ko.kztf0.shop Open in urlscan Pro
158.220.99.85 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clickme.thryv.com/ls/click?upn=u001.Als7cfHaJU2yMdsJgpsIFnDa0TAMLVO9WtBTyYEZqZA-3DPrnv_OEO3HRIZ3eedLymwLhvJt9sqs3j...
Effective URL:
https://ko.kztf0.shop/
Submission: On October 09 via manual (October 9th 2024, 1:41:22 pm UTC) from US — Scanned from DE

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 2 HTTP transactions. The main IP is 158.220.99.85, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is ko.kztf0.shop.
TLS certificate: Issued by R10 on September 13th 2024. Valid for: 3 months.

This is the only time ko.kztf0.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:9000:26d... 2600:9000:26da:1400:a:c956:8300:93a1	16509 (AMAZON-02) (AMAZON-02)
2	158.220.99.85 158.220.99.85	51167 (CONTABO) (CONTABO)
2	1

1 2600:9000:26da:1400:a:c956:8300:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

clickme.thryv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 158.220.99.85 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi2141438.contaboserver.net

ko.kztf0.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	kztf0.shop ko.kztf0.shop	13 KB
1	thryv.com 1 redirects clickme.thryv.com — Cisco Umbrella Rank: 437481	337 B
2	2

	Domain	Requested by
2	ko.kztf0.shop
1	clickme.thryv.com	1 redirects
2	2

This site contains no links.

Subject Issuer	Validity	Valid
kq.aldp9.shop R10	`2024-09-13` - `2024-12-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ko.kztf0.shop/
Frame ID: 8CFF5E21E35B984799ADD8504CAA90BD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Site Under Construction

Page URL History Show full URLs

https://clickme.thryv.com/ls/click?upn=u001.Als7cfHaJU2yMdsJgpsIFnDa0TAMLVO9WtBTyYEZqZA-3DPrnv_OEO3HRI... HTTP 302
https://ko.kztf0.shop/ Page URL

Page Statistics

2
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

13 kB
Transfer

12 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clickme.thryv.com/ls/click?upn=u001.Als7cfHaJU2yMdsJgpsIFnDa0TAMLVO9WtBTyYEZqZA-3DPrnv_OEO3HRIZ3eedLymwLhvJt9sqs3j4T3CqpVCO9A0ZKplqH1W1Ad1lCPdQBrRfbSauZPLLCLTYBsXDRt8yGG5FOZ7NK342oFTufTBA9n-2F9XZOmYNN4Eos0I-2F5FhDJBI4w4qadztSYeu4ugOMJrD5ZJ3NK5HbR-2B5js4EjZpFmlZJIJ2eepX0b1t3SsV5gyIJGc7CJjeC8X5Wxzv49-2FqOYJzl5qBXpr-2BWwAW7G6cWDOqZN4YK73LjV4xBBNvL9fcHX0SM3SHQjbhXBuKD0dh5WqiuRgt8l7OsZEvxy8UkJaur7KIBjJyVTij7zCSJnYd6mjsUFQl8fAjX9eSOEGKjy2XWh8GHa2xi9VgTVCxGMcn7gM-3D HTTP 302
https://ko.kztf0.shop/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ko.kztf0.shop/ Redirect Chain https://clickme.thryv.com/ls/click?upn=u001.Als7cfHaJU2yMdsJgpsIFnDa0TAMLVO9WtBTyYEZqZA-3DPrnv_OEO3HRIZ3eedLymwLhvJt9sqs3j4T3CqpVCO9A0ZKplqH1W1Ad1lCPdQBrRfbSauZPLLCLTYBsXDRt8yGG5FOZ7NK342oFTufTBA9n... https://ko.kztf0.shop/	12 KB 12 KB	153ms 46ms	Document text/html	158.220.99.85 CONTABO
General Check archive.org Show headers Download Go to Full URL https://ko.kztf0.shop/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 158.220.99.85 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi2141438.contaboserver.net Software Apache / Resource Hash `65a1a03dc844c29d466d310c2b766bb36b25d24b560e10a4fd7608aea72aef15` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 12138 Content-Type text/html Date Wed, 09 Oct 2024 13:41:17 GMT Keep-Alive timeout=5, max=100 Last-Modified Thu, 15 Aug 2024 16:40:45 GMT Server Apache Redirect headers content-length 44 content-type text/html; charset=utf-8 date Wed, 09 Oct 2024 13:41:17 GMT location https://ko.kztf0.shop server nginx via 1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront) x-amz-cf-id qqSOdo1511AXTGH1OE5q79iw3jrh-UcvyWQFXR5WOxnXndy9L2LCLA== x-amz-cf-pop MUC50-P4 x-cache Miss from cloudfront x-robots-tag noindex, nofollow
GET H/1.1	404 Not Found	favicon.ico ko.kztf0.shop/	315 B 515 B	47ms 46ms	Other text/html	158.220.99.85 CONTABO
General Check archive.org Show headers Download Go to Full URL https://ko.kztf0.shop/favicon.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 158.220.99.85 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi2141438.contaboserver.net Software Apache / Resource Hash `d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://ko.kztf0.shop/ Response headers Keep-Alive timeout=5, max=99 Content-Length 315 Date Wed, 09 Oct 2024 13:41:17 GMT Content-Type text/html; charset=iso-8859-1 Server Apache Connection Keep-Alive

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x3023 function| _0x1922 function| mobileCheck function| updateCountdown

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ko.kztf0.shop/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clickme.thryv.com
ko.kztf0.shop
158.220.99.85
2600:9000:26da:1400:a:c956:8300:93a1
65a1a03dc844c29d466d310c2b766bb36b25d24b560e10a4fd7608aea72aef15
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

ko.kztf0.shop Open in urlscan Pro 158.220.99.85 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

2 Requests

0 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

13 kBTransfer

12 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

ko.kztf0.shop Open in urlscan Pro
158.220.99.85 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

13 kB
Transfer

12 kB
Size

0
Cookies

2 HTTP transactions
0 data transactions