URL: http://z3uwna0j.freeddns.com/
Submission: On September 20 via manual from GB

Summary

This website contacted 12 IPs in 5 countries across 14 domains to perform 16 HTTP transactions. The main IP is 185.104.249.47, located in Russian Federation and belongs to SUPERSERVERSDATACENTER, RU. The main domain is z3uwna0j.freeddns.com.
This is the only time z3uwna0j.freeddns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.104.249.47 50113 (SUPERSERV...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 23.111.9.35 33438 (HIGHWINDS2)
1 1 37.60.244.138 32475 (SINGLEHOP...)
1 104.27.168.68 13335 (CLOUDFLAR...)
2 4 2606:4700:30:... 13335 (CLOUDFLAR...)
1 176.9.35.55 24940 (HETZNER-AS)
3 52.1.37.202 14618 (AMAZON-AES)
1 143.204.214.52 16509 (AMAZON-02)
1 1 184.168.131.241 26496 (AS-26496-...)
1 45.40.182.129 26496 (AS-26496-...)
1 2.18.235.37 16625 (AKAMAI-AS)
1 2 66.155.96.191 6640 (CENTURYLI...)
1 199.19.89.1 54105 (SSM-NET)
16 12
Domain Requested by
4 smartcanucks.ca 2 redirects z3uwna0j.freeddns.com
3 www.gosawa.com z3uwna0j.freeddns.com
2 www.yogenfruz.com 1 redirects z3uwna0j.freeddns.com
2 use.fontawesome.com z3uwna0j.freeddns.com
1 eblastengine.upickem.net z3uwna0j.freeddns.com
1 img.grouponcdn.com z3uwna0j.freeddns.com
1 looniecoupons.com z3uwna0j.freeddns.com
1 www.looniecoupons.ca 1 redirects
1 i1225.photobucket.com z3uwna0j.freeddns.com
1 qgrabs.com z3uwna0j.freeddns.com
1 maplemoney.com z3uwna0j.freeddns.com
1 www.mrsjanuary.com 1 redirects
1 getbootstrap.com z3uwna0j.freeddns.com
1 z3uwna0j.freeddns.com
16 14

This site contains no links.

Subject Issuer Validity Valid
ssl516043.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-06-19 -
2019-12-26
6 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA
2018-09-17 -
2019-11-21
a year crt.sh
sni98186.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-09-03 -
2020-03-11
6 months crt.sh
sni10887.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-09-04 -
2020-03-12
6 months crt.sh
qgrabs.com
DigiCert SHA2 Secure Server CA
2019-05-01 -
2021-07-30
2 years crt.sh
www.yogenfruz.com
Thawte RSA CA 2018
2018-10-02 -
2019-11-01
a year crt.sh
*.upickem.net
Sectigo RSA Domain Validation Secure Server CA
2019-01-24 -
2021-01-23
2 years crt.sh

This page contains 1 frames:

Primary Page: http://z3uwna0j.freeddns.com/
Frame ID: EA09A7B87FE85F58930CBC5CC6BF4DBC
Requests: 16 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

16
Requests

56 %
HTTPS

14 %
IPv6

14
Domains

14
Subdomains

12
IPs

5
Countries

1269 kB
Transfer

1434 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • http://www.mrsjanuary.com/wp-content/uploads/2012/07/Yogen-Fruz-Canada-10-off.jpg HTTP 301
  • https://maplemoney.com/wp-content/uploads/2012/07/Yogen-Fruz-Canada-10-off.jpg
Request Chain 3
  • http://smartcanucks.ca/wp-content/uploads/2014/07/yogen-fruz.jpg HTTP 301
  • https://smartcanucks.ca/wp-content/uploads/2014/07/yogen-fruz.jpg
Request Chain 4
  • http://smartcanucks.ca/wp-content/uploads/2010/09/yogen_fruz_canada-500x220.jpg HTTP 301
  • https://smartcanucks.ca/wp-content/uploads/2010/09/yogen_fruz_canada-500x220.jpg
Request Chain 9
  • http://www.looniecoupons.ca/printablecoupons/Yogen-Fruz-Saskatoon.jpg HTTP 301
  • http://looniecoupons.com/printablecoupons/Yogen-Fruz-Saskatoon.jpg
Request Chain 12
  • http://www.yogenfruz.com/wp-content/uploads/yf.DateNight.2015.F1a-OL.jpg HTTP 301
  • https://www.yogenfruz.com/wp-content/uploads/yf.DateNight.2015.F1a-OL.jpg

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
z3uwna0j.freeddns.com/
7 KB
7 KB
Document
General
Full URL
http://z3uwna0j.freeddns.com/
Protocol
HTTP/1.1
Server
185.104.249.47 , Russian Federation, ASN50113 (SUPERSERVERSDATACENTER, RU),
Reverse DNS
plovdiv.pro
Software
nginx/1.15.12 /
Resource Hash
04352642387a8d5157cd66a268634997e5dbab9eac3f6c409f430d1de91db694

Request headers

Host
z3uwna0j.freeddns.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.15.12
Date
Fri, 20 Sep 2019 14:59:19 GMT
Content-Type
text/html; charset=utf-8
Content-Length
6694
Last-Modified
Wed, 22 May 2019 03:46:09 GMT
Connection
keep-alive
ETag
"5ce4c601-1a26"
Accept-Ranges
bytes
bootstrap.min.css
getbootstrap.com/docs/4.2/dist/css/
150 KB
21 KB
Stylesheet
General
Full URL
https://getbootstrap.com/docs/4.2/dist/css/bootstrap.min.css
Requested by
Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:1ff9 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://z3uwna0j.freeddns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 14:59:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
8
status
200
vary
Accept-Encoding
last-modified
Tue, 13 Aug 2019 22:04:29 GMT
server
cloudflare
x-github-request-id
CC5C:5E0B:2A834:3ABCC:5D5335B8
etag
W/"5d5333ed-2565e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
5194a99d486dcbc0-VIE
x-proxy-cache
HIT
expires
Fri, 20 Sep 2019 18:59:19 GMT
all.css
use.fontawesome.com/releases/v5.8.1/css/
54 KB
14 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Sec-Fetch-Mode
cors
Referer
http://z3uwna0j.freeddns.com/
Origin
http://z3uwna0j.freeddns.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 14:59:19 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 21:31:35 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
Yogen-Fruz-Canada-10-off.jpg
maplemoney.com/wp-content/uploads/2012/07/
Redirect Chain
  • http://www.mrsjanuary.com/wp-content/uploads/2012/07/Yogen-Fruz-Canada-10-off.jpg
  • https://maplemoney.com/wp-content/uploads/2012/07/Yogen-Fruz-Canada-10-off.jpg
0
0
Image
General
Full URL
https://maplemoney.com/wp-content/uploads/2012/07/Yogen-Fruz-Canada-10-off.jpg
Requested by
Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.168.68 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://z3uwna0j.freeddns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

Date
Fri, 20 Sep 2019 14:59:19 GMT
Server
nginx
Content-Type
text/html; charset=iso-8859-1
Location
https://maplemoney.com/wp-content/uploads/2012/07/Yogen-Fruz-Canada-10-off.jpg
Connection
keep-alive
Host-Header
624d5be7be38418a3e2a818cc8b7029b
Content-Length
286
X-Proxy-Cache
MISS
yogen-fruz.jpg
smartcanucks.ca/wp-content/uploads/2014/07/
Redirect Chain
  • http://smartcanucks.ca/wp-content/uploads/2014/07/yogen-fruz.jpg
  • https://smartcanucks.ca/wp-content/uploads/2014/07/yogen-fruz.jpg
281 KB
281 KB
Image
General
Full URL
https://smartcanucks.ca/wp-content/uploads/2014/07/yogen-fruz.jpg
Requested by
Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e850766d8cdf7e2f15262cd776789456402953f11e51b917a716751ed155eda4

Request headers

Referer
http://z3uwna0j.freeddns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 14:59:19 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Jul 2016 14:19:00 GMT
server
cloudflare
age
8
etag
"577bc1d4-4621e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5194a99d8cdd8c68-VIE
content-length
287262
expires
Fri, 27 Sep 2019 14:59:19 GMT

