urlscan.io logo urlscan.io
SecurityTrails logo

ww25.confusion.com Open in urlscan Pro
199.59.243.200  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://blog.booxium.com/wp-content/uploads/2021/deuteriumn.php?utm_source=9ee75&utm_content=4
Effective URL: http://ww25.confusion.com/?subid1=20211217-0913-30c5-a404-909d2229c543
Submission: On December 16 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 199.59.243.200, located in United States and belongs to AMAZON-02, US. The main domain is ww25.confusion.com.
This is the only time ww25.confusion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 213.136.94.188 51167 (CONTABO)
1 1 103.224.182.245 133618 (TRELLIAN-...)
5 199.59.243.200 16509 (AMAZON-02)
2 2a00:1450:400... ()
9 4
Apex Domain
Subdomains		 Transfer
6 confusion.com
confusion.com
ww25.confusion.com
26 KB
2 google.com
www.google.com
53 KB
1 booxium.com
blog.booxium.com
2 KB
9 3
Domain Requested by
5 ww25.confusion.com blog.booxium.com
ww25.confusion.com
2 www.google.com ww25.confusion.com
www.google.com
1 confusion.com 1 redirects
1 blog.booxium.com
9 4

This site contains no links.

Subject Issuer Validity Valid
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://ww25.confusion.com/?subid1=20211217-0913-30c5-a404-909d2229c543
Frame ID: 1C15DBE2A3CF838007A763FCA431B67B
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adtest=off&psid=4572869586&pcsa=false&channel=pid-bodis-gcontrol252%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol322%2Cpid-bodis-gcontrol152&client=dp-bodis30_3ph&r=m&hl=en&max_radlink_len=60&type=3&uiopt=false&swp=as-drid-2836399360203458&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300769%2C17300771%2C17300842%2C17300859%2C17300862&format=r3&nocache=8161639692812232&num=0&output=afd_ads&domain_name=ww25.confusion.com&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1639692812233&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=77&frm=0&uio=-&cont=rs&inames=master-1&jsv=90062&rurl=http%3A%2F%2Fww25.confusion.com%2F%3Fsubid1%3D20211217-0913-30c5-a404-909d2229c543&referer=http%3A%2F%2Fblog.booxium.com%2F
Frame ID: 3A45A76920341E7F6DB1C51CAD5F97BD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://blog.booxium.com/wp-content/uploads/2021/deuteriumn.php?utm_source=9ee75&utm_content=4 Page URL
  2. https://confusion.com/ HTTP 302
    http://ww25.confusion.com/?subid1=20211217-0913-30c5-a404-909d2229c543 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

9
Requests

22 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

3
Countries

81 kB
Transfer

215 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://blog.booxium.com/wp-content/uploads/2021/deuteriumn.php?utm_source=9ee75&amp;utm_content=4 Page URL
  2. https://confusion.com/ HTTP 302
    http://ww25.confusion.com/?subid1=20211217-0913-30c5-a404-909d2229c543 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
deuteriumn.php
blog.booxium.com/wp-content/uploads/2021/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://blog.booxium.com/wp-content/uploads/2021/deuteriumn.php?utm_source=9ee75&amp;utm_content=4
Protocol
HTTP/1.1
Server
213.136.94.188 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi335397.contaboserver.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8163619b5406d9b53e0a17eb0047a1cf9a58693a562fb30de18af89a6136355a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.14.0 (Ubuntu)
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Date
Thu, 16 Dec 2021 22:13:28 GMT
Last-Modified
Thu, 16 Dec 2021 21:13:28 GMT
Expires
Thu, 16 Dec 2021 21:43:28 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0 max-age=0
Pragma
no-cache
Content-Encoding
gzip
Primary Request /
ww25.confusion.com/
Redirect Chain
  • https://confusion.com/
  • http://ww25.confusion.com/?subid1=20211217-0913-30c5-a404-909d2229c543
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww25.confusion.com/?subid1=20211217-0913-30c5-a404-909d2229c543
Requested by
Host: blog.booxium.com
URL: http://blog.booxium.com/wp-content/uploads/2021/deuteriumn.php?utm_source=9ee75&amp;utm_content=4
Protocol
HTTP/1.1
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
bcc4613fab5ebd66a89acbb88d5138e27e4391be2aec7b8eff9ed18dc45ac61f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://blog.booxium.com/

Response headers

Server
openresty
Date
Thu, 16 Dec 2021 22:13:31 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Adblock-Key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_fQiGr6j2YldAlfWi96EwS0ihAsXebUVc4G66FC1ssAvJJiqYsBN45XY2EpKlLE2wqXK+7+Gif40o0Lb/k/7KLw==
Cache-Control
no-cache no-store, must-revalidate post-check=0, pre-check=0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Date
Thu, 16 Dec 2021 22:13:30 GMT
Server
Apache/2.4.25 (Debian)
Location
http://ww25.confusion.com/?subid1=20211217-0913-30c5-a404-909d2229c543
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
parking.2.74.0.js
ww25.confusion.com/js/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ww25.confusion.com/js/parking.2.74.0.js
Requested by
Host: ww25.confusion.com
URL: http://ww25.confusion.com/?subid1=20211217-0913-30c5-a404-909d2229c543
Protocol
HTTP/1.1
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
2bc96f931e3d25d71ae267f5605455ac4def174a0b47b2f9a0f795c1ce655211

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ww25.confusion.com/?subid1=20211217-0913-30c5-a404-909d2229c543
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 22:13:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 20:17:48 GMT
Server
openresty
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
_fd
ww25.confusion.com/ 		6 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
http://ww25.confusion.com/_fd?subid1=20211217-0913-30c5-a404-909d2229c543
Requested by
Host: ww25.confusion.com
URL: http://ww25.confusion.com/js/parking.2.74.0.js
Protocol
HTTP/1.1
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
41fd7946a0f583585147b4dc62407ac08484470885954eaf87209229d42a2a99

Request headers

Accept
application/json
Referer
http://ww25.confusion.com/?subid1=20211217-0913-30c5-a404-909d2229c543
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

X-Version
2.74.0
Date
Thu, 16 Dec 2021 22:13:32 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:01 GMT
caf.js
www.google.com/adsense/domains/ 		138 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/domains/caf.js
Requested by
Host: ww25.confusion.com
URL: http://ww25.confusion.com/js/parking.2.74.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
22d85bf9180de0779080d27d0aa4ea61a089fe43d8a50d4c6237b44c785f4e2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ww25.confusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Thu, 16 Dec 2021 22:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"8242510405117719433"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Thu, 16 Dec 2021 22:13:32 GMT
px.gif
ww25.confusion.com/ 		42 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ww25.confusion.com/px.gif?ch=1&rn=0.9519173664466407
Requested by
Host: ww25.confusion.com
URL: http://ww25.confusion.com/?subid1=20211217-0913-30c5-a404-909d2229c543
Protocol
HTTP/1.1
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ww25.confusion.com/?subid1=20211217-0913-30c5-a404-909d2229c543
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 22:13:32 GMT
Last-Modified
Wed, 15 Sep 2021 19:38:30 GMT
Server
openresty
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:01 GMT
px.gif
ww25.confusion.com/ 		42 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ww25.confusion.com/px.gif?ch=2&rn=0.9519173664466407
Requested by
Host: ww25.confusion.com
URL: http://ww25.confusion.com/?subid1=20211217-0913-30c5-a404-909d2229c543
Protocol
HTTP/1.1
Server
199.59.243.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ww25.confusion.com/?subid1=20211217-0913-30c5-a404-909d2229c543
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Dec 2021 22:13:32 GMT
Last-Modified
Wed, 15 Sep 2021 19:38:30 GMT
Server
openresty
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:01 GMT
ads
www.google.com/afs/ Frame 3A45 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/afs/ads?adtest=off&psid=4572869586&pcsa=false&channel=pid-bodis-gcontrol252%2Cpid-bodis-gcontrol97%2Cpid-bodis-gcontrol322%2Cpid-bodis-gcontrol152&client=dp-bodis30_3ph&r=m&hl=en&max_radlink_len=60&type=3&uiopt=false&swp=as-drid-2836399360203458&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300769%2C17300771%2C17300842%2C17300859%2C17300862&format=r3&nocache=8161639692812232&num=0&output=afd_ads&domain_name=ww25.confusion.com&v=3&bsl=8&pac=0&u_his=3&u_tz=0&dt=1639692812233&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1584&psh=77&frm=0&uio=-&cont=rs&inames=master-1&jsv=90062&rurl=http%3A%2F%2Fww25.confusion.com%2F%3Fsubid1%3D20211217-0913-30c5-a404-909d2229c543&referer=http%3A%2F%2Fblog.booxium.com%2F
Requested by
Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 -, , ASN (),
Reverse DNS
Software
gws /
Resource Hash
2a3f45c7587587aaac94aa20ec4959042b486d033be87187c64373c715cbb419
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://ww25.confusion.com/

Response headers

content-type
text/html; charset=UTF-8
content-disposition
inline
date
Thu, 16 Dec 2021 22:13:32 GMT
expires
Thu, 16 Dec 2021 22:13:32 GMT
cache-control
private, max-age=3600
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding
br
server
gws
content-length
1944
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
caf.js
www.google.com/adsense/domains/ Frame 3A45 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/adsense/domains/caf.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| park object| regeneratorRuntime function| setImmediate function| clearImmediate

2 Cookies

Domain/Path Name / Value
confusion.com/ Name: __tad
Value: 1639692810.4066105
ww25.confusion.com/ Name: parking_session
Value: 889e0002-85b2-548f-6a05-f937286a53ea