adhits4u.info - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 6 HTTP transactions. The main IP is 107.180.51.32, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is adhits4u.info.

This is the only time adhits4u.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	107.180.51.32 107.180.51.32	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	208.91.197.27 208.91.197.27	40034 (CONFLUENC...) (CONFLUENCE-NETWORK-INC)
1	162.0.235.241 162.0.235.241	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	162.0.235.250 162.0.235.250	22612 (NAMECHEAP...) (NAMECHEAP-NET)
6	4

2 107.180.51.32 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-51-32.ip.secureserver.net

adhits4u.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.91.197.27 (Virgin Islands (British))

ASN40034 (CONFLUENCE-NETWORK-INC, VG)

1tae.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.0.235.241 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium160-1.web-hosting.com

ayelads.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.0.235.250 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium161-4.web-hosting.com

ayelads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	ayelads.com ayelads.com	133 KB
2	adhits4u.info adhits4u.info	207 KB
1	ayelads.xyz ayelads.xyz	1 KB
1	1tae.com 1tae.com
6	4

	Domain	Requested by
2	ayelads.com	ayelads.xyz
2	adhits4u.info	adhits4u.info
1	ayelads.xyz	adhits4u.info
1	1tae.com	adhits4u.info
6	4

This site contains no links.

Subject Issuer	Validity	Valid
1tae.com R3	`2021-03-30` - `2021-06-28`	3 months	crt.sh
ayelads.xyz Sectigo RSA Domain Validation Secure Server CA	`2021-03-08` - `2022-03-08`	a year	crt.sh
ayelads.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-23` - `2021-12-23`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://adhits4u.info/splashpage.php?splashid=7&rid=1475
Frame ID: 1B18ABBD25CA304A7CB29D391AA88EDE
Requests: 3 HTTP requests in this frame

Frame: https://ayelads.xyz/display/items.php?ad=7am5dus&s=1
Frame ID: 0871D95B8B49571F5D3967180EBD7FFC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

6
Requests

67 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

342 kB
Transfer

341 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request splashpage.php Show response adhits4u.info/	735 B 698 B	232ms 210ms	Document text/html	107.180.51.32 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL http://adhits4u.info/splashpage.php?splashid=7&rid=1475 Protocol HTTP/1.1 Server 107.180.51.32 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-51-32.ip.secureserver.net Software Apache / PHP/5.6.40 Resource Hash `87fd2c252a2d6a0bdef5b3dee26d5988048d26da65e39d7022b8d372d35f76e1` Request headers Host adhits4u.info Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Response headers Date Sun, 18 Apr 2021 09:05:59 GMT Server Apache X-Powered-By PHP/5.6.40 Upgrade h2,h2c Connection Upgrade, Keep-Alive Vary Accept-Encoding,User-Agent Content-Encoding gzip Content-Length 408 Keep-Alive timeout=5 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	fuglybanners.png adhits4u.info/	207 KB 207 KB	96ms 95ms	Image image/png	107.180.51.32 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Show image Full URL http://adhits4u.info/fuglybanners.png Requested by Host: adhits4u.info URL: http://adhits4u.info/splashpage.php?splashid=7&rid=1475 Protocol HTTP/1.1 Server 107.180.51.32 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-51-32.ip.secureserver.net Software Apache / Resource Hash `00d570f44c73315cf0559a86e902f5f32032731999890a4cd90a0acd48b775ca` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host adhits4u.info Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 Referer* http://adhits4u.info/splashpage.php?splashid=7&rid=1475 Connection keep-alive Cache-Control no-cache Referer http://adhits4u.info/splashpage.php?splashid=7&rid=1475 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Response headers Date Sun, 18 Apr 2021 09:05:59 GMT Last-Modified Sun, 07 Aug 2016 21:06:59 GMT Server Apache ETag "c0a070f-33a25-53981ae2ab61b" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5 Content-Length 211493
GET H/1.1	200 OK	dbar.php Show response 1tae.com/	0 0	653ms 244ms	Script text/html	208.91.197.27 CONFLUENCE-NETWOR...
General Check archive.org Show headers Download Go to Full URL https://1tae.com/dbar.php?u=tguile Requested by Host: adhits4u.info URL: http://adhits4u.info/splashpage.php?splashid=7&rid=1475 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.91.197.27 , Virgin Islands (British), ASN40034 (CONFLUENCE-NETWORK-INC, VG), Reverse DNS Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://adhits4u.info/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Response headers
GET H2	200	items.php Show response ayelads.xyz/display/ Frame 0871	857 B 1 KB	476ms 167ms	Document text/html	162.0.235.241 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://ayelads.xyz/display/items.php?ad=7am5dus&s=1 Requested by Host: adhits4u.info URL: http://adhits4u.info/splashpage.php?splashid=7&rid=1475 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.241 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium160-1.web-hosting.com Software LiteSpeed / PHP/7.2.34 Resource Hash `4a0d161091d842c3d29e95773d7b1fcd679b9b991d20a415f8fa7fb36064a51d` Request headers :method GET :authority ayelads.xyz :scheme https :path /display/items.php?ad=7am5dus&s=1 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://adhits4u.info/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Referer http://adhits4u.info/ Response headers x-powered-by PHP/7.2.34 set-cookie PHPSESSID=f5c68e6643830d2898580c9925972b37; path=/; secure AYID=%7B%22sec_to_refresh%22%3A5%2C%22time_ads%22%3A1618736759%2C%22ads_viewed%22%3A%5B%5D%7D; expires=Sun, 18-Apr-2021 10:05:59 GMT; Max-Age=3600; path=/; SameSite=None; Secure 7am5dus=%7B%22dataTag%22%3A%7B%22username%22%3A%22tguile%22%2C%22site%22%3A%222531%22%2C%22domain%22%3A%22adhits4u.info%22%2C%22startG%22%3A%220%22%2C%22tag%22%3A%227am5dus%22%2C%22status%22%3A%22Active%22%2C%22country%22%3A%22PT%22%2C%22device%22%3A%22Desktop%22%2C%22category%22%3A%2234%22%2C%22size%22%3A%22728x90%22%2C%22banners%22%3A%7B%22rt%22%3A%5B1%2C2%2C3%2C4%5D%2C%22id%22%3A%5B%221516%22%2C%221420%22%2C%221493%22%2C%221511%22%5D%7D%2C%22tRotate%22%3A4%2C%22referral%22%3A%5Bnull%2Cnull%5D%7D%7D; expires=Sun, 18-Apr-2021 10:05:59 GMT; Max-Age=3600; path=/; SameSite=None; Secure expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache content-type text/html; charset=UTF-8 content-length 423 content-encoding br vary Accept-Encoding date Sun, 18 Apr 2021 09:05:59 GMT server LiteSpeed x-turbo-charged-by LiteSpeed
GET H2	200	logo_ad1.png ayelads.com/page/image/ Frame 0871	503 B 624 B	467ms 158ms	Image image/png	162.0.235.250 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ayelads.com/page/image/logo_ad1.png Requested by Host: ayelads.xyz URL: https://ayelads.xyz/display/items.php?ad=7am5dus&s=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.250 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium161-4.web-hosting.com Software Apache / Resource Hash `997d968621d97121b423e07a7188084805214b3d2a874d576cc5b795686dac7d` Request headers Referer https://ayelads.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Response headers date Sun, 18 Apr 2021 09:06:00 GMT last-modified Fri, 27 Nov 2020 10:25:31 GMT server Apache accept-ranges bytes content-length 503 content-type image/png
GET H2	200	ad1.gif ayelads.com/res/files/images/ Frame 0871	132 KB 132 KB	607ms 298ms	Image image/gif	162.0.235.250 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ayelads.com/res/files/images/ad1.gif Requested by Host: ayelads.xyz URL: https://ayelads.xyz/display/items.php?ad=7am5dus&s=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.235.250 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium161-4.web-hosting.com Software Apache / Resource Hash `657bdbb09a4fed3eac02a1f12fb45d9d1b49017864a8db5d6faf4b34239393c0` Request headers Referer https://ayelads.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Response headers date Sun, 18 Apr 2021 09:06:00 GMT last-modified Wed, 06 Jan 2021 17:50:48 GMT server Apache accept-ranges bytes content-length 135367 content-type image/gif

