urlscan.io logo urlscan.io
SecurityTrails logo

simplyludovick.tw Open in urlscan Pro
157.245.79.75  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nabutone-connect.co.za/expression.php?a=DgZCVUpLQwFaTR0HWANsXARCFUNeD0sOBg==
Effective URL: https://simplyludovick.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sharkhgs&sub2=iron4
Submission: On February 23 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 4 domains to perform 7 HTTP transactions. The main IP is 157.245.79.75, located in Amsterdam, Netherlands and belongs to DIGITALOCEAN-ASN, US. The main domain is simplyludovick.tw.
TLS certificate: Issued by R3 on February 18th 2021. Valid for: 3 months.
This is the only time simplyludovick.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 41.185.8.73 36943 (ZA-1-Grid)
1 51.89.92.108 16276 (OVH)
1 2 51.195.108.239 16276 (OVH)
1 157.245.79.75 14061 (DIGITALOC...)
7 5
Domain Requested by
3 nabutone-connect.co.za 1 redirects nabutone-connect.co.za
2 click.travelfornamewalking.ga for.dontkinhooot.tw
click.travelfornamewalking.ga
1 simplyludovick.tw click.travelfornamewalking.ga
1 for.dontkinhooot.tw
7 4

This site contains no links.

Subject Issuer Validity Valid
*.nabutone-connect.co.za
R3		 2021-01-14 -
2021-04-14		 3 months crt.sh
for.dontkinhooot.tw
R3		 2021-02-09 -
2021-05-10		 3 months crt.sh
click.travelfornamewalking.ga
R3		 2021-02-01 -
2021-05-02		 3 months crt.sh
simplyludovick.tw
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://simplyludovick.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sharkhgs&sub2=iron4
Frame ID: 85BC93254E88A39D2E469CF660618571
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://nabutone-connect.co.za/expression.php?a=DgZCVUpLQwFaTR0HWANsXARCFUNeD0sOBg== Page URL
  2. https://nabutone-connect.co.za/expression.php?a=DgZCVUpLQwFaTR0HWANsXARCFUNeD0sOBg== Page URL
  3. https://nabutone-connect.co.za/?a=dG9ueS5nb292YWVydHNAcGFuZG9yYS5iZQ%3D%3D HTTP 302
    https://for.dontkinhooot.tw/walkers?id=0092 Page URL
  4. https://click.travelfornamewalking.ga/zet.php?id=3602435&sid=354918&uid=1392615 Page URL
  5. https://click.travelfornamewalking.ga/ner.php?v=325&id=524567 HTTP 302
    https://simplyludovick.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sharkhgs&sub2=iron4 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

7
Requests

71 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

4
Countries

22 kB
Transfer

21 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nabutone-connect.co.za/expression.php?a=DgZCVUpLQwFaTR0HWANsXARCFUNeD0sOBg== Page URL
  2. https://nabutone-connect.co.za/expression.php?a=DgZCVUpLQwFaTR0HWANsXARCFUNeD0sOBg== Page URL
  3. https://nabutone-connect.co.za/?a=dG9ueS5nb292YWVydHNAcGFuZG9yYS5iZQ%3D%3D HTTP 302
    https://for.dontkinhooot.tw/walkers?id=0092 Page URL
  4. https://click.travelfornamewalking.ga/zet.php?id=3602435&sid=354918&uid=1392615 Page URL
  5. https://click.travelfornamewalking.ga/ner.php?v=325&id=524567 HTTP 302
    https://simplyludovick.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sharkhgs&sub2=iron4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://nabutone-connect.co.za/?a=dG9ueS5nb292YWVydHNAcGFuZG9yYS5iZQ%3D%3D HTTP 302
  • https://for.dontkinhooot.tw/walkers?id=0092

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
expression.php
nabutone-connect.co.za/ 		937 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nabutone-connect.co.za/expression.php?a=DgZCVUpLQwFaTR0HWANsXARCFUNeD0sOBg==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.73 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv75.hostserv.co.za
Software
Apache / PHP/7.2.34
Resource Hash
2f58ac50edbc16d8aa708d2f6b928076c3411a2fdeefa3031013148ec59ad6fe

Request headers

Host
nabutone-connect.co.za
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 23 Feb 2021 09:29:27 GMT
Server
Apache
X-Powered-By
PHP/7.2.34
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
expression.php
nabutone-connect.co.za/ 		1007 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nabutone-connect.co.za/expression.php?a=DgZCVUpLQwFaTR0HWANsXARCFUNeD0sOBg==
Requested by
Host: nabutone-connect.co.za
URL: https://nabutone-connect.co.za/expression.php?a=DgZCVUpLQwFaTR0HWANsXARCFUNeD0sOBg==
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
41.185.8.73 , South Africa, ASN36943 (ZA-1-Grid, ZA),
Reverse DNS
srv75.hostserv.co.za
Software
Apache / PHP/7.2.34
Resource Hash
acd5e08fc6c9f80a4672885a523efcbca745f874a12404e6d9a9778604b6fded

