urlscan.io logo urlscan.io
SecurityTrails logo

sadkush34.xyz Open in urlscan Pro
143.244.200.181  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/Lc61XoCGLD
Effective URL: http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304
Submission: On September 06 via manual from ZA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 7 domains to perform 9 HTTP transactions. The main IP is 143.244.200.181, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is sadkush34.xyz. The Cisco Umbrella rank of the primary domain is 633326.
This is the only time sadkush34.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.69 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 67.199.248.10 396982 (GOOGLE-CL...)
2 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 134.209.129.56 14061 (DIGITALOC...)
6 143.244.200.181 14061 (DIGITALOC...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
9 4
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
doan9load.blogspot.com
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: bit.ly
bit.ly
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
downlo-adsdow.store
1    134.209.129.56 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
traffic-metacpa.com
6    143.244.200.181 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sadkush34.xyz
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
Apex Domain
Subdomains		 Transfer
6 sadkush34.xyz
sadkush34.xyz — Cisco Umbrella Rank: 633326
176 KB
2 downlo-adsdow.store
downlo-adsdow.store
2 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 820
30 KB
1 traffic-metacpa.com
traffic-metacpa.com — Cisco Umbrella Rank: 508665
224 B
1 bit.ly
bit.ly — Cisco Umbrella Rank: 6598
322 B
1 blogspot.com
doan9load.blogspot.com
16 KB
1 t.co
t.co — Cisco Umbrella Rank: 580
549 B
9 7
Domain Requested by
6 sadkush34.xyz doan9load.blogspot.com
sadkush34.xyz
2 downlo-adsdow.store 2 redirects
1 code.jquery.com sadkush34.xyz
1 traffic-metacpa.com 1 redirects
1 bit.ly 1 redirects
1 doan9load.blogspot.com t.co
1 t.co
9 7

This site contains no links.

Subject Issuer Validity Valid
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
misc-sni.blogspot.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh

This page contains 1 frames:

Primary Page: http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304
Frame ID: 248D52BEF8B81500E25BB20F2F233B3F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Win an iphone 13 | sadkush34

Page URL History Show full URLs

  1. https://t.co/Lc61XoCGLD Page URL
  2. https://doan9load.blogspot.com/ Page URL
  3. https://bit.ly/3EmfgAV HTTP 301
    http://downlo-adsdow.store/cl/f962f42ce47c4b54?p1=&p2=&source=twitter&site=1234 HTTP 301
    https://downlo-adsdow.store/cl/f962f42ce47c4b54?p1=&p2=&source=twitter&site=1234 HTTP 302
    https://traffic-metacpa.com/trclck?hash=304&pid=1034&aid=40622&keyword=4945500769&keyword3=372328 HTTP 302
    http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

33 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

4
IPs

3
Countries

222 kB
Transfer

343 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/Lc61XoCGLD Page URL
  2. https://doan9load.blogspot.com/ Page URL
  3. https://bit.ly/3EmfgAV HTTP 301
    http://downlo-adsdow.store/cl/f962f42ce47c4b54?p1=&p2=&source=twitter&site=1234 HTTP 301
    https://downlo-adsdow.store/cl/f962f42ce47c4b54?p1=&p2=&source=twitter&site=1234 HTTP 302
    https://traffic-metacpa.com/trclck?hash=304&pid=1034&aid=40622&keyword=4945500769&keyword3=372328 HTTP 302
    http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Lc61XoCGLD
t.co/ 		248 B
549 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/Lc61XoCGLD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
177
content-type
text/html; charset=utf-8
date
Wed, 06 Sep 2023 20:17:54 GMT
expires
Wed, 06 Sep 2023 20:22:55 GMT
perf
7626143928
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
669e3c756dd9bbd323a1b122c092f28d90c65807cba50e2273ec794765ab1d4d
x-response-time
121
x-transaction-id
4e1496127dfcf42c
x-xss-protection
0
/
doan9load.blogspot.com/ 		72 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://doan9load.blogspot.com/
Requested by
Host: t.co
URL: https://t.co/Lc61XoCGLD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
15606
content-type
text/html; charset=UTF-8
date
Wed, 06 Sep 2023 20:17:55 GMT
etag
W/"e9d83de64577c6315a2190c9365029b0c457e5381ba719a6e6a7526b573d9a90"
expires
Wed, 06 Sep 2023 20:17:55 GMT
last-modified
Fri, 01 Sep 2023 19:44:34 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Primary Request 1012
sadkush34.xyz/
Redirect Chain
  • https://bit.ly/3EmfgAV
  • http://downlo-adsdow.store/cl/f962f42ce47c4b54?p1=&p2=&source=twitter&site=1234
  • https://downlo-adsdow.store/cl/f962f42ce47c4b54?p1=&p2=&source=twitter&site=1234
  • https://traffic-metacpa.com/trclck?hash=304&pid=1034&aid=40622&keyword=4945500769&keyword3=372328
  • http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304
Requested by
Host: doan9load.blogspot.com
URL: https://doan9load.blogspot.com/
Protocol
HTTP/1.1
Server
143.244.200.181 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
96022ce01c843f90eb2e307a568f4b150d2e6fa479b8a94c666aec2bee427903

Request headers

Referer
https://doan9load.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 06 Sep 2023 20:17:56 GMT
etag
W/"3a14-69KTzisMX0tNo+9j8/aZ019BPfU"
transfer-encoding
chunked
vary
Accept-Encoding
x-powered-by
Express

Redirect headers

date
Wed, 06 Sep 2023 20:17:56 GMT
location
http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304
server
nginx/1.18.0 (Ubuntu)
transfer-encoding
chunked
x-powered-by
Express
iphone-13.jpg
sadkush34.xyz/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sadkush34.xyz/images/iphone-13.jpg
Requested by
Host: sadkush34.xyz
URL: http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304
Protocol
HTTP/1.1
Server
143.244.200.181 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
3f33112df88c0d92de75a2ab4e3a2011bacf47b29699fad899d59cddc8f99d41

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 20:17:56 GMT
content-encoding
gzip
x-powered-by
Express
etag
W/"8fd-agbkjjxYT0f/qjnIqQpqDJdYUEA"
vary
Accept-Encoding
transfer-encoding
chunked
content-type
text/html; charset=utf-8
agent2.png
sadkush34.xyz/images/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sadkush34.xyz/images/agent2.png
Requested by
Host: sadkush34.xyz
URL: http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304
Protocol
HTTP/1.1
Server
143.244.200.181 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
7facf19dc5413e64ccb84b932a25630774cd7a729a757d3ab7d99f6ac1c869f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 20:17:56 GMT
last-modified
Sun, 18 Sep 2022 18:43:14 GMT
x-powered-by
Express
etag
W/"11829-18351e96795"
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
71721
loading3.gif
sadkush34.xyz/images/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sadkush34.xyz/images/loading3.gif
Requested by
Host: sadkush34.xyz
URL: http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304
Protocol
HTTP/1.1
Server
143.244.200.181 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
2dc6c683182e757fac5e6a93a6fd74182f31e1adec6b6e8289f2d95f625d0b3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 20:17:56 GMT
last-modified
Sun, 18 Sep 2022 18:43:14 GMT
x-powered-by
Express
etag
W/"7346-18351e967c5"
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
29510
agent4.png
sadkush34.xyz/images/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sadkush34.xyz/images/agent4.png
Requested by
Host: sadkush34.xyz
URL: http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304
Protocol
HTTP/1.1
Server
143.244.200.181 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
e5ee018c5a252b8025b0fe3ea750223397dde6e7efad2ce9ea055f6f2c8cf322

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 20:17:56 GMT
last-modified
Sun, 18 Sep 2022 18:43:14 GMT
x-powered-by
Express
etag
W/"1078c-18351e96795"
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
67468
send.png
sadkush34.xyz/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://sadkush34.xyz/images/send.png
Requested by
Host: sadkush34.xyz
URL: http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304
Protocol
HTTP/1.1
Server
143.244.200.181 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/ Express
Resource Hash
c903ee2401758975b71db338d9952d66f8981cbc1b873c60ddfbe96c4fefe172

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 20:17:56 GMT
last-modified
Sun, 18 Sep 2022 18:43:14 GMT
x-powered-by
Express
etag
W/"ae2-18351e967e9"
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
2786
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: sadkush34.xyz
URL: http://sadkush34.xyz/1012?id=970a15fb-9f18-46ef-b67b-c1068e3498cc&h=304
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
http://sadkush34.xyz/
Origin
http://sadkush34.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Wed, 06 Sep 2023 20:17:56 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-15851"
vary
Accept-Encoding
x-hw
1694031476.dop106.fr8.t,1694031476.cds124.fr8.hn,1694031476.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| ajax_call function| hitthelist string| pm_pid function| generateUkid function| sendmessage function| redirecting function| becreative

4 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: 5198ea4d-1636-4a8c-95a1-c4e359f07823
.bit.ly/ Name: _bit
Value: n86khT-a0d45650c39b34e43b-00f
downlo-adsdow.store/ Name: sbcf962f42ce47c4b54
Value: eyJpdiI6Ii84TlkxUmhzT1gwVFI5ZTdHWW8yaUE9PSIsInZhbHVlIjoiZE1vUDBRM0lNZnpHTFRYTG9sV204dz09IiwibWFjIjoiNDRiMGFkZjVmMzQxNDE5YTZkYTEyNTgzOTQwMTllZDY0NjUzMGQ5YTEwNzdlOWM3Y2VjYjc0OTE2NDk0NmFhMCIsInRhZyI6IiJ9
downlo-adsdow.store/ Name: vis
Value: eyJpdiI6Im9ERFlqRllWUE5JL001d3BxbEhCckE9PSIsInZhbHVlIjoieVJXem9YUnU0MzA4cTVZckZUeDFaZz09IiwibWFjIjoiMjgzOTJlODQ3MzhmNjMzY2RlYTFlZTc4NmEzYmFiNzliNWQ0MmQ5YmY4MjRiM2Y0ZWU2MTc5OWE1ZDU3OGI4MiIsInRhZyI6IiJ9

1 Console Messages

Source Level URL
Text
network error URL: http://sadkush34.xyz/images/iphone-13.jpg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0