marii2.rf.gd Open in urlscan Pro
185.27.134.138 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://marii2.rf.gd/
Effective URL:
https://marii2.rf.gd/?i=1
Submission: On June 20 via api (June 20th 2024, 6:08:25 am UTC) from US — Scanned from GB

Summary HTTP 16 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 185.27.134.138, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is marii2.rf.gd.
TLS certificate: Issued by WR1 on June 19th 2024. Valid for: 3 months.

This is the only time marii2.rf.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	185.27.134.138 185.27.134.138	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
1	172.67.149.50 172.67.149.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.137.177.184 216.137.177.184	55293 (A2HOSTING) (A2HOSTING)
1	172.93.49.252 172.93.49.252	29802 (HVC-AS) (HVC-AS)
2	70.113.131.52 70.113.131.52	11427 (TWC-11427...) (TWC-11427-TEXAS)
16	5

11 185.27.134.138 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

marii2.rf.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.149.50 (United States)

ASN13335 (CLOUDFLARENET, US)

counter.websiteout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.137.177.184 (United States)

ASN55293 (A2HOSTING, US)
PTR: server.ericexperiment.com

www.oldavista.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.93.49.252 (New York, United States)

ASN29802 (HVC-AS, US)
PTR: b2.soutocontabilidade.com

wiby.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.113.131.52 (Austin, United States)

ASN11427 (TWC-11427-TEXAS, US)
PTR: syn-070-113-131-052.res.spectrum.com

john.citrons.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	rf.gd marii2.rf.gd	110 KB
2	citrons.xyz john.citrons.xyz
1	wiby.me wiby.me	2 KB
1	oldavista.com www.oldavista.com	18 KB
1	websiteout.com counter.websiteout.com — Cisco Umbrella Rank: 606568	6 KB
16	5

	Domain	Requested by
11	marii2.rf.gd	marii2.rf.gd
2	john.citrons.xyz	marii2.rf.gd
1	wiby.me	marii2.rf.gd
1	www.oldavista.com	marii2.rf.gd
1	counter.websiteout.com	marii2.rf.gd
16	5

This site contains links to these domains. Also see Links.

Domain
www.ubuntu.com
duckdns.org
www.gimp.org
wiby.me
transfem.social

Subject Issuer	Validity	Valid
marii2.rf.gd WR1	`2024-06-19` - `2024-09-17`	3 months	crt.sh
websiteout.com GTS CA 1P5	`2024-05-02` - `2024-07-31`	3 months	crt.sh
www.oldavista.com R3	`2024-05-09` - `2024-08-07`	3 months	crt.sh
wiby.me GoGetSSL RSA DV CA	`2023-08-02` - `2024-07-12`	a year	crt.sh
mondecitronne.com R3	`2024-04-15` - `2024-07-14`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://marii2.rf.gd/?i=1
Frame ID: 1A2F6664AD1C2C9A2F2E9F5B68A44952
Requests: 14 HTTP requests in this frame

Frame: https://john.citrons.xyz/embed?ref=https://marii2.duckdns.org/
Frame ID: 5FF18C9A74152CE94096F36ECE674F66
Requests: 1 HTTP requests in this frame

Frame: https://john.citrons.xyz/embed?ref=https://marii2.duckdns.org/
Frame ID: FFFE938E24CA228B6D848054D8668357
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Maricom 2

Page URL History Show full URLs

http://marii2.rf.gd/ HTTP 307
https://marii2.rf.gd/ Page URL
https://marii2.rf.gd/?i=1 Page URL

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

136 kB
Transfer

207 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ubuntu.com/

Search URL Search Domain Scan URL

URL: https://duckdns.org/

Search URL Search Domain Scan URL

URL: https://www.gimp.org/

Search URL Search Domain Scan URL

URL: https://wiby.me/

Search URL Search Domain Scan URL

URL: https://transfem.social/@mari

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://marii2.rf.gd/ HTTP 307
https://marii2.rf.gd/ Page URL
https://marii2.rf.gd/?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://marii2.rf.gd/ HTTP 307
https://marii2.rf.gd/

