urlscan.io logo urlscan.io
SecurityTrails logo

ekainfratech.com Open in urlscan Pro
18.215.128.143  Public Scan

Go To Rescan Add Verdict Report
URL: http://ekainfratech.com/hairy/fiest-time-sex-postion.php
Submission: On December 18 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 9 HTTP transactions. The main IP is 18.215.128.143, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is ekainfratech.com.
This is the only time ekainfratech.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 18.215.128.143 14618 (AMAZON-AES)
1 52.4.209.250 14618 (AMAZON-AES)
3 91.195.240.136 47846 (SEDO-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 5
2    18.215.128.143 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-215-128-143.compute-1.amazonaws.com
ekainfratech.com
1    52.4.209.250 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-4-209-250.compute-1.amazonaws.com
parkcloud.dynadot.com
3    91.195.240.136 (Germany)

ASN47846 (SEDO-AS, DE)
sedoparking.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
Domain Requested by
3 sedoparking.com ekainfratech.com
sedoparking.com
2 www.google.com pagead2.googlesyndication.com
2 ekainfratech.com ekainfratech.com
1 pagead2.googlesyndication.com sedoparking.com
1 parkcloud.dynadot.com ekainfratech.com
9 5

This site contains links to these domains. Also see Links.

Domain
www.dynadot.com
Subject Issuer Validity Valid
www.google.com
GTS CA 1O1		 2019-11-13 -
2020-02-05		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://ekainfratech.com/hairy/fiest-time-sex-postion.php
Frame ID: 90F7A1514C227F172C9FBC240AEFA41B
Requests: 7 HTTP requests in this frame

Frame: http://sedoparking.com/search/registrar.php?domain=ekainfratech.com&rpv=2&registrar=dynadotparking&gst=3B1gzQzKG_vjniT6wvTMDQXyvNwa0mkUYajIrX-VHz_b-_js_5oyIf__osFs4pnmY3I19lrrXhj2yqoZwPJAMAqCxXLRhSALjA&ref=
Frame ID: E6D86E3D7FB06A678A9E8890474DE15D
Requests: 1 HTTP requests in this frame

Frame: http://sedoparking.com/search/registrar.php?domain=ekainfratech.com&rpv=2&registrar=dynadotparking&gst=3B1g6He5XsGw1UHbwvTMYDz9vNwa0mkUq6_IrX-ImzSn-_jskqM9If__osFsKJ7mY3IoclGXXhj2yqoZwPJAMAqCxXLRhSALjA&ref=
Frame ID: CA1EB00D6A4D38B163A99AB83A93855E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

9
Requests

22 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

9 kB
Transfer

12 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fiest-time-sex-postion.php
ekainfratech.com/hairy/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ekainfratech.com/hairy/fiest-time-sex-postion.php
Protocol
HTTP/1.1
Server
18.215.128.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-215-128-143.compute-1.amazonaws.com
Software
/
Resource Hash
91f5b160ca036f75cff6d866dc3f1d7a1b8b19e9c04fd14cbffe6c602d99fcfe
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Host
ekainfratech.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 4:25:15 GMT
Connection
Keep-Alive
Content-Length
2263
Cache-Control
private, no-cache, no-store, max-age=0
Expires
Mon, 01 Jan 1990 0:00:00 GMT
X-Frame-Options
DENY
logo.gif
parkcloud.dynadot.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://parkcloud.dynadot.com/logo.gif
Requested by
Host: ekainfratech.com
URL: http://ekainfratech.com/hairy/fiest-time-sex-postion.php
Protocol
HTTP/1.1
Server
52.4.209.250 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-209-250.compute-1.amazonaws.com
Software
/
Resource Hash
3b56614b775c28abcdc1e67ae729016a8d7809b938d7ec2c45528efec395b359

