urlscan.io logo urlscan.io
SecurityTrails logo

ot.rexsmasher.eu Open in urlscan Pro
2606:4700:3035::6815:46c9  Public Scan

Go To Rescan Add Verdict Report
URL: https://ot.rexsmasher.eu/
Submission Tags: krdprod
Submission: On September 14 via api from JP — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3035::6815:46c9, located in United States and belongs to CLOUDFLARENET, US. The main domain is ot.rexsmasher.eu.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 29th 2020. Valid for: a year.
This is the only time ot.rexsmasher.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 165.22.198.175 14061 (DIGITALOC...)
6 3
Apex Domain
Subdomains		 Transfer
3 rexsmasher.eu
ot.rexsmasher.eu
49 KB
1 lib1.biz
lib1.biz
15 KB
0 yadro.ru Failed
counter.yadro.ru Failed
0 wpush.org Failed
sw.wpush.org Failed
6 4
Domain Requested by
3 ot.rexsmasher.eu ot.rexsmasher.eu
1 lib1.biz ot.rexsmasher.eu
0 counter.yadro.ru Failed ot.rexsmasher.eu
0 sw.wpush.org Failed ot.rexsmasher.eu
6 4

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-11-29 -
2021-11-28		 a year crt.sh
10.lib2.biz
R3		 2021-09-13 -
2021-12-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ot.rexsmasher.eu/
Frame ID: 3886752DFAB6C7D2A1F59588BDE558AF
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access page

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!--LiveInternet counter-->
  • <!--/LiveInternet-->

Page Statistics

6
Requests

67 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

64 kB
Transfer

72 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ot.rexsmasher.eu/ 		11 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ot.rexsmasher.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:46c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.8
Resource Hash
434234b77056e36b071aa87ed6fdc984de33b807a2d7e10d1d2842717f44b5be

Request headers

:method
GET
:authority
ot.rexsmasher.eu
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 14 Sep 2021 06:52:10 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/7.4.8
set-cookie
ab_referer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
access-control-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAE4H3iky9qcHCrDuGxK0AHIbDeEcOzF1SWRykpmXFsM%2Bzz3acez9DS%2BjOpcoUkFYjNC7JUZ19Vjis9DNy6AWatC8JaLtPOxPW5ybUjTD5hxiuPJUO%2BTiBgfUNetd0DVVagk0m0KeYzo8otRgjea"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68e7b0e5fc6168ec-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
g4zdmy3dgu5ha3ddf4zdkma
lib1.biz/code/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lib1.biz/code/g4zdmy3dgu5ha3ddf4zdkma
Requested by
Host: ot.rexsmasher.eu
URL: https://ot.rexsmasher.eu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
165.22.198.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
8d9eb2ae4fbddea1fe66cd01ad3e496d10e6538b2c02e2e7cc9ffe2442767145
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ot.rexsmasher.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 14 Sep 2021 06:52:15 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
arrow.png
ot.rexsmasher.eu/landing/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ot.rexsmasher.eu/landing/arrow.png
Requested by
Host: ot.rexsmasher.eu
URL: https://ot.rexsmasher.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:46c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e33356964f2769244bb45448d9b0680582b69f344b4f09fa85231efaf05adc2

Request headers

:path
/landing/arrow.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ot.rexsmasher.eu
referer
https://ot.rexsmasher.eu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ot.rexsmasher.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 06:52:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8791
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
7572
last-modified
Mon, 07 Sep 2020 14:18:59 GMT
server
cloudflare
etag
"5f564153-1d94"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbmruYtA39gBFLw%2Brl61NcE2uWUAq6VT8p%2FdIqGHFA11vWyNrlAKLwPhSRPbIyRRPlcnXs3s6EmMsAGZ1KuTqdNB6jLy%2FzTAF%2FkNp5nn3laxxsgk3sLPbq3Ww679uxVlyFM%2Fdq7Z56SOg2wOBog8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
68e7b0e68d6668ec-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
robot-men.png
ot.rexsmasher.eu/landing/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ot.rexsmasher.eu/landing/robot-men.png
Requested by
Host: ot.rexsmasher.eu
URL: https://ot.rexsmasher.eu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:46c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c3c942fb9cd53092d8fffd0b3fac34138146959b4febc788be7e919232008b9

Request headers

:path
/landing/robot-men.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
ot.rexsmasher.eu
referer
https://ot.rexsmasher.eu/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ot.rexsmasher.eu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 06:52:10 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8791
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35511
last-modified
Mon, 07 Sep 2020 14:18:59 GMT
server
cloudflare
etag
"5f564153-8ab7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a0rPVsZVi%2BuyE9XDJCHSSOoi8z2i5wkMGdvMI6QYDrF0JTyk5gJ3o4UUkS9K0snky257be1Cri7e4hlwKoTsY%2BRO37o1yclhITdI4KeZeCHCxdIMSbpd0b%2Bl0E%2BDY1SpBvGwT%2F8FjVxe%2BEPWnr4D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
68e7b0e6ad8a68ec-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
sw.wpush.org/script/ 		0
0
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
hit;other_kobec_new
counter.yadro.ru/ 		0
0
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6d7a3c4abc9aeaa895a16fc1aa55b0acc107a183e815fac4d9415631e8349e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/jpeg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sw.wpush.org
URL
https://sw.wpush.org/script/main.js?promo=24303&tcid=2833&src=1860236680
Domain
counter.yadro.ru
URL
https://counter.yadro.ru/hit;other_kobec_new?t52.6;r;s1600*1200*24;uhttps%3A//ot.rexsmasher.eu/;hAccess%20page;0.6649984633597923

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| Sk string| prm

1 Cookies

Domain/Path Name / Value
.lib1.biz/ Name: uuid
Value: 5072a7be-51d3-4ec1-bdd7-dc9b22bf873d