gdanstum.net Open in urlscan Pro
2606:4700:e2::ac40:821e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://queuecosm.bid/-81198TYSM/1MNYP?rndad=585986417-1594731677
Effective URL:
http://gdanstum.net/not-found.php
Submission Tags: 6675990
Submission: On July 14 via api (July 14th 2020, 7:16:30 pm UTC) from NL

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 9 domains to perform 13 HTTP transactions. The main IP is 2606:4700:e2::ac40:821e, located in United States and belongs to CLOUDFLARENET, US. The main domain is gdanstum.net.

This is the only time gdanstum.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::ac43:bb56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700:e2:... 2606:4700:e2::ac40:821e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::6819:6177	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.101.19 143.204.101.19	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:c26b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3034::6812:3647	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.222.174.81 52.222.174.81	16509 (AMAZON-02) (AMAZON-02)
1	35.190.71.96 35.190.71.96	15169 (GOOGLE) (GOOGLE)
1	52.222.174.47 52.222.174.47	16509 (AMAZON-02) (AMAZON-02)
13	9

1 2606:4700:3037::ac43:bb56 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

queuecosm.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:821e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gdanstum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::6819:6177 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.ay.gy	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.19 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-19.fra50.r.cloudfront.net

d1nmxiiewlx627.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:c26b (United States)

ASN13335 (CLOUDFLARENET, US)

fbcdn2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6812:3647 (United States)

ASN13335 (CLOUDFLARENET, US)

ufpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.174.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-81.fra54.r.cloudfront.net

whitective.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.71.96 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 96.71.190.35.bc.googleusercontent.com

onclickgenius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.174.47 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-47.fra54.r.cloudfront.net

anothingerg.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	whitective.club whitective.club	3 KB
3	ay.gy cdn.ay.gy	20 KB
2	fbcdn2.com fbcdn2.com	21 KB
2	gdanstum.net 1 redirects gdanstum.net	4 KB
1	anothingerg.club anothingerg.club	499 B
1	onclickgenius.com onclickgenius.com	132 B
1	ufpcdn.com ufpcdn.com
1	cloudfront.net d1nmxiiewlx627.cloudfront.net	35 KB
1	queuecosm.bid 1 redirects queuecosm.bid	777 B
13	9

	Domain	Requested by
3	whitective.club	d1nmxiiewlx627.cloudfront.net
3	cdn.ay.gy	gdanstum.net
2	fbcdn2.com	gdanstum.net
2	gdanstum.net	1 redirects
1	anothingerg.club	gdanstum.net
1	onclickgenius.com	gdanstum.net
1	ufpcdn.com	gdanstum.net
1	d1nmxiiewlx627.cloudfront.net	gdanstum.net
1	queuecosm.bid	1 redirects
13	9

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-19` - `2020-10-09`	7 months	crt.sh
whitective.club Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://gdanstum.net/not-found.php
Frame ID: AF74A2C9C5D1A85E36A82894096970C3
Requests: 11 HTTP requests in this frame

Frame: http://ufpcdn.com/script/identify.html?frmt=0
Frame ID: 972CF69756C8B3E4B885A492CB22F571
Requests: 1 HTTP requests in this frame

Frame: http://whitective.club/MldDdnVTNSAbSlNqIVAAQDt+U0d0cnEwEQM5Lg4cWzI0Gg0EZXRYFl44NhITQDgtAltcMjdTR3QCDURAdAIuQyBzBDBGIGcaCz8iCw0BRxEDDXIRJ3ATGk80dzMXPTZrHAEaHkoSASQBZRMGFD9KEiImD2gDASMSQho0NCRnZQ5FNHQFFxI9YwcWAQ0GDSgeMXo+LEMgAmcOPDFdGhYRMFgeJDMndS4RADQDMBY6MQYUFR0BAREFBS9qOgERLVpvBzwxdx8UJBpDHhIvJmoGJ0UtczQLPQxrGxRGAQEOJDgidgABES1eMCcvMnAyF0YBAQ4vTj1/D24kGH8GCT4sdRUmIB0GZhMRAXMUOhVAcGcNOhFKBSE0M14lGiASYQ8LIENwAXsXPnZiDzQmAzAaMEBQFTpCRmEgFRM8WDQNLjR0JCdHAnoTEEYScwEsOix1FiwyRAMlGh00dg9wIB1jFgUQLHUVJiQ0Cj0ODg1XBHAVIGUgESwUABEaMydGYw0aRXcPECdFagZ3OxN2DRkgI0EwDQEdZgEqNB9lBhEXPwAaCCNERT8NAQIUPTAZG0JqLgIRA2A3NA9oYTc/PA
Frame ID: 679DEEC362BFA01D7F6BC87366B6D06B
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: BEB4F111230D9661B8957425B8469533
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://queuecosm.bid/-81198TYSM/1MNYP?rndad=585986417-1594731677 HTTP 301
http://gdanstum.net/-36438EOJU/-81198TYSM?rndad=2a014f8121131a2-1594754168 HTTP 302
http://gdanstum.net/not-found.php Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

13
Requests

38 %
HTTPS

56 %
IPv6

9
Domains

9
Subdomains

9
IPs

1
Countries

83 kB
Transfer

192 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://queuecosm.bid/-81198TYSM/1MNYP?rndad=585986417-1594731677 HTTP 301
http://gdanstum.net/-36438EOJU/-81198TYSM?rndad=2a014f8121131a2-1594754168 HTTP 302
http://gdanstum.net/not-found.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	404 Not Found	Primary Request not-found.php Show response gdanstum.net/ Redirect Chain http://queuecosm.bid/-81198TYSM/1MNYP?rndad=585986417-1594731677 http://gdanstum.net/-36438EOJU/-81198TYSM?rndad=2a014f8121131a2-1594754168 http://gdanstum.net/not-found.php	8 KB 3 KB	252ms 251ms	Document text/html	2606:4700:e2::ac40:821e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://gdanstum.net/not-found.php Protocol HTTP/1.1 Server 2606:4700:e2::ac40:821e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.19 Resource Hash `abbadaeaa30d4e0f0b83e67dc670d3456c3a4e55816225142f30de9e4a1d4c51` Request headers Host gdanstum.net Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Cookie __cfduid=da2a4e6ad0fe4a9f546806ecfb360d6cf1594754168; FLYSESSID=q72ci02bcvvci7h8vo8r181qkt Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:16:09 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive X-Powered-By PHP/7.3.19 Vary Accept-Encoding X-Turbo-Charged-By LiteSpeed CF-Cache-Status DYNAMIC cf-request-id 03f05a90ae000005d841268200000001 Server cloudflare CF-RAY 5b2d93944df705d8-FRA Content-Encoding gzip Redirect headers Date Tue, 14 Jul 2020 19:16:08 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=da2a4e6ad0fe4a9f546806ecfb360d6cf1594754168; expires=Thu, 13-Aug-20 19:16:08 GMT; path=/; domain=.gdanstum.net; HttpOnly; SameSite=Lax FLYSESSID=q72ci02bcvvci7h8vo8r181qkt; path=/; HttpOnly; SameSite=None Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-cache, no-store, must-revalidate, max-age=0 Pragma no-cache X-Powered-By adfly Location /not-found.php X-Turbo-Charged-By LiteSpeed CF-Cache-Status DYNAMIC cf-request-id 03f05a8fb9000005d84124c200000001 Server cloudflare CF-RAY 5b2d9392c8d505d8-FRA
GET H2	200	static.css cdn.ay.gy/static/css/	420 B 657 B	58ms 13ms	Stylesheet text/css	2606:4700:20::6819:6177 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.ay.gy/static/css/static.css Requested by Host: gdanstum.net URL: http://gdanstum.net/not-found.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:6177 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e34fe81eabef2bb61177783c03c8042752b33b93e0ef6672a3b9e5698db1c865` Request headers Referer http://gdanstum.net/not-found.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 14 Jul 2020 19:16:09 GMT content-encoding br cf-cache-status HIT age 871 status 200 cf-request-id 03f05a91dd0000dfbf998f2200000001 last-modified Wed, 25 Nov 2015 17:25:59 GMT server cloudflare etag W/"1a4-5655ef27-31a2d1805ed92a2e;gz" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 5b2d939629dadfbf-FRA expires Tue, 21 Jul 2020 19:01:38 GMT
GET H/1.1	200 OK	/ Show response d1nmxiiewlx627.cloudfront.net/	104 KB 35 KB	219ms 201ms	Script text/plain	143.204.101.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056 Requested by Host: gdanstum.net URL: http://gdanstum.net/not-found.php Protocol HTTP/1.1 Server 143.204.101.19 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-19.fra50.r.cloudfront.net Software / Resource Hash `e75e20cba9530caeaf319f55b7940d30259a5957b30e548bdf0b625485e7255e` Request headers Referer http://gdanstum.net/not-found.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Tue, 14 Jul 2020 19:16:09 GMT content-encoding gzip X-Amz-Cf-Pop FRA50-C1 X-Cache Miss from cloudfront access-control-allow-origin * cache-control no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform Connection keep-alive Content-Length 35749 Via 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront) X-Amz-Cf-Id q3FOLMl5RCxdkN67B1D_lNTu3B5hHyCzuo4-XWAmUPuDfVqKYVSBcQ==