Redirect headers

Date
Fri, 20 Sep 2019 14:59:19 GMT
CF-Cache-Status
HIT
Server
cloudflare
Age
8
Vary
Accept-Encoding
Content-Type
text/html
Location
https://smartcanucks.ca/wp-content/uploads/2014/07/yogen-fruz.jpg
Cache-Control
public, max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5194a99d28cdcb9c-VIE
Expires
Fri, 20 Sep 2019 15:29:19 GMT
yogen_fruz_canada-500x220.jpg
smartcanucks.ca/wp-content/uploads/2010/09/
Redirect Chain
  • http://smartcanucks.ca/wp-content/uploads/2010/09/yogen_fruz_canada-500x220.jpg
  • https://smartcanucks.ca/wp-content/uploads/2010/09/yogen_fruz_canada-500x220.jpg
23 KB
23 KB
Image
General
Full URL
https://smartcanucks.ca/wp-content/uploads/2010/09/yogen_fruz_canada-500x220.jpg
Requested by
Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3e1c , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e85c5d02f41e383ed6407abbe9971e580ea5632eb360f1e4193423900e1ca397

Request headers

Referer
http://z3uwna0j.freeddns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 14:59:19 GMT
cf-cache-status
HIT
last-modified
Tue, 05 Jul 2016 14:12:14 GMT
server
cloudflare
age
8
etag
"577bc03e-5b03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
5194a99d8cde8c68-VIE
content-length
23299
expires
Fri, 27 Sep 2019 14:59:19 GMT

Redirect headers

Date
Fri, 20 Sep 2019 14:59:19 GMT
CF-Cache-Status
HIT
Server
cloudflare
Age
8
Vary
Accept-Encoding
Content-Type
text/html
Location
https://smartcanucks.ca/wp-content/uploads/2010/09/yogen_fruz_canada-500x220.jpg
Cache-Control
public, max-age=1800
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5194a99d285a5a00-VIE
Expires
Fri, 20 Sep 2019 15:29:19 GMT
main_440x440.png
qgrabs.com/media/a24b367c8d5f976e/
168 KB
169 KB
Image
General
Full URL
https://qgrabs.com/media/a24b367c8d5f976e/main_440x440.png
Requested by
Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.9.35.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
qgrabs.com
Software
nginx /
Resource Hash
ec6191c1f2565df44b4c1502eea30fe21230265a08736f7bc09c4bfbe9413981

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://z3uwna0j.freeddns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 14:59:19 GMT
Last-Modified
Tue, 23 Apr 2013 11:02:10 GMT
Server
nginx
Connection
keep-alive
Content-Length
172381
Alternate-Protocol
443:npn-spdy/2
Content-Type
image/png
aba41d5b1e9695685655bd6ef1fe5686.jpg
www.gosawa.com/storage/32000/857/
61 KB
61 KB
Image
General
Full URL
http://www.gosawa.com/storage/32000/857/aba41d5b1e9695685655bd6ef1fe5686.jpg
Requested by
Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol
HTTP/1.1
Server
52.1.37.202 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-37-202.compute-1.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
6f4eafab4c9e61a923e9a772ba1fdefb6d2707536d5be438d883dc85cd4b69ff

Request headers

Referer
http://z3uwna0j.freeddns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 14:59:19 GMT
Last-Modified
Thu, 21 Feb 2013 20:43:57 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"f4df-4d64222361d40"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
62687
8bf2e460e1c3fd071fb0e24ca58e0201.jpg
www.gosawa.com/storage/32000/857/
62 KB
63 KB
Image
General
Full URL
http://www.gosawa.com/storage/32000/857/8bf2e460e1c3fd071fb0e24ca58e0201.jpg
Requested by
Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol
HTTP/1.1
Server
52.1.37.202 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-37-202.compute-1.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
da9d69758fe6d3f37552a77c6a3078a482bf8e5d152359614d3bc8456762a6ce

Request headers

Referer
http://z3uwna0j.freeddns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 14:59:19 GMT
Last-Modified
Thu, 21 Feb 2013 20:44:04 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"f90c-4d64222a0ed00"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
63756
yogen-fruz-des_zpsa539946b.jpg
i1225.photobucket.com/albums/ee381/goSawaTeam/
8 KB
8 KB
Image
General
Full URL
http://i1225.photobucket.com/albums/ee381/goSawaTeam/yogen-fruz-des_zpsa539946b.jpg
Requested by
Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol
HTTP/1.1
Server
143.204.214.52 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-52.fra53.r.cloudfront.net
Software
imgproxy /
Resource Hash
d04e8fc568f03b4bf9de056ff4d8f0eafc36ed93dd55a31cf30800aeed2b8616

