urlscan.io logo urlscan.io
SecurityTrails logo

t.sidekickopen90.com Open in urlscan Pro
2606:4700::6812:1dfb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://linkprotect.cudasvc.com/url?a=https%3a%2f%2ft.sidekickopen90.com%2fs2t%2fo%2f5%2ff18dQhb0S7n28bWHB1W58S68M2zGCvGW40Fv_62...
Effective URL: https://t.sidekickopen90.com/s2t/o/5/f18dQhb0S7n28bWHB1W58S68M2zGCvGW40Fv_62SXv86W6W100T7gbDC2N8p-TXg1Wnknf3ZlM1P03?si=800000...
Submission: On October 15 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 1 HTTP transactions. The main IP is 2606:4700::6812:1dfb, located in United States and belongs to CLOUDFLARENET, US. The main domain is t.sidekickopen90.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 13th 2021. Valid for: a year.
This is the only time t.sidekickopen90.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 18.192.246.1 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1
Apex Domain
Subdomains		 Transfer
2 cudasvc.com
linkprotect.cudasvc.com
2 KB
1 sidekickopen90.com
t.sidekickopen90.com
572 B
1 2
Domain Requested by
2 linkprotect.cudasvc.com 2 redirects
1 t.sidekickopen90.com
1 2

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-13 -
2022-07-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://t.sidekickopen90.com/s2t/o/5/f18dQhb0S7n28bWHB1W58S68M2zGCvGW40Fv_62SXv86W6W100T7gbDC2N8p-TXg1Wnknf3ZlM1P03?si=8000000001338878&pi=2814d836-d98b-4755-e628-e083b7cf98e6&ti=0
Frame ID: 1C98420E9DF03B27B052C498BA6DD821
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

f18dQhb0S7n28bWHB1W58S68M2zGCvGW40Fv_62SXv86W6W100T7gbDC2N8p-TXg1Wnknf3ZlM1P03 (1×1)

Page URL History Show full URLs

  1. http://linkprotect.cudasvc.com/url?a=https%3a%2f%2ft.sidekickopen90.com%2fs2t%2fo%2f5%2ff18dQhb0S7n28bWHB1W... HTTP 301
    https://linkprotect.cudasvc.com/url?a=https%3a%2f%2ft.sidekickopen90.com%2fs2t%2fo%2f5%2ff18dQhb0S7n28bWHB1W... HTTP 302
    https://t.sidekickopen90.com/s2t/o/5/f18dQhb0S7n28bWHB1W58S68M2zGCvGW40Fv_62SXv86W6W100T7gbDC2N8p-TXg1Wnk... Page URL

Page Statistics

1
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

1 kB
Transfer

0 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://linkprotect.cudasvc.com/url?a=https%3a%2f%2ft.sidekickopen90.com%2fs2t%2fo%2f5%2ff18dQhb0S7n28bWHB1W58S68M2zGCvGW40Fv_62SXv86W6W100T7gbDC2N8p-TXg1Wnknf3ZlM1P03%3fsi%3d8000000001338878%26pi%3d2814d836-d98b-4755-e628-e083b7cf98e6%26ti%3d0&c=E,1,nts_ HTTP 301
    https://linkprotect.cudasvc.com/url?a=https%3a%2f%2ft.sidekickopen90.com%2fs2t%2fo%2f5%2ff18dQhb0S7n28bWHB1W58S68M2zGCvGW40Fv_62SXv86W6W100T7gbDC2N8p-TXg1Wnknf3ZlM1P03%3fsi%3d8000000001338878%26pi%3d2814d836-d98b-4755-e628-e083b7cf98e6%26ti%3d0&c=E,1,nts_ HTTP 302
    https://t.sidekickopen90.com/s2t/o/5/f18dQhb0S7n28bWHB1W58S68M2zGCvGW40Fv_62SXv86W6W100T7gbDC2N8p-TXg1Wnknf3ZlM1P03?si=8000000001338878&pi=2814d836-d98b-4755-e628-e083b7cf98e6&ti=0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request f18dQhb0S7n28bWHB1W58S68M2zGCvGW40Fv_62SXv86W6W100T7gbDC2N8p-TXg1Wnknf3ZlM1P03
t.sidekickopen90.com/s2t/o/5/
Redirect Chain
  • http://linkprotect.cudasvc.com/url?a=https%3a%2f%2ft.sidekickopen90.com%2fs2t%2fo%2f5%2ff18dQhb0S7n28bWHB1W58S68M2zGCvGW40Fv_62SXv86W6W100T7gbDC2N8p-TXg1Wnknf3ZlM1P03%3fsi%3d8000000001338878%26pi%3...
  • https://linkprotect.cudasvc.com/url?a=https%3a%2f%2ft.sidekickopen90.com%2fs2t%2fo%2f5%2ff18dQhb0S7n28bWHB1W58S68M2zGCvGW40Fv_62SXv86W6W100T7gbDC2N8p-TXg1Wnknf3ZlM1P03%3fsi%3d8000000001338878%26pi%...
  • https://t.sidekickopen90.com/s2t/o/5/f18dQhb0S7n28bWHB1W58S68M2zGCvGW40Fv_62SXv86W6W100T7gbDC2N8p-TXg1Wnknf3ZlM1P03?si=8000000001338878&pi=2814d836-d98b-4755-e628-e083b7cf98e6&ti=0
98 B
572 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sidekickopen90.com/s2t/o/5/f18dQhb0S7n28bWHB1W58S68M2zGCvGW40Fv_62SXv86W6W100T7gbDC2N8p-TXg1Wnknf3ZlM1P03?si=8000000001338878&pi=2814d836-d98b-4755-e628-e083b7cf98e6&ti=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1dfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
050446d0486b2669e511adfa30a5323173f82916321965f04c152677aca4b016

Request headers

:method
GET
:authority
t.sidekickopen90.com
:scheme
https
:path
/s2t/o/5/f18dQhb0S7n28bWHB1W58S68M2zGCvGW40Fv_62SXv86W6W100T7gbDC2N8p-TXg1Wnknf3ZlM1P03?si=8000000001338878&pi=2814d836-d98b-4755-e628-e083b7cf98e6&ti=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 15 Oct 2021 13:22:06 GMT
content-type
image/png
content-length
98
set-cookie
_hetc=f4c8e7c5-f1c4-49a7-8664-7b5feac633ec|1634304125957|ACOD57cwLAIUEuYdTNnkC9TxSNg+Urww93hahnICFGrlDw+ff/kefHVfQWPnZTyy+YrD;Version=1;Comment=;Domain=t.sidekickopen90.com;Path=/;Max-Age=31536000
x-robots-tag
none
cache-control
no-cache, no-store, no-transform
vary
Accept-Encoding
x-hubspot-correlation-id
6c12b195-778d-4243-bf1f-8d2ac102d871
access-control-allow-credentials
false
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69e95ab10a4d5c44-FRA

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Content-Security-Policy
default-src 'self'; style-src 'self' fonts.googleapis.com; font-src 'self' fonts.gstatic.com; frame-src 'self'; frame-ancestors 'none'
Content-Type
text/html
Date
Fri, 15 Oct 2021 13:25:40 GMT
Expires
-1
Location
https://t.sidekickopen90.com/s2t/o/5/f18dQhb0S7n28bWHB1W58S68M2zGCvGW40Fv_62SXv86W6W100T7gbDC2N8p-TXg1Wnknf3ZlM1P03?si=8000000001338878&pi=2814d836-d98b-4755-e628-e083b7cf98e6&ti=0
Pragma
no-cache
Referrer-Policy
no-referrer
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
Content-Length
138
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

1 Cookies

Domain/Path Name / Value
.t.sidekickopen90.com/ Name: _hetc
Value: f4c8e7c5-f1c4-49a7-8664-7b5feac633ec|1634304125957|ACOD57cwLAIUEuYdTNnkC9TxSNg+Urww93hahnICFGrlDw+ff/kefHVfQWPnZTyy+YrD

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

linkprotect.cudasvc.com
t.sidekickopen90.com
18.192.246.1
2606:4700::6812:1dfb
050446d0486b2669e511adfa30a5323173f82916321965f04c152677aca4b016