urlscan.io logo urlscan.io
SecurityTrails logo

tdsshark.xyz Open in urlscan Pro
159.65.121.208  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://oglancasts.club/
Effective URL: https://tdsshark.xyz/lp/apple_multy/Important-update.html?uclick=8rxowhp2&uclickhash=8rxowhp2-8rxowhp2-pm8w-0-usa7-vc...
Submission Tags: falconsandbox
Submission: On December 11 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 1 HTTP transactions. The main IP is 159.65.121.208, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is tdsshark.xyz.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 23rd 2020. Valid for: 3 months.
This is the only time tdsshark.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.35.254.18 16509 (AMAZON-02)
1 2 159.65.121.208 14061 (DIGITALOC...)
1 2
Apex Domain
Subdomains		 Transfer
2 tdsshark.xyz
tdsshark.xyz
28 KB
1 oglancasts.club
oglancasts.club
535 B
1 2
Domain Requested by
2 tdsshark.xyz 1 redirects
1 oglancasts.club 1 redirects
1 2

This site contains links to these domains. Also see Links.

Domain
ya.ru
Subject Issuer Validity Valid
tdsshark.xyz
Let's Encrypt Authority X3		 2020-11-23 -
2021-02-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://tdsshark.xyz/lp/apple_multy/Important-update.html?uclick=8rxowhp2&uclickhash=8rxowhp2-8rxowhp2-pm8w-0-usa7-vcj2-1zsl-9622e6
Frame ID: 087EEB37399A48F860AFEA1747128982
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://oglancasts.club/ HTTP 302
    https://tdsshark.xyz/click.php?key=1oyixwulr32y1zs5wmbm&click_id=9009312395485449303&pid=868077 HTTP 302
    https://tdsshark.xyz/lp/apple_multy/Important-update.html?uclick=8rxowhp2&uclickhash=8rxowhp2-8rx... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

28 kB
Transfer

101 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://oglancasts.club/ HTTP 302
    https://tdsshark.xyz/click.php?key=1oyixwulr32y1zs5wmbm&click_id=9009312395485449303&pid=868077 HTTP 302
    https://tdsshark.xyz/lp/apple_multy/Important-update.html?uclick=8rxowhp2&uclickhash=8rxowhp2-8rxowhp2-pm8w-0-usa7-vcj2-1zsl-9622e6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Important-update.html
tdsshark.xyz/lp/apple_multy/
Redirect Chain
  • https://oglancasts.club/
  • https://tdsshark.xyz/click.php?key=1oyixwulr32y1zs5wmbm&click_id=9009312395485449303&pid=868077
  • https://tdsshark.xyz/lp/apple_multy/Important-update.html?uclick=8rxowhp2&uclickhash=8rxowhp2-8rxowhp2-pm8w-0-usa7-vcj2-1zsl-9622e6
87 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tdsshark.xyz/lp/apple_multy/Important-update.html?uclick=8rxowhp2&uclickhash=8rxowhp2-8rxowhp2-pm8w-0-usa7-vcj2-1zsl-9622e6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
159.65.121.208 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
8ad34bee836f5cc45227fdfff930cb851bf5e9f792d57488dc6550f91c81b88f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
tdsshark.xyz
:scheme
https
:path
/lp/apple_multy/Important-update.html?uclick=8rxowhp2&uclickhash=8rxowhp2-8rxowhp2-pm8w-0-usa7-vcj2-1zsl-9622e6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uclick=8rxowhp2; uclickhash=8rxowhp2-8rxowhp2-pm8w-0-usa7-vcj2-1zsl-9622e6
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx/1.18.0
date
Fri, 11 Dec 2020 05:19:36 GMT
content-type
text/html
last-modified
Mon, 23 Nov 2020 18:40:51 GMT
etag
W/"5fbc0233-15b58"
strict-transport-security
max-age=31536000
content-encoding
gzip

Redirect headers

server
nginx/1.18.0
date
Fri, 11 Dec 2020 05:19:36 GMT
content-type
text/html; charset=UTF-8
location
https://tdsshark.xyz/lp/apple_multy/Important-update.html?uclick=8rxowhp2&uclickhash=8rxowhp2-8rxowhp2-pm8w-0-usa7-vcj2-1zsl-9622e6
set-cookie
uclick=8rxowhp2; expires=Sat, 12-Dec-2020 05:19:36 GMT; Max-Age=86400; path=/; secure; SameSite=none uclickhash=8rxowhp2-8rxowhp2-pm8w-0-usa7-vcj2-1zsl-9622e6; expires=Sat, 12-Dec-2020 05:19:36 GMT; Max-Age=86400; path=/; secure; SameSite=none
strict-transport-security
max-age=31536000
truncated
/ 		14 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52ac0b2b90f056ae2c1d2427b820365c2787467381919f71700f194054d0b2f2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		438 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e22f7570ca9ff4c2582b37f331f455b74867dea0997b400411338c4597505af9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| Alert7

2 Cookies

Domain/Path Name / Value
tdsshark.xyz/ Name: uclickhash
Value: 8rxowhp2-8rxowhp2-pm8w-0-usa7-vcj2-1zsl-9622e6
tdsshark.xyz/ Name: uclick
Value: 8rxowhp2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

oglancasts.club
tdsshark.xyz
13.35.254.18
159.65.121.208
52ac0b2b90f056ae2c1d2427b820365c2787467381919f71700f194054d0b2f2
8ad34bee836f5cc45227fdfff930cb851bf5e9f792d57488dc6550f91c81b88f
e22f7570ca9ff4c2582b37f331f455b74867dea0997b400411338c4597505af9