www.locked1.com
Open in
urlscan Pro
23.22.126.183
Public Scan
Effective URL: https://www.locked1.com/cl.php?id=bacd3346ad013bc124fbc82d5d5b8bca
Submission: On November 19 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 18th 2021. Valid for: 3 months.
This is the only time www.locked1.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 79.124.59.22 79.124.59.22 | 50360 (TAMATIYA-AS) (TAMATIYA-AS) | |
2 | 23.22.126.183 23.22.126.183 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 151.101.130.137 151.101.130.137 | 54113 (FASTLY) (FASTLY) | |
2 | 162.247.243.146 162.247.243.146 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:811::200a | () () | |
7 | 5 |
ASN50360 (TAMATIYA-AS, BG)
PTR: ip-59-22.4vendeta.com
www.amongusmodmenu.skipverification.org |
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-126-183.compute-1.amazonaws.com
www.locked1.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
nr-data.net
bam-cell.nr-data.net |
1 KB |
2 |
locked1.com
www.locked1.com |
16 KB |
1 |
googleapis.com
fonts.googleapis.com |
|
1 |
newrelic.com
js-agent.newrelic.com |
17 KB |
1 |
skipverification.org
www.amongusmodmenu.skipverification.org |
3 KB |
7 | 5 |
Domain | Requested by | |
---|---|---|
2 | bam-cell.nr-data.net |
www.locked1.com
|
2 | www.locked1.com |
www.amongusmodmenu.skipverification.org
www.locked1.com |
1 | fonts.googleapis.com |
client
|
1 | js-agent.newrelic.com |
www.locked1.com
|
1 | www.amongusmodmenu.skipverification.org | |
7 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
amongusmodmenu.skipverification.org amongusmodmenu.skipverification.org |
2021-11-19 - 2022-11-19 |
a year | crt.sh |
locked1.com R3 |
2021-10-18 - 2022-01-16 |
3 months | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021 |
2021-10-06 - 2022-11-07 |
a year | crt.sh |
*.nr-data.net DigiCert SHA2 Secure Server CA |
2020-02-05 - 2022-02-08 |
2 years | crt.sh |
upload.video.google.com GTS CA 1C3 |
2021-11-01 - 2022-01-24 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.locked1.com/cl.php?id=bacd3346ad013bc124fbc82d5d5b8bca
Frame ID: C986A56C8448C9D842645B61070759DF
Requests: 6 HTTP requests in this frame
Frame:
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,700,300,200
Frame ID: 65A6F5AC0A8873AF24F4BBCC102D0E85
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Among US Mod Menu UPDATE (75MB)Page URL History Show full URLs
- https://www.amongusmodmenu.skipverification.org/ Page URL
- https://www.locked1.com/cl.php?id=bacd3346ad013bc124fbc82d5d5b8bca Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.amongusmodmenu.skipverification.org/ Page URL
- https://www.locked1.com/cl.php?id=bacd3346ad013bc124fbc82d5d5b8bca Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
www.amongusmodmenu.skipverification.org/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
cl.php
www.locked1.com/ |
33 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meemkm
www.locked1.com/cl/v/ |
9 KB 4 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-spa-1212.min.js
js-agent.newrelic.com/ |
44 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c25b69ac34
bam-cell.nr-data.net/1/ |
49 B 725 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 65A6 |
0 0 |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
c25b69ac34
bam-cell.nr-data.net/events/1/ |
24 B 503 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| NREUM object| newrelic function| __nr_require string| locker_url string| iframecontents string| old_display function| og_load function| ogEditBody function| ogMakeLocker function| og_getScriptURL function| call_locker function| og_call boolean| ogblock3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nr-data.net/ | Name: JSESSIONID Value: b310d5eeb005da9e |
|
www.locked1.com/ | Name: XSRF-TOKEN Value: eyJpdiI6ImY4WCtuL3QrOEVDMmQzSWMxZmpCUEE9PSIsInZhbHVlIjoiSHNNRUo3ZFo5NkZIRVM0NjMyd2NPVjQyZVdxUEVZbjZFaGJhbWh6bnVLU1RDam14Q2dkRFhHWVhEQTZNNnpUZGJKZG1CMHZId25yOTRVd1UwMEk5azBrem03eGJVSGVXNUpyYldRWnZOcSt0RmoySjJhRGhueWlEQ0t0OWxwYmQiLCJtYWMiOiI3MmNmZDFkNWVlOTExZDNiNTEyYzM4OTQyZDkxNDFhZjg3ZmU0NDk5OTRlODIzNzFjNTEzZDY5OTg0NjI5YmEyIiwidGFnIjoiIn0%3D |
|
www.locked1.com/ | Name: ogads_session Value: eyJpdiI6IklpVFJ0RXJMaEd2TmNUbXVMQ21Xanc9PSIsInZhbHVlIjoiL1Z1eHNyVWU4TUlIelhMeWk3ZWtXb3dMVlFyOHhqMEFocUs3K2xZdVBRd0JWWVpSRXg1YkVjaW9HcEc0Y2J5VFF0RFQ3Qk5WLzZLZ1k4SkRkQThHTnFJeExWVmo4aGhVR0RmVEc0Y3hKeFp6RkJJUkNHdzFOUVR2a0ZKOGhDMzQiLCJtYWMiOiJjMTA3Nzc0MjViZjI0YmY4NjNlNmNjZmMyMmZjMWJjOGM4NTFlZjdjMjhiZWRmNjU2Y2JmZjE0YmQ0MDJiNWJkIiwidGFnIjoiIn0%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bam-cell.nr-data.net
fonts.googleapis.com
js-agent.newrelic.com
www.amongusmodmenu.skipverification.org
www.locked1.com
151.101.130.137
162.247.243.146
23.22.126.183
2a00:1450:4001:811::200a
79.124.59.22
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
481a8923150c4db1a45be79bc3f1fe5afcd6d1551d2345b9d2dbf0d31b9e0a2b
9599bb8bd77ab655cab161dfdbbcc9642b6c2927cc1e8b65c2c1620d9af70cd9
9785468ebc5cdb348b8397a7c0eb96f00dc8b45df20a2dff9bf17cfdba8e5f84
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
ebfe453394ff1be6ef75d380ab7c5535aea0b51832d045f0d5d0ef7e6535969c