itsme-2323.duckdns.org Open in urlscan Pro
45.82.120.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://linkmn.gr/Itsme23
Effective URL:
https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e
Submission: On November 27 via manual (November 27th 2023, 12:11:41 am UTC) from IN — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 8 HTTP transactions. The main IP is 45.82.120.42, located in Germany and belongs to SYNLINQ synlinq.de, DE. The main domain is itsme-2323.duckdns.org.
TLS certificate: Issued by R3 on November 26th 2023. Valid for: 3 months.

This is the only time itsme-2323.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::ac43:94c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3036::6815:b69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
3 10	45.82.120.42 45.82.120.42	44486 (SYNLINQ s...) (SYNLINQ synlinq.de)
8	2

1 2606:4700:3030::ac43:94c4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

linkmn.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:b69 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

linkmn.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 45.82.120.42 (Germany) 3 redirects

ASN44486 (SYNLINQ synlinq.de, DE)
PTR: default.bero-host.de

itsme-2323.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	duckdns.org 3 redirects itsme-2323.duckdns.org	2 MB
2	linkmn.gr 2 redirects linkmn.gr	1 KB
1	t.co t.co — Cisco Umbrella Rank: 607	551 B
8	3

	Domain	Requested by
10	itsme-2323.duckdns.org	3 redirects t.co itsme-2323.duckdns.org
2	linkmn.gr	2 redirects
1	t.co
8	3

This site contains no links.

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
itsme-2323.duckdns.org R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e
Frame ID: 6D5F0184792EF7D5F465822C3F0CDDA8
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pagina

Page URL History Show full URLs

http://linkmn.gr/Itsme23 HTTP 301
https://linkmn.gr/Itsme23 HTTP 308
https://t.co/Pau9qAIGED Page URL
https://itsme-2323.duckdns.org/sss HTTP 301
https://itsme-2323.duckdns.org/sss/ HTTP 302
https://itsme-2323.duckdns.org/be-newim2.php HTTP 302
https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

8
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

2222 kB
Transfer

2398 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://linkmn.gr/Itsme23 HTTP 301
https://linkmn.gr/Itsme23 HTTP 308
https://t.co/Pau9qAIGED Page URL
https://itsme-2323.duckdns.org/sss HTTP 301
https://itsme-2323.duckdns.org/sss/ HTTP 302
https://itsme-2323.duckdns.org/be-newim2.php HTTP 302
https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://linkmn.gr/Itsme23 HTTP 301
https://linkmn.gr/Itsme23 HTTP 308
https://t.co/Pau9qAIGED

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Pau9qAIGED
t.co/
Redirect Chain

http://linkmn.gr/Itsme23
https://linkmn.gr/Itsme23
https://t.co/Pau9qAIGED

257 B
551 B

220ms
145ms

Document
text/html

104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/Pau9qAIGED

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 181
content-type: text/html; charset=utf-8
date: Mon, 27 Nov 2023 00:11:35 GMT
expires: Mon, 27 Nov 2023 00:16:36 GMT
perf: 7626143928
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 64974e7e41338af1fada0e235c0c7a5ca45909af658acfa289b198b504d1df0b
x-response-time: 112
x-transaction-id: cc4fc7293a423e15
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 82c6279c4e4f35fe-FRA
content-type: text/html; charset=UTF-8
date: Mon, 27 Nov 2023 00:11:36 GMT
location: https://t.co/Pau9qAIGED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYjvdXTbfEJRfxPHrwsbU8eX597tiElYWSAYLNaCuebU7H%2FCYcI0wKGbkZ44n8YEyjdl%2FilmcvyzmsPSdh817SzkiQXM8OkfnHGoMlzeujPWQJFWZnPWeFX3NjhwJ3EBjmCtV53F5S4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

Primary Request be-im-start.php Show response
itsme-2323.duckdns.org/
Redirect Chain

https://itsme-2323.duckdns.org/sss
https://itsme-2323.duckdns.org/sss/
https://itsme-2323.duckdns.org/be-newim2.php
https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e

5 KB
2 KB

63ms
63ms

Document
text/html

45.82.120.42
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e
Requested by: Host: t.co
URL: https://t.co/Pau9qAIGED
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.82.120.42 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: default.bero-host.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 8d26942d19e77ccc5c85a58d905fbfab79ed814e4055e74d4c25b776046d23db

Request headers

Referer: https://t.co/Pau9qAIGED
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1640
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Nov 2023 00:11:36 GMT
Keep-Alive: timeout=5, max=97
Server: Apache/2.4.18 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 27 Nov 2023 00:11:36 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=98
Location: https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e
Pragma: no-cache
Server: Apache/2.4.18 (Ubuntu)

GET
H/1.1 200
OK app.css
itsme-2323.duckdns.org/work_files/be-axa/ 206 KB
30 KB 48ms
47ms Stylesheet
text/css 45.82.120.42
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://itsme-2323.duckdns.org/work_files/be-axa/app.css
Requested by: Host: itsme-2323.duckdns.org
URL: https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.82.120.42 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: default.bero-host.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 14b7548f47e3a1c82dd176e0f25895cbc1f152ae314a7032705282643b11f9ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 00:11:36 GMT
Content-Encoding: gzip
Last-Modified: Sat, 01 Apr 2023 18:48:42 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "337ba-5f84ac650b680-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 30796

