urlscan.io logo urlscan.io
SecurityTrails logo

signup.gamesheaven.net Open in urlscan Pro
143.204.101.102  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://artige.cf/request/0/ed800c/Spisok+stran+po+dobyche+prirodnogo+gaza.pdf
Effective URL: https://signup.gamesheaven.net/signup/?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_id=10&sf=eone&adserv...
Submission: On December 05 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 6 domains to perform 3 HTTP transactions. The main IP is 143.204.101.102, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is signup.gamesheaven.net.
TLS certificate: Issued by Amazon on August 13th 2019. Valid for: a year.
This is the only time signup.gamesheaven.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2 2606:4700:30:... 13335 (CLOUDFLAR...)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 1 54.246.90.204 16509 (AMAZON-02)
1 1 18.185.191.243 16509 (AMAZON-02)
1 1 52.3.62.147 14618 (AMAZON-AES)
1 143.204.101.102 16509 (AMAZON-02)
3 3
1    2606:4700:30::681b:99ee (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
artige.cf
2    2606:4700:30::681f:443a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
go.hqmedia.biz
1    2606:4700:30::681f:4378 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
sapsc.site
1    54.246.90.204 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-90-204.eu-west-1.compute.amazonaws.com
look.udncoeln.com
1    18.185.191.243 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-191-243.eu-central-1.compute.amazonaws.com
titan.infra.systems
1    52.3.62.147 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-3-62-147.compute-1.amazonaws.com
studcat.infra.systems
1    143.204.101.102 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-102.fra50.r.cloudfront.net
signup.gamesheaven.net
Apex Domain
Subdomains		 Transfer
2 infra.systems
titan.infra.systems
studcat.infra.systems
2 KB
2 hqmedia.biz
go.hqmedia.biz
1 KB
1 gamesheaven.net
signup.gamesheaven.net
6 KB
1 udncoeln.com
look.udncoeln.com
434 B
1 sapsc.site
sapsc.site
704 B
1 artige.cf
artige.cf
363 B
3 6
Domain Requested by
2 go.hqmedia.biz 1 redirects
1 signup.gamesheaven.net sapsc.site
1 studcat.infra.systems 1 redirects
1 titan.infra.systems 1 redirects
1 look.udncoeln.com 1 redirects
1 sapsc.site go.hqmedia.biz
1 artige.cf 1 redirects
3 7

This site contains no links.

Subject Issuer Validity Valid
sni167382.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-10-06 -
2020-04-13		 6 months crt.sh
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-12-04 -
2020-10-09		 10 months crt.sh
*.gamesheaven.net
Amazon		 2019-08-13 -
2020-09-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://signup.gamesheaven.net/signup/?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_id=10&sf=eone&adserver=1.3.7-with-key-update&m=books&sfv=11&lp=555&lid=76da14a0-7110-4124-ac58-c5a66be1532c&lid_hash=4d0f727ea40b8b31261c881c8bae6717&session_id=66e0a1ef0affa01f4a582ddd376ad82a&_sign=80a46bb2f008c33d98bb113f8ade7d2a&_signt=1575530862&lng=NL&country=NL
Frame ID: AF7E8B19BEF8F2FDAEBBBE193B5FD7DD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://artige.cf/request/0/ed800c/Spisok+stran+po+dobyche+prirodnogo+gaza.pdf HTTP 302
    http://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf HTTP 301
    https://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf Page URL
  2. https://sapsc.site/adc?bt={bt}&sub_id=10&source=artige.cf&q=Spisok+stran+po+dobyche+prirodnogo+... Page URL
  3. http://look.udncoeln.com/offer?prod=2&ref=5124823&sub_id=10 HTTP 302
    https://titan.infra.systems/signup?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_i... HTTP 302
    https://studcat.infra.systems/signup?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_i... HTTP 302
    https://signup.gamesheaven.net/signup/?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

3
Requests

100 %
HTTPS

43 %
IPv6

6
Domains

7
Subdomains

3
IPs

3
Countries

7 kB
Transfer

28 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://artige.cf/request/0/ed800c/Spisok+stran+po+dobyche+prirodnogo+gaza.pdf HTTP 302
    http://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf HTTP 301
    https://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf Page URL
  2. https://sapsc.site/adc?bt={bt}&sub_id=10&source=artige.cf&q=Spisok+stran+po+dobyche+prirodnogo+gaza Page URL
  3. http://look.udncoeln.com/offer?prod=2&ref=5124823&sub_id=10 HTTP 302
    https://titan.infra.systems/signup?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_id=10&sf=eone&adserver=1.3.7-with-key-update&m=books&sfv=11&lp=555 HTTP 302
    https://studcat.infra.systems/signup?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_id=10&sf=eone&adserver=1.3.7-with-key-update&m=books&sfv=11&lp=555&lid=76da14a0-7110-4124-ac58-c5a66be1532c&lid_hash=4d0f727ea40b8b31261c881c8bae6717 HTTP 302
    https://signup.gamesheaven.net/signup/?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_id=10&sf=eone&adserver=1.3.7-with-key-update&m=books&sfv=11&lp=555&lid=76da14a0-7110-4124-ac58-c5a66be1532c&lid_hash=4d0f727ea40b8b31261c881c8bae6717&session_id=66e0a1ef0affa01f4a582ddd376ad82a&_sign=80a46bb2f008c33d98bb113f8ade7d2a&_signt=1575530862&lng=NL&country=NL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://artige.cf/request/0/ed800c/Spisok+stran+po+dobyche+prirodnogo+gaza.pdf HTTP 302
  • http://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf HTTP 301
  • https://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
getPDF
go.hqmedia.biz/
Redirect Chain
  • https://artige.cf/request/0/ed800c/Spisok+stran+po+dobyche+prirodnogo+gaza.pdf
  • http://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf
  • https://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf
552 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:443a , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.0.32
Resource Hash
21a686ffc4c269d894ee686194348a5f418ed226a3246735a9483e240fe05a2b

Request headers

:method
GET
:authority
go.hqmedia.biz
:scheme
https
:path
/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Thu, 05 Dec 2019 07:26:41 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d0d473b28156e7d55786c86bee75ba12d1575530801; expires=Sat, 04-Jan-20 07:26:41 GMT; path=/; domain=.hqmedia.biz; HttpOnly 15043=%7B%22streams%22%3A%5B1575501976%5D%2C%22campaigns%22%3A%7B%2245%22%3A1575501976%7D%2C%22time%22%3A1575501976%7D; expires=Sun, 05-Jan-2020 07:26:41 GMT; Max-Age=2678400; path=/; domain=.go.hqmedia.biz
vary
Accept-Encoding
x-powered-by
PHP/7.0.32
expires
Thu, 21 Jul 1977 07:30:00 GMT
cache-control
max-age=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
54044b147a7759a6-VIE
content-encoding
br

Redirect headers

Date
Thu, 05 Dec 2019 07:26:41 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Thu, 05 Dec 2019 08:26:41 GMT
Location
https://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
54044b141b5e59c4-VIE
adc
sapsc.site/ 		450 B
704 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sapsc.site/adc?bt={bt}&sub_id=10&source=artige.cf&q=Spisok+stran+po+dobyche+prirodnogo+gaza
Requested by
Host: go.hqmedia.biz
URL: https://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681f:4378 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/7.0.32
Resource Hash
3c48f86be8b476d8747f171258bd5046457800837e058eb762a1609d77cb3352

Request headers

:method
GET
:authority
sapsc.site
:scheme
https
:path
/adc?bt={bt}&sub_id=10&source=artige.cf&q=Spisok+stran+po+dobyche+prirodnogo+gaza
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://go.hqmedia.biz/getPDF?q=Spisok+stran+po+dobyche+prirodnogo+gaza&ad=0&source=artige.cf