GET H/1.1	200 OK	compatibility.js Show response fbcdn2.com/script/	20 KB 8 KB	26ms 13ms	Script application/javascript	2606:4700::6811:c26b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://fbcdn2.com/script/compatibility.js Requested by Host: gdanstum.net URL: http://gdanstum.net/not-found.php Protocol HTTP/1.1 Server 2606:4700::6811:c26b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6934fd0acb576bd75f065f4e657d0d4b13dbc024608cdd299c631c2fe33f47e2` Request headers Referer http://gdanstum.net/not-found.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:16:09 GMT Content-Encoding gzip CF-Cache-Status HIT Age 3394 X-GUploader-UploadID AAANsUlJq-lXjenBgKqKKprBhygLootR0RkwEYInhbsm1R-ly5Dxks39zXGInq2Ra8i33k1EhEXdOCCtwDIz8JOEYQtzb_HMtA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity Connection keep-alive Content-Type application/javascript cf-request-id 03f05a91fe0000d6b517b68200000001 Last-Modified Wed, 08 Jul 2020 14:35:57 GMT Server cloudflare ETag W/"06fdd2e5df00d5a51bae7e42a3f19a23" Vary Accept-Encoding x-goog-hash crc32c=SErtPA==, md5=Bv3S5d8A1aUbrn5Co/GaIw== x-goog-generation 1594218957652935 Access-Control-Allow-Origin * Cache-Control public, max-age=14400 Transfer-Encoding chunked x-goog-stored-content-length 20454 CF-RAY 5b2d93966ba3d6b5-FRA Expires Tue, 14 Jul 2020 23:16:09 GMT
GET H2	200	header_gradient.jpg cdn.ay.gy/static/image/	9 KB 9 KB	14ms 14ms	Image image/jpeg	2606:4700:20::6819:6177 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ay.gy/static/image/header_gradient.jpg Requested by Host: gdanstum.net URL: http://gdanstum.net/not-found.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:6177 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `31046d9e08a11c69776b85464fbb52bd99e83950b368c556a280cbad09e164b4` Request headers Referer https://cdn.ay.gy/static/css/static.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 14 Jul 2020 19:16:09 GMT cf-cache-status HIT age 888 status 200 content-length 8872 cf-request-id 03f05a91f10000dfbf998f3200000001 last-modified Wed, 25 Nov 2015 17:25:59 GMT server cloudflare etag "22a8-5655ef27-dee346fa285f8765;;;" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg expires Tue, 21 Jul 2020 19:01:21 GMT cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 5b2d93964a2adfbf-FRA cf-bgj h2pri
GET H2	200	logo.png cdn.ay.gy/static/image/	10 KB 11 KB	14ms 13ms	Image image/png	2606:4700:20::6819:6177 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.ay.gy/static/image/logo.png Requested by Host: gdanstum.net URL: http://gdanstum.net/not-found.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::6819:6177 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a` Request headers Referer https://cdn.ay.gy/static/css/static.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 14 Jul 2020 19:16:09 GMT cf-cache-status HIT age 889 status 200 content-length 10726 cf-request-id 03f05a91f10000dfbf998f4200000001 last-modified Wed, 25 Nov 2015 17:25:59 GMT server cloudflare etag "29e6-5655ef27-93d1c7cc2c73ea4e;;;" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 5b2d93964a2ddfbf-FRA expires Tue, 21 Jul 2020 19:01:20 GMT
GET H/1.1	200 OK	Cookie set identify.html ufpcdn.com/script/ Frame 972C	0 0	141ms 135ms	Document text/html	2606:4700:3034::6812:3647 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://ufpcdn.com/script/identify.html?frmt=0 Requested by Host: gdanstum.net URL: http://gdanstum.net/not-found.php Protocol HTTP/1.1 Server 2606:4700:3034::6812:3647 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Host ufpcdn.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://gdanstum.net/not-found.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://gdanstum.net/not-found.php Response headers Date Tue, 14 Jul 2020 19:16:09 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=dc9b9f9fdd04b47c3d17bf32a3417c6d01594754169; expires=Thu, 13-Aug-20 19:16:09 GMT; path=/; domain=.ufpcdn.com; HttpOnly; SameSite=Lax __cf_bm=093d2fa9232ffd2d182620ac1456957156ca3cf3-1594754169-1800-AYe3Iz3xnVIe6BRORvSroKv3rLfdBpyQe0CSTHY1WRzIpYjXZOjCdVynd4w1Nhrc8fEeePHJPqB9C4v++mYxPPE=; path=/; expires=Tue, 14-Jul-20 19:46:09 GMT; domain=.ufpcdn.com; HttpOnly; SameSite=None Last-Modified Tue, 15 May 2018 06:39:25 GMT CF-Cache-Status DYNAMIC cf-request-id 03f05a921c000096fe7e136200000001 Server cloudflare CF-RAY 5b2d93969f9c96fe-FRA Content-Encoding gzip
