content-Type application/javascript; charset="utf-8" Keep-Alive timeout=15 X-VARITI-CCR 503491593:2 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	counter.js Show response cleverjump.org/	5 KB 6 KB	274ms 17ms	Script application/javascript	217.23.10.44 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://cleverjump.org/counter.js Requested by Host: cppgf.com URL: http://cppgf.com/2e611/0/8/02/c/85/dd9a.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 217.23.10.44 , Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server45-vm01-old.openfrost.com Software nginx/1.18.0 / Resource Hash `cb1ef4607e93916a5dd30beae4617069924cb5f10edb65d8f93468c3fbdc1dc4` Request headers Accept-Language de-DE,de;q=0.9 Referer http://desadov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:16:46 GMT Last-Modified Wed, 20 Jan 2021 12:50:32 GMT Server nginx/1.18.0 ETag "60082718-15c3" Content-Type application/javascript Cache-Control max-age=86400 Connection keep-alive Accept-Ranges bytes Content-Length 5571 Expires Tue, 19 Oct 2021 18:16:46 GMT
GET H/1.1	200 OK	js_data.php Show response 100widgets.com/	306 B 733 B	74ms 13ms	Script text/html	193.176.1.9 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL http://100widgets.com/js_data.php?id=278 Requested by Host: nvjqm.com URL: http://nvjqm.com/90u3fde8/8/853525/ba.js Protocol HTTP/1.1 Server 193.176.1.9 -, , ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS ip.stat.zevshost.net Software nginx/1.16.1 / PHP/5.4.16 Resource Hash `cfd76f8f2b5ed21afc907b2a26e5a1bad5664c9e6deaac474b7e6790354bd282` Request headers Accept-Language de-DE,de;q=0.9 Referer http://desadov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Pragma no-cache Date Mon, 18 Oct 2021 18:16:46 GMT Server nginx/1.16.1 X-Powered-By PHP/5.4.16 Transfer-Encoding chunked Content-Type text/html Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection keep-alive Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	count hit2.hotlog.ru/cgi-bin/hotlog/ Redirect Chain http://hit2.hotlog.ru/cgi-bin/hotlog/count?0.8012778371882567&s=18956&im=101&r=&pg=http%3A//desadov.com/&c=Y&j=N&wh=1600x1200&px=24&js=1.3& http://hit2.hotlog.ru/cgi-bin/hotlog/count?0.8012778371882567&s=18956&im=101&r=&pg=http%3A//desadov.com/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&&hl_ignore=Y http://hit2.hotlog.ru/cgi-bin/hotlog/count?0.8012778371882567&s=18956&im=101&r=&pg=http%3A//desadov.com/&c=Y&j=N&wh=1600x1200&px=24&js=1.3&&hl_ignore=Y&hl_ignore=Y https://dmg.digitaltarget.ru/1/19/i/i?a=19&e=a2ca58c0f0c472a5e4c669c7c5bf9a59&i=939583107&r=https://hit2.hotlog.ru/cgi-bin/hotlog/count?s%3D18956%26im%3D101%26hl_hitback%3DY https://dmg.digitaltarget.ru/awg/custom/19/i/i?call_source=awg&a=19&e=a2ca58c0f0c472a5e4c669c7c5bf9a59&i=939583107&r=https://hit2.hotlog.ru/cgi-bin/hotlog/count?s%3D18956%26im%3D101%26hl_hitback%3DY https://hit2.hotlog.ru/cgi-bin/hotlog/count?s=18956&im=101&hl_hitback=Y https://hit2.hotlog.ru/cgi-bin/hotlog/count?s=18956&im=101&hl_hitback=Y&hl_ignore=Y https://sync.1dmp.io/pixel.gif?cid=3dc39d61-7763-4229-855c-5bb89c069683&pid=w&uid=a2ca58c0f0c472a5e4c669c7c5bf9a59&ru=https://hit2.hotlog.ru/cgi-bin/hotlog/count?s%3D18956%26im%3D101%26hl_hitback%3D2 https://sync.1dmp.io/pixel.gif?cid=3dc39d61-7763-4229-855c-5bb89c069683&pid=w&uid=a2ca58c0f0c472a5e4c669c7c5bf9a59&ru=https://hit2.hotlog.ru/cgi-bin/hotlog/count?s%3D18956%26im%3D101%26hl_hitback%3... https://hit2.hotlog.ru/cgi-bin/hotlog/count?s=18956&im=101&hl_hitback=2 https://hit2.hotlog.ru/cgi-bin/hotlog/count?s=18956&im=101&hl_hitback=2&hl_ignore=Y	744 B 779 B	48ms 48ms	Image image/gif	89.208.236.251 DINET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://hit2.hotlog.ru/cgi-bin/hotlog/count?s=18956&im=101&hl_hitback=2&hl_ignore=Y Requested by Host: desadov.com URL: http://desadov.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 89.208.236.251 Reutov, Russian Federation, ASN12695 (DINET-AS, RU), Reverse DNS Software HotLog/1.2 / Resource Hash `5a0bad85b15fc25877f8bb1d85180baa63861e23d04e4b29e19cd548794bcd06` Request headers Accept-Language de-DE,de;q=0.9 Referer http://desadov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 18 Oct 2021 18:16:47 GMT server HotLog/1.2 content-length 744 content-type image/gif Redirect headers location /cgi-bin/hotlog/count?s=18956&im=101&hl_hitback=2&hl_ignore=Y date Mon, 18 Oct 2021 18:16:47 GMT server HotLog/1.2 p3p policyref="/p3p.xml", CP="NON ADM DEV TAI PSA PSD IVA OUR IND UNI COM NAV INT" content-length 0 content-type text/plain
GET H/1.1	200 OK	stat.js.php Show response 100widgets.com/	0 199 B	32ms 12ms	Script application/javascript	193.176.1.9 MYLOC-AS IP Backb...
General Check archive.org Show headers Download Go to Full URL https://100widgets.com/stat.js.php Requested by Host: 100widgets.com URL: http://100widgets.com/js_data.php?id=278 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.176.1.9 -, , ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE), Reverse DNS ip.stat.zevshost.net Software nginx/1.16.1 / PHP/5.4.16 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer http://desadov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:16:46 GMT Server nginx/1.16.1 Connection keep-alive X-Powered-By PHP/5.4.16 Transfer-Encoding chunked Content-Type application/javascript
GET H/1.1	200 OK	hit cleverjump.org/	0 357 B	18ms 18ms	Image image/png	217.23.10.44 WORLDSTREAM
General Check archive.org Show headers Download Go to Show image Full URL https://cleverjump.org/hit?z0;s1600120024;fw6cnyZj7Qjqabr9baMG69qdGVPIR3H;cshb2;r;uhttp%3A%2F%2Fdesadov.com%2F;h%D0%AD%D1%80%D0%BE%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D1%8B%20%D0%B1%D0%B4%D1%81%D0%BC%20%D0%BA%D0%BE%D0%BC%D0%B8%D0%BA%D1%81%D1%8B%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D0%BF%D0%BE%D1%80%D0%BD%D0%BE%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%D0%BF%D0%BE%D1%80%D0%BD%D0%BE%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D1%8B%20%D0%BF%D0%BE%D1%80%D0%BD%D0%BE%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B;0.9073891077588361 Requested by Host: desadov.com URL: http://desadov.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 217.23.10.44 , Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server45-vm01-old.openfrost.com Software nginx/1.18.0 / PHP/7.2.34 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Accept-Language de-DE,de;q=0.9 Referer http://desadov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:16:46 GMT Server nginx/1.18.0 Connection keep-alive Content-Type image/png X-Powered-By PHP/7.2.34 Transfer-Encoding chunked P3P CP=CleverJump
GET H/1.1	200 OK	get-uid.php Show response cleverjump.org/hit/	30 B 326 B	17ms 17ms	XHR text/html	217.23.10.44 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://cleverjump.org/hit/get-uid.php Requested by Host: cleverjump.org URL: https://cleverjump.org/counter.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 217.23.10.44 , Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS server45-vm01-old.openfrost.com Software nginx/1.18.0 / PHP/7.2.34 Resource Hash `e1849c2f2fbce1b97a09b97a782aec2952286a682edda98cccfc9202648e28df` Request headers Accept-Language de-DE,de;q=0.9 Referer http://desadov.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 18 Oct 2021 18:16:46 GMT Server nginx/1.18.0 X-Powered-By PHP/7.2.34 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Access-Control-Allow-Origin http://desadov.com Access-Control-Allow-Credentials true Connection keep-alive

