jhhch.datinglocator24.com

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 4 HTTP transactions. The main IP is 144.76.30.237, located in Germany and belongs to HETZNER-AS, DE. The main domain is jhhch.datinglocator24.com.

This is the only time jhhch.datinglocator24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	31.28.24.119 31.28.24.119	12616 (HOSTING-MSK) (HOSTING-MSK)
2 3	2606:4700:30:... 2606:4700:30::681c:b50	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	2606:4700:30:... 2606:4700:30::681f:592e	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	144.76.30.237 144.76.30.237	24940 (HETZNER-AS) (HETZNER-AS)
4	3

1 31.28.24.119 (Moscow, Russian Federation) 1 redirects

ASN12616 (HOSTING-MSK, RU)
PTR: c09w.hoster.ru

intmash.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:30::681c:b50 (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

gxxx.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681f:592e (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

tdtg.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.30.237 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.237.30.76.144.clients.your-server.de

jhhch.datinglocator24.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	gxxx.pro 2 redirects gxxx.pro	2 KB
1	datinglocator24.com jhhch.datinglocator24.com	1 KB
1	tdtg.xyz 1 redirects tdtg.xyz	833 B
1	intmash.ru 1 redirects intmash.ru	1 KB
4	4

	Domain	Requested by
3	gxxx.pro	2 redirects
1	jhhch.datinglocator24.com	gxxx.pro jhhch.datinglocator24.com
1	tdtg.xyz	1 redirects
1	intmash.ru	1 redirects
4	4

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://jhhch.datinglocator24.com/?utm_source=5d066262733f2&track=&click_id=1n584rade4efcpbr9cq
Frame ID: 86C987FDC07508ED4FD1F4B4033D0E0F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://intmash.ru/bitrix/redirect.php?goto=http://gxxx.pro HTTP 302
http://gxxx.pro/ Page URL
http://gxxx.pro/r.php HTTP 302
http://gxxx.pro/r.php?co=eXpnZGc=&s=jmlfdk_z HTTP 302
https://tdtg.xyz/email?s=jmlfdk_z&sid1=z HTTP 302
http://jhhch.datinglocator24.com/?utm_source=5d066262733f2&track=&click_id=1n584rade4efcpbr9cq Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

4
Requests

0 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

3 kB
Transfer

6 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://intmash.ru/bitrix/redirect.php?goto=http://gxxx.pro HTTP 302
http://gxxx.pro/ Page URL
http://gxxx.pro/r.php HTTP 302
http://gxxx.pro/r.php?co=eXpnZGc=&s=jmlfdk_z HTTP 302
https://tdtg.xyz/email?s=jmlfdk_z&sid1=z HTTP 302
http://jhhch.datinglocator24.com/?utm_source=5d066262733f2&track=&click_id=1n584rade4efcpbr9cq Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://intmash.ru/bitrix/redirect.php?goto=http://gxxx.pro HTTP 302
http://gxxx.pro/

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set / Show response gxxx.pro/ Redirect Chain http://intmash.ru/bitrix/redirect.php?goto=http://gxxx.pro http://gxxx.pro/	3 KB 1 KB	220ms 182ms	Document text/html	2606:4700:30::681c:b50 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://gxxx.pro/ Protocol HTTP/1.1 Server 2606:4700:30::681c:b50 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `ec2f091b2ee5b81c1ea2aa2e5d0b0a45d633033476e4f4f5aef35a4e47d6b968` Request headers Host gxxx.pro Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 23 Aug 2019 22:03:28 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d5797e5c129e03c0fc7be6a44285507a11566597807; expires=Sat, 22-Aug-20 22:03:27 GMT; path=/; domain=.gxxx.pro; HttpOnly Vary Accept-Encoding Server cloudflare CF-RAY 50b0606b7898cbd0-VIE Content-Encoding gzip Redirect headers Date Fri, 23 Aug 2019 22:03:27 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.6.31 Set-Cookie uni1=1; expires=Sat, 24-Aug-2019 22:03:27 GMT; Max-Age=86400 PHPSESSID=ko6nfgoh7ahrf8g3894ehj5ai3; path=/; HttpOnly BITRIX_SM_GUEST_ID=122053; expires=Mon, 17-Aug-2020 22:03:27 GMT; Max-Age=31104000; path=/ BITRIX_SM_LAST_VISIT=24.08.2019+01%3A03%3A27; expires=Mon, 17-Aug-2020 22:03:27 GMT; Max-Age=31104000; path=/ P3P policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" X-Powered-CMS Bitrix Site Manager (d6d46cec2363422a0e370c9d676d1d71) Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Request-URI http://gxxx.pro Content-Location http://gxxx.pro Location http://gxxx.pro Content-Type text/html; charset=UTF-8 X-Cache MISS from t0.hoster.ru X-Cache-Lookup MISS from t0.hoster.ru:6666 Transfer-Encoding chunked Connection keep-alive
GET H/1.1	200 OK	Primary Request / Show response jhhch.datinglocator24.com/ Redirect Chain http://gxxx.pro/r.php http://gxxx.pro/r.php?co=eXpnZGc=&s=jmlfdk_z https://tdtg.xyz/email?s=jmlfdk_z&sid1=z http://jhhch.datinglocator24.com/?utm_source=5d066262733f2&track=&click_id=1n584rade4efcpbr9cq	3 KB 1 KB	7511ms 73ms	Document text/html	144.76.30.237 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://jhhch.datinglocator24.com/?utm_source=5d066262733f2&track=&click_id=1n584rade4efcpbr9cq Requested by Host: gxxx.pro URL: http://gxxx.pro/ Protocol HTTP/1.1 Server 144.76.30.237 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.237.30.76.144.clients.your-server.de Software openresty/1.13.6.2 / Resource Hash `9c0e264d584ac3b0c09a5daca97cfe22823254fec322e176a892ea4d056c51c2` Request headers Host jhhch.datinglocator24.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Referer http://gxxx.pro/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://gxxx.pro/ Response headers Server openresty/1.13.6.2 Date Fri, 23 Aug 2019 22:03:38 GMT Content-Type text/html; charset=UTF-8 Content-Length 1102 Connection keep-alive Vary Accept-Encoding Content-Encoding gzip Redirect headers status 302 date Fri, 23 Aug 2019 22:03:31 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=d326a0182d46024d8438fd8f7845a59121566597811; expires=Sat, 22-Aug-20 22:03:31 GMT; path=/; domain=.tdtg.xyz; HttpOnly _subid=1n584rade4efcpbr9cq;Expires=Monday, 23-Sep-2019 22:03:54 GMT;Max-Age=2678400;Path=/ _token=uuid_1n584rade4efcpbr9cq_1n584rade4efcpbr9cq5d6062ca488871.72913715;Expires=Monday, 23-Sep-2019 22:03:54 GMT;Max-Age=2678400;Path=/ 4784d=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjJcIjoxNTY2NTk3ODM0fSxcImNhbXBhaWduc1wiOntcIjFcIjoxNTY2NTk3ODM0fSxcInRpbWVcIjoxNTY2NTk3ODM0fSJ9.2oZ5IOna2kYfWfXJwt4IwwQDVmMkfRYmOnLqwQfAnHk;Expires=Monday, 23-Sep-2019 22:03:54 GMT;Max-Age=2678400;Path=/ cache-control no-cache, no-store, must-revalidate,post-check=0,pre-check=0 expires 0 last-modified Fri, 23 Aug 2019 22:03:54 GMT location http://jhhch.datinglocator24.com/?utm_source=5d066262733f2&track=&click_id=1n584rade4efcpbr9cq pragma no-cache x-content-type-options nosniff expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 50b0607edb1159e8-VIE
GET		jquery-2.js jhhch.datinglocator24.com/js/	0 0

GET		fprint2.min.js jhhch.datinglocator24.com/js/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jhhch.datinglocator24.com
URL: http://jhhch.datinglocator24.com/js/jquery-2.js

Domain: jhhch.datinglocator24.com
URL: http://jhhch.datinglocator24.com/js/fprint2.min.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.gxxx.pro/	1970-01-19 11:55:33	Name: __cfduid Value: d5797e5c129e03c0fc7be6a44285507a11566597807

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gxxx.pro
intmash.ru
jhhch.datinglocator24.com
tdtg.xyz
jhhch.datinglocator24.com
144.76.30.237
2606:4700:30::681c:b50
2606:4700:30::681f:592e
31.28.24.119
9c0e264d584ac3b0c09a5daca97cfe22823254fec322e176a892ea4d056c51c2
ec2f091b2ee5b81c1ea2aa2e5d0b0a45d633033476e4f4f5aef35a4e47d6b968

jhhch.datinglocator24.com Open in urlscan Pro 144.76.30.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

0 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

3 kBTransfer

6 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

jhhch.datinglocator24.com Open in urlscan Pro
144.76.30.237 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

0 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

3 kB
Transfer

6 kB
Size

1
Cookies

4 HTTP transactions
0 data transactions