GET H2	204	utx Show response whitective.club/	0 409 B	175ms 115ms	XHR text/plain	52.222.174.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://whitective.club/utx?cb=bAqRhjvrdCEp&top=gdanstum.net&tid=709056 Requested by Host: d1nmxiiewlx627.cloudfront.net URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.222.174.81 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-174-81.fra54.r.cloudfront.net Software openresty/1.15.8.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://gdanstum.net/not-found.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 14 Jul 2020 19:16:10 GMT via 1.1 1463b274b31e0310acc7c754b8b5a550.cloudfront.net (CloudFront) server openresty/1.15.8.2 x-amz-cf-pop FRA54 status 204 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin http://gdanstum.net cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true x-amz-cf-id SqWBTorGpFTsfxJG6zdg2pro03MLimJ8lw6Yw6L7jhub8PF58R1jSg==
GET H/1.1	200 OK	PA whitective.club/MldDdnVTNSAbSlNqIVAAQDt+U0d0cnEwEQM5Lg4cWzI0Gg0EZXRYFl44NhITQDgtAltcMjdTR3QCDURAdAIuQyBzBDBGIGcaCz8iCw0BRxEDDXIRJ3ATGk80dzMXPTZrHAEaHkoSASQBZRMGFD9KEiImD2gDASMSQho0NCRnZQ5FNHQFFxI9Y... Frame 679D	0 0	235ms 218ms	Document text/html	52.222.174.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://whitective.club/MldDdnVTNSAbSlNqIVAAQDt+U0d0cnEwEQM5Lg4cWzI0Gg0EZXRYFl44NhITQDgtAltcMjdTR3QCDURAdAIuQyBzBDBGIGcaCz8iCw0BRxEDDXIRJ3ATGk80dzMXPTZrHAEaHkoSASQBZRMGFD9KEiImD2gDASMSQho0NCRnZQ5FNHQFFxI9YwcWAQ0GDSgeMXo+LEMgAmcOPDFdGhYRMFgeJDMndS4RADQDMBY6MQYUFR0BAREFBS9qOgERLVpvBzwxdx8UJBpDHhIvJmoGJ0UtczQLPQxrGxRGAQEOJDgidgABES1eMCcvMnAyF0YBAQ4vTj1/D24kGH8GCT4sdRUmIB0GZhMRAXMUOhVAcGcNOhFKBSE0M14lGiASYQ8LIENwAXsXPnZiDzQmAzAaMEBQFTpCRmEgFRM8WDQNLjR0JCdHAnoTEEYScwEsOix1FiwyRAMlGh00dg9wIB1jFgUQLHUVJiQ0Cj0ODg1XBHAVIGUgESwUABEaMydGYw0aRXcPECdFagZ3OxN2DRkgI0EwDQEdZgEqNB9lBhEXPwAaCCNERT8NAQIUPTAZG0JqLgIRA2A3NA9oYTc/PA Requested by Host: d1nmxiiewlx627.cloudfront.net URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056 Protocol HTTP/1.1 Server 52.222.174.81 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-174-81.fra54.r.cloudfront.net Software openresty/1.15.8.2 / Resource Hash Request headers Host whitective.club Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://gdanstum.net/not-found.php Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://gdanstum.net/not-found.php Response headers Content-Type text/html Content-Length 1268 Connection keep-alive Date Tue, 14 Jul 2020 19:16:11 GMT Server openresty/1.15.8.2 cache-control no-store, no-cache, must-revalidate, no-transform Pragma no-cache P3P CP="NID DSP ALL COR" content-encoding gzip X-Cache Miss from cloudfront Via 1.1 14484a063800eaed878a3068abf4dfac.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA54 X-Amz-Cf-Id DSmh6gE6kweCcIl3cwN5BAP--j6eeuyzp0nFZDpWRtwlQN_Vjv4tqQ==
GET H/1.1	204 No Content	suurl.php Show response onclickgenius.com/script/	0 132 B	195ms 176ms	Script text/plain	35.190.71.96 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://onclickgenius.com/script/suurl.php?r=2984815&cbrandom=0.8949345393397701&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=AdF.ly%20-%20Not%20Found&cbref=&cbdescription=&cbkeywords=&cbcdn=fbcdn2.com&ufp=93035455419876785221390909661 Requested by Host: gdanstum.net URL: http://gdanstum.net/not-found.php Protocol HTTP/1.1 Server 35.190.71.96 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS 96.71.190.35.bc.googleusercontent.com Software openresty / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://gdanstum.net/not-found.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 14 Jul 2020 19:16:10 GMT Via 1.1 google Server openresty
GET H/1.1	200 OK	chrome.js Show response fbcdn2.com/script/	36 KB 12 KB	18ms 17ms	Script application/javascript	2606:4700::6811:c26b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://fbcdn2.com/script/chrome.js Requested by Host: gdanstum.net URL: http://gdanstum.net/not-found.php Protocol HTTP/1.1 Server 2606:4700::6811:c26b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ff3a6d0687bc6cd69e27955c3051fa89152fb07c558184d2873c02764d531b5e` Request headers Referer http://gdanstum.net/not-found.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 14 Jul 2020 19:16:10 GMT Content-Encoding gzip CF-Cache-Status HIT Age 1472 X-GUploader-UploadID AAANsUlysVrlpgpJhyUPKiCi6OtxvKOJcVMv6m9EIvggLFCvgopJEfhQmdVfOpdr8L-Ljrx97_Dk1seQo1jQzqFxOoQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity Connection keep-alive Content-Type application/javascript cf-request-id 03f05a97e40000d6b517bd1200000001 Last-Modified Wed, 10 Jun 2020 10:22:54 GMT Server cloudflare ETag W/"1f956080b1d0e84c1bb00c4c1b61a30e" Vary Accept-Encoding x-goog-hash crc32c=82Zyjw==, md5=H5VggLHQ6EwbsAxMG2GjDg== x-goog-generation 1591784574647143 Access-Control-Allow-Origin * Cache-Control public, max-age=14400 Transfer-Encoding chunked x-goog-stored-content-length 37268 CF-RAY 5b2d939fdc55d6b5-FRA Expires Tue, 14 Jul 2020 23:16:10 GMT
GET H/1.1	200 OK	popunder.gif anothingerg.club/	35 B 499 B	150ms 129ms	Image image/gif	52.222.174.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://anothingerg.club/popunder.gif Requested by Host: gdanstum.net URL: http://gdanstum.net/not-found.php Protocol HTTP/1.1 Server 52.222.174.47 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-174-47.fra54.r.cloudfront.net Software / Resource Hash `8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015` Request headers Referer http://gdanstum.net/not-found.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma public Date Tue, 14 Jul 2020 19:16:11 GMT content-encoding gzip X-Amz-Cf-Pop FRA54 X-Cache Miss from cloudfront Content-Type image/gif access-control-allow-origin * cache-control public, max-age=604800, immutable Connection keep-alive Content-Length 58 Via 1.1 fabe381dacc990f9c402cdc69b69dd26.cloudfront.net (CloudFront) X-Amz-Cf-Id WXc9TImtCvuJygd2mtrbX8fyynAF4bnFs6-RDzDhAZebfAP_Zt_NZA==
GET H2	200	multi Show response whitective.club/	4 KB 2 KB	120ms 119ms	XHR text/plain	52.222.174.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://whitective.club/multi?tid=709056&red=1&cs=ZmRVZ0hXUmdWKlJTbVcuBAVnBnhW&abt=0&v=1.0.43.0&sm=76&k=&sts=64&prn=0&emb=0&fs=1&ref=http%3A%2F%2Fgdanstum.net%2Fnot-found.php&jst=0&enr=0&lcua=mozilla%2F5.0%20(macintosh%3B%20intel%20mac%20os%20x%2010_14_5)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F83.0.4103.61%20safari%2F537.36&tzd=2&uloc=&if=0&_125Q=1594754171381&crc=1 Requested by Host: d1nmxiiewlx627.cloudfront.net URL: http://d1nmxiiewlx627.cloudfront.net/?ixmnd=709056 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.222.174.81 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-174-81.fra54.r.cloudfront.net Software openresty/1.15.8.2 / Resource Hash `51ed7223382f62ecb4b14977a6a9e0a2da7d265ab5fa13f515dd93070a984e40` Request headers Referer http://gdanstum.net/not-found.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Tue, 14 Jul 2020 19:16:11 GMT content-encoding gzip server openresty/1.15.8.2 x-amz-cf-pop FRA54 status 200 x-cache Miss from cloudfront p3p CP="NID DSP ALL COR" access-control-allow-origin http://gdanstum.net cache-control no-store, no-cache, must-revalidate, no-transform access-control-allow-credentials true content-type text/plain content-length 1842 via 1.1 1463b274b31e0310acc7c754b8b5a550.cloudfront.net (CloudFront) x-amz-cf-id GxrZhvzuPQw85i13JPbEXcEh2LbbKU1EAIu7mRUJTVUtTXhwreeamA==
GET DATA	200 OK	truncated / Frame BEB4	586 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7c392160b1aac399f9bc6b4c2ed7067704054653019c2f349ab250486f2707eb` Request headers Referer http://gdanstum.net/not-found.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			gdanstum.net/	1970-01-19 12:25:38	Name: adcashufpv3 Value: 93035455419876785221390909661

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anothingerg.club
cdn.ay.gy
d1nmxiiewlx627.cloudfront.net
fbcdn2.com
gdanstum.net
onclickgenius.com
queuecosm.bid
ufpcdn.com
whitective.club
143.204.101.19
2606:4700:20::6819:6177
2606:4700:3034::6812:3647
2606:4700:3037::ac43:bb56
2606:4700::6811:c26b
2606:4700:e2::ac40:821e
35.190.71.96
52.222.174.47
52.222.174.81
196c51f778db9df7ecf75ce7f663ea3bb07726b67feeae45ad9abfd3008b937a
31046d9e08a11c69776b85464fbb52bd99e83950b368c556a280cbad09e164b4
51ed7223382f62ecb4b14977a6a9e0a2da7d265ab5fa13f515dd93070a984e40
6934fd0acb576bd75f065f4e657d0d4b13dbc024608cdd299c631c2fe33f47e2
7c392160b1aac399f9bc6b4c2ed7067704054653019c2f349ab250486f2707eb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
abbadaeaa30d4e0f0b83e67dc670d3456c3a4e55816225142f30de9e4a1d4c51
e34fe81eabef2bb61177783c03c8042752b33b93e0ef6672a3b9e5698db1c865
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75e20cba9530caeaf319f55b7940d30259a5957b30e548bdf0b625485e7255e
ff3a6d0687bc6cd69e27955c3051fa89152fb07c558184d2873c02764d531b5e

gdanstum.net Open in urlscan Pro 2606:4700:e2::ac40:821e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

38 %HTTPS

56 %IPv6

9 Domains

9 Subdomains

9 IPs

1 Countries

83 kBTransfer

192 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

1 Cookies

Indicators

gdanstum.net Open in urlscan Pro
2606:4700:e2::ac40:821e Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

38 %
HTTPS

56 %
IPv6

9
Domains

9
Subdomains

9
IPs

1
Countries

83 kB
Transfer

192 kB
Size

1
Cookies

13 HTTP transactions
1 data transactions