bad.download
Open in
urlscan Pro
208.94.117.188
Public Scan
Effective URL: https://bad.download/?utm_campaign=hydme&utm_medium=67c6a1e7ce56d3d6fa748ab6d9af3fd7.awda&utm_source=https://67c6a1e7...
Submission: On August 02 via api from US — Scanned from CA
Summary
TLS certificate: Issued by E5 on July 16th 2024. Valid for: 3 months.
This is the only time bad.download was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 111.90.144.112 111.90.144.112 | 45839 (SHINJIRU-...) (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd) | |
9 | 208.94.117.188 208.94.117.188 | 40630 (GRIDFURY-AS) (GRIDFURY-AS) | |
4 | 54.184.199.155 54.184.199.155 | 16509 (AMAZON-02) (AMAZON-02) | |
13 | 2 |
ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY)
PTR: server1.kamon.la
67c6a1e7ce56d3d6fa748ab6d9af3fd7.awda.hyd.me |
ASN40630 (GRIDFURY-AS, US)
PTR: ip-208-94-117-188.sites.nearlyfreespeech.net
bad.download |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-184-199-155.us-west-2.compute.amazonaws.com
lavenderhaze.bad.download |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
bad.download
bad.download lavenderhaze.bad.download |
43 KB |
1 |
hyd.me
1 redirects
67c6a1e7ce56d3d6fa748ab6d9af3fd7.awda.hyd.me |
1 KB |
13 | 2 |
Domain | Requested by | |
---|---|---|
9 | bad.download |
bad.download
|
4 | lavenderhaze.bad.download |
bad.download
lavenderhaze.bad.download |
1 | 67c6a1e7ce56d3d6fa748ab6d9af3fd7.awda.hyd.me | 1 redirects |
13 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.vistell.net |
www.404media.co |
neocities.org |
www.asofterworld.com |
boinc.berkeley.edu |
web.archive.org |
withcabin.com |
en.wikipedia.org |
kopimi.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
bad.download E5 |
2024-07-16 - 2024-10-14 |
3 months | crt.sh |
lavenderhaze.bad.download E6 |
2024-07-01 - 2024-09-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://bad.download/?utm_campaign=hydme&utm_medium=67c6a1e7ce56d3d6fa748ab6d9af3fd7.awda&utm_source=https://67c6a1e7ce56d3d6fa748ab6d9af3fd7.awda.hyd.me/
Frame ID: 16B395557B5C650CE93A2A2300D7A90B
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
bad.downloadPage URL History Show full URLs
-
https://67c6a1e7ce56d3d6fa748ab6d9af3fd7.awda.hyd.me/
HTTP 302
https://bad.download/?utm_campaign=hydme&utm_medium=67c6a1e7ce56d3d6fa748ab6d9af3fd7.awda&utm_sou... Page URL
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Title: Vistell (Discord Bot for GPT-4 Vision)
Search URL Search Domain Scan URL
Title: 404 Media (Tech News)
Search URL Search Domain Scan URL
Title: Neocities (Static Hosting)
Search URL Search Domain Scan URL
Title: A Softer World (Comic)
Search URL Search Domain Scan URL
Title: BOINC (Donate Compute)
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: User surveillance by Cabin
Search URL Search Domain Scan URL
Title: Random Wikipedia Article
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://67c6a1e7ce56d3d6fa748ab6d9af3fd7.awda.hyd.me/
HTTP 302
https://bad.download/?utm_campaign=hydme&utm_medium=67c6a1e7ce56d3d6fa748ab6d9af3fd7.awda&utm_source=https://67c6a1e7ce56d3d6fa748ab6d9af3fd7.awda.hyd.me/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
bad.download/ Redirect Chain
|
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sidebar-firefox.gif
bad.download/images/ |
9 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sidebar-aol-instant-messenger-aim.gif
bad.download/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sidebar-macromedia-flashplayer.gif
bad.download/images/ |
938 B 993 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sidebar-macos.gif
bad.download/images/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sidebar-openoffice.gif
bad.download/images/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sidebar-winrar.gif
bad.download/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kopimi.png
bad.download/images/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hello.js
lavenderhaze.bad.download/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cache
lavenderhaze.bad.download/ |
1 B 49 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cache
lavenderhaze.bad.download/ |
1 B 703 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-32x32.png
bad.download/ |
956 B 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hello
lavenderhaze.bad.download/ |
0 68 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| cabin0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
67c6a1e7ce56d3d6fa748ab6d9af3fd7.awda.hyd.me
bad.download
lavenderhaze.bad.download
111.90.144.112
208.94.117.188
54.184.199.155
0045ac32fbc9c9f7c0d032ec35169bd7dde337272cd2bbf126ad6dcddb839282
08d08587b39615760e2ecba2a8205f04fd236c3d2aa2c079bb39ddc307f4985a
3d6afaaf480f65d8479a5ac01471704ebbf6217ea10072f2e0ef0849a4a96cf3
5f959945f5aab404690f2c44c17916346ea1218a36298b76a492fc70f430478a
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
7314af11cafb8cca143391063d3c902cd50f6654599326f94d1c37478fafd039
766c5986e6fc4dc69553d27d02b74714e73cfcb1ab0e1548a7662f19d3052a94
8f83f77a7c6e279c5d282859382174aba946ae2d27bf03f8c370023023dbd258
94147d534fe99dc681a4522ceb57bc97540595b30a8c4a26b903d8dc6e135a77
c1ad76c98ee93aca2ff82e319ed2126f95486cc80abb1856b62e902f1c5218b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b570a154988c4931745d748cf4e28b8d8e79e729f762400185c6ae85ea8c80