efexiqazayezidu.tk - urlscan.io

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 6 HTTP transactions. The main IP is 2606:4700:30::681c:e5f, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is efexiqazayezidu.tk.

This is the only time efexiqazayezidu.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:30:... 2606:4700:30::681c:e5f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:30:... 2606:4700:30::681c:f5f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 1	5.34.180.180 5.34.180.180	21100 (ITLDC-NL) (ITLDC-NL)
1	77.81.247.165 77.81.247.165	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
6	5

2 2606:4700:30::681c:e5f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

efexiqazayezidu.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681c:f5f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

efexiqazayezidu.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.34.180.180 (Dronten, Netherlands) 1 redirects

ASN21100 (ITLDC-NL, UA)
PTR: vds-yashaw-78894.itldc-customer.net

avgustnn.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.81.247.165 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: 165.247.81.77.static.intovps.com

justsaycazino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	efexiqazayezidu.tk efexiqazayezidu.tk	47 KB
1	gstatic.com fonts.gstatic.com	9 KB
1	justsaycazino.com justsaycazino.com
1	avgustnn.ru 1 redirects avgustnn.ru	385 B
1	googleapis.com fonts.googleapis.com	1 KB
6	5

	Domain	Requested by
3	efexiqazayezidu.tk	efexiqazayezidu.tk
1	fonts.gstatic.com	efexiqazayezidu.tk
1	justsaycazino.com	efexiqazayezidu.tk
1	avgustnn.ru	1 redirects
1	fonts.googleapis.com	efexiqazayezidu.tk
6	5

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://efexiqazayezidu.tk/b084734f0d082.html
Frame ID: EF76EB7E59B397A7E3D7B7A8F05DEDF4
Requests: 5 HTTP requests in this frame

Frame: http://justsaycazino.com/
Frame ID: BA177AC49D33654DA3755B97F0BFC19E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

6
Requests

0 %
HTTPS

67 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

57 kB
Transfer

69 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://avgustnn.ru/ab28N?keyword=Om%20de%20loterij%20online%20te%20spelen%20voor%20geld%20zonder%20registratie HTTP 302
http://justsaycazino.com/

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set b084734f0d082.html Show response
efexiqazayezidu.tk/ 16 KB
7 KB 63ms
50ms Document
text/html 2606:4700:30::681c:e5f
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://efexiqazayezidu.tk/b084734f0d082.html
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:e5f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: adb310a0f6976e1cc6c35dad17d7f9a427e1245ff869320bc5f7932f99f0e9ac

Request headers

Host: efexiqazayezidu.tk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Nov 2018 16:44:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dc594e31db9cc6c9489a05508153fab261541177095; expires=Sat, 02-Nov-19 16:44:55 GMT; path=/; domain=.efexiqazayezidu.tk; HttpOnly
Last-Modified: Sun, 09 Sep 2018 17:55:52 GMT
Server: cloudflare
CF-RAY: 4738118c75ca6403-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK style.css
efexiqazayezidu.tk/css/ 3 KB
1 KB 33ms
32ms Stylesheet
text/css 2606:4700:30::681c:e5f
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: http://efexiqazayezidu.tk/css/style.css
Requested by: Host: efexiqazayezidu.tk
URL: http://efexiqazayezidu.tk/b084734f0d082.html
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:e5f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a691b20bf8f0a10b3fc2e4c1b8fbadffa7175be96fd99d053847130e57da97a0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: efexiqazayezidu.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://efexiqazayezidu.tk/b084734f0d082.html
Cookie: __cfduid=dc594e31db9cc6c9489a05508153fab261541177095
Connection: keep-alive
Cache-Control: no-cache
Referer: http://efexiqazayezidu.tk/b084734f0d082.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Nov 2018 16:44:55 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 09 Sep 2018 17:55:32 GMT
Server: cloudflare
ETag: W/"5b955e94-cd8"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=14400
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 4738118cc5df6403-FRA
Expires: Fri, 02 Nov 2018 20:44:55 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 2 KB
1 KB 15ms
15ms Stylesheet
text/css 2a00:1450:4001:81c::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: efexiqazayezidu.tk
URL: http://efexiqazayezidu.tk/b084734f0d082.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b5f1fc9a6eb0c452989d6f29c26f4a1d592841c472543b04f754398a193c3c99

