urlscan.io logo urlscan.io
SecurityTrails logo

mrds2.ink Open in urlscan Pro
172.67.143.252  Public Scan

Go To Rescan Add Verdict Report
URL: https://mrds2.ink/
Submission: On June 11 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 9 HTTP transactions. The main IP is 172.67.143.252, located in United States and belongs to CLOUDFLARENET, US. The main domain is mrds2.ink.
TLS certificate: Issued by GTS CA 1P5 on April 25th 2024. Valid for: 3 months.
This is the only time mrds2.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 172.67.143.252 13335 (CLOUDFLAR...)
3 2600:9000:26a... 16509 (AMAZON-02)
1 2600:9000:26a... 16509 (AMAZON-02)
9 4
Domain Requested by
5 mrds2.ink mrds2.ink
1 h4ddz4.ztaaa.net
1 h4ddz3.ztaaa.net
1 h4ddz2.ztaaa.net
1 h4ddz1.ztaaa.net
9 5

This site contains links to these domains. Also see Links.

Domain
h4ddz2.ztaaa.net
h4ddz4.ztaaa.net
h4ddz1.ztaaa.net
h4ddz3.ztaaa.net
www.mrds66.com
Subject Issuer Validity Valid
mrds2.ink
GTS CA 1P5		 2024-04-25 -
2024-07-24		 3 months crt.sh
*.ztaaa.net
Amazon RSA 2048 M02		 2024-06-10 -
2025-07-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mrds2.ink/
Frame ID: DF8C4795BD028827AFBF489B4895C20B
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

每日大赛官方网站

Page Statistics

9
Requests

100 %
HTTPS

67 %
IPv6

2
Domains

5
Subdomains

4
IPs

1
Countries

34 kB
Transfer

59 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mrds2.ink/ 		42 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mrds2.ink/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bff2a4dfbc10ad3fce6dcf05dd2ce54b9a434deffea1f53fc7c359d8a9d61335

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
891f646dc91e18e9-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 11 Jun 2024 06:02:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FkxvUDjz3zQomrcztURG%2Bu0fvIttSe1Cp4E9anoLU8654kdWS2n5Q%2BfIfUq%2B0JBcaG%2BQTJ%2BJjwxDnt6HG%2FUSmXF%2F7q83%2FLDzUfJxBLiVNBB%2F45ihKf6X3C0MvCI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Vx.js
mrds2.ink/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mrds2.ink/js/Vx.js?t=v8
Requested by
Host: mrds2.ink
URL: https://mrds2.ink/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99327a2006fb63b91e8ada062cc929cc9c8c231cd0fb9df22bbff8989f517323

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mrds2.ink/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 06:02:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 26 Jan 2024 08:13:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b36999-126f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EtLTgsfmoE%2F6mDc2lRE2tQWOYeypXHPfuIPEVPQOJTHEqaeemkjKvCfnTvg%2FCwZ4B7oP%2BhsqOEUdwzPxzZhS9%2FrHBEma5iU9mq%2FTnJO3eWXsJl%2FnU3Dh5eiFPz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
891f6472beda18e9-FRA
alt-svc
h3=":443"; ma=86400
logo.png
mrds2.ink/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrds2.ink/images/logo.png
Requested by
Host: mrds2.ink
URL: https://mrds2.ink/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5450a76dabcd05b1fdfceca33ffda523d0942be34219f75f51b64df932b2b699