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response marii2.rf.gd/ Redirect Chain http://marii2.rf.gd/ https://marii2.rf.gd/	824 B 687 B	292ms 38ms	Document text/html	185.27.134.138 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL https://marii2.rf.gd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.27.134.138 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `0dc75db2af4ec04651cf8309617d630e5935fc1308d004563498bee86028a5a5` Request headers Accept-Language en-GB,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Cache-Control no-cache Connection keep-alive Content-Encoding br Content-Type text/html Date Thu, 20 Jun 2024 06:08:19 GMT Expires Thu, 01 Jan 1970 00:00:01 GMT Server nginx Transfer-Encoding chunked Redirect headers Location https://marii2.rf.gd/ Non-Authoritative-Reason HttpsUpgrades
GET H/1.1	200 OK	aes.js Show response marii2.rf.gd/	13 KB 5 KB	39ms 39ms	Script application/javascript	185.27.134.138 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL https://marii2.rf.gd/aes.js Requested by Host: marii2.rf.gd URL: https://marii2.rf.gd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.27.134.138 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://marii2.rf.gd/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 20 Jun 2024 06:08:19 GMT Content-Encoding br Last-Modified Sun, 15 Oct 2023 17:41:56 GMT Server nginx ETag W/"652c2464-35a5" Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive
GET H/1.1	200 OK	Primary Request / Show response marii2.rf.gd/	2 KB 960 B	53ms 53ms	Document text/html	185.27.134.138 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL https://marii2.rf.gd/?i=1 Requested by Host: marii2.rf.gd URL: https://marii2.rf.gd/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.27.134.138 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `44e7ef1bc9f8d26dd1403c1af04e0889d036bcc6d01cac8dce1170afd861ed98` Request headers Accept-Language en-GB,en;q=0.9;q=0.9 Referer https://marii2.rf.gd/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Cache-Control max-age=0 Connection keep-alive Content-Encoding br Content-Type text/html; charset=UTF-8 Date Thu, 20 Jun 2024 06:08:19 GMT Expires Thu, 20 Jun 2024 06:08:19 GMT Server nginx Transfer-Encoding chunked
GET H/1.1	200 OK	css.css marii2.rf.gd/	1 KB 891 B	41ms 40ms	Stylesheet text/css	185.27.134.138 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL https://marii2.rf.gd/css.css Requested by Host: marii2.rf.gd URL: https://marii2.rf.gd/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.27.134.138 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `b50706a974f844ca346d31323d4b8292b178740e33e2fdfe54650d5c3977a5a1` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://marii2.rf.gd/?i=1 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 20 Jun 2024 06:08:19 GMT Content-Encoding br Last-Modified Wed, 19 Jun 2024 04:42:32 GMT Server nginx ETag W/"532-61b36d392fb28" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=2592000, public, proxy-revalidate, must-revalidate Connection keep-alive Expires Sat, 20 Jul 2024 06:08:19 GMT
GET H/1.1	200 OK	maricomlogow.svg marii2.rf.gd/	18 KB 4 KB	170ms 61ms	Image image/svg+xml	185.27.134.138 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Show image Full URL https://marii2.rf.gd/maricomlogow.svg Requested by Host: marii2.rf.gd URL: https://marii2.rf.gd/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.27.134.138 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `637a8e32c893cd78eef9b8b728997ee8a02106b1c724993f8a89392707da3688` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://marii2.rf.gd/?i=1 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 20 Jun 2024 06:08:19 GMT Content-Encoding br Last-Modified Wed, 19 Jun 2024 04:43:07 GMT Server nginx ETag W/"4671-61b36d5b0ce30" Transfer-Encoding chunked Content-Type image/svg+xml Cache-Control max-age=0 Connection keep-alive Expires Thu, 20 Jun 2024 06:08:19 GMT
GET H3	200	compte.php counter.websiteout.com/	5 KB 6 KB	172ms 100ms	Image image/png	172.67.149.50 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://counter.websiteout.com/compte.php?S=marii2.duckdns.org&C=2&D=0&N=3384&M=0&clt=1703531291 Requested by Host: marii2.rf.gd URL: https://marii2.rf.gd/?i=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.149.50 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1e73e121991ee928b25f4d8943e7c379b38a961ee41bb140410a453f7f24aaa3` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://marii2.rf.gd/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 06:08:21 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E9%2FYUOvnfJpwvsRgnN5Ry3YMz8g6XUkyuzQui7CNaUFWuzuOubOC47mbA0l6ehZutaAnKRxXYEK2IN1aTiSLsgZVtUkvlx1nahyVgWSQs%2FOfvHke68g3zpXdhYx7StQs%2FdBG%2Be3dLc%2Bf"}],"group":"cf-nel","max_age":604800} content-type image/png p3p CP="DSP COR NID CURa" cf-ray 89699573bed694e5-LHR alt-svc h3=":443"; ma=86400 content-length 5276
GET H/1.1	200 OK	ubuntu.png marii2.rf.gd/	17 KB 17 KB	107ms 66ms	Image image/png	185.27.134.138 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Show image Full URL https://marii2.rf.gd/ubuntu.png Requested by Host: marii2.rf.gd URL: https://marii2.rf.gd/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.27.134.138 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `83aeae91f5f20a4856aebbea2a3eafd34b9466f05fccd68b6d60b271a594ff4f` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://marii2.rf.gd/?i=1 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 20 Jun 2024 06:08:19 GMT Last-Modified Wed, 19 Jun 2024 04:43:28 GMT Server nginx ETag "43bc-61b36d6f1b2a0" Content-Type image/png Cache-Control max-age=2592000, public, proxy-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 17340 Expires Sat, 20 Jul 2024 06:08:19 GMT
GET H2	200	800x600.gif www.oldavista.com/assets/	18 KB 18 KB	680ms 118ms	Image image/gif	216.137.177.184 A2HOSTING
General Check archive.org Show headers Download Go to Show image Full URL https://www.oldavista.com/assets/800x600.gif Requested by Host: marii2.rf.gd URL: https://marii2.rf.gd/?i=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 216.137.177.184 , United States, ASN55293 (A2HOSTING, US), Reverse DNS server.ericexperiment.com Software openresty / Resource Hash `dd1fd86bf54ff84feb3ec50b4ac25304299f7cd0a5babbb3b77842946b469077` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://marii2.rf.gd/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 06:08:21 GMT last-modified Fri, 17 Mar 2023 06:18:53 GMT server openresty etag "469a-5f7128d288b5c" content-type image/gif accept-ranges bytes content-length 18074 x-served-by www.oldavista.com
GET H/1.1	200 OK	duckdns.png marii2.rf.gd/	12 KB 13 KB	117ms 49ms	Image image/png	185.27.134.138 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Show image Full URL https://marii2.rf.gd/duckdns.png Requested by Host: marii2.rf.gd URL: https://marii2.rf.gd/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.27.134.138 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `3bc49a95f80ae2b254f0cf7be4675741f6b95e20e0104e7134dc7762266a2618` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://marii2.rf.gd/?i=1 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 20 Jun 2024 06:08:19 GMT Last-Modified Wed, 19 Jun 2024 04:42:40 GMT Server nginx ETag "3156-61b36d4120a80" Content-Type image/png Cache-Control max-age=2592000, public, proxy-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 12630 Expires Sat, 20 Jul 2024 06:08:19 GMT
GET H/1.1	200 OK	gimp.gif marii2.rf.gd/	3 KB 3 KB	107ms 39ms	Image image/gif	185.27.134.138 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Show image Full URL https://marii2.rf.gd/gimp.gif Requested by Host: marii2.rf.gd URL: https://marii2.rf.gd/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.27.134.138 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `47497ad6951e6426e7d0339258b81d13de0e72c4e86e060a113a6211addab4f2` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://marii2.rf.gd/?i=1 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 20 Jun 2024 06:08:19 GMT Last-Modified Wed, 19 Jun 2024 04:42:56 GMT Server nginx ETag "bd2-61b36d50069f0" Content-Type image/gif Cache-Control max-age=2592000, public, proxy-revalidate Connection keep-alive Accept-Ranges bytes Content-Length 3026 Expires Sat, 20 Jul 2024 06:08:19 GMT
GET H/1.1	200 OK	wiby.gif wiby.me/about/	2 KB 2 KB	415ms 98ms	Image image/gif	172.93.49.252 HVC-AS
General Check archive.org Show headers Download Go to Show image Full URL https://wiby.me/about/wiby.gif Requested by Host: marii2.rf.gd URL: https://marii2.rf.gd/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.93.49.252 New York, United States, ASN29802 (HVC-AS, US), Reverse DNS b2.soutocontabilidade.com Software nginx / Resource Hash `43eac775d67b2c7e3cf7f1686db87713b8bc9f6d52c69fa4aaf700798abcbf14` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://marii2.rf.gd/ Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 20 Jun 2024 06:08:21 GMT Last-Modified Sun, 12 Aug 2018 04:59:50 GMT Server nginx ETag "5b6fbec6-866" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 2150
GET H/1.1	200 OK	Maricom.svg marii2.rf.gd/	111 KB 63 KB	145ms 44ms	Image image/svg+xml	185.27.134.138 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Show image Full URL https://marii2.rf.gd/Maricom.svg Requested by Host: marii2.rf.gd URL: https://marii2.rf.gd/?i=1 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.27.134.138 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `594456a85814b74c7efbea4ff74275a3f4c5bd7a1dc75e9ec098ebdabbe37863` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://marii2.rf.gd/?i=1 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 20 Jun 2024 06:08:19 GMT Content-Encoding br Last-Modified Wed, 19 Jun 2024 04:42:07 GMT Server nginx ETag W/"1bbe6-61b36d22359e0" Transfer-Encoding chunked Content-Type image/svg+xml Cache-Control max-age=0 Connection keep-alive Expires Thu, 20 Jun 2024 06:08:19 GMT
GET H/1.1	200 OK	embed john.citrons.xyz/ Frame 5FF1	0 0	760ms 399ms	Document text/html	70.113.131.52 TWC-11427-TEXAS
General Check archive.org Show headers Download Go to Full URL https://john.citrons.xyz/embed?ref=https://marii2.duckdns.org/ Requested by Host: marii2.rf.gd URL: https://marii2.rf.gd/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.113.131.52 Austin, United States, ASN11427 (TWC-11427-TEXAS, US), Reverse DNS syn-070-113-131-052.res.spectrum.com Software nginx/1.18.0 / Resource Hash Request headers Accept-Language en-GB,en;q=0.9;q=0.9 Referer https://marii2.rf.gd/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Cross-Origin-Resource-Policy cross-origin Date Thu, 20 Jun 2024 06:08:21 GMT Server nginx/1.18.0 Transfer-Encoding chunked
GET H/1.1	200 OK	embed john.citrons.xyz/ Frame FFFE	0 0	1082ms 322ms	Document text/html	70.113.131.52 TWC-11427-TEXAS
General Check archive.org Show headers Download Go to Full URL https://john.citrons.xyz/embed?ref=https://marii2.duckdns.org/ Requested by Host: marii2.rf.gd URL: https://marii2.rf.gd/?i=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 70.113.131.52 Austin, United States, ASN11427 (TWC-11427-TEXAS, US), Reverse DNS syn-070-113-131-052.res.spectrum.com Software nginx/1.18.0 / Resource Hash Request headers Accept-Language en-GB,en;q=0.9;q=0.9 Referer https://marii2.rf.gd/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=utf-8 Cross-Origin-Resource-Policy cross-origin Date Thu, 20 Jun 2024 06:08:22 GMT Server nginx/1.18.0 Transfer-Encoding chunked
GET H/1.1	200 OK	Tab.svg marii2.rf.gd/	3 KB 1 KB	114ms 49ms	Image image/svg+xml	185.27.134.138 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Show image Full URL https://marii2.rf.gd/Tab.svg Requested by Host: marii2.rf.gd URL: https://marii2.rf.gd/css.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.27.134.138 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `3afc0e828ff2e831f98c866cb5ceb70456f21f3f147d9c438524b9db70cae0e1` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://marii2.rf.gd/css.css Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 20 Jun 2024 06:08:19 GMT Content-Encoding br Last-Modified Wed, 19 Jun 2024 04:42:15 GMT Server nginx ETag W/"a9f-61b36d29d5088" Transfer-Encoding chunked Content-Type image/svg+xml Cache-Control max-age=0 Connection keep-alive Expires Thu, 20 Jun 2024 06:08:19 GMT
GET H/1.1	404 Not Found	favicon.ico marii2.rf.gd/	1 KB 699 B	46ms 46ms	Other text/html	185.27.134.138 WILDCARD-AS Wildc...
General Check archive.org Show headers Download Go to Full URL https://marii2.rf.gd/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.27.134.138 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB), Reverse DNS Software nginx / Resource Hash `c46cd0720ce2f2b315d527453a8bd9d0f4a9fa135eb1e8edc6d7c8544289bfd0` Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://marii2.rf.gd/?i=1 Accept-Language en-GB,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 20 Jun 2024 06:08:21 GMT Content-Encoding br Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			marii2.rf.gd/	1970-01-21 07:03:43	Name: __test Value: 4716518663edc5f42154dbaa3d2d40af