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cleverjump.org/hit	1970-01-20 06:48:37	Name: _cjuh Value: LIMlKWboA5j6boh2Vml3oqF5Zi97KE
desadov.com/	1969-12-31 23:59:59	Name: cj_uid Value: LIMlKWboA5j6boh2Vml3oqF5Zi97KE
.dmg.digitaltarget.ru/	1970-01-20 23:58:13	Name: viuserid Value: q6hba3UoYtixPI77fkIA
.1dmp.io/	1970-01-20 06:48:37	Name: uid Value: 8e8ab292-303f-11ec-acfd-901b0e8b2a6e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100widgets.com
cleverjump.org
cppgf.com
desadov.com
dmg.digitaltarget.ru
elnpe.com
hit2.hotlog.ru
nvjqm.com
sync.1dmp.io
104.21.234.108
136.243.148.229
185.15.175.157
185.203.72.224
190.2.139.23
192.102.6.72
193.176.1.9
217.23.10.44
89.208.236.251
132c5f6c6b35d30137002eec9eed3d16c62a0867b96584117d5cd4a4d9c2803b
1e547834409d55b1b392df4ea97089df83fd10f1c1e9cc846358635b453fc547
2ded382093fc52f2537afb619f8256992f5396728dfb03cbc6fc4415d730e8ee
56e0107f0082446ba296374038848e6d473012e9339268e03162c5a4bf44c21b
5a0bad85b15fc25877f8bb1d85180baa63861e23d04e4b29e19cd548794bcd06
703632b0afdda1259473ec9a2fbab965cad3ffc92fa317a373f78c19eaa49b22
99bf77a4a350285f52960f1416724adb43a8405b69da4ae5826bd21cc004170b
a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09
cb1ef4607e93916a5dd30beae4617069924cb5f10edb65d8f93468c3fbdc1dc4
cfd76f8f2b5ed21afc907b2a26e5a1bad5664c9e6deaac474b7e6790354bd282
da40c9e337d0d91d4537dfa6fd1a42602f919eaa2e6d5631ff2bf0b39cde8aeb
e1849c2f2fbce1b97a09b97a782aec2952286a682edda98cccfc9202648e28df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

desadov.com Open in urlscan Pro 104.21.234.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

14 Requests

36 %HTTPS

0 %IPv6

9 Domains

9 Subdomains

7 IPs

7 Countries

86 kBTransfer

160 kBSize

4 Cookies

5 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

4 Cookies

Indicators

desadov.com Open in urlscan Pro
104.21.234.108 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

36 %
HTTPS

0 %
IPv6

9
Domains

9
Subdomains

7
IPs

7
Countries

86 kB
Transfer

160 kB
Size

4
Cookies

14 HTTP transactions
0 data transactions