1ad3092a3cd968e.orn-ap.antiddos.ws Open in urlscan Pro
116.206.108.35 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://1ad3092a3cd968e.orn-ap.antiddos.ws/
Submission: On December 05 via api (December 5th 2023, 12:20:52 pm UTC) from US — Scanned from US

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 116.206.108.35, located in Philippines and belongs to QUZATECH-PH MCPO Box 1755, PH. The main domain is 1ad3092a3cd968e.orn-ap.antiddos.ws.
TLS certificate: Issued by R3 on October 17th 2023. Valid for: 3 months.

This is the only time 1ad3092a3cd968e.orn-ap.antiddos.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	116.206.108.35 116.206.108.35	45559 (QUZATECH-...) (QUZATECH-PH MCPO Box 1755)
9	207.192.152.190 207.192.152.190	63005 (NEXUS-22-...) (NEXUS-22-63005)
10	2

1 116.206.108.35 (Philippines)

ASN45559 (QUZATECH-PH MCPO Box 1755, PH)

1ad3092a3cd968e.orn-ap.antiddos.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 207.192.152.190 (United States)

ASN63005 (NEXUS-22-63005, US)
PTR: www.nexqloud.com

speresources.nexusguard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	nexusguard.com speresources.nexusguard.com	596 KB
1	antiddos.ws 1ad3092a3cd968e.orn-ap.antiddos.ws	1 KB
10	2

	Domain	Requested by
9	speresources.nexusguard.com	1ad3092a3cd968e.orn-ap.antiddos.ws speresources.nexusguard.com
1	1ad3092a3cd968e.orn-ap.antiddos.ws
10	2

This site contains no links.

Subject Issuer	Validity	Valid
*.tcr195uhyru.com R3	`2023-10-17` - `2024-01-15`	3 months	crt.sh
nexusguard.com GlobalSign CloudSSL CA - SHA256 - G3	`2023-01-10` - `2024-02-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://1ad3092a3cd968e.orn-ap.antiddos.ws/
Frame ID: 9E1941081277958A493C43ED67AA53D4
Requests: 1 HTTP requests in this frame

Frame: https://speresources.nexusguard.com/errpage/error.html
Frame ID: 67717B0F879CA68794744A519109440D
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Page Statistics

10
Requests

90 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

597 kB
Transfer

1984 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
1ad3092a3cd968e.orn-ap.antiddos.ws/ 1014 B
1 KB 1609ms
27ms Document
text/html 116.206.108.35
QUZATECH-PH MCPO ...

General

Check archive.org

Show headers Download Go to

Full URL: https://1ad3092a3cd968e.orn-ap.antiddos.ws/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.206.108.35 , Philippines, ASN45559 (QUZATECH-PH MCPO Box 1755, PH),
Reverse DNS
Software: 07_1695176595 /
Resource Hash: 61b6d72a70c8dbfa1b1cf451d63c8925749eca46c619e43ed9abb7a83591763c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache,no-store
content-length: 1014
content-type: text/html;charset=utf-8
expires: -1
pragma: no-cache
server: 07_1695176595

GET
H2 200 error.html Show response
speresources.nexusguard.com/errpage/ Frame 6771 5 KB
2 KB 1043ms
28ms Document
text/html 207.192.152.190
NEXUS-22-63005

General

Check archive.org

Show headers Download Go to

Full URL

https://speresources.nexusguard.com/errpage/error.html

Requested by

Host: 1ad3092a3cd968e.orn-ap.antiddos.ws
URL: https://1ad3092a3cd968e.orn-ap.antiddos.ws/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.192.152.190 , United States, ASN63005 (NEXUS-22-63005, US),

Reverse DNS

www.nexqloud.com

Software

2.0.0 /

Resource Hash

0bb4f50cdc491f35ef329dcf2fd27cae66abd03ee8d8d632969cc160470bc264

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://1ad3092a3cd968e.orn-ap.antiddos.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 40651
cache-control: max-age=10800
cache-stat: HIT
content-encoding: gzip
content-length: 2211
content-type: text/html
date: Tue, 05 Dec 2023 01:03:16 GMT
etag: W/"5d2fb7b9-1463"
expires: Tue, 05 Dec 2023 04:03:16 GMT
last-modified: Thu, 18 Jul 2019 00:05:13 GMT
server: 2.0.0
strict-transport-security: max-age=86400
vary: Accept-Encoding
x-nxg: 526575312 525783720

GET
H2 200 angular-material.css
speresources.nexusguard.com/errpage/css/ Frame 6771 242 KB
37 KB 86ms
84ms Stylesheet
text/css 207.192.152.190
NEXUS-22-63005

General

Check archive.org

Show headers Download Go to

Full URL

https://speresources.nexusguard.com/errpage/css/angular-material.css

Requested by

Host: speresources.nexusguard.com
URL: https://speresources.nexusguard.com/errpage/error.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.192.152.190 , United States, ASN63005 (NEXUS-22-63005, US),

Reverse DNS

www.nexqloud.com

Software

2.0.0 /

Resource Hash

f41a41375cd04d6d7d8fa31d929d70e553981bc8ab0c5ce3828910e16f936498

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://speresources.nexusguard.com/errpage/error.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:21:49 GMT
content-encoding: gzip
cache-stat: HIT
strict-transport-security: max-age=86400
last-modified: Thu, 20 Sep 2018 07:21:38 GMT
server: 2.0.0
x-nxg: 526575316 526484936
age: 50338
etag: W/"5ba34a82-3c63f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10800
accept-ranges: bytes
content-length: 37637
expires: Tue, 05 Dec 2023 01:21:49 GMT

GET
H2 200 angular.js Show response
speresources.nexusguard.com/errpage/js/ Frame 6771 1017 KB
309 KB 31ms
29ms Script
application/javascript 207.192.152.190
NEXUS-22-63005

General

Check archive.org

Show headers Download Go to

Full URL

https://speresources.nexusguard.com/errpage/js/angular.js

Requested by

Host: speresources.nexusguard.com
URL: https://speresources.nexusguard.com/errpage/error.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.192.152.190 , United States, ASN63005 (NEXUS-22-63005, US),

Reverse DNS

www.nexqloud.com

Software

2.0.0 /

Resource Hash

9a30224971ba19d73b34a1de0ffff57fa3561367f477fe81d62a17ce4b12a5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://speresources.nexusguard.com/errpage/error.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:21:49 GMT
content-encoding: gzip
cache-stat: HIT
strict-transport-security: max-age=86400
last-modified: Thu, 20 Sep 2018 07:21:38 GMT
server: 2.0.0
x-nxg: 302654584 526043539
age: 50338
etag: W/"5ba34a82-fe2f3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800
accept-ranges: bytes
content-length: 315769
expires: Tue, 05 Dec 2023 01:21:49 GMT

GET
H2 200 angular-animate.js Show response
speresources.nexusguard.com/errpage/js/ Frame 6771 131 KB
42 KB 58ms
56ms Script
application/javascript 207.192.152.190
NEXUS-22-63005

General

Check archive.org

Show headers Download Go to

Full URL

https://speresources.nexusguard.com/errpage/js/angular-animate.js

Requested by

Host: speresources.nexusguard.com
URL: https://speresources.nexusguard.com/errpage/error.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.192.152.190 , United States, ASN63005 (NEXUS-22-63005, US),

Reverse DNS

www.nexqloud.com

Software

2.0.0 /

Resource Hash

bd3b762fa5922fe8096e6f1534006c5185a2a9a033e38977879a94f36e3d8b90

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://speresources.nexusguard.com/errpage/error.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:21:49 GMT
content-encoding: gzip
cache-stat: HIT
strict-transport-security: max-age=86400
last-modified: Thu, 20 Sep 2018 07:21:38 GMT
server: 2.0.0
x-nxg: 286516539 479032977
age: 50338
etag: W/"5ba34a82-20c3a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800
accept-ranges: bytes
content-length: 42286
expires: Tue, 05 Dec 2023 01:21:49 GMT

GET
H2 200 angular-aria.min.js Show response
speresources.nexusguard.com/errpage/js/ Frame 6771 3 KB
2 KB 84ms
83ms Script
application/javascript 207.192.152.190
NEXUS-22-63005

General

Check archive.org

Show headers Download Go to

Full URL

https://speresources.nexusguard.com/errpage/js/angular-aria.min.js

Requested by

Host: speresources.nexusguard.com
URL: https://speresources.nexusguard.com/errpage/error.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.192.152.190 , United States, ASN63005 (NEXUS-22-63005, US),

Reverse DNS

www.nexqloud.com

Software

2.0.0 /

Resource Hash

55b807de0d07c7c4f7c6eb0768f98c852883f1d1ff44f768a6c8d28dd8313e3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://speresources.nexusguard.com/errpage/error.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:21:49 GMT
content-encoding: gzip
cache-stat: HIT
strict-transport-security: max-age=86400
last-modified: Thu, 20 Sep 2018 07:21:38 GMT
server: 2.0.0
x-nxg: 399737414 526422574
age: 50338
etag: W/"5ba34a82-d05"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800
accept-ranges: bytes
content-length: 1389
expires: Tue, 05 Dec 2023 01:21:49 GMT

GET
H2 200 angular-material.js Show response
speresources.nexusguard.com/errpage/js/ Frame 6771 523 KB
158 KB 110ms
109ms Script
application/javascript 207.192.152.190
NEXUS-22-63005

General

Check archive.org

Show headers Download Go to

Full URL

https://speresources.nexusguard.com/errpage/js/angular-material.js

Requested by

Host: speresources.nexusguard.com
URL: https://speresources.nexusguard.com/errpage/error.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.192.152.190 , United States, ASN63005 (NEXUS-22-63005, US),

Reverse DNS

www.nexqloud.com

Software

2.0.0 /

Resource Hash

27c3225afdbbf9f8717904c5f85c38d52a2ac66bf233162312263a297f4870f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://speresources.nexusguard.com/errpage/error.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:21:49 GMT
content-encoding: gzip
cache-stat: HIT
strict-transport-security: max-age=86400
last-modified: Thu, 20 Sep 2018 07:21:38 GMT
server: 2.0.0
x-nxg: 499508635 526350664
age: 50338
etag: W/"5ba34a82-82d22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800
accept-ranges: bytes
content-length: 161515
expires: Tue, 05 Dec 2023 01:21:49 GMT

GET
H2 200 angular-sanitize.min.js Show response
speresources.nexusguard.com/errpage/js/ Frame 6771 6 KB
3 KB 84ms
83ms Script
application/javascript 207.192.152.190
NEXUS-22-63005

General

Check archive.org

Show headers Download Go to

Full URL

https://speresources.nexusguard.com/errpage/js/angular-sanitize.min.js

Requested by

Host: speresources.nexusguard.com
URL: https://speresources.nexusguard.com/errpage/error.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.192.152.190 , United States, ASN63005 (NEXUS-22-63005, US),

Reverse DNS

www.nexqloud.com

Software

2.0.0 /

Resource Hash

4713972b2c0b51aa082d103989f04db5614f162c070944e98f6bc3e94140062d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://speresources.nexusguard.com/errpage/error.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:21:49 GMT
content-encoding: gzip
cache-stat: HIT
strict-transport-security: max-age=86400
last-modified: Thu, 20 Sep 2018 07:21:38 GMT
server: 2.0.0
x-nxg: 526393185 526458784
age: 50338
etag: W/"5ba34a82-178b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800
accept-ranges: bytes
content-length: 3228
expires: Tue, 05 Dec 2023 01:21:49 GMT

GET
H2 200 4040.json Show response
speresources.nexusguard.com/errpage/json/ Frame 6771 1 KB
844 B 29ms
29ms XHR
application/json 207.192.152.190
NEXUS-22-63005

General

Check archive.org

Show headers Download Go to

Full URL

https://speresources.nexusguard.com/errpage/json/4040.json

Requested by

Host: speresources.nexusguard.com
URL: https://speresources.nexusguard.com/errpage/js/angular.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.192.152.190 , United States, ASN63005 (NEXUS-22-63005, US),

Reverse DNS

www.nexqloud.com

Software

2.0.0 /

Resource Hash

6207d0d870e861924f9da2239f81390e76af5631cb2840c4908c65767b45a2e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json, text/plain, */*
Referer: https://speresources.nexusguard.com/errpage/error.html
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 03:58:34 GMT
content-encoding: gzip
cache-stat: HIT
strict-transport-security: max-age=86400
last-modified: Thu, 20 Sep 2018 07:21:38 GMT
server: 2.0.0
x-nxg: 499508637 526493937
age: 30133
etag: W/"5ba34a82-482"
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=10800
accept-ranges: bytes
content-length: 574
expires: Tue, 05 Dec 2023 06:58:34 GMT

GET
H2 200 erro-page-img.jpg
speresources.nexusguard.com/errpage/img/ Frame 6771 55 KB
42 KB 28ms
28ms Image
image/jpeg 207.192.152.190
NEXUS-22-63005

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://speresources.nexusguard.com/errpage/img/erro-page-img.jpg

Requested by

Host: speresources.nexusguard.com
URL: https://speresources.nexusguard.com/errpage/error.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

207.192.152.190 , United States, ASN63005 (NEXUS-22-63005, US),

Reverse DNS

www.nexqloud.com

Software

2.0.0 /

Resource Hash

d5f26e127998a77326305b5c216dcd11796052587ab57495180a5cb79774c338

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://speresources.nexusguard.com/errpage/error.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:15:18 GMT
content-encoding: gzip
cache-stat: HIT
strict-transport-security: max-age=86400
last-modified: Thu, 20 Sep 2018 07:21:38 GMT
server: 2.0.0
x-nxg: 302654590 286515242
age: 330
etag: W/"5ba34a82-ddaa"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=10800
accept-ranges: bytes
content-length: 43082
expires: Tue, 05 Dec 2023 15:15:17 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ad3092a3cd968e.orn-ap.antiddos.ws
speresources.nexusguard.com
116.206.108.35
207.192.152.190
0bb4f50cdc491f35ef329dcf2fd27cae66abd03ee8d8d632969cc160470bc264
27c3225afdbbf9f8717904c5f85c38d52a2ac66bf233162312263a297f4870f8
4713972b2c0b51aa082d103989f04db5614f162c070944e98f6bc3e94140062d
55b807de0d07c7c4f7c6eb0768f98c852883f1d1ff44f768a6c8d28dd8313e3b
61b6d72a70c8dbfa1b1cf451d63c8925749eca46c619e43ed9abb7a83591763c
6207d0d870e861924f9da2239f81390e76af5631cb2840c4908c65767b45a2e7
9a30224971ba19d73b34a1de0ffff57fa3561367f477fe81d62a17ce4b12a5aa
bd3b762fa5922fe8096e6f1534006c5185a2a9a033e38977879a94f36e3d8b90
d5f26e127998a77326305b5c216dcd11796052587ab57495180a5cb79774c338
f41a41375cd04d6d7d8fa31d929d70e553981bc8ab0c5ce3828910e16f936498

1ad3092a3cd968e.orn-ap.antiddos.ws Open in urlscan Pro 116.206.108.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

10 Requests

90 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

597 kBTransfer

1984 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Indicators

1ad3092a3cd968e.orn-ap.antiddos.ws Open in urlscan Pro
116.206.108.35 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

597 kB
Transfer

1984 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions