urlscan.io logo urlscan.io
SecurityTrails logo

1kjbsad11.monster Open in urlscan Pro
188.72.236.39  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://t.co/0NpkDvdupm
Effective URL: https://1kjbsad11.monster/oirTJf29c7c6b7b4fd27163e39ebb1583d9df86816081?q=download+game+warpath+mod+apk&s3=download+game+w...
Submission: On June 29 via manual from FR — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 3 HTTP transactions. The main IP is 188.72.236.39, located in Netherlands and belongs to WEBZILLA, NL. The main domain is 1kjbsad11.monster.
TLS certificate: Issued by R3 on June 29th 2023. Valid for: 3 months.
This is the only time 1kjbsad11.monster was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

download_game_warpath_mod_apk.apk 12 MB application/zip
MIME: Zip archive data, at least v2.0 to extract
Size: 12 MB (13010933 bytes, 100% done)
Downloaded from: https://mobileoffers-et-download.com/apk/1392/109?file=download+game+warpath+mod+apk&sub_id=AHqvnWR0NQAAwBwCAEdCOwASAKn9nOoA&site_id=13684&aaa_id=16216&tr_id=21aee54a-5a88-423b-b12b-e8d341439863&u_tr_id=27e308fb-a47d-4dfd-a6b6-2ac46d0f2e0f&bid=0&land_id=0&utm_source=

Domain & IP information

IP Address AS Autonomous System
1 1 104.244.42.133 13414 (TWITTER)
1 104.244.42.5 13414 (TWITTER)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 188.72.236.39 35415 (WEBZILLA)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 188.114.96.3 13335 (CLOUDFLAR...)
3 3
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    2606:4700:3031::6815:39d9 (United States)

ASN13335 (CLOUDFLARENET, US)
urlin.us
1    188.72.236.39 (Netherlands)

ASN35415 (WEBZILLA, NL)
1kjbsad11.monster
1    2606:4700:3035::6815:53a (United States)

ASN13335 (CLOUDFLARENET, US)
mobileoffers-dlc-download.com
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
mobileoffers-et-download.com
Apex Domain
Subdomains		 Transfer
2 t.co
t.co — Cisco Umbrella Rank: 511
892 B
1 mobileoffers-et-download.com
mobileoffers-et-download.com
1 mobileoffers-dlc-download.com
mobileoffers-dlc-download.com
823 B
1 1kjbsad11.monster
1kjbsad11.monster
8 KB
1 urlin.us
urlin.us
604 B
3 5
Domain Requested by
2 t.co 1 redirects
1 mobileoffers-et-download.com 1kjbsad11.monster
1 mobileoffers-dlc-download.com 1 redirects
1 1kjbsad11.monster t.co
1 urlin.us 1 redirects
3 5

This site contains links to these domains. Also see Links.

Domain
mobileoffers-dlc-download.com
Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-14 -
2023-11-14		 a year crt.sh
1kjbsad11.monster
R3		 2023-06-29 -
2023-09-27		 3 months crt.sh
mobileoffers-et-download.com
GTS CA 2P2		 2023-05-18 -
2023-08-16		 3 months crt.sh

This page contains 1 frames:

Frame: https://mobileoffers-et-download.com/apk/1392/109?file=download+game+warpath+mod+apk&sub_id=AHqvnWR0NQAAwBwCAEdCOwASAKn9nOoA&site_id=13684&aaa_id=16216&tr_id=21aee54a-5a88-423b-b12b-e8d341439863&u_tr_id=27e308fb-a47d-4dfd-a6b6-2ac46d0f2e0f&bid=0&land_id=0&utm_source=
Frame ID: 5ACE7D5330033B49BE41246289903B5F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Please wait

Page URL History Show full URLs

  1. http://t.co/0NpkDvdupm HTTP 301
    https://t.co/0NpkDvdupm Page URL
  2. https://urlin.us/2upv8B HTTP 302
    https://1kjbsad11.monster/oirTJf29c7c6b7b4fd27163e39ebb1583d9df86816081?q=download+game+warpath+mod+ap... Page URL

Page Statistics

3
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

9 kB
Transfer

8 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://t.co/0NpkDvdupm HTTP 301
    https://t.co/0NpkDvdupm Page URL
  2. https://urlin.us/2upv8B HTTP 302
    https://1kjbsad11.monster/oirTJf29c7c6b7b4fd27163e39ebb1583d9df86816081?q=download+game+warpath+mod+apk&s3=download+game+warpath+mod+apk&s2=mmaa&s1=vfHsiY20iOiJNb2JpbGVfT3RoZXIiLCJzcyI6IjE2ODczOTA2MTYiLCJycyI6IjI2MzciLCJkcyI6IjU4MzQ0In18 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://t.co/0NpkDvdupm HTTP 301
  • https://t.co/0NpkDvdupm
Request Chain 1
  • https://mobileoffers-dlc-download.com/1392/109?sub_id=AHqvnWR0NQAAwBwCAEdCOwASAKn9nOoA&site_id=13684&file=download+game+warpath+mod+apk HTTP 302
  • https://mobileoffers-et-download.com/apk/1392/109?file=download+game+warpath+mod+apk&sub_id=AHqvnWR0NQAAwBwCAEdCOwASAKn9nOoA&site_id=13684&aaa_id=16216&tr_id=21aee54a-5a88-423b-b12b-e8d341439863&u_tr_id=27e308fb-a47d-4dfd-a6b6-2ac46d0f2e0f&bid=0&land_id=0&utm_source=

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
0NpkDvdupm
t.co/
Redirect Chain
  • http://t.co/0NpkDvdupm
  • https://t.co/0NpkDvdupm
224 B
546 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/0NpkDvdupm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
173
content-type
text/html; charset=utf-8
date
Thu, 29 Jun 2023 16:21:13 GMT
expires
Thu, 29 Jun 2023 16:26:13 GMT
perf
7626143928
server
tsa_f
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
940515e4ba986b69a1b98c7bab56f16de2fca6c38d0dc216d952d5d548879953
x-response-time
110
x-transaction-id
2826a739f28f237d
x-xss-protection
0

Redirect headers

cache-control
no-cache, no-store, max-age=0
content-length
0
date
Thu, 29 Jun 2023 16:21:13 GMT
location
https://t.co/0NpkDvdupm
perf
7626143928
server
tsa_f
x-connection-hash
76c769b49e375b21cbb536d96f6bb1deba21ddd0641f4306343a1c32b6121248
x-response-time
91
x-transaction-id
5007f1ebe6275694
Primary Request oirTJf29c7c6b7b4fd27163e39ebb1583d9df86816081
1kjbsad11.monster/
Redirect Chain
  • https://urlin.us/2upv8B
  • https://1kjbsad11.monster/oirTJf29c7c6b7b4fd27163e39ebb1583d9df86816081?q=download+game+warpath+mod+apk&s3=download+game+warpath+mod+apk&s2=mmaa&s1=vfHsiY20iOiJNb2JpbGVfT3RoZXIiLCJzcyI6IjE2ODczOTA2...
8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1kjbsad11.monster/oirTJf29c7c6b7b4fd27163e39ebb1583d9df86816081?q=download+game+warpath+mod+apk&s3=download+game+warpath+mod+apk&s2=mmaa&s1=vfHsiY20iOiJNb2JpbGVfT3RoZXIiLCJzcyI6IjE2ODczOTA2MTYiLCJycyI6IjI2MzciLCJkcyI6IjU4MzQ0In18
Requested by
Host: t.co
URL: https://t.co/0NpkDvdupm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.72.236.39 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx /
Resource Hash
6e6341e48c255291d13cd4b33f4ddf3ae155d3bd7a53ccdc0e1e1a86a88707e2

