hti1.online-hd.amazingcontent.site Open in urlscan Pro
176.9.80.29 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bibabob.fun/
Effective URL:
https://hti1.online-hd.amazingcontent.site/?tag_id=110473&clickid=%7B58877477%7D&cl=4&bu=https%3A%2F%2Fbaobaber.fun%2Fc7VMK7sW&eu=https%3A%...
Submission: On February 01 via api (February 1st 2024, 8:59:28 pm UTC) from US — Scanned from US

Summary HTTP 149 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 12 domains to perform 149 HTTP transactions. The main IP is 176.9.80.29, located in and belongs to . The main domain is hti1.online-hd.amazingcontent.site.
TLS certificate: Issued by R3 on January 16th 2024. Valid for: 3 months.

This is the only time hti1.online-hd.amazingcontent.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:3c20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3037::ac43:bf1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	136.243.42.50 136.243.42.50	24940 (HETZNER-AS) (HETZNER-AS)
55	23.158.56.164 23.158.56.164	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
31	193.108.118.16 193.108.118.16	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
1 33	144.76.106.61 144.76.106.61	() ()
1 1	2606:4700:303... 2606:4700:3032::6815:21d5	() ()
18	176.9.80.29 176.9.80.29	() ()
1	94.130.197.138 94.130.197.138	() ()
1	45.133.44.52 45.133.44.52	() ()
149	7

1 2606:4700:3037::6815:3c20 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bibabob.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:bf1d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bibabob.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.42.50 (Berlin, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.50.42.243.136.clients.your-server.de

news-nogehe.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 23.158.56.164 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 164-56-158-23.clients.gthost.com

news-folani.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9cb5f00aa9.news-jokuki.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 193.108.118.16 (Frankfurt am Main, Germany)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 16-118-108-193.clients.gthost.com

9d20bc3aa3.news-curusi.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d700962d0f.news-yolifu.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 144.76.106.61 (None, ) 1 redirects

ASN- ()

f183b1cd48.news-peperi.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:21d5 (None, ) 1 redirects

ASN- ()

baobaber.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 176.9.80.29 (None, )

ASN- ()

online-hd.amazingcontent.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hti1.online-hd.amazingcontent.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.197.138 (None, )

ASN- ()

metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.52 (None, )

ASN- ()

js.wpshsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	news-peperi.cc 1 redirects f183b1cd48.news-peperi.cc	264 KB
32	news-jokuki.cc 9cb5f00aa9.news-jokuki.cc	238 KB
23	news-yolifu.cc d700962d0f.news-yolifu.cc	283 KB
23	news-folani.cc news-folani.cc	283 KB
18	amazingcontent.site online-hd.amazingcontent.site hti1.online-hd.amazingcontent.site	187 KB
8	news-curusi.cc 9d20bc3aa3.news-curusi.cc	39 KB
2	bibabob.fun 2 redirects bibabob.fun	2 KB
1	wpshsdk.com js.wpshsdk.com	238 B
1	metricswpsh.com metricswpsh.com
1	baobaber.fun 1 redirects baobaber.fun	966 B
1	news-nogehe.cc 1 redirects news-nogehe.cc	138 B
0	tubecup.net Failed notification.tubecup.net Failed
149	12

	Domain	Requested by
33	f183b1cd48.news-peperi.cc	1 redirects d700962d0f.news-yolifu.cc f183b1cd48.news-peperi.cc
32	9cb5f00aa9.news-jokuki.cc	news-folani.cc 9cb5f00aa9.news-jokuki.cc
23	d700962d0f.news-yolifu.cc	9d20bc3aa3.news-curusi.cc d700962d0f.news-yolifu.cc
23	news-folani.cc	news-folani.cc
14	hti1.online-hd.amazingcontent.site	online-hd.amazingcontent.site hti1.online-hd.amazingcontent.site
8	9d20bc3aa3.news-curusi.cc	9cb5f00aa9.news-jokuki.cc 9d20bc3aa3.news-curusi.cc
4	online-hd.amazingcontent.site	f183b1cd48.news-peperi.cc online-hd.amazingcontent.site
2	bibabob.fun	2 redirects
1	js.wpshsdk.com	hti1.online-hd.amazingcontent.site
1	metricswpsh.com	hti1.online-hd.amazingcontent.site
1	baobaber.fun	1 redirects
1	news-nogehe.cc	1 redirects
0	notification.tubecup.net Failed
149	13

This site contains no links.

Subject Issuer	Validity	Valid
*.news-folani.cc R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.news-jokuki.cc R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.news-curusi.cc R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.news-yolifu.cc R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
*.news-peperi.cc R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
online-hd.amazingcontent.site R3	`2024-01-16` - `2024-04-15`	3 months	crt.sh
notification.tubecup.net R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
js.wpshsdk.com R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://hti1.online-hd.amazingcontent.site/?tag_id=110473&clickid=%7B58877477%7D&cl=4&bu=https%3A%2F%2Fbaobaber.fun%2Fc7VMK7sW&eu=https%3A%2F%2Fbaobaber.fun%2Fc7VMK7sW&click=1&r=1
Frame ID: A4BB62B1E1C4B373798662C6C74F4D1F
Requests: 152 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bibabob.fun/ HTTP 301
https://bibabob.fun/ HTTP 302
https://news-nogehe.cc/?id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 HTTP 302
https://news-folani.cc/?id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 Page URL
https://9cb5f00aa9.news-jokuki.cc/?i=1&id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 Page URL
https://9d20bc3aa3.news-curusi.cc/?i=2&id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 Page URL
https://d700962d0f.news-yolifu.cc/?i=3&id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 Page URL
https://f183b1cd48.news-peperi.cc/?i=4&id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 Page URL
https://f183b1cd48.news-peperi.cc/tb?id=1218902767&land=36&monetization=user&p1=&p2=afh61c1b2si6b&p3=&p4=&type... HTTP 302
https://baobaber.fun/3LBPTZ5q HTTP 302
https://online-hd.amazingcontent.site/?tag_id=110473&clickid={58877477}&cl=4&bu=https%3A%2F%2Fbaobaber.fun%2Fc7VMK... Page URL
https://hti1.online-hd.amazingcontent.site/?tag_id=110473&clickid=%7B58877477%7D&cl=4&bu=https%3A%2F%2Fbaobaber.fun%2Fc... Page URL

Page Statistics

149
Requests

93 %
HTTPS

30 %
IPv6

12
Domains

13
Subdomains

7
IPs

2
Countries

1294 kB
Transfer

2099 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bibabob.fun/ HTTP 301
https://bibabob.fun/ HTTP 302
https://news-nogehe.cc/?id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 HTTP 302
https://news-folani.cc/?id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 Page URL
https://9cb5f00aa9.news-jokuki.cc/?i=1&id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 Page URL
https://9d20bc3aa3.news-curusi.cc/?i=2&id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 Page URL
https://d700962d0f.news-yolifu.cc/?i=3&id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 Page URL
https://f183b1cd48.news-peperi.cc/?i=4&id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 Page URL
https://f183b1cd48.news-peperi.cc/tb?id=1218902767&land=36&monetization=user&p1=&p2=afh61c1b2si6b&p3=&p4=&type=reject HTTP 302
https://baobaber.fun/3LBPTZ5q HTTP 302
https://online-hd.amazingcontent.site/?tag_id=110473&clickid={58877477}&cl=4&bu=https%3A%2F%2Fbaobaber.fun%2Fc7VMK7sW&eu=https%3A%2F%2Fbaobaber.fun%2Fc7VMK7sW&click=1 Page URL
https://hti1.online-hd.amazingcontent.site/?tag_id=110473&clickid=%7B58877477%7D&cl=4&bu=https%3A%2F%2Fbaobaber.fun%2Fc7VMK7sW&eu=https%3A%2F%2Fbaobaber.fun%2Fc7VMK7sW&click=1&r=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bibabob.fun/ HTTP 301
https://bibabob.fun/ HTTP 302
https://news-nogehe.cc/?id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 HTTP 302
https://news-folani.cc/?id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4

Request Chain 121

https://f183b1cd48.news-peperi.cc/tb?id=1218902767&land=36&monetization=user&p1=&p2=afh61c1b2si6b&p3=&p4=&type=reject HTTP 302
https://baobaber.fun/3LBPTZ5q HTTP 302
https://online-hd.amazingcontent.site/?tag_id=110473&clickid={58877477}&cl=4&bu=https%3A%2F%2Fbaobaber.fun%2Fc7VMK7sW&eu=https%3A%2F%2Fbaobaber.fun%2Fc7VMK7sW&click=1

149 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
news-folani.cc/
Redirect Chain

http://bibabob.fun/
https://bibabob.fun/
https://news-nogehe.cc/?id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4
https://news-folani.cc/?id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4

24 KB
10 KB

555ms
223ms

Document
text/html

23.158.56.164
AS-GLOBALTELEHOST

General

Domain/Path	Expires	Name / Value
bibabob.fun/	1970-01-20 18:51:39	Name: _subid Value: afh61c1b2si6b
bibabob.fun/	1970-01-21 03:43:01	Name: 330d8 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjgwM1wiOjE3MDY4MjExNTd9LFwiY2FtcGFpZ25zXCI6e1wiNlwiOjE3MDY4MjExNTd9LFwidGltZVwiOjE3MDY4MjExNTd9In0.B83Zreo1L3D14Gbx_eQ6XxHnC4rKf0113qPtAmxrapU
bibabob.fun/	1970-01-20 18:51:39	Name: _token Value: uuid_afh61c1b2si6b_afh61c1b2si6b65bc06252dabf3.11034397
news-folani.cc/	1970-01-20 18:08:27	Name: clickdata Value: eyJzdWJhY2MiOjEyMTg5MDI3NjcsImxhbmQiOjcwLCJwMiI6ImFmaDYxYzFiMnNpNmIifQ==
9cb5f00aa9.news-jokuki.cc/	1970-01-20 18:08:27	Name: clickdata Value: eyJzdWJhY2MiOjEyMTg5MDI3NjcsImxhbmQiOjM2LCJwMiI6ImFmaDYxYzFiMnNpNmIifQ==
9d20bc3aa3.news-curusi.cc/	1970-01-20 18:08:27	Name: clickdata Value: eyJzdWJhY2MiOjEyMTg5MDI3NjcsImxhbmQiOjQ4LCJwMiI6ImFmaDYxYzFiMnNpNmIifQ==
d700962d0f.news-yolifu.cc/	1970-01-20 18:08:27	Name: clickdata Value: eyJzdWJhY2MiOjEyMTg5MDI3NjcsImxhbmQiOjcwLCJwMiI6ImFmaDYxYzFiMnNpNmIifQ==

Source	Level	URL Text
other	error	URL: https://news-folani.cc/?id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://9cb5f00aa9.news-jokuki.cc/?i=1&id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://9d20bc3aa3.news-curusi.cc/?i=2&id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://d700962d0f.news-yolifu.cc/?i=3&id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	error	URL: https://f183b1cd48.news-peperi.cc/?i=4&id=1218902767&p1=&p2=afh61c1b2si6b&p3=&p4=sub4 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

hti1.online-hd.amazingcontent.site Open in urlscan Pro 176.9.80.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

149 Requests

93 %HTTPS

30 %IPv6

12 Domains

13 Subdomains

7 IPs

2 Countries

1294 kBTransfer

2099 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hti1.online-hd.amazingcontent.site Open in urlscan Pro
176.9.80.29 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

93 %
HTTPS

30 %
IPv6

12
Domains

13
Subdomains

7
IPs

2
Countries

1294 kB
Transfer

2099 kB
Size

7
Cookies

149 HTTP transactions
3 data transactions