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://marii2.rf.gd/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counter.websiteout.com
john.citrons.xyz
marii2.rf.gd
wiby.me
www.oldavista.com
172.67.149.50
172.93.49.252
185.27.134.138
216.137.177.184
70.113.131.52
0dc75db2af4ec04651cf8309617d630e5935fc1308d004563498bee86028a5a5
1e73e121991ee928b25f4d8943e7c379b38a961ee41bb140410a453f7f24aaa3
3afc0e828ff2e831f98c866cb5ceb70456f21f3f147d9c438524b9db70cae0e1
3bc49a95f80ae2b254f0cf7be4675741f6b95e20e0104e7134dc7762266a2618
43eac775d67b2c7e3cf7f1686db87713b8bc9f6d52c69fa4aaf700798abcbf14
44e7ef1bc9f8d26dd1403c1af04e0889d036bcc6d01cac8dce1170afd861ed98
47497ad6951e6426e7d0339258b81d13de0e72c4e86e060a113a6211addab4f2
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96
594456a85814b74c7efbea4ff74275a3f4c5bd7a1dc75e9ec098ebdabbe37863
637a8e32c893cd78eef9b8b728997ee8a02106b1c724993f8a89392707da3688
83aeae91f5f20a4856aebbea2a3eafd34b9466f05fccd68b6d60b271a594ff4f
b50706a974f844ca346d31323d4b8292b178740e33e2fdfe54650d5c3977a5a1
c46cd0720ce2f2b315d527453a8bd9d0f4a9fa135eb1e8edc6d7c8544289bfd0
dd1fd86bf54ff84feb3ec50b4ac25304299f7cd0a5babbb3b77842946b469077

marii2.rf.gd Open in urlscan Pro 185.27.134.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

136 kBTransfer

207 kBSize

1 Cookies

5 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

marii2.rf.gd Open in urlscan Pro
185.27.134.138 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

136 kB
Transfer

207 kB
Size

1
Cookies

16 HTTP transactions
0 data transactions