urlscan.io logo urlscan.io
SecurityTrails logo

dfsafsdafasdf.me.ma Open in urlscan Pro
167.86.111.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/kkd8I7QHm2?amp=3D3D1
Effective URL: https://dfsafsdafasdf.me.ma/22624.html
Submission: On May 03 via api from LU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 167.86.111.30, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is dfsafsdafasdf.me.ma.
TLS certificate: Issued by R3 on February 16th 2024. Valid for: 3 months.
This is the only time dfsafsdafasdf.me.ma was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.197 13414 (TWITTER)
1 167.86.111.30 51167 (CONTABO)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 4
Apex Domain
Subdomains		 Transfer
2 me.ma
dfsafsdafasdf.me.ma
me.ma
4 KB
1 t.co
t.co — Cisco Umbrella Rank: 717
558 B
4 2
Domain Requested by
1 me.ma dfsafsdafasdf.me.ma
1 dfsafsdafasdf.me.ma t.co
1 t.co
4 3

This site contains links to these domains. Also see Links.

Domain
me.ma
Subject Issuer Validity Valid
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-07 -
2025-01-06		 a year crt.sh
*.me.ma
R3		 2024-02-16 -
2024-05-16		 3 months crt.sh
me.ma
GTS CA 1P5		 2024-03-29 -
2024-06-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://dfsafsdafasdf.me.ma/22624.html
Frame ID: C974462B209CDCF230773DE52E293BB1
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Site bloqué - [dfsafsdafasdf.me.ma]

Page URL History Show full URLs

  1. https://t.co/kkd8I7QHm2?amp=3D3D1 Page URL
  2. https://dfsafsdafasdf.me.ma/22624.html Page URL

Page Statistics

4
Requests

75 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

5 kB
Transfer

4 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/kkd8I7QHm2?amp=3D3D1 Page URL
  2. https://dfsafsdafasdf.me.ma/22624.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://dfsafsdafasdf.me.ma/favicon.ico HTTP 302
  • https://me.ma/ HTTP 302
  • https://me.ma/de/

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
kkd8I7QHm2
t.co/ 		269 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/kkd8I7QHm2?amp=3D3D1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
186
content-type
text/html; charset=utf-8
date
Fri, 03 May 2024 16:34:51 GMT
expires
Fri, 03 May 2024 16:39:52 GMT
perf
7402827104
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
2e98b7debab3d1d6c794921f8d8e0573fa64831f0456a8d4318647942a826269
x-response-time
124
x-transaction-id
6086b757128f583a
x-xss-protection
0
Primary Request 22624.html
dfsafsdafasdf.me.ma/ 		601 B
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dfsafsdafasdf.me.ma/22624.html
Requested by
Host: t.co
URL: https://t.co/kkd8I7QHm2?amp=3D3D1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.86.111.30 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi689793.contaboserver.net
Software
Apache /
Resource Hash
23abab1b65cc0193b79748f5d4201796081af4341cd29465d6ca3d0702fb72df

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://t.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 May 2024 16:34:52 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
Blocked.png
me.ma/src/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://me.ma/src/img/Blocked.png
Requested by
Host: dfsafsdafasdf.me.ma
URL: https://dfsafsdafasdf.me.ma/22624.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
248a01198f1707c1d2f529d14badf46fda5213fbc49e30a61a2e7822fc8eebba

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dfsafsdafasdf.me.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date
Fri, 03 May 2024 16:34:53 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 03 Dec 2011 16:43:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IBicvzL7cj5JBK6KOltwKiWjRf0pVWwDQQBLzkqeU8ux3eSlNY%2FZZZ3canPSqAASnDMQ8RyZR5ifaBak0g0xm1GNj26AbpNk2yXE5TJyY0V4jJI3ZpIgmFGRz%2BmQsNzhnPgRnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
87e1a9392f283838-FRA
alt-svc
h3=":443"; ma=86400
content-length
3028
/
me.ma/de/
Redirect Chain
  • https://dfsafsdafasdf.me.ma/favicon.ico
  • https://me.ma/
  • https://me.ma/de/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
me.ma
URL
https://me.ma/de/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Domain/Path Name / Value
me.ma/de Name: lang
Value: de
.t.co/ Name: muc
Value: 2b42dd7d-1a6c-45a9-9af7-70ef392c3c1c
me.ma/ Name: PHPSESSID
Value: c35642f2633fdb536624eef8a20f667e
me.ma/ Name: tw_u
Value: tw
me.ma/ Name: tw_r
Value: https%3A%2F%2Fdfsafsdafasdf.me.ma%2F

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dfsafsdafasdf.me.ma
me.ma
t.co
me.ma
104.244.42.197
167.86.111.30
2606:4700:3032::ac43:8844
23abab1b65cc0193b79748f5d4201796081af4341cd29465d6ca3d0702fb72df
248a01198f1707c1d2f529d14badf46fda5213fbc49e30a61a2e7822fc8eebba