Request headers

Referer
http://ekainfratech.com/hairy/fiest-time-sex-postion.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 4:25:17 GMT
Cache-Control
max-age=1209600
Expires
Wed, 01 Jan 2020 4:25:18 GMT
Connection
Keep-Alive
ETag
1576227471989
Content-Length
2127
Content-Type
image/gif
hp_script.js
ekainfratech.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ekainfratech.com/hp_script.js
Requested by
Host: ekainfratech.com
URL: http://ekainfratech.com/hairy/fiest-time-sex-postion.php
Protocol
HTTP/1.1
Server
18.215.128.143 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-215-128-143.compute-1.amazonaws.com
Software
/
Resource Hash
91f5b160ca036f75cff6d866dc3f1d7a1b8b19e9c04fd14cbffe6c602d99fcfe
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
http://ekainfratech.com/hairy/fiest-time-sex-postion.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 18 Dec 2019 4:25:15 GMT
Content-Encoding
gzip
Cache-Control
private, no-cache, no-store, max-age=0
Content-Length
1017
X-Frame-Options
DENY
Connection
Keep-Alive
Expires
Mon, 01 Jan 1990 0:00:00 GMT
park.js
sedoparking.com/frmpark/ekainfratech.com/dynadotparking/ 		2 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
http://sedoparking.com/frmpark/ekainfratech.com/dynadotparking/park.js
Requested by
Host: ekainfratech.com
URL: http://ekainfratech.com/hairy/fiest-time-sex-postion.php
Protocol
HTTP/1.1
Server
91.195.240.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX /
Resource Hash
39800b4e222b6e277f3a4b85b031da18f582059bb3def45dff74d8f53905073e

Request headers

Referer
http://ekainfratech.com/hairy/fiest-time-sex-postion.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 18 Dec 2019 04:25:18 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
X-Cache-Miss-From
parking-84749d794d-tqvf8
Server
NginX
Vary
Accept-Encoding
Content-Type
application/javascript
show_afd_ads.js
pagead2.googlesyndication.com/apps/domainpark/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js
Requested by
Host: sedoparking.com
URL: http://sedoparking.com/frmpark/ekainfratech.com/dynadotparking/park.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3f429026e58a965251615df5006f78bc03765ebec2a0988fa6c999fbabfd1389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ekainfratech.com/hairy/fiest-time-sex-postion.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 18 Dec 2019 04:25:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"6763252813967010736"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Accept-Ranges
bytes
Content-Length
1415
X-XSS-Protection
0
Expires
Wed, 18 Dec 2019 04:25:18 GMT
ads
www.google.com/dp/ 		118 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/dp/ads?output=afd_ads&client=dp-sedo89_3ph&domain_name=ekainfratech.com&afdt=create&swp=as-drid-2414247216425056&dt=1576643118833&u_tz=60&u_his=2&u_h=1200&u_w=1600&frm=0
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
gws /
Resource Hash
c50eec144159bd5717373bab77c2e8e4005dce9665511121f844552053ebcf77
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ekainfratech.com/hairy/fiest-time-sex-postion.php
Origin
http://ekainfratech.com

Response headers

date
Wed, 18 Dec 2019 04:25:18 GMT
content-encoding
br
server
gws
status
200
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
*
cache-control
private, max-age=3600
content-disposition
inline
content-type
application/json; charset=ISO-8859-1
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
109
x-xss-protection
0
expires
Wed, 18 Dec 2019 04:25:18 GMT
ads
www.google.com/dp/ 		118 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/dp/ads?output=afd_ads&client=dp-sedo89_3ph&domain_name=ekainfratech.com&afdt=create&swp=as-drid-2414247216425056&dt=1576643118864&u_tz=60&u_his=2&u_h=1200&u_w=1600&frm=0
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
gws /
Resource Hash
5ff1efb9a1b0f95e5d4d3fb66761838f4a24b3308f6e6a77a50ddd636c7b1013
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ekainfratech.com/hairy/fiest-time-sex-postion.php
Origin
http://ekainfratech.com

