donkeymails.com Open in urlscan Pro
104.245.16.111 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://donkeymails.com/pages/ptp.php?refid=pguy
Submission: On July 10 via manual (July 10th 2019, 7:40:10 pm UTC) from US

Summary HTTP 13 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 11 domains to perform 13 HTTP transactions. The main IP is 104.245.16.111, located in United States and belongs to ASN-VINS - ViaWest, US. The main domain is donkeymails.com.

This is the only time donkeymails.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.245.16.111 104.245.16.111	13649 (ASN-VINS) (ASN-VINS - ViaWest)
1	2606:4700::68... 2606:4700::6810:e633	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	104.245.16.138 104.245.16.138	13649 (ASN-VINS) (ASN-VINS - ViaWest)
13	4

1 104.245.16.111 (United States)

ASN13649 (ASN-VINS - ViaWest, US)
PTR: ips111.ips.ch

donkeymails.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:e633 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

mellowads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.245.16.138 (United States)

ASN13649 (ASN-VINS - ViaWest, US)
PTR: ips138.ips.ch

highcasinobonus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	highcasinobonus.com highcasinobonus.com	8 KB
1	mellowads.com mellowads.com	1002 B
1	donkeymails.com donkeymails.com www.donkeymails.com Failed	10 KB
0	trafficadbar.com Failed trafficadbar.com Failed
0	secureserver.net Failed images.secureserver.net Failed
0	bitstarz.com Failed www.bitstarz.com Failed
0	bobcasino.com Failed www.bobcasino.com Failed
0	trustcash.biz Failed trustcash.biz Failed
0	adhitzads.com Failed adhitzads.com Failed
0	trck.me Failed trck.me Failed
0	tharbadir.com Failed tharbadir.com Failed
13	11

	Domain	Requested by
1	highcasinobonus.com	donkeymails.com
1	mellowads.com	donkeymails.com
1	donkeymails.com
0	trafficadbar.com Failed	donkeymails.com
0	images.secureserver.net Failed	donkeymails.com
0	www.bitstarz.com Failed	donkeymails.com
0	www.bobcasino.com Failed	donkeymails.com
0	trustcash.biz Failed	donkeymails.com
0	adhitzads.com Failed	donkeymails.com
0	www.donkeymails.com Failed	donkeymails.com
0	trck.me Failed	donkeymails.com
0	tharbadir.com Failed	donkeymails.com
13	12

This site contains links to these domains. Also see Links.

Domain
trck.me
www.donkeymails.com

Subject Issuer	Validity	Valid
	`1970-01-01` - `1970-01-01`	a few seconds	crt.sh

This page contains 1 frames:

Primary Page: http://donkeymails.com/pages/ptp.php?refid=pguy
Frame ID: 7C958D25BBB73EB81203C39B8F284195
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

13
Requests

0 %
HTTPS

33 %
IPv6

11
Domains

12
Subdomains

4
IPs

1
Countries

19 kB
Transfer

17 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://trck.me/430207/banner.php

Search URL Search Domain Scan URL

URL: http://www.donkeymails.com/pages/adorder.php?pid=100
Title: 100,000 Guaranteed Visitors Only $32.50!

Search URL Search Domain Scan URL

URL: http://www.donkeymails.com/pages/advertise.php
Title: Advertise at Donkeymails start at only 1 Dollar!

Search URL Search Domain Scan URL

URL: http://www.donkeymails.com/pages/suboff.php
Title: Great Deals with up to 50% discount!!

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set ptp.php Show response donkeymails.com/pages/	9 KB 10 KB	3585ms 209ms	Document text/html	104.245.16.111 ViaWest
General Check archive.org Show headers Download Go to Full URL http://donkeymails.com/pages/ptp.php?refid=pguy Protocol HTTP/1.1 Server 104.245.16.111 , United States, ASN13649 (ASN-VINS - ViaWest, US), Reverse DNS ips111.ips.ch Software Apache / PHP/5.2.17 Resource Hash `c4d4f76d690d2afb1d836391bf64c2f183b240d2153924ffa6068fa9eda62039` Request headers Host donkeymails.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 10 Jul 2019 19:31:32 GMT Server Apache X-Powered-By PHP/5.2.17 Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Set-Cookie autoipsec=deleted; expires=Tue, 10-Jul-2018 19:31:31 GMT; path=/; domain=.donkeymails.com autousername=deleted; expires=Tue, 10-Jul-2018 19:31:31 GMT; path=/; domain=.donkeymails.com autopassword=deleted; expires=Tue, 10-Jul-2018 19:31:31 GMT; path=/; domain=.donkeymails.com domain=deleted; expires=Tue, 10-Jul-2018 19:31:31 GMT; path=/; domain=.donkeymails.com refid=pguy; expires=Fri, 09-Aug-2019 19:31:32 GMT; path=/; domain=.donkeymails.com PHPSESSID=ee5a7ed66aad095645042e295801e273rcankyvisrucxmsuqdwkwlwnko193132; path=/; domain=.donkeymails.com Connection close Transfer-Encoding chunked Content-Type text/html
GET		2 tharbadir.com/	0 0

GET H/1.1	200 OK	close.png mellowads.com/img/	404 B 1002 B	21ms 11ms	Image image/png	2606:4700::6810:e633 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://mellowads.com/img/close.png Requested by Host: donkeymails.com URL: http://donkeymails.com/pages/ptp.php?refid=pguy Protocol HTTP/1.1 Security , , Server 2606:4700::6810:e633 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `86f96e1602ff22d0743028e26605aca12ce7c64303c9997deaa716c08954fc49` Request headers Referer http://donkeymails.com/pages/ptp.php?refid=pguy User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 10 Jul 2019 19:39:39 GMT CF-Cache-Status HIT Age 300744 Cf-Polished origSize=1422 Connection keep-alive Content-Length 404 Last-Modified Wed, 15 Nov 2017 09:57:37 GMT Server cloudflare ETag "967d12af85dd31:0" Vary Accept-Encoding Content-Type image/png Cf-Bgj imgq:100 Cache-Control public, max-age=2678400 Accept-Ranges bytes CF-RAY 4f4501423fda97f0-FRA Expires Sat, 10 Aug 2019 19:39:39 GMT
GET		banner.jpg trck.me/430207/	0 0

GET		dm_ft1.jpg www.donkeymails.com/images/	0 0

GET		254497 adhitzads.com/	0 0

GET		banner.jpg trck.me/421509/	0 0

GET		12060.gif trustcash.biz/images/	0 0

GET		200-200_bob_animate_english.gif www.bobcasino.com/system/comfy/cms/files/files/000/000/146/original/	0 0

GET		BStrz_AfBanner_EuroOffer_250x250.gif www.bitstarz.com/system/comfy/cms/files/files/000/001/157/original/	0 0

GET H/1.1	200 OK	banner120x60.gif highcasinobonus.com/images/	8 KB 8 KB	9458ms 160ms	Image image/gif	104.245.16.138 ViaWest
General Check archive.org Show headers Download Go to Show image Full URL http://highcasinobonus.com/images/banner120x60.gif Requested by Host: donkeymails.com URL: http://donkeymails.com/pages/ptp.php?refid=pguy Protocol HTTP/1.1 Security , , Server 104.245.16.138 , United States, ASN13649 (ASN-VINS - ViaWest, US), Reverse DNS ips138.ips.ch Software LiteSpeed / Resource Hash `2847131bfb3ed7137393160520eab44023b3c43bfbdd166c78d798ff5c4bb1c5` Request headers Referer http://donkeymails.com/pages/ptp.php?refid=pguy User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Wed, 10 Jul 2019 19:31:24 GMT Last-Modified Fri, 18 Mar 2011 13:24:15 GMT Server LiteSpeed Content-Type image/gif Cache-Control public, max-age=604800 Connection Keep-Alive Accept-Ranges bytes Content-Length 7806 Expires Wed, 17 Jul 2019 19:31:24 GMT
GET		15774_reseller_hosting_120x90_v1.gif images.secureserver.net/rcc/extranet/Marketing/Banners/	0 0

GET		show_ads.js trafficadbar.com/ads/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tharbadir.com
URL: http://tharbadir.com/2?z=2711234

Domain: trck.me
URL: http://trck.me/430207/banner.jpg

Domain: www.donkeymails.com
URL: http://www.donkeymails.com/images/dm_ft1.jpg

Domain: adhitzads.com
URL: https://adhitzads.com/254497

Domain: trck.me
URL: http://trck.me/421509/banner.jpg

Domain: trustcash.biz
URL: http://trustcash.biz/images/12060.gif

Domain: www.bobcasino.com
URL: https://www.bobcasino.com/system/comfy/cms/files/files/000/000/146/original/200-200_bob_animate_english.gif

Domain: www.bitstarz.com
URL: https://www.bitstarz.com/system/comfy/cms/files/files/000/001/157/original/BStrz_AfBanner_EuroOffer_250x250.gif

Domain: images.secureserver.net
URL: https://images.secureserver.net/rcc/extranet/Marketing/Banners/15774_reseller_hosting_120x90_v1.gif

Domain: trafficadbar.com
URL: http://trafficadbar.com/ads/show_ads.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adhitzads.com
donkeymails.com
highcasinobonus.com
images.secureserver.net
mellowads.com
tharbadir.com
trafficadbar.com
trck.me
trustcash.biz
www.bitstarz.com
www.bobcasino.com
www.donkeymails.com
adhitzads.com
images.secureserver.net
tharbadir.com
trafficadbar.com
trck.me
trustcash.biz
www.bitstarz.com
www.bobcasino.com
www.donkeymails.com
104.245.16.111
104.245.16.138
2606:4700::6810:e633
2847131bfb3ed7137393160520eab44023b3c43bfbdd166c78d798ff5c4bb1c5
86f96e1602ff22d0743028e26605aca12ce7c64303c9997deaa716c08954fc49
c4d4f76d690d2afb1d836391bf64c2f183b240d2153924ffa6068fa9eda62039

donkeymails.com Open in urlscan Pro 104.245.16.111 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

13 Requests

0 %HTTPS

33 %IPv6

11 Domains

12 Subdomains

4 IPs

1 Countries

19 kBTransfer

17 kBSize

0 Cookies

4 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Indicators

donkeymails.com Open in urlscan Pro
104.245.16.111 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

0 %
HTTPS

33 %
IPv6

11
Domains

12
Subdomains

4
IPs

1
Countries

19 kB
Transfer

17 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions