urlscan.io logo urlscan.io
SecurityTrails logo

drkishanrao.com Open in urlscan Pro
149.102.231.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/HvhkFC8Fv2
Effective URL: https://drkishanrao.com/m22/
Submission: On February 14 via manual from MA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 149.102.231.135, located in Singapore, Singapore and belongs to CDNEXT, GB. The main domain is drkishanrao.com. The Cisco Umbrella rank of the primary domain is 263121.
TLS certificate: Issued by R3 on February 2nd 2024. Valid for: 3 months.
This is the only time drkishanrao.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

script69.js 283 KB text/plain
MIME: ASCII text, with very long lines, with CRLF, CR, LF line terminators
Size: 283 KB (289667 bytes, 100% done)
Downloaded from: https://drkishanrao.com/m22/script69.js

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.197 13414 (TWITTER)
2 4 79.113.83.29 8708 (RCS-RDS 7...)
1 2 54.147.27.87 14618 (AMAZON-AES)
3 6 149.102.231.135 212238 (CDNEXT)
7 5
Apex Domain
Subdomains		 Transfer
6 drkishanrao.com
drkishanrao.com — Cisco Umbrella Rank: 263121
12 KB
4 loadads.com
loadads.com
7 KB
2 rapolok.com
p.rapolok.com — Cisco Umbrella Rank: 130849
570 B
1 t.co
t.co — Cisco Umbrella Rank: 641
582 B
7 4
Domain Requested by
6 drkishanrao.com 3 redirects p.rapolok.com
drkishanrao.com
4 loadads.com 2 redirects t.co
2 p.rapolok.com 1 redirects loadads.com
1 t.co
7 4

This site contains links to these domains. Also see Links.

Domain
visualredistributable.click
Subject Issuer Validity Valid
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-07 -
2025-01-06		 a year crt.sh
www.loadads.com
R3		 2024-01-10 -
2024-04-09		 3 months crt.sh
p.rapolok.com
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
drkishanrao.com
R3		 2024-02-02 -
2024-05-02		 3 months crt.sh

This page contains 1 frames:

Frame: https://drkishanrao.com/m22/script69.js
Frame ID: 57C9BDC505C6A63967515C94DBDD83FE
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Download page

Page URL History Show full URLs

  1. https://t.co/HvhkFC8Fv2 Page URL
  2. https://loadads.com/pub/43d1f40b200112b32614d583f2a068d1/ Page URL
  3. https://loadads.com/pub/_dependables/keep_logs.php?wRunHere=RTVITHNwWkJSS2RKMytSSVd5VFVCZz09&xWa... HTTP 302
    https://loadads.com/_out.php?to=Ly9wLnJhcG9sb2suY29tL2dvLzE5NjcwOC81NTIzMzA%3D&pub_hash=uphh6act... HTTP 302
    https://loadads.com/_out.php?pub_hash=uphh6activtt0vnitdgub4pm83 Page URL
  4. https://p.rapolok.com/go/196708/552330 Page URL
  5. https://p.rapolok.com/ad/ad?p=196708&w=552330&t=0a6ebbdcd79cf927&r=aHR0cHMlM0ElMkYlMkZsb2FkYWRzLmN... HTTP 303
    https://drkishanrao.com/pnow2 HTTP 301
    https://drkishanrao.com/pnow2/ HTTP 301
    https://drkishanrao.com/m22 HTTP 301
    https://drkishanrao.com/m22/ Page URL

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

18 kB
Transfer

27 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/HvhkFC8Fv2 Page URL
  2. https://loadads.com/pub/43d1f40b200112b32614d583f2a068d1/ Page URL
  3. https://loadads.com/pub/_dependables/keep_logs.php?wRunHere=RTVITHNwWkJSS2RKMytSSVd5VFVCZz09&xWasHere=b3NqWk9hamg2TkRva3JHK2hYUHN5ek5pb2Z4c1NUaHRBMjhmbXVhOVROaDg3SHllSVZDa3dCK3NMc0cyVXdNMXdPRUwvYzBiSG1IaDRrSXA0L0dFaEE9PQ==&thisTime=1707943017&startsIP=ZGRRR3J6L0UwdUxxMHZLRENuUUZ6QT09&pub_hash=uphh6activtt0vnitdgub4pm83 HTTP 302
    https://loadads.com/_out.php?to=Ly9wLnJhcG9sb2suY29tL2dvLzE5NjcwOC81NTIzMzA%3D&pub_hash=uphh6activtt0vnitdgub4pm83 HTTP 302
    https://loadads.com/_out.php?pub_hash=uphh6activtt0vnitdgub4pm83 Page URL
  4. https://p.rapolok.com/go/196708/552330 Page URL
  5. https://p.rapolok.com/ad/ad?p=196708&w=552330&t=0a6ebbdcd79cf927&r=aHR0cHMlM0ElMkYlMkZsb2FkYWRzLmNvbSUyRg==&vw=1600&vh=1200 HTTP 303
    https://drkishanrao.com/pnow2 HTTP 301
    https://drkishanrao.com/pnow2/ HTTP 301
    https://drkishanrao.com/m22 HTTP 301
    https://drkishanrao.com/m22/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://loadads.com/pub/_dependables/keep_logs.php?wRunHere=RTVITHNwWkJSS2RKMytSSVd5VFVCZz09&xWasHere=b3NqWk9hamg2TkRva3JHK2hYUHN5ek5pb2Z4c1NUaHRBMjhmbXVhOVROaDg3SHllSVZDa3dCK3NMc0cyVXdNMXdPRUwvYzBiSG1IaDRrSXA0L0dFaEE9PQ==&thisTime=1707943017&startsIP=ZGRRR3J6L0UwdUxxMHZLRENuUUZ6QT09&pub_hash=uphh6activtt0vnitdgub4pm83 HTTP 302
  • https://loadads.com/_out.php?to=Ly9wLnJhcG9sb2suY29tL2dvLzE5NjcwOC81NTIzMzA%3D&pub_hash=uphh6activtt0vnitdgub4pm83 HTTP 302
  • https://loadads.com/_out.php?pub_hash=uphh6activtt0vnitdgub4pm83

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
HvhkFC8Fv2
t.co/ 		328 B
582 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/HvhkFC8Fv2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
210
content-type
text/html; charset=utf-8
date
Wed, 14 Feb 2024 19:42:22 GMT
expires
Wed, 14 Feb 2024 19:47:22 GMT
perf
7469935968
server
tsa_o
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
7e9de26ce68b2313945f547d70645342527c97f00ed6fa5b0ace27b32358ade6
x-response-time
109
x-transaction-id
c9003b298d887b5e
x-xss-protection
0
/
loadads.com/pub/43d1f40b200112b32614d583f2a068d1/ 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://loadads.com/pub/43d1f40b200112b32614d583f2a068d1/
Requested by
Host: t.co
URL: https://t.co/HvhkFC8Fv2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
79.113.83.29 Timișoara, Romania, ASN8708 (RCS-RDS 73-75 Dr. Staicovici, RO),
Reverse DNS
79-113-83-29.rdsnet.ro
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://t.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Cache-Control
no-cache no-transform
Connection
close
Content-Encoding
gzip
Content-Length
4523
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Feb 2024 20:36:57 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding,User-Agent
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
truncated
/ 		85 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
_out.php
loadads.com/
Redirect Chain
  • https://loadads.com/pub/_dependables/keep_logs.php?wRunHere=RTVITHNwWkJSS2RKMytSSVd5VFVCZz09&xWasHere=b3NqWk9hamg2TkRva3JHK2hYUHN5ek5pb2Z4c1NUaHRBMjhmbXVhOVROaDg3SHllSVZDa3dCK3NMc0cyVXdNMXdPRUwvYzB...
  • https://loadads.com/_out.php?to=Ly9wLnJhcG9sb2suY29tL2dvLzE5NjcwOC81NTIzMzA%3D&pub_hash=uphh6activtt0vnitdgub4pm83
  • https://loadads.com/_out.php?pub_hash=uphh6activtt0vnitdgub4pm83
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://loadads.com/_out.php?pub_hash=uphh6activtt0vnitdgub4pm83
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
79.113.83.29 Timișoara, Romania, ASN8708 (RCS-RDS 73-75 Dr. Staicovici, RO),
Reverse DNS
79-113-83-29.rdsnet.ro
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://loadads.com
Referer
https://loadads.com/pub/43d1f40b200112b32614d583f2a068d1/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
X-Requested-With
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Cache-Control
no-cache no-transform
Connection
close
Content-Encoding
gzip
Content-Length
529
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Feb 2024 20:37:01 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding,User-Agent
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block

Redirect headers

Access-Control-Allow-Headers
X-Requested-With
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Cache-Control
no-cache no-transform
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 14 Feb 2024 20:36:58 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
//loadads.com/_out.php?pub_hash=uphh6activtt0vnitdgub4pm83
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma
no-cache
Server
Apache
Vary
User-Agent
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
552330
p.rapolok.com/go/196708/ 		466 B
451 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.rapolok.com/go/196708/552330
Requested by
Host: loadads.com
URL: https://loadads.com/_out.php?pub_hash=uphh6activtt0vnitdgub4pm83
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.147.27.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-147-27-87.compute-1.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://loadads.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Wed, 14 Feb 2024 19:42:27 GMT
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
DENY
Primary Request /
drkishanrao.com/m22/
Redirect Chain
  • https://p.rapolok.com/ad/ad?p=196708&w=552330&t=0a6ebbdcd79cf927&r=aHR0cHMlM0ElMkYlMkZsb2FkYWRzLmNvbSUyRg==&vw=1600&vh=1200
  • https://drkishanrao.com/pnow2
  • https://drkishanrao.com/pnow2/
  • https://drkishanrao.com/m22
  • https://drkishanrao.com/m22/
586 B
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://drkishanrao.com/m22/
Requested by
Host: p.rapolok.com
URL: https://p.rapolok.com/go/196708/552330
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.231.135 Singapore, Singapore, ASN212238 (CDNEXT, GB),
Reverse DNS
unn-149-102-231-135.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
67fb5649db57d40bf557969e647215be8fd11336117854d67c627507a40f4977

Request headers

Referer
https://p.rapolok.com/go/196708/552330
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 14 Feb 2024 19:42:29 GMT
ETag
W/"65cd1790-24a"
Last-Modified
Wed, 14 Feb 2024 19:42:08 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Wed, 14 Feb 2024 19:42:28 GMT
Location
https://drkishanrao.com/m22/
Server
nginx/1.18.0 (Ubuntu)
downloadimage.png
drkishanrao.com/img/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://drkishanrao.com/img/downloadimage.png
Requested by
Host: drkishanrao.com
URL: https://drkishanrao.com/m22/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.231.135 Singapore, Singapore, ASN212238 (CDNEXT, GB),
Reverse DNS
unn-149-102-231-135.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d924ef352182f6f49645405382100ff321ec300594f4cda88d6a448ed9ba3dd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://drkishanrao.com/m22/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 14 Feb 2024 19:42:29 GMT
Last-Modified
Fri, 02 Jun 2023 17:32:45 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"647a27bd-291e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10526
script69.js
drkishanrao.com/m22/ 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://drkishanrao.com/m22/script69.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.102.231.135 Singapore, Singapore, ASN212238 (CDNEXT, GB),
Reverse DNS
unn-149-102-231-135.datapacket.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://drkishanrao.com/m22/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Disposition
attachment
Content-Length
289667
Content-Type
application/javascript
Date
Wed, 14 Feb 2024 19:42:29 GMT
ETag
"65cd0e41-46b83"
Last-Modified
Wed, 14 Feb 2024 19:02:25 GMT
Server
nginx/1.18.0 (Ubuntu)

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: 83453f90-bebe-4a45-9c7e-33270490fea6
loadads.com/ Name: PHPSESSID
Value: uphh6activtt0vnitdgub4pm83

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

drkishanrao.com
loadads.com
p.rapolok.com
t.co
104.244.42.197
149.102.231.135
54.147.27.87
79.113.83.29
67fb5649db57d40bf557969e647215be8fd11336117854d67c627507a40f4977
d924ef352182f6f49645405382100ff321ec300594f4cda88d6a448ed9ba3dd5