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ayelads.xyz/	1970-01-19 17:39:00	Name: 7am5dus Value: %7B%22dataTag%22%3A%7B%22username%22%3A%22tguile%22%2C%22site%22%3A%222531%22%2C%22domain%22%3A%22adhits4u.info%22%2C%22startG%22%3A%220%22%2C%22tag%22%3A%227am5dus%22%2C%22status%22%3A%22Active%22%2C%22country%22%3A%22PT%22%2C%22device%22%3A%22Desktop%22%2C%22category%22%3A%2234%22%2C%22size%22%3A%22728x90%22%2C%22banners%22%3A%7B%22rt%22%3A%5B1%2C2%2C3%2C4%5D%2C%22id%22%3A%5B%221516%22%2C%221420%22%2C%221493%22%2C%221511%22%5D%7D%2C%22tRotate%22%3A4%2C%22referral%22%3A%5Bnull%2Cnull%5D%7D%7D
			ayelads.xyz/	1970-01-19 17:39:00	Name: AYID Value: %7B%22sec_to_refresh%22%3A5%2C%22time_ads%22%3A1618736759%2C%22ads_viewed%22%3A%5B%5D%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1tae.com
adhits4u.info
ayelads.com
ayelads.xyz
107.180.51.32
162.0.235.241
162.0.235.250
208.91.197.27
00d570f44c73315cf0559a86e902f5f32032731999890a4cd90a0acd48b775ca
4a0d161091d842c3d29e95773d7b1fcd679b9b991d20a415f8fa7fb36064a51d
657bdbb09a4fed3eac02a1f12fb45d9d1b49017864a8db5d6faf4b34239393c0
87fd2c252a2d6a0bdef5b3dee26d5988048d26da65e39d7022b8d372d35f76e1
997d968621d97121b423e07a7188084805214b3d2a874d576cc5b795686dac7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

adhits4u.info Open in urlscan Pro 107.180.51.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

6 Requests

67 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

342 kBTransfer

341 kBSize

2 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

2 Cookies

Indicators

adhits4u.info Open in urlscan Pro
107.180.51.32 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

67 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

342 kB
Transfer

341 kB
Size

2
Cookies

6 HTTP transactions
0 data transactions