Response headers

status
200
date
Thu, 05 Dec 2019 07:26:41 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d7299aca8e30f4f5e3db2b5b686fe2a1c1575530801; expires=Sat, 04-Jan-20 07:26:41 GMT; path=/; domain=.sapsc.site; HttpOnly 15043=%7B%22streams%22%3A%7B%221777%22%3A1575501976%7D%2C%22campaigns%22%3A%7B%2219%22%3A1575501976%7D%2C%22time%22%3A1575501976%7D; expires=Sun, 05-Jan-2020 07:26:41 GMT; Max-Age=2678400; path=/; domain=.sapsc.site
vary
Accept-Encoding
x-powered-by
PHP/7.0.32
expires
Thu, 21 Jul 1977 07:30:00 GMT
cache-control
max-age=0
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
54044b166ba75a06-VIE
content-encoding
br
Primary Request /
signup.gamesheaven.net/signup/
Redirect Chain
  • http://look.udncoeln.com/offer?prod=2&ref=5124823&sub_id=10
  • https://titan.infra.systems/signup?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_id=10&sf=eone&adserver=1.3.7-with-key-update&m=books&sfv=11&lp=555
  • https://studcat.infra.systems/signup?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_id=10&sf=eone&adserver=1.3.7-with-key-update&m=books&sfv=11&lp=555&lid=76da14a0-7110-4124-ac...
  • https://signup.gamesheaven.net/signup/?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_id=10&sf=eone&adserver=1.3.7-with-key-update&m=books&sfv=11&lp=555&lid=76da14a0-7110-4124-...
28 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://signup.gamesheaven.net/signup/?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_id=10&sf=eone&adserver=1.3.7-with-key-update&m=books&sfv=11&lp=555&lid=76da14a0-7110-4124-ac58-c5a66be1532c&lid_hash=4d0f727ea40b8b31261c881c8bae6717&session_id=66e0a1ef0affa01f4a582ddd376ad82a&_sign=80a46bb2f008c33d98bb113f8ade7d2a&_signt=1575530862&lng=NL&country=NL
Requested by
Host: sapsc.site
URL: https://sapsc.site/adc?bt={bt}&sub_id=10&source=artige.cf&q=Spisok+stran+po+dobyche+prirodnogo+gaza
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.102 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-102.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7b82a32be1070a50946b686e501e2d9ac10c456d819e031c043d93b828bcff2

Request headers

:method
GET
:authority
signup.gamesheaven.net
:scheme
https
:path
/signup/?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_id=10&sf=eone&adserver=1.3.7-with-key-update&m=books&sfv=11&lp=555&lid=76da14a0-7110-4124-ac58-c5a66be1532c&lid_hash=4d0f727ea40b8b31261c881c8bae6717&session_id=66e0a1ef0affa01f4a582ddd376ad82a&_sign=80a46bb2f008c33d98bb113f8ade7d2a&_signt=1575530862&lng=NL&country=NL
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html
date
Thu, 05 Dec 2019 07:26:43 GMT
last-modified
Wed, 04 Dec 2019 20:57:13 GMT
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
6C68zAfufGJaZLpilP-jwSbD-3kkXapk_c36coJwhR1VwHuebtXzcw==

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Thu, 05 Dec 2019 07:26:42 GMT
Location
https://signup.gamesheaven.net/signup/?ad_domain=look.udncoeln.com&ad_path=%2Foffer&prod=2&ref=5124823&sub_id=10&sf=eone&adserver=1.3.7-with-key-update&m=books&sfv=11&lp=555&lid=76da14a0-7110-4124-ac58-c5a66be1532c&lid_hash=4d0f727ea40b8b31261c881c8bae6717&session_id=66e0a1ef0affa01f4a582ddd376ad82a&_sign=80a46bb2f008c33d98bb113f8ade7d2a&_signt=1575530862&lng=NL&country=NL
Set-Cookie
p2=s%3A868.WvetZOigfMf%2FsHEoWWZFHL0fy0KjbxkLm%2BDr7Q8lMZ4; Max-Age=86400; Path=/; Expires=Fri, 06 Dec 2019 07:26:42 GMT session_id=s%3A66e0a1ef0affa01f4a582ddd376ad82a.lNeGx0iK9y7hRGBd6uETX9V%2B3Qnd52Bi3hNHIeQxCfE; Max-Age=2592000; Path=/; Expires=Sat, 04 Jan 2020 07:26:42 GMT e2=s%3Anull.Mv0OAVkADWhxZImfXF%2Bbjf%2BDxB74TSnU9q35RKqDjko; Max-Age=86400; Path=/; Expires=Fri, 06 Dec 2019 07:26:42 GMT
Vary
Accept
Content-Length
922
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| include undefined| default_home undefined| default_signup undefined| default_lander undefined| flows undefined| getQueryVariable function| getSubdomain undefined| isStepZero undefined| isDev undefined| getLocation undefined| getHeaderLanguages undefined| isNumeric undefined| isNaaN undefined| getTrafficType function| determineFlow undefined| sendGraphiteExpIncrement undefined| checkExperiment undefined| getLang undefined| getParams undefined| getSignature undefined| getFlow undefined| generateGuid undefined| getSessionID undefined| setCookies undefined| setTrackCookie undefined| redirectToHome undefined| domReady

0 Cookies