GET
H/1.1 200
OK ll.png
itsme-2323.duckdns.org/work_files/be-im/images/ 2 KB
2 KB 104ms
34ms Image
image/png 45.82.120.42
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itsme-2323.duckdns.org/work_files/be-im/images/ll.png
Requested by: Host: itsme-2323.duckdns.org
URL: https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.82.120.42 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: default.bero-host.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 3ba18aabde1dfbaaed0e4242c6e6b60744b4be864930f4fd7bb53972c6714237

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 00:11:36 GMT
Last-Modified: Sat, 01 Apr 2023 18:48:42 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "8c2-5f84ac650b680"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2242

GET
H/1.1 200
OK mobile.png
itsme-2323.duckdns.org/work_files/be-im/images/ 806 KB
807 KB 116ms
34ms Image
image/png 45.82.120.42
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itsme-2323.duckdns.org/work_files/be-im/images/mobile.png
Requested by: Host: itsme-2323.duckdns.org
URL: https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.82.120.42 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: default.bero-host.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: daa6ffdfc91c6eddd731e7c2782d0e17b67a2ea6acc13542d291119f93d12721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 00:11:36 GMT
Last-Modified: Sat, 01 Apr 2023 18:48:42 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "c9986-5f84ac650b680"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 825734

GET
H/1.1 200
OK desktop.png
itsme-2323.duckdns.org/work_files/be-im/images/ 1 MB
1 MB 110ms
41ms Image
image/png 45.82.120.42
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itsme-2323.duckdns.org/work_files/be-im/images/desktop.png
Requested by: Host: itsme-2323.duckdns.org
URL: https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.82.120.42 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: default.bero-host.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 89c18ca79be4d225cca57724c775663ee09652d5f0ae73459ca16b8e76f10fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 00:11:36 GMT
Last-Modified: Sat, 01 Apr 2023 18:48:42 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "150730-5f84ac650b680"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1378096

GET
H/1.1 200
OK curved_background.svg
itsme-2323.duckdns.org/work_files/be-axa/ 970 B
1 KB 43ms
43ms Image
image/svg+xml 45.82.120.42
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itsme-2323.duckdns.org/work_files/be-axa/curved_background.svg
Requested by: Host: itsme-2323.duckdns.org
URL: https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.82.120.42 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: default.bero-host.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: c33240750be26cd6f67cb86ffe17cfc3bf4794faef3bbe367f0b8378b59751a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 00:11:36 GMT
Last-Modified: Sat, 01 Apr 2023 18:48:42 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "3ca-5f84ac650b680"
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 970

GET
H/1.1 200
OK font2.woff2
itsme-2323.duckdns.org/work_files/be-im/fonts/ 32 KB
32 KB 44ms
34ms Font
application/octet-stream 45.82.120.42
SYNLINQ synlinq.de

General

Check archive.org

Show headers Download Go to

Full URL: https://itsme-2323.duckdns.org/work_files/be-im/fonts/font2.woff2
Requested by: Host: itsme-2323.duckdns.org
URL: https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.82.120.42 , Germany, ASN44486 (SYNLINQ synlinq.de, DE),
Reverse DNS: default.bero-host.de
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 282da86e1071d060a343341b75391a036a23e28adfc93e879fae9775e45bfd7d

Request headers

Referer: https://itsme-2323.duckdns.org/be-im-start.php?session=6563deb8a756e
Origin: https://itsme-2323.duckdns.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 27 Nov 2023 00:11:36 GMT
Last-Modified: Sat, 01 Apr 2023 18:48:42 GMT
Server: Apache/2.4.18 (Ubuntu)
ETag: "8010-5f84ac650b680"
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 32784

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.t.co/	1970-01-21 02:00:58	Name: muc Value: 0f4f78bb-c292-4d98-b324-aefdee6bc8ef
			itsme-2323.duckdns.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: ut2hs3rh9qhltq7ujq54he3h20

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

itsme-2323.duckdns.org
linkmn.gr
t.co
104.244.42.197
2606:4700:3030::ac43:94c4
2606:4700:3036::6815:b69
45.82.120.42
14b7548f47e3a1c82dd176e0f25895cbc1f152ae314a7032705282643b11f9ef
282da86e1071d060a343341b75391a036a23e28adfc93e879fae9775e45bfd7d
3ba18aabde1dfbaaed0e4242c6e6b60744b4be864930f4fd7bb53972c6714237
89c18ca79be4d225cca57724c775663ee09652d5f0ae73459ca16b8e76f10fb2
8d26942d19e77ccc5c85a58d905fbfab79ed814e4055e74d4c25b776046d23db
c33240750be26cd6f67cb86ffe17cfc3bf4794faef3bbe367f0b8378b59751a2
daa6ffdfc91c6eddd731e7c2782d0e17b67a2ea6acc13542d291119f93d12721

itsme-2323.duckdns.org Open in urlscan Pro 45.82.120.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

50 %IPv6

3 Domains

3 Subdomains

2 IPs

2 Countries

2222 kBTransfer

2398 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

itsme-2323.duckdns.org Open in urlscan Pro
45.82.120.42 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

3
Subdomains

2
IPs

2
Countries

2222 kB
Transfer

2398 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions