dun.mom - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 3 HTTP transactions. The main IP is 198.44.173.138, located in Hong Kong, Hong Kong and belongs to AS40676, US. The main domain is dun.mom.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G2 on January 18th 2024. Valid for: 3 months.

This is the only time dun.mom was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	198.44.173.138 198.44.173.138	40676 (AS40676) (AS40676)
1	163.181.92.234 163.181.92.234	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1 1	104.19.23.23 104.19.23.23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.22.22 104.19.22.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3

1 198.44.173.138 (Hong Kong, Hong Kong)

ASN40676 (AS40676, US)

dun.mom	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.234 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

static.hdslb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.23.23 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.itzmx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.22.22 (None, )

ASN13335 (CLOUDFLARENET, US)

www.itzmx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	itzmx.com 1 redirects www.itzmx.com	1 KB
1	hdslb.com static.hdslb.com — Cisco Umbrella Rank: 54066	119 KB
1	dun.mom dun.mom	2 KB
3	3

	Domain	Requested by
2	www.itzmx.com	1 redirects
1	static.hdslb.com	dun.mom
1	dun.mom
3	3

This site contains no links.

Subject Issuer	Validity	Valid
scqyjs.cn Encryption Everywhere DV TLS CA - G2	`2024-01-18` - `2024-04-17`	3 months	crt.sh
*.hdslb.com GlobalSign GCC R3 DV TLS CA 2020	`2023-08-08` - `2024-09-08`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dun.mom/
Frame ID: D33958352738D9509100A8B4D35352B7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

400錯誤啦!

Page Statistics

3
Requests

33 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

121 kB
Transfer

124 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://www.itzmx.com/favicon.ico HTTP 301
https://www.itzmx.com/favicon.ico

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	400 Bad Request	Primary Request / Show response dun.mom/	1 KB 2 KB	2363ms 235ms	Document text/html	198.44.173.138 AS40676
General Check archive.org Show headers Download Go to Full URL https://dun.mom/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 198.44.173.138 Hong Kong, Hong Kong, ASN40676 (AS40676, US), Reverse DNS Software C4-1V230 / Resource Hash `13e1c7f0ea837e36242ed374d46a882db870f5ee847e2273ac072e88c1e31436` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Length 1376 Content-Type text/html; charset=utf-8 Date Wed, 27 Mar 2024 21:22:12 GMT Server C4-1V230 X-Cache MISS from C4-1V230
GET H2	200	400.png static.hdslb.com/error/	118 KB 119 KB	1335ms 60ms	Image image/png	163.181.92.234 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://static.hdslb.com/error/400.png Requested by Host: dun.mom URL: https://dun.mom/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 163.181.92.234 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `de00cb51f5dc2d73eefa48cbb500b79f3b9720a6e3cf11f0ad2541bb9605280f` Request headers accept-language de-DE,de;q=0.9 Referer https://dun.mom/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Wed, 27 Mar 2024 15:56:21 GMT via cache11.l2de2[0,0,304-0,H], cache21.l2de2[1,0], ens-cache1.de5[0,0,200-0,H], ens-cache1.de5[1,0] age 20079 x-swift-cachetime 16165 x-cache HIT TCP_HIT dirn:13:429138012 cross-origin-resource-policy cross-origin x-swift-savetime Wed, 27 Mar 2024 19:26:56 GMT content-length 121058 last-modified Thu, 08 Sep 2022 05:55:52 GMT server Tengine etag "631983e8-1d8e2" ali-swift-global-savetime 1711554981 content-type image/png access-control-allow-origin * cache-control max-age=28800 accept-ranges bytes timing-allow-origin * eagleid a3b55c9517115750605392230e x-cache-webcdn AL expires Wed, 27 Mar 2024 23:56:20 GMT
GET H2	200	favicon.ico www.itzmx.com/ Redirect Chain http://www.itzmx.com/favicon.ico https://www.itzmx.com/favicon.ico	4 KB 905 B	102ms 37ms	Other image/x-icon	104.19.22.22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.itzmx.com/favicon.ico Protocol H2 Server 104.19.22.22 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4e6a8a8462587eb2be005769bf7ed1edd6647ce645bb035b553a1891ec1c3fd7` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36 Response headers date Wed, 27 Mar 2024 21:31:03 GMT content-encoding br cf-cache-status HIT last-modified Wed, 03 Sep 2014 00:25:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 160509 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l372gXQAEmQcbC80BML6W9lj0Ve9u05fZ3Hs5GPoNDWpZxjWDrk2mHkCtxl6iDsXp1ybUFPBuiFzyzBNwlMeLhUdQuJ%2F5SEnkGKsBtdH%2Fnsst6YKtDCBx7QPNuPZOWgIuE8eMA%3D%3D"}],"group":"cf-nel","max_age":604800} x-cache MISS from kangle web server dedi, HIT from tx-hk, HIT from tx-hk2, HIT from tx-hk2, HIT from tx-hk2 content-type image/x-icon cache-control max-age=31536000 accept-ranges bytes cf-ray 86b27c316f109974-FRA content-length 379 Redirect headers Date Wed, 27 Mar 2024 21:31:03 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Age 434182 Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f7rU3th%2FqGvzvggoVVf094E%2BaucS6A7AKp4qhA0CfdVfpTdfBt0IX3Nin8m0lBXIvqKjBT7jFzZcxcHTWKTIV5Laz4rjnh3VrfYXnF6AjRGWP%2FGtjg4E5CqMLSB0eNop"}],"group":"cf-nel","max_age":604800} Location https://www.itzmx.com/favicon.ico Cache-Control max-age=31536000 Connection keep-alive CF-RAY 86b27c30bc599ba1-FRA Content-Length 0

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://dun.mom/ Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
security	warning	URL: https://dun.mom/ Message: Mixed Content: The page at 'https://dun.mom/' was loaded over HTTPS, but requested an insecure favicon 'http://www.itzmx.com/favicon.ico'. This content should also be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dun.mom
static.hdslb.com
www.itzmx.com
104.19.22.22
104.19.23.23
163.181.92.234
198.44.173.138
13e1c7f0ea837e36242ed374d46a882db870f5ee847e2273ac072e88c1e31436
4e6a8a8462587eb2be005769bf7ed1edd6647ce645bb035b553a1891ec1c3fd7
de00cb51f5dc2d73eefa48cbb500b79f3b9720a6e3cf11f0ad2541bb9605280f

dun.mom Open in urlscan Pro 198.44.173.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

3 Requests

33 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

121 kBTransfer

124 kBSize

0 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

dun.mom Open in urlscan Pro
198.44.173.138 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

33 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

121 kB
Transfer

124 kB
Size

0
Cookies

3 HTTP transactions
0 data transactions