Request headers

Referer
https://t.co/0NpkDvdupm
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Thu, 29 Jun 2023 16:21:14 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7def805afa507767-LHR
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 16:21:14 GMT
location
https://1kjbsad11.monster/oirTJf29c7c6b7b4fd27163e39ebb1583d9df86816081?q=download+game+warpath+mod+apk&s3=download+game+warpath+mod+apk&s2=mmaa&s1=vfHsiY20iOiJNb2JpbGVfT3RoZXIiLCJzcyI6IjE2ODczOTA2MTYiLCJycyI6IjI2MzciLCJkcyI6IjU4MzQ0In18
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgknWb8vXdoaCNYjA6xCAPQbRNfX1DKtCfBxI7RGvI3JYxXbnuc%2F5T1WLnyMtIxOdvuN2tJdnZ2yskb95LK55IMuHJYs4nlE3EnYLR0E%2FAskjeSUdlh4jxaJt7rE2jHBRLp%2FvUgjjA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
109
mobileoffers-et-download.com/apk/1392/
Redirect Chain
  • https://mobileoffers-dlc-download.com/1392/109?sub_id=AHqvnWR0NQAAwBwCAEdCOwASAKn9nOoA&site_id=13684&file=download+game+warpath+mod+apk
  • https://mobileoffers-et-download.com/apk/1392/109?file=download+game+warpath+mod+apk&sub_id=AHqvnWR0NQAAwBwCAEdCOwASAKn9nOoA&site_id=13684&aaa_id=16216&tr_id=21aee54a-5a88-423b-b12b-e8d341439863&u_...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mobileoffers-et-download.com/apk/1392/109?file=download+game+warpath+mod+apk&sub_id=AHqvnWR0NQAAwBwCAEdCOwASAKn9nOoA&site_id=13684&aaa_id=16216&tr_id=21aee54a-5a88-423b-b12b-e8d341439863&u_tr_id=27e308fb-a47d-4dfd-a6b6-2ac46d0f2e0f&bid=0&land_id=0&utm_source=
Requested by
Host: 1kjbsad11.monster
URL: https://1kjbsad11.monster/oirTJf29c7c6b7b4fd27163e39ebb1583d9df86816081?q=download+game+warpath+mod+apk&s3=download+game+warpath+mod+apk&s2=mmaa&s1=vfHsiY20iOiJNb2JpbGVfT3RoZXIiLCJzcyI6IjE2ODczOTA2MTYiLCJycyI6IjI2MzciLCJkcyI6IjU4MzQ0In18
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://1kjbsad11.monster/oirTJf29c7c6b7b4fd27163e39ebb1583d9df86816081?q=download+game+warpath+mod+apk&s3=download+game+warpath+mod+apk&s2=mmaa&s1=vfHsiY20iOiJNb2JpbGVfT3RoZXIiLCJzcyI6IjE2ODczOTA2MTYiLCJycyI6IjI2MzciLCJkcyI6IjU4MzQ0In18
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
none
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7def8060cb6a0761-MAN
content-disposition
attachment; filename="download_game_warpath_mod_apk.apk"
content-length
13010933
content-type
application/vnd.android.package-archive
date
Thu, 29 Jun 2023 16:21:15 GMT
etag
"649daf7b-c687f5"
last-modified
Thu, 29 Jun 2023 16:21:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qeuXNl990HuxpAtbZ0%2FR%2B5Iivqo%2F3bbkN%2BtXz21JRO%2BTm16b4%2BJibACMu5NrHHwTvfBodaacIas9QnGHbQgydMb2rvtiF5nHtUGmh3N5ijBRPy%2B%2Bx0ixNErd3xGBJ1mOM5f2VskLHjNKQosdtr%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7def805f9aad887f-LHR
content-type
text/html; charset=UTF-8
date
Thu, 29 Jun 2023 16:21:14 GMT
location
https://mobileoffers-et-download.com/apk/1392/109?file=download+game+warpath+mod+apk&sub_id=AHqvnWR0NQAAwBwCAEdCOwASAKn9nOoA&site_id=13684&aaa_id=16216&tr_id=21aee54a-5a88-423b-b12b-e8d341439863&u_tr_id=27e308fb-a47d-4dfd-a6b6-2ac46d0f2e0f&bid=0&land_id=0&utm_source=
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJ%2F1CX68z7i8iQ%2FeNYePzRH5Ixl0bcIN6jFCIbVxtVDbs9kNz3wwsY0wC%2F8xZlfUmXp%2BZIRJhazwlYT0MWuChi3bCCCiKD9J7xvf%2BFGVnvy71gq2SJSEzvwp8e7tJsFtFdOVAiULB9mPsdiLhUMqMuZ5n4m2J%2BcUml%2B3TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

5 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: 7f2f0d8a-c2b3-49a8-bff1-ac0db337179b
1kjbsad11.monster/ Name: bd_context
Value: ENlFnmbZnhF9Sc3IFH0aTC9s2Mcdont8E6RXx0Mgav1WfumOeiRTf4gnzBCaWwp88dlZPLFyTZ0TCSeQ+mAR2YMzymzzLonPaL7zY6u7QaHeDVNN/VP0zm82jAjRPe2aX1sihPsj8d/2PhgzfsC71OFiKOLzveMcgZrEdkCseTObSKjZBEzrGWhSOjKozk7uE5m0MO+uwcQ9U2zxgUgbaDbnNqDa8MDaj9LQNhyGCKAv8tumERit+qFVe/rmOP5xctXv0SWwIBOTafck6Uiv5JleUvQ9n7Mg7FHtUnkrlfaWDsMW+oKHFA8tb+fg86QT8JSCig==
mobileoffers-dlc-download.com/ Name: m_1392_109_download_game_warpath_mod_apk_apk
Value: 1
mobileoffers-dlc-download.com/ Name: tr_1392
Value: 21aee54a-5a88-423b-b12b-e8d341439863
mobileoffers-et-download.com/ Name: tr_1392
Value: 21aee54a-5a88-423b-b12b-e8d341439863

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1kjbsad11.monster
mobileoffers-dlc-download.com
mobileoffers-et-download.com
t.co
urlin.us
104.244.42.133
104.244.42.5
188.114.96.3
188.72.236.39
2606:4700:3031::6815:39d9
2606:4700:3035::6815:53a
6e6341e48c255291d13cd4b33f4ddf3ae155d3bd7a53ccdc0e1e1a86a88707e2