signup.gamesheaven.net
Open in
urlscan Pro
143.204.101.102
Public Scan
Effective URL: https://signup.gamesheaven.net/signup/?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_id=10&sf=eone&adserv...
Submission: On December 05 via api from US
Summary
TLS certificate: Issued by Amazon on August 13th 2019. Valid for: a year.
This is the only time signup.gamesheaven.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:30:... 2606:4700:30::681b:99ee | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 2 | 2606:4700:30:... 2606:4700:30::681f:443a | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 2606:4700:30:... 2606:4700:30::681f:4378 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 54.246.90.204 54.246.90.204 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 18.185.191.243 18.185.191.243 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 52.3.62.147 52.3.62.147 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 143.204.101.102 143.204.101.102 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
3 | 3 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
go.hqmedia.biz |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
sapsc.site |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-90-204.eu-west-1.compute.amazonaws.com
look.udncoeln.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-191-243.eu-central-1.compute.amazonaws.com
titan.infra.systems |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-3-62-147.compute-1.amazonaws.com
studcat.infra.systems |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-102.fra50.r.cloudfront.net
signup.gamesheaven.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
infra.systems
2 redirects
titan.infra.systems studcat.infra.systems |
2 KB |
2 |
hqmedia.biz
1 redirects
go.hqmedia.biz |
1 KB |
1 |
gamesheaven.net
signup.gamesheaven.net |
6 KB |
1 |
udncoeln.com
1 redirects
look.udncoeln.com |
434 B |
1 |
sapsc.site
sapsc.site |
704 B |
1 |
artige.cf
1 redirects
artige.cf |
363 B |
3 | 6 |
Domain | Requested by | |
---|---|---|
2 | go.hqmedia.biz | 1 redirects |
1 | signup.gamesheaven.net |
sapsc.site
|
1 | studcat.infra.systems | 1 redirects |
1 | titan.infra.systems | 1 redirects |
1 | look.udncoeln.com | 1 redirects |
1 | sapsc.site |
go.hqmedia.biz
|
1 | artige.cf | 1 redirects |
3 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni167382.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-10-06 - 2020-04-13 |
6 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-12-04 - 2020-10-09 |
10 months | crt.sh |
*.gamesheaven.net Amazon |
2019-08-13 - 2020-09-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://signup.gamesheaven.net/signup/?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_id=10&sf=eone&adserver=1.3.7-with-key-update&m=books&sfv=11&lp=555&lid=76da14a0-7110-4124-ac58-c5a66be1532c&lid_hash=4d0f727ea40b8b31261c881c8bae6717&session_id=66e0a1ef0affa01f4a582ddd376ad82a&_sign=80a46bb2f008c33d98bb113f8ade7d2a&_signt=1575530862&lng=NL&country=NL
Frame ID: AF7E8B19BEF8F2FDAEBBBE193B5FD7DD
Requests: 3 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://artige.cf/request/0/ed800c/Spisok+stran+po+dobyche+prirodnogo+gaza.pdf
HTTP 302
http://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf HTTP 301
https://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf Page URL
- https://sapsc.site/adc?bt={bt}&sub_id=10&source=artige.cf&q=Spisok+stran+po+dobyche+prirodnogo+... Page URL
-
http://look.udncoeln.com/offer?prod=2&ref=5124823&sub_id=10
HTTP 302
https://titan.infra.systems/signup?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_i... HTTP 302
https://studcat.infra.systems/signup?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_i... HTTP 302
https://signup.gamesheaven.net/signup/?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_... Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://artige.cf/request/0/ed800c/Spisok+stran+po+dobyche+prirodnogo+gaza.pdf
HTTP 302
http://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf HTTP 301
https://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf Page URL
- https://sapsc.site/adc?bt={bt}&sub_id=10&source=artige.cf&q=Spisok+stran+po+dobyche+prirodnogo+gaza Page URL
-
http://look.udncoeln.com/offer?prod=2&ref=5124823&sub_id=10
HTTP 302
https://titan.infra.systems/signup?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_id=10&sf=eone&adserver=1.3.7-with-key-update&m=books&sfv=11&lp=555 HTTP 302
https://studcat.infra.systems/signup?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_id=10&sf=eone&adserver=1.3.7-with-key-update&m=books&sfv=11&lp=555&lid=76da14a0-7110-4124-ac58-c5a66be1532c&lid_hash=4d0f727ea40b8b31261c881c8bae6717 HTTP 302
https://signup.gamesheaven.net/signup/?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_id=10&sf=eone&adserver=1.3.7-with-key-update&m=books&sfv=11&lp=555&lid=76da14a0-7110-4124-ac58-c5a66be1532c&lid_hash=4d0f727ea40b8b31261c881c8bae6717&session_id=66e0a1ef0affa01f4a582ddd376ad82a&_sign=80a46bb2f008c33d98bb113f8ade7d2a&_signt=1575530862&lng=NL&country=NL Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://artige.cf/request/0/ed800c/Spisok+stran+po+dobyche+prirodnogo+gaza.pdf HTTP 302
- http://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf HTTP 301
- https://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf
3 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
getPDF
go.hqmedia.biz/ Redirect Chain
|
552 B 741 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adc
sapsc.site/ |
450 B 704 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
signup.gamesheaven.net/signup/ Redirect Chain
|
28 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
29 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| include undefined| default_home undefined| default_signup undefined| default_lander undefined| flows undefined| getQueryVariable function| getSubdomain undefined| isStepZero undefined| isDev undefined| getLocation undefined| getHeaderLanguages undefined| isNumeric undefined| isNaaN undefined| getTrafficType function| determineFlow undefined| sendGraphiteExpIncrement undefined| checkExperiment undefined| getLang undefined| getParams undefined| getSignature undefined| getFlow undefined| generateGuid undefined| getSessionID undefined| setCookies undefined| setTrackCookie undefined| redirectToHome undefined| domReady0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
artige.cf
go.hqmedia.biz
look.udncoeln.com
sapsc.site
signup.gamesheaven.net
studcat.infra.systems
titan.infra.systems
143.204.101.102
18.185.191.243
2606:4700:30::681b:99ee
2606:4700:30::681f:4378
2606:4700:30::681f:443a
52.3.62.147
54.246.90.204
21a686ffc4c269d894ee686194348a5f418ed226a3246735a9483e240fe05a2b
3c48f86be8b476d8747f171258bd5046457800837e058eb762a1609d77cb3352
b7b82a32be1070a50946b686e501e2d9ac10c456d819e031c043d93b828bcff2