Response headers

date
Wed, 18 Dec 2019 04:25:18 GMT
content-encoding
br
server
gws
status
200
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
*
cache-control
private, max-age=3600
content-disposition
inline
content-type
application/json; charset=ISO-8859-1
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
108
x-xss-protection
0
expires
Wed, 18 Dec 2019 04:25:18 GMT
Cookie set registrar.php
sedoparking.com/search/ Frame E6D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://sedoparking.com/search/registrar.php?domain=ekainfratech.com&rpv=2&registrar=dynadotparking&gst=3B1gzQzKG_vjniT6wvTMDQXyvNwa0mkUYajIrX-VHz_b-_js_5oyIf__osFs4pnmY3I19lrrXhj2yqoZwPJAMAqCxXLRhSALjA&ref=
Requested by
Host: sedoparking.com
URL: http://sedoparking.com/frmpark/ekainfratech.com/dynadotparking/park.js
Protocol
HTTP/1.1
Server
91.195.240.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX /
Resource Hash

Request headers

Host
sedoparking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ekainfratech.com/hairy/fiest-time-sex-postion.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ekainfratech.com/hairy/fiest-time-sex-postion.php

Response headers

Date
Wed, 18 Dec 2019 04:25:18 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_S+lNC+wVEaMIP4W/fT8Wi0G+dmEL0GBKx6AQZr3/abgGwD1uzds34c55PGPqmyv0Jg36qkltClTvV8nKNggejw==
Set-Cookie
tu=f273b81125cab2abb139ec42478b171f; expires=Tue, 31-Dec-2019 23:00:00 GMT; Max-Age=1190082; path=/; domain=ekainfratech.com; HttpOnly
Last-Modified
Wed, 18 Dec 2019 04:25:18 GMT
X-Cache-Miss-From
parking-84749d794d-k6rgw
Server
NginX
Content-Encoding
gzip
Cookie set registrar.php
sedoparking.com/search/ Frame CA1E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://sedoparking.com/search/registrar.php?domain=ekainfratech.com&rpv=2&registrar=dynadotparking&gst=3B1g6He5XsGw1UHbwvTMYDz9vNwa0mkUq6_IrX-ImzSn-_jskqM9If__osFsKJ7mY3IoclGXXhj2yqoZwPJAMAqCxXLRhSALjA&ref=
Requested by
Host: sedoparking.com
URL: http://sedoparking.com/frmpark/ekainfratech.com/dynadotparking/park.js
Protocol
HTTP/1.1
Server
91.195.240.136 , Germany, ASN47846 (SEDO-AS, DE),
Reverse DNS
Software
NginX /
Resource Hash

Request headers

Host
sedoparking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ekainfratech.com/hairy/fiest-time-sex-postion.php
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ekainfratech.com/hairy/fiest-time-sex-postion.php

Response headers

Date
Wed, 18 Dec 2019 04:25:19 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_kB5+g9kuuzlkjOJ29ZioQpOc9PiGwjbUR4b0/wP4ZYjuotw73wMxBahI9y/9FJl9BTv/Jre6nJDsWIos+L2yuQ==
Set-Cookie
tu=a48af3e616b44fe7703573e72bb849d3; expires=Tue, 31-Dec-2019 23:00:00 GMT; Max-Age=1190082; path=/; domain=ekainfratech.com; HttpOnly
Last-Modified
Wed, 18 Dec 2019 04:25:18 GMT
X-Cache-Miss-From
parking-84749d794d-tqvf8
Server
NginX
Content-Encoding
gzip

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_afd_request object| setup function| google_afd_ad_request_done function| loadContentFrame number| googleNDT_ string| _googCsaExpIds number| _googCsaAlwaysHttps number| _googEnableCcpa number| googleAltLoader

2 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 193=UcHQDt--Ttej5D_dy9P-e7x-5ju5sBNtVA_hhqe1sHszEL0I90BqBZ2g4u2JTenoZcZv4RWgPPoEpTAYjahKl6GMB9bZvsCey8QWDX1h9AmQkd6rMwBPw651Tw6kvZTRK5OhZhNfviVbUIovZE1vT_A4OwWg_Bah1aMTTdHQ00c
.google.com/ Name: 1P_JAR
Value: 2019-12-18-04

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY