st-3322.com Open in urlscan Pro
104.21.64.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xgo.kr/5CH
Effective URL:
https://st-3322.com/
Submission: On January 12 via manual (January 12th 2024, 10:49:46 am UTC) from KR — Scanned from DE

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 104.21.64.109, located in and belongs to CLOUDFLARENET, US. The main domain is st-3322.com.
TLS certificate: Issued by E1 on December 28th 2023. Valid for: 3 months.

This is the only time st-3322.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	49.247.13.27 49.247.13.27	38700 (SMILESERV...) (SMILESERV-AS-KR SMILESERV)
9	104.21.64.109 104.21.64.109	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	1

2 49.247.13.27 (Korea, Republic Of) 2 redirects

ASN38700 (SMILESERV-AS-KR SMILESERV, KR)

xgo.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.21.64.109 (None, )

ASN13335 (CLOUDFLARENET, US)

st-3322.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	st-3322.com st-3322.com	239 KB
2	xgo.kr 2 redirects xgo.kr	836 B
9	2

	Domain	Requested by
9	st-3322.com	st-3322.com
2	xgo.kr	2 redirects
9	2

This site contains no links.

Subject Issuer	Validity	Valid
st-3322.com E1	`2023-12-28` - `2024-03-27`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://st-3322.com/
Frame ID: 3559056EB4718780F4F6955A08E659E8
Requests: 7 HTTP requests in this frame

Frame: https://st-3322.com/Blank.html
Frame ID: E3D03EAE861CBB76DE469D899122FD0E
Requests: 1 HTTP requests in this frame

Frame: https://st-3322.com/Blank.html
Frame ID: 6B066836B69F2239EC31860EBCFEB5AB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SHERATON

Page URL History Show full URLs

http://xgo.kr/5CH HTTP 307
https://xgo.kr/5CH HTTP 307
https://st-3322.com/ Page URL

Detected technologies

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

239 kB
Transfer

478 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xgo.kr/5CH HTTP 307
https://xgo.kr/5CH HTTP 307
https://st-3322.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response st-3322.com/ Redirect Chain http://xgo.kr/5CH https://xgo.kr/5CH https://st-3322.com/	10 KB 4 KB	638ms 572ms	Document text/html	104.21.64.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://st-3322.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `d3d2aa16497c3482bf0e7f0d41fc1bae1c8191771b25520e9331a6fce70176f0` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-cache,must-revalidate,no-cache,private cf-cache-status DYNAMIC cf-ray 8444d58cf9545da0-FRA content-encoding br content-type text/html date Fri, 12 Jan 2024 10:49:41 GMT expires Fri, 12 Jan 2024 10:48:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache,no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FXAiFwyS8cVSJK0UYZs7ryhg7YpFJWc1Pmj9nDZ04FyZAnhA%2F7ELL2BhO02SZpv88oUpdpy0fqSKiGFOOjNh8%2BKND5AzGSQVsC2%2BvrOOTldCMotcNnNdBB8cOzelQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Connection keep-alive Content-Type text/html; charset=UTF-8 Date Fri, 12 Jan 2024 10:49:40 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Location https://st-3322.com/ Pragma no-cache Server nginx/1.14.1 Transfer-Encoding chunked X-Powered-By PHP/5.4.16
GET H2	200	style.css st-3322.com/css/	65 KB 12 KB	1070ms 1068ms	Stylesheet text/css	104.21.64.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://st-3322.com/css/style.css?v=2024-01-12%20%EC%98%A4%ED%9B%84%207:49:41 Requested by Host: st-3322.com URL: https://st-3322.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `69fda55e2134095a7085c829f4e66e15f3725fef5bd180055ad2b12727f5c107` Request headers accept-language de-DE,de;q=0.9 Referer https://st-3322.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Fri, 12 Jan 2024 10:49:42 GMT content-encoding br cf-cache-status MISS last-modified Mon, 08 Jan 2024 15:43:55 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"911be47c4942da1:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jUdC7ogmZsJ6zp0qHWspnWAyZdsRIh4GbcrvPzHsDm%2FXx%2FD341DOpsfHYIoDfolkl1FfnzPm9qyNFruIUbr7frfxb9SWuB8i9%2FGZEiPoNg13M4hK8%2F%2F2bo1WbsFzA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8444d590ad2f5da0-FRA alt-svc h3=":443"; ma=86400
GET H2	200	flash.js Show response st-3322.com/js/	911 B 788 B	549ms 548ms	Script application/javascript	104.21.64.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://st-3322.com/js/flash.js Requested by Host: st-3322.com URL: https://st-3322.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a3d72e727ae2f8ff2ca3378e4e047c130831b6796f23ddc105c14a367f3bda9f` Request headers accept-language de-DE,de;q=0.9 Referer https://st-3322.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Fri, 12 Jan 2024 10:49:41 GMT content-encoding br cf-cache-status REVALIDATED last-modified Fri, 03 Jul 2015 12:25:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"092e6558bb5d01:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFTLP96uyG7YonqKquBWRyGN%2BPbaw6I%2Fz%2BLAoUefSfp%2B%2BF1dCIp4idwx6XwswSg1SODFuqKEKS6Boeq7lY%2Bd9Bc25NOXVCO6Mc8AcugCi4Oj4rCDKocGw5B9NiAvNA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8444d590ad345da0-FRA alt-svc h3=":443"; ma=86400
GET H2	200	jquery.js Show response st-3322.com/js/	260 KB 80 KB	554ms 554ms	Script application/javascript	104.21.64.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://st-3322.com/js/jquery.js Requested by Host: st-3322.com URL: https://st-3322.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dbd53eee86558dd33aa4c2f6e99348743c28667b7f21b0166c488d1c81b59829` Request headers accept-language de-DE,de;q=0.9 Referer https://st-3322.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Fri, 12 Jan 2024 10:49:41 GMT content-encoding br cf-cache-status REVALIDATED last-modified Thu, 31 May 2018 19:39:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"04e222717f9d31:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCKpMlmEPXkSxMZ%2Fksf0XHbJucfk4wRtLHNkqQaeeqq3FFyuDQHeNs1EqT524r08e9Md48iqOjKHMy84R3gPbGj0EV45BQ20L4WKhfa%2Bh%2F2JAeSIttg6mh0OeQGm5A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 8444d590ad365da0-FRA alt-svc h3=":443"; ma=86400
GET H2	404	slider.js st-3322.com/js/	0 0	568ms 568ms	Script text/html	104.21.64.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://st-3322.com/js/slider.js Requested by Host: st-3322.com URL: https://st-3322.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://st-3322.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Fri, 12 Jan 2024 10:49:41 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgaQPMfmO%2BZ0BhUdy94QZfSa%2FZ5ifvSO0TJpv4EJ2qtCNudUygr67cxslwcFPp%2FWrkl5B0aaDKsMm8xJHRm%2FTJslWnZRto6bEP28U68sigqfctZRkxMrRe81XVtpAw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control private cf-ray 8444d590ad385da0-FRA alt-svc h3=":443"; ma=86400
GET H2	200	sheraton-logo2.png st-3322.com/img/	69 KB 70 KB	571ms 570ms	Image image/png	104.21.64.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://st-3322.com/img/sheraton-logo2.png Requested by Host: st-3322.com URL: https://st-3322.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `08c538a0d2922a42001914f341d74514995c64ec3a88c4fbe72f933124d761e8` Request headers accept-language de-DE,de;q=0.9 Referer https://st-3322.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Fri, 12 Jan 2024 10:49:41 GMT cf-cache-status REVALIDATED last-modified Sat, 23 Dec 2023 23:06:18 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "62f27a3f435da1:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05DDHhZQmmLjr5wX5iB0X5Tlw62o8C36CV%2BeevhwV2qjRsU9O7P8niqGJsIt2J9J%2BYQRSNpkYTgLc8m1ZGp3Z4YIzk%2BP%2FW2L2LotPhHCTxULo7QvsjGloXVcJ4AtMg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 8444d590ad3a5da0-FRA alt-svc h3=":443"; ma=86400 content-length 71143
GET H3	200	Blank.html Show response st-3322.com/ Frame E3D0	0 454 B	529ms 529ms	Document text/html	104.21.64.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://st-3322.com/Blank.html Requested by Host: st-3322.com URL: https://st-3322.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://st-3322.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8444d5976c7c3825-FRA content-encoding br content-type text/html date Fri, 12 Jan 2024 10:49:42 GMT last-modified Fri, 01 Sep 2023 02:05:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wDHJ%2FusdSfk51lcPRwV%2FJ41BlI7c21S%2B8ihLAM2gsfioiqCSCYIiYqYGJstJ4MusqcX4%2BTNQ4NmX%2FUDilj8TAKibCX0%2Bdn%2BBX8mDcYYF%2Bswy%2B2eFAvWAzRdzoo91A%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	Blank.html Show response st-3322.com/ Frame 6B06	0 414 B	545ms 545ms	Document text/html	104.21.64.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://st-3322.com/Blank.html Requested by Host: st-3322.com URL: https://st-3322.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://st-3322.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8444d5976c803825-FRA content-encoding br content-type text/html date Fri, 12 Jan 2024 10:49:42 GMT last-modified Fri, 01 Sep 2023 02:05:56 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgCjojWBA5eYZELXMzP45DkUBm6CLf3ZIq2NwMJ9fM3TPlxfJ2xSOUkj5L%2B4X1sMKnpGdGbPdqj2UE5pwvWbryvvg%2F0EA%2FbiJwgvcU4dyvZMMagZEj4%2B4bKgxj7sdg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	backbg2.jpg st-3322.com/img/	72 KB 73 KB	1058ms 1058ms	Image image/jpeg	104.21.64.109 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://st-3322.com/img/backbg2.jpg?v1 Requested by Host: st-3322.com URL: https://st-3322.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.109 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b53053296ca1b6b3a8f883e3e579d6870b9dc2c2358c51c5a0acb1fb9f83f940` Request headers accept-language de-DE,de;q=0.9 Referer https://st-3322.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Fri, 12 Jan 2024 10:49:43 GMT cf-cache-status MISS last-modified Sun, 17 Dec 2023 15:59:10 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "df56daf8131da1:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FxfUKYrmlcprcEPuklkTXBIiyVntqvr1EFovIErEI5h6VWJaJtSBrNZyS0dSHos2ugVE9H7T8gZF77NnlsBY1wpXEHGa59lUDaVfVjmgx33FqRrwh7b%2BqS3mwrS7gQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8444d5976c7f3825-FRA alt-svc h3=":443"; ma=86400 content-length 74179

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			xgo.kr/	1970-01-20 17:37:43	Name: ci_session Value: oo30phfpf4im08v1mle4jkjvdbfri9k6
			st-3322.com/	1969-12-31 23:59:59	Name: ASPSESSIONIDQCACDRCC Value: LAIPOLCAPICMAJCLHLLBCEBH

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://st-3322.com/js/slider.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

st-3322.com
xgo.kr
104.21.64.109
49.247.13.27
08c538a0d2922a42001914f341d74514995c64ec3a88c4fbe72f933124d761e8
69fda55e2134095a7085c829f4e66e15f3725fef5bd180055ad2b12727f5c107
a3d72e727ae2f8ff2ca3378e4e047c130831b6796f23ddc105c14a367f3bda9f
b53053296ca1b6b3a8f883e3e579d6870b9dc2c2358c51c5a0acb1fb9f83f940
d3d2aa16497c3482bf0e7f0d41fc1bae1c8191771b25520e9331a6fce70176f0
dbd53eee86558dd33aa4c2f6e99348743c28667b7f21b0166c488d1c81b59829
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

st-3322.com Open in urlscan Pro 104.21.64.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

1 IPs

2 Countries

239 kBTransfer

478 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

2 Cookies

1 Console Messages

Indicators

st-3322.com Open in urlscan Pro
104.21.64.109 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

239 kB
Transfer

478 kB
Size

2
Cookies

9 HTTP transactions
0 data transactions