URL: http://asdadqwdas.tk/index.php
Submission Tags: c2 malware nexus Search All
Submission: On October 14 via api from US

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 2a02:4780:dead:d176::1, located in United States and belongs to AWEX, US. The main domain is asdadqwdas.tk.
This is the only time asdadqwdas.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 2a02:4780:dea... 204915 (AWEX)
1 23.111.9.35 33438 (HIGHWINDS2)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
11 4
Domain Requested by
8 asdadqwdas.tk asdadqwdas.tk
1 stackpath.bootstrapcdn.com asdadqwdas.tk
1 cdnjs.cloudflare.com asdadqwdas.tk
1 use.fontawesome.com asdadqwdas.tk
11 4

This site contains no links.

Subject Issuer Validity Valid
*.fontawesome.com
DigiCert SHA2 Secure Server CA
2019-10-28 -
2020-12-23
a year crt.sh
cdnjs.cloudflare.com
DigiCert ECC Secure Server CA
2020-08-12 -
2022-08-17
2 years crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA
2020-09-22 -
2021-10-12
a year crt.sh

This page contains 1 frames:

Primary Page: http://asdadqwdas.tk/index.php
Frame ID: 54923461BFEED4568D61CD10F6B64AE3
Requests: 11 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Page Statistics

11
Requests

27 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

332 kB
Transfer

1226 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set index.php
asdadqwdas.tk/
3 KB
2 KB
Document
General
Full URL
http://asdadqwdas.tk/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:d176::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
660ae72ba87100f2dde02c7e65895ec8eed6b78845777eeeacc9d38ecda4a062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
asdadqwdas.tk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 04:47:16 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
PHPSESSID=4mb4hdnokuo6g3pgai8200h7lh; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Server
awex
X-Xss-Protection
1; mode=block
X-Content-Type-Options
nosniff
X-Request-ID
57f9e10fb7b3f5ccfa09073d2b6265db
Content-Encoding
gzip
style.css
asdadqwdas.tk/css/
839 KB
103 KB
Stylesheet
General
Full URL
http://asdadqwdas.tk/css/style.css
Requested by
Host: asdadqwdas.tk
URL: http://asdadqwdas.tk/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:d176::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
d5a1a86a57b3ef1dc87c616b88ddbc9915dd68c6b03dfccd1c2267cf04965488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://asdadqwdas.tk/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 04:47:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Jan 2020 10:01:00 GMT
Server
awex
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
a446745d5ead8ad3b96815e2f885d61f
switch.css
asdadqwdas.tk/css/
1 KB
935 B
Stylesheet
General
Full URL
http://asdadqwdas.tk/css/switch.css
Requested by
Host: asdadqwdas.tk
URL: http://asdadqwdas.tk/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:d176::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
2024486d60b85681f9e3462c35fa4252c15331243a2603d581f36134a29b6701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://asdadqwdas.tk/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 04:47:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Jan 2020 10:01:00 GMT
Server
awex
Transfer-Encoding
chunked
Content-Type
text/css
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
2035962b6e65457765a5edfc7eb85b04
all.css
use.fontawesome.com/releases/v5.8.1/css/
54 KB
14 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: asdadqwdas.tk
URL: http://asdadqwdas.tk/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Origin
http://asdadqwdas.tk
Referer
http://asdadqwdas.tk/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 14 Oct 2020 04:47:17 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 21:31:35 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
jquery.js
asdadqwdas.tk/js/
93 KB
38 KB
Script
General
Full URL
http://asdadqwdas.tk/js/jquery.js
Requested by
Host: asdadqwdas.tk
URL: http://asdadqwdas.tk/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:d176::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
ccf9f209c9f1ccc345c74c432478ab4cf6e9e2672a630d95750b629575907b1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://asdadqwdas.tk/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 04:47:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Jan 2020 10:03:00 GMT
Server
awex
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
29c75fc7dff2d74708eb9a75e92de798
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.6/umd/
20 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.6/umd/popper.min.js
Requested by
Host: asdadqwdas.tk
URL: http://asdadqwdas.tk/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
587c080125b135d29a931ed371e50ffc1a9641831c1087de2cd74532815f4560
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Origin
http://asdadqwdas.tk
Referer
http://asdadqwdas.tk/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 14 Oct 2020 04:47:16 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1382009
x-via
cfworker/kv
status
200
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6634
cf-request-id
05c70827c900002c192800f200000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
etag
"5eb03fa9-51ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602650837"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5e1ea952dc432c19-FRA
expires
Mon, 04 Oct 2021 04:47:16 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/
54 KB
14 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/js/bootstrap.min.js
Requested by
Host: asdadqwdas.tk
URL: http://asdadqwdas.tk/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
eb795deda8983fa5310627c9584cf3f3b95d272567113500059018b3941cb267
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
http://asdadqwdas.tk
Referer
http://asdadqwdas.tk/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 14 Oct 2020 04:47:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 21 Dec 2018 19:19:46 GMT
status
200
etag
"1545419986"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
14550
main.js
asdadqwdas.tk/js/
11 KB
3 KB
Script
General
Full URL
http://asdadqwdas.tk/js/main.js
Requested by
Host: asdadqwdas.tk
URL: http://asdadqwdas.tk/index.php
Protocol
HTTP/1.1
Server
2a02:4780:dead:d176::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
6f91705b58b61ee4587226b00bef2e8a7d6d8d780faa09461c4b19812668ff47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://asdadqwdas.tk/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 04:47:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Thu, 16 Jan 2020 11:51:00 GMT
Server
awex
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
X-Xss-Protection
1; mode=block
X-Request-ID
4284d24f3e368f53b6a0f4bb993a424f
OpenSans-Regular.woff2
asdadqwdas.tk/fonts/openSans/
49 KB
49 KB
Font
General
Full URL
http://asdadqwdas.tk/fonts/openSans/OpenSans-Regular.woff2
Requested by
Host: asdadqwdas.tk
URL: http://asdadqwdas.tk/css/style.css
Protocol
HTTP/1.1
Server
2a02:4780:dead:d176::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
c061630a8cc75c82ab3e5628581f809aea5b97009f71c5c3d74614c527fae85f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
http://asdadqwdas.tk
Referer
http://asdadqwdas.tk/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 04:47:17 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Jan 2020 10:01:00 GMT
Server
awex
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50180
X-Xss-Protection
1; mode=block
X-Request-ID
24db53ebdc738463b44ccdf63a7ee151
OpenSans-Light.woff2
asdadqwdas.tk/fonts/openSans/
50 KB
51 KB
Font
General
Full URL
http://asdadqwdas.tk/fonts/openSans/OpenSans-Light.woff2
Requested by
Host: asdadqwdas.tk
URL: http://asdadqwdas.tk/css/style.css
Protocol
HTTP/1.1
Server
2a02:4780:dead:d176::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
acf5664340125db7ee7952fdbd8af3193ba1ac86545c39bd57d9563fd16a0a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
http://asdadqwdas.tk
Referer
http://asdadqwdas.tk/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 04:47:17 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Jan 2020 10:01:00 GMT
Server
awex
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
51436
X-Xss-Protection
1; mode=block
X-Request-ID
8d16f4a73e8dd3e2855e8485afc6a7a0
OpenSans-SemiBold.woff2
asdadqwdas.tk/fonts/openSans/
51 KB
51 KB
Font
General
Full URL
http://asdadqwdas.tk/fonts/openSans/OpenSans-SemiBold.woff2
Requested by
Host: asdadqwdas.tk
URL: http://asdadqwdas.tk/css/style.css
Protocol
HTTP/1.1
Server
2a02:4780:dead:d176::1 , United States, ASN204915 (AWEX, US),
Reverse DNS
Software
awex /
Resource Hash
3782938849109c9abcb3943ebd80bbe5c5aac78f7f72a0b7d7d04685d12fbf07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
http://asdadqwdas.tk
Referer
http://asdadqwdas.tk/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 14 Oct 2020 04:47:17 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 07 Jan 2020 10:01:00 GMT
Server
awex
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52188
X-Xss-Protection
1; mode=block
X-Request-ID
645562d4f56caa508059943d641398d7

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
asdadqwdas.tk/ Name: PHPSESSID
Value: 4mb4hdnokuo6g3pgai8200h7lh

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block