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mrds2.ink/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 06:02:28 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 26 Jan 2024 12:09:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65b3a0f1-1467"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4PneVQ8j1tO0c%2F1xaaJc63%2BA4NDuphuAYksbjDj5IbYrr2PeBrixhJ%2B4gOty6eXr53uSmAWpc0b%2FvlD40vhMhBN93B7vzzXS14dF6gXdTwouOOJtdRgO9DdNS7A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
891f6472bedb18e9-FRA
alt-svc
h3=":443"; ma=86400
content-length
5223
ping.gif
h4ddz1.ztaaa.net/usr/themes/ 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h4ddz1.ztaaa.net/usr/themes/ping.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a2:6a00:1e:eb83:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mrds2.ink/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 06:02:28 GMT
via
1.1 4b3ad6ebf2d90527fa9bc9d7037470d0.cloudfront.net (CloudFront)
last-modified
Fri, 26 Jan 2024 08:13:13 GMT
server
nginx/1.22.1
x-amz-cf-pop
BUD50-P2
etag
"65b36999-2b"
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
43
x-amz-cf-id
a-4GYeYwP_FrNho7z6aoqBUCq_zuw3DZ49iA6qAUViB0JNlOlvWSAg==
ping.gif
h4ddz2.ztaaa.net/usr/themes/ 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h4ddz2.ztaaa.net/usr/themes/ping.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a2:b400:1e:eb83:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mrds2.ink/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 06:02:28 GMT
via
1.1 b68be97db09b630bb2dc6faf3524b228.cloudfront.net (CloudFront)
last-modified
Fri, 26 Jan 2024 08:13:13 GMT
server
nginx/1.22.1
x-amz-cf-pop
BUD50-P2
etag
"65b36999-2b"
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
43
x-amz-cf-id
SAOXJvUmEsZhHHfECxHrJmmnlgLC7ukqhbi-UBUry6Ip6ssaynqPkQ==
favicon.ico
mrds2.ink/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mrds2.ink/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f6db322fd42b4c307464f4657b5351bf6e87b2ac49007453a32c4f42b9b8d85

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mrds2.ink/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 06:02:28 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 26 Jan 2024 08:20:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b36b5f-10be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=usaz3os8ivBPpAosbQjGrtIpm4EPvMbWCkHYiNo8JX8MeC%2BsiFEGWrFcUBl7jJWKwlSIlAzPMuWbJDngUe%2BIKxGNNav1%2F4Tzd%2BRLHhq7FXuymERE9M5br%2BjwQcg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
891f64761b1d18e9-FRA
alt-svc
h3=":443"; ma=86400
ping.gif
h4ddz3.ztaaa.net/usr/themes/ 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h4ddz3.ztaaa.net/usr/themes/ping.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a2:6a00:1e:eb83:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mrds2.ink/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 06:02:28 GMT
via
1.1 4b3ad6ebf2d90527fa9bc9d7037470d0.cloudfront.net (CloudFront)
last-modified
Fri, 26 Jan 2024 08:13:13 GMT
server
nginx/1.22.1
x-amz-cf-pop
BUD50-P2
etag
"65b36999-2b"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
43
x-amz-cf-id
P-bOFZeUBRlYsjTd4coNgsTRxlEkO0DyBw4fk1GakkYC9gSW8xVHqQ==
ping.gif
h4ddz4.ztaaa.net/usr/themes/ 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h4ddz4.ztaaa.net/usr/themes/ping.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26a2:6a00:1e:eb83:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mrds2.ink/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 06:02:28 GMT
via
1.1 4b3ad6ebf2d90527fa9bc9d7037470d0.cloudfront.net (CloudFront)
last-modified
Fri, 26 Jan 2024 08:13:13 GMT
server
nginx/1.22.1
x-amz-cf-pop
BUD50-P2
etag
"65b36999-2b"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
43
x-amz-cf-id
SdJ_mOnjTK3nkO91vH_cmpIVMoRFYANa6O7aDZMnF0HvM0Meffs6sQ==
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc17e8b0de191ca6dbfa695f831ad23bc7f4fd87b351d975680e05b4de5fbd07

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
logx.php
mrds2.ink/ 		43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mrds2.ink/logx.php?t=json&u=W3sidCI6InN1Y2Nlc3MiLCJ1IjoiaHR0cHM6Ly9oNGRkejIuenRhYWEubmV0In0seyJ0Ijoic3VjY2VzcyIsInUiOiJodHRwczovL2g0ZGR6NC56dGFhYS5uZXQifSx7InQiOiJzdWNjZXNzIiwidSI6Imh0dHBzOi8vaDRkZHoxLnp0YWFhLm5ldCJ9LHsidCI6InN1Y2Nlc3MiLCJ1IjoiaHR0cHM6Ly9oNGRkejMuenRhYWEubmV0In1d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.252 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://mrds2.ink/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 06:02:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q3pwZJalP8D9%2F3tS7ViYek9IsjJCLhEGh7w%2BAQC4shG9270gb%2BwQdLJIv2y2zjg%2BYSGO9rkaXhCJGGbxhLqNIGqShwDeGAUMq4Lvfwuhh4ccMnYnimSYheqEBUo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
891f647c4a5a18e9-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Base64 function| Process object| Vx number| baseTime object| lineAry object| backupLine object| words function| aff_code object| __htmlMap object| __matchMap

0 Cookies