urlscan.io logo urlscan.io
SecurityTrails logo

70kz4qetavxd42ywc.duckdns.org Open in urlscan Pro
47.254.244.0  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dir.direct/vfeun?community_standards=100291404331428947
Effective URL: https://70kz4qetavxd42ywc.duckdns.org/?community_standards_php=&community_standards=100291404331428947
Submission: On November 19 via automatic, source openphish — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 47.254.244.0, located in Kuala Lumpur, Malaysia and belongs to ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN. The main domain is 70kz4qetavxd42ywc.duckdns.org.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on November 18th 2023. Valid for: 3 months.
This is the only time 70kz4qetavxd42ywc.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 47.254.244.0 45102 (ALIBABA-C...)
4 1
Apex Domain
Subdomains		 Transfer
4 duckdns.org
70kz4qetavxd42ywc.duckdns.org
140 KB
1 dir.direct
dir.direct
1 KB
4 2
Domain Requested by
4 70kz4qetavxd42ywc.duckdns.org 70kz4qetavxd42ywc.duckdns.org
1 dir.direct 1 redirects
4 2

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
facebook.com
Subject Issuer Validity Valid
70kz4qetavxd42ywc.duckdns.org
ZeroSSL RSA Domain Secure Site CA		 2023-11-18 -
2024-02-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://70kz4qetavxd42ywc.duckdns.org/?community_standards_php=&community_standards=100291404331428947
Frame ID: F2E2416A06C4F5A77CA8453E480B8B85
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Community Standards

Page URL History Show full URLs

  1. https://dir.direct/vfeun?community_standards=100291404331428947 HTTP 301
    https://70kz4qetavxd42ywc.duckdns.org/?community_standards_php=&community_standards=100291404331428947 Page URL

Page Statistics

4
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

140 kB
Transfer

152 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dir.direct/vfeun?community_standards=100291404331428947 HTTP 301
    https://70kz4qetavxd42ywc.duckdns.org/?community_standards_php=&community_standards=100291404331428947 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
70kz4qetavxd42ywc.duckdns.org/
Redirect Chain
  • https://dir.direct/vfeun?community_standards=100291404331428947
  • https://70kz4qetavxd42ywc.duckdns.org/?community_standards_php=&community_standards=100291404331428947
11 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://70kz4qetavxd42ywc.duckdns.org/?community_standards_php=&community_standards=100291404331428947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.254.244.0 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2174f247ab7c27e2e11dcfea37dcc9ea379dd1a454c69e508bbd995e0a968a4c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-encoding
br
content-length
1433
content-type
text/html
date
Sun, 19 Nov 2023 04:23:49 GMT
etag
"2d72-654c7ada-143576;br"
last-modified
Thu, 09 Nov 2023 06:23:22 GMT
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, private
cf-cache-status
DYNAMIC
cf-ray
8285ae0edeb31e5b-FRA
content-type
text/html; charset=UTF-8
date
Sun, 19 Nov 2023 04:23:48 GMT
expires
-1
location
https://70kz4qetavxd42ywc.duckdns.org/?community_standards_php=&community_standards=100291404331428947
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWECnsVTzgMs5mE59UOJt4DM1K9kNV9f%2BBd7Lg%2BpwhHSItu55TS7or4kD7sBOltaaMJnZjWMPOZiMZVrfaxWf%2BnLg69RrC%2BW0L%2BbLjp6zGxteQ9YTt5o8%2BX1dU5%2BYDmt4H1zgQk4Z4EP"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
hidden.css
70kz4qetavxd42ywc.duckdns.org/create/one/ 		4 KB
964 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://70kz4qetavxd42ywc.duckdns.org/create/one/hidden.css
Requested by
Host: 70kz4qetavxd42ywc.duckdns.org
URL: https://70kz4qetavxd42ywc.duckdns.org/?community_standards_php=&community_standards=100291404331428947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.254.244.0 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
0b2f65681c0771ce3ecedb87f2731c1aa22fa02077d3a1e721610bca4b0134f6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://70kz4qetavxd42ywc.duckdns.org/?community_standards_php=&community_standards=100291404331428947
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 04:23:49 GMT
content-encoding
br
last-modified
Thu, 09 Nov 2023 06:07:02 GMT
server
LiteSpeed
etag
"e70-654c7706-143363;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
829
expires
Sun, 26 Nov 2023 04:23:49 GMT
XKda4kfD9L.png
70kz4qetavxd42ywc.duckdns.org/create/img/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://70kz4qetavxd42ywc.duckdns.org/create/img/XKda4kfD9L.png
Requested by
Host: 70kz4qetavxd42ywc.duckdns.org
URL: https://70kz4qetavxd42ywc.duckdns.org/?community_standards_php=&community_standards=100291404331428947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.254.244.0 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8b956ecac9817ddeda86090e1ea3681e1d5a1d05567af3d08d3503e779ddef82

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://70kz4qetavxd42ywc.duckdns.org/?community_standards_php=&community_standards=100291404331428947
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 04:23:49 GMT
last-modified
Fri, 25 Nov 2022 08:50:56 GMT
server
LiteSpeed
etag
"1bcf1-638081f0-143572;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
113905
expires
Sun, 26 Nov 2023 04:23:49 GMT
TbXLmqW3Z.png
70kz4qetavxd42ywc.duckdns.org/create/img/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://70kz4qetavxd42ywc.duckdns.org/create/img/TbXLmqW3Z.png
Requested by
Host: 70kz4qetavxd42ywc.duckdns.org
URL: https://70kz4qetavxd42ywc.duckdns.org/?community_standards_php=&community_standards=100291404331428947
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
47.254.244.0 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f6062884a7a6b7f3b8f1d40607619344f798b1442466ee1cba691f060174acef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://70kz4qetavxd42ywc.duckdns.org/?community_standards_php=&community_standards=100291404331428947
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 04:23:49 GMT
last-modified
Thu, 09 Nov 2023 05:59:52 GMT
server
LiteSpeed
etag
"662e-654c7558-143574;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
26158
expires
Sun, 26 Nov 2023 04:23:49 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

2 Cookies

Domain/Path Name / Value
dir.direct/ Name: XSRF-TOKEN
Value: eyJpdiI6IlYrdFVOQTZ5TUxjblFhaEdPcTRSWnc9PSIsInZhbHVlIjoiNW9rVVBYMTNnZGlGSHVidHh0QzY5MkgzQ3FwbGFjVkY4dkNXdFJyQ1RBdm14cmlMTFU0a2FsUGI5VmZkL3UvN1NMbjQwZXRTTzB4TTNueHlPS0pWUktCanVqNFpEZjhoMytpOHBqRWZtMEh4dmZUTnhoME91VXdxSDhpd0VodlgiLCJtYWMiOiJlZGQyMDUwYzZmYTZmM2JmNWYxNDBiZjZlOWU2NDczMzA5YTRkZmEwYjA4Mjg5ZWFhYWM4MWM0Mjg3NjJhYmRkIiwidGFnIjoiIn0%3D
dir.direct/ Name: phpshort_session
Value: eyJpdiI6IlFScGsrSnlPblFyT0NQbFltekJHaGc9PSIsInZhbHVlIjoiM0tsblJDMWxVcTlVWGNpUzlPMUtQclFzWlU5SS83N2tqd200TG8yWlVVYWk3cnN5dTQxQVdyaTBybDM2ZnZ6ZWxJZkRUc09XcGJ0VTlxSDVWMlZYK2hLNXFiNWp0Y3UxNmdONE9NOGJRK0JSbUM4RTczbXJ5cFJmUGl0dVowWVciLCJtYWMiOiI0ODBmYjI2N2NkNTYwYzE3MTMzNDkzYjNmMzlhMzI3MzAzMjJlMTdhYjE2YzZlMjg4MDIyMjg0ZTU5YWQ1MDczIiwidGFnIjoiIn0%3D