urlscan.io logo urlscan.io
SecurityTrails logo

geologysting.com Open in urlscan Pro
23.95.56.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tyktyktydk.blob.core.windows.net/dtjkrdttrdj/advbdkuadapidvbadobadaibd.html#u45517rcpDj126xGUr26199XCA147477NsIG222
Effective URL: https://geologysting.com/0/0/0/u647ca6ac801bc8c4e6cef61f2b0f7a7b
Submission: On October 29 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 3 HTTP transactions. The main IP is 23.95.56.4, located in United States and belongs to AS-COLOCROSSING, US. The main domain is geologysting.com.
TLS certificate: Issued by R3 on September 22nd 2022. Valid for: 3 months.
This is the only time geologysting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20.60.62.36 8075 (MICROSOFT...)
1 2 62.210.168.142 12876 (Online SAS)
1 23.95.56.4 36352 (AS-COLOCR...)
3 3
Apex Domain
Subdomains		 Transfer
2 habasha.live
habasha.live
555 B
1 geologysting.com
geologysting.com
7 KB
1 windows.net
tyktyktydk.blob.core.windows.net
557 B
3 3
Domain Requested by
2 habasha.live 1 redirects tyktyktydk.blob.core.windows.net
1 geologysting.com habasha.live
1 tyktyktydk.blob.core.windows.net
3 3

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 02		 2022-09-22 -
2023-09-22		 a year crt.sh
geologysting.com
R3		 2022-09-22 -
2022-12-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://geologysting.com/0/0/0/u647ca6ac801bc8c4e6cef61f2b0f7a7b
Frame ID: C073D0D1568AD4E00527529D872A1636
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Unsubscribe

Page URL History Show full URLs

  1. https://tyktyktydk.blob.core.windows.net/dtjkrdttrdj/advbdkuadapidvbadobadaibd.html Page URL
  2. http://habasha.live/rd/u45517rcpDj126xGUr26199XCA147477NsIG222 Page URL
  3. http://habasha.live/track/u45517rcpDj126xGUr26199XCA147477NsIG222 HTTP 302
    https://geologysting.com/0/0/0/u647ca6ac801bc8c4e6cef61f2b0f7a7b Page URL

Page Statistics

3
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

8 kB
Transfer

8 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tyktyktydk.blob.core.windows.net/dtjkrdttrdj/advbdkuadapidvbadobadaibd.html Page URL
  2. http://habasha.live/rd/u45517rcpDj126xGUr26199XCA147477NsIG222 Page URL
  3. http://habasha.live/track/u45517rcpDj126xGUr26199XCA147477NsIG222 HTTP 302
    https://geologysting.com/0/0/0/u647ca6ac801bc8c4e6cef61f2b0f7a7b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
advbdkuadapidvbadobadaibd.html
tyktyktydk.blob.core.windows.net/dtjkrdttrdj/ 		154 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tyktyktydk.blob.core.windows.net/dtjkrdttrdj/advbdkuadapidvbadobadaibd.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.60.62.36 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
154
Content-MD5
nLlTiDxvRGlDSRPklWMuJQ==
Content-Type
text/html
Date
Sat, 29 Oct 2022 15:55:35 GMT
ETag
0x8DAB91F5C5FFA82
Last-Modified
Fri, 28 Oct 2022 20:02:37 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
bcb683c8-401e-0022-68ae-ebe9df000000
x-ms-version
2009-09-19
u45517rcpDj126xGUr26199XCA147477NsIG222
habasha.live/rd/ 		243 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
http://habasha.live/rd/u45517rcpDj126xGUr26199XCA147477NsIG222
Requested by
Host: tyktyktydk.blob.core.windows.net
URL: https://tyktyktydk.blob.core.windows.net/dtjkrdttrdj/advbdkuadapidvbadobadaibd.html
Protocol
HTTP/1.1
Server
62.210.168.142 Taverny, France, ASN12876 (Online SAS, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
243
Content-Type
text/html; charset=utf-8
Date
Sat, 29 Oct 2022 15:55:35 GMT
Primary Request u647ca6ac801bc8c4e6cef61f2b0f7a7b
geologysting.com/0/0/0/
Redirect Chain
  • http://habasha.live/track/u45517rcpDj126xGUr26199XCA147477NsIG222
  • https://geologysting.com/0/0/0/u647ca6ac801bc8c4e6cef61f2b0f7a7b
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://geologysting.com/0/0/0/u647ca6ac801bc8c4e6cef61f2b0f7a7b
Requested by
Host: habasha.live
URL: http://habasha.live/rd/u45517rcpDj126xGUr26199XCA147477NsIG222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.95.56.4 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
23-95-56-4-host.colocrossing.com
Software
Apache /
Resource Hash
578b9ec8551ad23d7181957b884ff97e65697f3d0745c6a015043af3fee11109

Request headers

Referer
http://habasha.live/rd/u45517rcpDj126xGUr26199XCA147477NsIG222
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
7500
content-type
text/html; charset=UTF-8
date
Sat, 29 Oct 2022 15:55:37 GMT
server
Apache

Redirect headers

Content-Length
87
Content-Type
text/html; charset=utf-8
Date
Sat, 29 Oct 2022 15:55:35 GMT
Location
https://geologysting.com/0/0/0/u647ca6ac801bc8c4e6cef61f2b0f7a7b

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

geologysting.com
habasha.live
tyktyktydk.blob.core.windows.net
20.60.62.36
23.95.56.4
62.210.168.142
578b9ec8551ad23d7181957b884ff97e65697f3d0745c6a015043af3fee11109