URL: https://tncsgodemos.ddns.net/
Submission Tags: phishingrod
Submission: On June 05 via api from DE — Scanned from FR

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 51.38.32.202, located in Paris, France and belongs to OVH, FR. The main domain is tncsgodemos.ddns.net.
TLS certificate: Issued by R3 on June 5th 2023. Valid for: 3 months.
This is the only time tncsgodemos.ddns.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 51.38.32.202 16276 (OVH)
4 2a02:4780:dea... 204915 (AWEX)
6 2
Apex Domain
Subdomains
Transfer
4 000webhostapp.com
csgodemoscdn.000webhostapp.com
824 KB
2 ddns.net
tncsgodemos.ddns.net
3 KB
6 2
Domain Requested by
4 csgodemoscdn.000webhostapp.com tncsgodemos.ddns.net
csgodemoscdn.000webhostapp.com
2 tncsgodemos.ddns.net csgodemoscdn.000webhostapp.com
6 2

This site contains links to these domains. Also see Links.

Domain
steamcommunity.com
Subject Issuer Validity Valid
tncsgodemos.ddns.net
R3
2023-06-05 -
2023-09-03
3 months crt.sh
*.000webhostapp.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-08-04 -
2023-07-10
a year crt.sh

This page contains 1 frames:

Primary Page: https://tncsgodemos.ddns.net/
Frame ID: F5ADAD0073189903586BC774AA333380
Requests: 6 HTTP requests in this frame

Screenshot

Page Title

CS:GO Demos Manager

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

827 kB
Transfer

1006 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
tncsgodemos.ddns.net/
6 KB
3 KB
Document
General
Full URL
https://tncsgodemos.ddns.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.38.32.202 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
vps-379de73e.vps.ovh.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
765b5ef04fa9a863e959030674e48f6cef3c28f6aad1dc448c1e17a3ae1867ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
br
content-length
2699
content-type
text/html; charset=UTF-8
date
Mon, 05 Jun 2023 07:49:04 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
bootstrap.min.css
csgodemoscdn.000webhostapp.com/
152 KB
29 KB
Stylesheet
General
Full URL
https://csgodemoscdn.000webhostapp.com/bootstrap.min.css
Requested by
Host: tncsgodemos.ddns.net
URL: https://tncsgodemos.ddns.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f1ed::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tncsgodemos.ddns.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 07:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 May 2023 10:24:11 GMT
server
awex
content-type
text/css
x-xss-protection
1; mode=block
x-request-id
f6ce952261c0d6ce0185275174e85fe8
style.css
csgodemoscdn.000webhostapp.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://csgodemoscdn.000webhostapp.com/style.css
Requested by
Host: tncsgodemos.ddns.net
URL: https://tncsgodemos.ddns.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f1ed::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
73333850ffcd31008bd6b44dd464086a58f664a1c99a82af1b187cb2f3efd7fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tncsgodemos.ddns.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 07:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 May 2023 10:24:12 GMT
server
awex
content-type
text/css
x-xss-protection
1; mode=block
x-request-id
52b1c045b1a6079a9132a6b90ab66ce8
jquery.min.js
csgodemoscdn.000webhostapp.com/
91 KB
38 KB
Script
General
Full URL
https://csgodemoscdn.000webhostapp.com/jquery.min.js
Requested by
Host: tncsgodemos.ddns.net
URL: https://tncsgodemos.ddns.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f1ed::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
66d90e5e13ae94c17031290690e477df30e56e72eff21a0c8e102bebc80aaea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tncsgodemos.ddns.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 07:49:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 May 2023 10:24:12 GMT
server
awex
content-type
application/javascript
x-xss-protection
1; mode=block
x-request-id
3e9b5245dc009efcf952d904b3676f1b
background.jpg
csgodemoscdn.000webhostapp.com/
755 KB
757 KB
Image
General
Full URL
https://csgodemoscdn.000webhostapp.com/background.jpg
Requested by
Host: csgodemoscdn.000webhostapp.com
URL: https://csgodemoscdn.000webhostapp.com/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:4780:dead:f1ed::1 , United States, ASN204915 (AWEX, CY),
Reverse DNS
Software
awex /
Resource Hash
286bbeb3bae579d15574c4bfd14f4df9cb0483005180e8b3eda0b5f7f3f8ed6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://csgodemoscdn.000webhostapp.com/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Mon, 05 Jun 2023 07:49:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 May 2023 10:24:11 GMT
server
awex
content-type
image/jpeg
accept-ranges
bytes
content-length
773274
x-xss-protection
1; mode=block
x-request-id
2f7791587e15b9f97d0724c76ce10c6a
/
tncsgodemos.ddns.net/
48 B
115 B
XHR
General
Full URL
https://tncsgodemos.ddns.net/?do=list&file=
Requested by
Host: csgodemoscdn.000webhostapp.com
URL: https://csgodemoscdn.000webhostapp.com/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.38.32.202 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
vps-379de73e.vps.ovh.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
01964268e8c2d51dc7a7faff84e3e85ee2ce34246ae152c2bb86dd72eedd33d0

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://tncsgodemos.ddns.net/
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Mon, 05 Jun 2023 07:49:06 GMT
content-encoding
br
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
content-length
52

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| jQuery18203530010903533378

0 Cookies