Request headers

Host
nabutone-connect.co.za
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://nabutone-connect.co.za/expression.php?a=DgZCVUpLQwFaTR0HWANsXARCFUNeD0sOBg==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
d=60; n=Europe/Berlin
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nabutone-connect.co.za/expression.php?a=DgZCVUpLQwFaTR0HWANsXARCFUNeD0sOBg==

Response headers

Date
Tue, 23 Feb 2021 09:29:27 GMT
Server
Apache
X-Powered-By
PHP/7.2.34
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
walkers
for.dontkinhooot.tw/
Redirect Chain
  • https://nabutone-connect.co.za/?a=dG9ueS5nb292YWVydHNAcGFuZG9yYS5iZQ%3D%3D
  • https://for.dontkinhooot.tw/walkers?id=0092
950 B
777 B 		Document
General
Check archive.org
Download Go to
Full URL
https://for.dontkinhooot.tw/walkers?id=0092
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.92.108 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
cloud.msk.network
Software
nginx /
Resource Hash
4b9fa6ea7340d658c9c161f755e1de850fd18b8a68022770497e582c8d4ef730

Request headers

Host
for.dontkinhooot.tw
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://nabutone-connect.co.za/expression.php?a=DgZCVUpLQwFaTR0HWANsXARCFUNeD0sOBg==
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://nabutone-connect.co.za/expression.php?a=DgZCVUpLQwFaTR0HWANsXARCFUNeD0sOBg==

Response headers

Server
nginx
Date
Tue, 23 Feb 2021 09:29:28 GMT
Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
Vary
Accept-Encoding Accept-Encoding
Access-Control-Allow-Origin
*
Content-Encoding
gzip

Redirect headers

Date
Tue, 23 Feb 2021 09:29:28 GMT
Server
Apache
X-Powered-By
PHP/7.2.34
Location
https://for.dontkinhooot.tw/walkers?id=0092
Content-Length
0
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
zet.php
click.travelfornamewalking.ga/ 		0
0
zet.php
click.travelfornamewalking.ga/ 		470 B
676 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click.travelfornamewalking.ga/zet.php?id=3602435&sid=354918&uid=1392615
Requested by
Host: for.dontkinhooot.tw
URL: https://for.dontkinhooot.tw/walkers?id=0092
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.195.108.239 , France, ASN16276 (OVH, FR),
Reverse DNS
cloud.msk.network
Software
nginx / PHP/5.4.16
Resource Hash
9ffada0249a2361453e1b9bfa9b3cae69f59c558dde1cce9952dfe79bc2fa27d

Request headers

Host
click.travelfornamewalking.ga
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://for.dontkinhooot.tw/walkers?id=0092
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://for.dontkinhooot.tw/walkers?id=0092

Response headers

Server
nginx
Date
Tue, 23 Feb 2021 09:29:29 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
470
Connection
keep-alive
Keep-Alive
timeout=60
X-Powered-By
PHP/5.4.16
ner.php
click.travelfornamewalking.ga/ 		0
0
Primary Request /
simplyludovick.tw/
Redirect Chain
  • https://click.travelfornamewalking.ga/ner.php?v=325&id=524567
  • https://simplyludovick.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sharkhgs&sub2=iron4
18 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://simplyludovick.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sharkhgs&sub2=iron4
Requested by
Host: click.travelfornamewalking.ga
URL: https://click.travelfornamewalking.ga/zet.php?id=3602435&sid=354918&uid=1392615
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.245.79.75 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d54a7271a831637ba4905b7db90b42ad899cc830ee0476d2de26ccd51576a825
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
simplyludovick.tw
:scheme
https
:path
/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sharkhgs&sub2=iron4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://click.travelfornamewalking.ga/zet.php?id=3602435&sid=354918&uid=1392615
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://click.travelfornamewalking.ga/zet.php?id=3602435&sid=354918&uid=1392615

Response headers

server
nginx
date
Tue, 23 Feb 2021 09:29:29 GMT
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
set-cookie
uuid=2a09e748-328b-4686-9186-68907c1a3828; expires=Thu, 25-Mar-2021 09:29:29 GMT; Max-Age=2592000; path=/; domain=simplyludovick.tw
strict-transport-security
max-age=31536000
content-security-policy
img-src https: data:; upgrade-insecure-requests

Redirect headers

Server
nginx
Date
Tue, 23 Feb 2021 09:29:29 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=60
X-Powered-By
PHP/5.4.16
Location
https://simplyludovick.tw/?p=me2tsylggm5gi3bpgi2tmma&sub1=Sharkhgs&sub2=iron4

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
click.travelfornamewalking.ga
URL
https://click.travelfornamewalking.ga/zet.php?id=3602435&sid=354918&uid=1392615
Domain
click.travelfornamewalking.ga
URL
https://click.travelfornamewalking.ga/ner.php?v=325&id=524567

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated boolean| guardEnabled boolean| isChrome function| compareVersion function| getLanguage object| rootElement boolean| canStart function| text function| textr function| disableHistory function| disableIncognito function| denied function| getWorkerRegistration function| SubS function| CheckS function| urlB64ToUint8Array

1 Cookies

Domain/Path Name / Value
.simplyludovick.tw/ Name: uuid
Value: 2a09e748-328b-4686-9186-68907c1a3828