Request headers

Referer
http://z3uwna0j.freeddns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 14:59:13 GMT
Content-Encoding
gzip
Age
6
X-Cache
Hit from cloudfront
Content-Disposition
inline; filename="yogen-fruz-des_zpsa539946b.webp"
Connection
keep-alive
Content-Length
8010
X-Request-Id
GlDBoX7ZtoYl-Z-me12Ifh
Access-Control-Allow-Origin
*
Server
imgproxy
Vary
Accept,Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD, OPTIONS
Content-Type
image/webp
Via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, public
X-Amz-Cf-Pop
FRA53-C1
X-Amz-Cf-Id
holpatM5s5ndc4mEXnjT8slyIRx_nn73td8rbWFzpJTXndH0c65yfg==
Expires
Fri, 20 Sep 2019 15:59:13 GMT
Yogen-Fruz-Saskatoon.jpg
looniecoupons.com/printablecoupons/
Redirect Chain
  • http://www.looniecoupons.ca/printablecoupons/Yogen-Fruz-Saskatoon.jpg
  • http://looniecoupons.com/printablecoupons/Yogen-Fruz-Saskatoon.jpg
12 KB
12 KB
Image
General
Full URL
http://looniecoupons.com/printablecoupons/Yogen-Fruz-Saskatoon.jpg
Requested by
Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol
HTTP/1.1
Server
45.40.182.129 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-45-40-182-129.ip.secureserver.net
Software
Apache /
Resource Hash
246a8439b43938da23294b6847347cfb9c447c3e567fb47c9a110f94b51f0322

Request headers

Referer
http://z3uwna0j.freeddns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 14:59:19 GMT
Last-Modified
Sat, 19 Oct 2013 04:54:15 GMT
Server
Apache
ETag
"3037-4e910d7bbcbc0"
Content-Type
image/jpeg
Cache-Control
max-age=5184000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12343
Expires
Tue, 19 Nov 2019 14:59:19 GMT

Redirect headers

Location
http://looniecoupons.com/printablecoupons/Yogen-Fruz-Saskatoon.jpg
Date
Fri, 20 Sep 2019 14:59:19 GMT
Server
nginx/1.12.2
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
t460x279.jpg
img.grouponcdn.com/deal/c95735194d444004bcee935cbf54297a/7a/v1/
37 KB
38 KB
Image
General
Full URL
http://img.grouponcdn.com/deal/c95735194d444004bcee935cbf54297a/7a/v1/t460x279.jpg
Requested by
Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol
HTTP/1.1
Server
2.18.235.37 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-37.deploy.static.akamaitechnologies.com
Software
nginx/1.12.2 /
Resource Hash
4a53d8c806ed627ff685fb57d79072c4b8725fd2d7038e99e4f176546934cdda

Request headers

Referer
http://z3uwna0j.freeddns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 14:59:19 GMT
Last-Modified
Thu, 24 Jan 2013 19:53:11 GMT
Server
nginx/1.12.2
ETag
"846a20fe92e2a0a2940b9511d7d5cdb8"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Connection
keep-alive
Content-Length
38309
Expires
Sun, 20 Oct 2019 14:59:19 GMT
34da4a3ff60779178b777a5ce45c9aa7.jpg
www.gosawa.com/storage/32000/857/
78 KB
78 KB
Image
General
Full URL
http://www.gosawa.com/storage/32000/857/34da4a3ff60779178b777a5ce45c9aa7.jpg
Requested by
Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol
HTTP/1.1
Server
52.1.37.202 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-37-202.compute-1.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
342e7128d72ddd9f97b74cc7bb2b703116236147dbcbb7225b2e8c91a49f32df

Request headers

Referer
http://z3uwna0j.freeddns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 14:59:19 GMT
Last-Modified
Thu, 21 Feb 2013 20:43:53 GMT
Server
Apache/2.4.18 (Ubuntu)
ETag
"137ab-4d64221f91440"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
79787
yf.DateNight.2015.F1a-OL.jpg
www.yogenfruz.com/wp-content/uploads/
Redirect Chain
  • http://www.yogenfruz.com/wp-content/uploads/yf.DateNight.2015.F1a-OL.jpg
  • https://www.yogenfruz.com/wp-content/uploads/yf.DateNight.2015.F1a-OL.jpg
401 KB
401 KB
Image
General
Full URL
https://www.yogenfruz.com/wp-content/uploads/yf.DateNight.2015.F1a-OL.jpg
Requested by
Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.155.96.191 , Canada, ASN6640 (CENTURYLINK-TIER3-CLOUD - CenturyLink Communications, LLC, US),
Reverse DNS
arc0001.ditcanada.net
Software
Apache / PleskLin
Resource Hash
d3ed8d8bf10f7e150aa5570b32e1a8fc39da74daaaa80735bba1ef8cbf8fd3af

Request headers

Referer
http://z3uwna0j.freeddns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 14:59:19 GMT
Last-Modified
Thu, 29 Jan 2015 21:06:21 GMT
Server
Apache
X-Powered-By
PleskLin
ETag
"64394-50dd0dc200d40"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
410516

Redirect headers

Location
https://www.yogenfruz.com/wp-content/uploads/yf.DateNight.2015.F1a-OL.jpg
Date
Fri, 20 Sep 2019 14:59:19 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
281
Content-Type
text/html; charset=iso-8859-1
17013.jpg
eblastengine.upickem.net/EmailImages/
20 KB
20 KB
Image
General
Full URL
https://eblastengine.upickem.net/EmailImages/17013.jpg
Requested by
Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.19.89.1 St Louis, United States, ASN54105 (SSM-NET - Second Street, US),
Reverse DNS
199-19-89-1.secondstreetmedia.com
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d2231335b8f9644f7700f24c2cce53c7386371c717cab36a15e8a7b5bd5100fa

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://z3uwna0j.freeddns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 20 Sep 2019 14:59:18 GMT
Last-Modified
Thu, 04 Aug 2011 22:15:58 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"5b41f815f452cc1:0"
P3P
CP="NOI DSP COR NID CUR PSDa OUR STP STA"
Cache-Control
public
Accept-Ranges
bytes
Content-Type
image/jpeg
X-PP
2
Content-Length
20491
fa-brands-400.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/
73 KB
73 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-brands-400.woff2
Requested by
Host: z3uwna0j.freeddns.com
URL: http://z3uwna0j.freeddns.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed

Request headers

Sec-Fetch-Mode
cors
Referer
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin
http://z3uwna0j.freeddns.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 20 Sep 2019 14:59:19 GMT
last-modified
Thu, 21 Mar 2019 21:32:11 GMT
server
NetDNA-cache/2.2
status
200
etag
"5e2f92123d241cabecf0b289b9b08d4a"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
74768

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

eblastengine.upickem.net
getbootstrap.com
i1225.photobucket.com
img.grouponcdn.com
looniecoupons.com
maplemoney.com
qgrabs.com
smartcanucks.ca
use.fontawesome.com
www.gosawa.com
www.looniecoupons.ca
www.mrsjanuary.com
www.yogenfruz.com
z3uwna0j.freeddns.com
104.27.168.68
143.204.214.52
176.9.35.55
184.168.131.241
185.104.249.47
199.19.89.1
2.18.235.37
23.111.9.35
2606:4700:10::6814:1ff9
2606:4700:30::6812:3e1c
37.60.244.138
45.40.182.129
52.1.37.202
66.155.96.191
04352642387a8d5157cd66a268634997e5dbab9eac3f6c409f430d1de91db694
246a8439b43938da23294b6847347cfb9c447c3e567fb47c9a110f94b51f0322
342e7128d72ddd9f97b74cc7bb2b703116236147dbcbb7225b2e8c91a49f32df
4a53d8c806ed627ff685fb57d79072c4b8725fd2d7038e99e4f176546934cdda
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
6f4eafab4c9e61a923e9a772ba1fdefb6d2707536d5be438d883dc85cd4b69ff
d04e8fc568f03b4bf9de056ff4d8f0eafc36ed93dd55a31cf30800aeed2b8616
d2231335b8f9644f7700f24c2cce53c7386371c717cab36a15e8a7b5bd5100fa
d3ed8d8bf10f7e150aa5570b32e1a8fc39da74daaaa80735bba1ef8cbf8fd3af
da9d69758fe6d3f37552a77c6a3078a482bf8e5d152359614d3bc8456762a6ce
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e850766d8cdf7e2f15262cd776789456402953f11e51b917a716751ed155eda4
e85c5d02f41e383ed6407abbe9971e580ea5632eb360f1e4193423900e1ca397
ec6191c1f2565df44b4c1502eea30fe21230265a08736f7bc09c4bfbe9413981
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3