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://efexiqazayezidu.tk/b084734f0d082.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Nov 2018 16:44:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 02 Nov 2018 16:44:55 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 1; mode=block
Expires: Fri, 02 Nov 2018 16:44:55 GMT

GET
H/1.1 200
OK logo.png
efexiqazayezidu.tk/images/ 39 KB
39 KB 49ms
43ms Image
image/png 2606:4700:30::681c:f5f
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://efexiqazayezidu.tk/images/logo.png
Requested by: Host: efexiqazayezidu.tk
URL: http://efexiqazayezidu.tk/b084734f0d082.html
Protocol: HTTP/1.1
Server: 2606:4700:30::681c:f5f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcc02b82dbb2e91b5c83c04b879e516a86cf36900bb88c9e708ff49da6f9819f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: efexiqazayezidu.tk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://efexiqazayezidu.tk/b084734f0d082.html
Cookie: __cfduid=dc594e31db9cc6c9489a05508153fab261541177095
Connection: keep-alive
Cache-Control: no-cache
Referer: http://efexiqazayezidu.tk/b084734f0d082.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Nov 2018 16:44:55 GMT
CF-Cache-Status: MISS
Last-Modified: Sun, 09 Sep 2018 17:55:32 GMT
Server: cloudflare
ETag: "5b955e94-9a70"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 4738118cd306bf20-FRA
Content-Length: 39536
Expires: Fri, 02 Nov 2018 20:44:55 GMT

GET
H/1.1

200
OK

Cookie set /
justsaycazino.com/ Frame BA17
Redirect Chain

http://avgustnn.ru/ab28N?keyword=Om%20de%20loterij%20online%20te%20spelen%20voor%20geld%20zonder%20registratie
http://justsaycazino.com/

0
0

68ms
26ms

Document
text/html

77.81.247.165
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://justsaycazino.com/
Requested by: Host: efexiqazayezidu.tk
URL: http://efexiqazayezidu.tk/b084734f0d082.html
Protocol: HTTP/1.1
Server: 77.81.247.165 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: 165.247.81.77.static.intovps.com
Software: Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash

Request headers

Host: justsaycazino.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://efexiqazayezidu.tk/b084734f0d082.html
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://efexiqazayezidu.tk/b084734f0d082.html

Response headers

Date: Fri, 02 Nov 2018 16:44:07 GMT
Server: Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By: PHP/5.4.16
Set-Cookie: PHPSESSID=2sdtfqjl3frmbitrn98totrqe7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Server: nginx
Date: Fri, 02 Nov 2018 16:44:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/5.5.9-1ubuntu4.25
Expires: Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified: Fri, 02 Nov 2018 16:44:55 GMT
Cache-Control: max-age=0
Pragma: no-cache
LOCATION: http://justsaycazino.com/

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: efexiqazayezidu.tk
URL: http://efexiqazayezidu.tk/b084734f0d082.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://fonts.googleapis.com/css?family=Open+Sans
Origin: http://efexiqazayezidu.tk

Response headers

Date: Tue, 02 Oct 2018 10:29:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11 Oct 2017 21:49:46 GMT
Server: sffe
Age: 2700916
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 8892
X-XSS-Protection: 1; mode=block
Expires: Wed, 02 Oct 2019 10:29:39 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			justsaycazino.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2sdtfqjl3frmbitrn98totrqe7
			.efexiqazayezidu.tk/	1970-01-19 04:51:53	Name: __cfduid Value: dc594e31db9cc6c9489a05508153fab261541177095

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avgustnn.ru
efexiqazayezidu.tk
fonts.googleapis.com
fonts.gstatic.com
justsaycazino.com
2606:4700:30::681c:e5f
2606:4700:30::681c:f5f
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2003
5.34.180.180
77.81.247.165
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
a691b20bf8f0a10b3fc2e4c1b8fbadffa7175be96fd99d053847130e57da97a0
adb310a0f6976e1cc6c35dad17d7f9a427e1245ff869320bc5f7932f99f0e9ac
b5f1fc9a6eb0c452989d6f29c26f4a1d592841c472543b04f754398a193c3c99
bcc02b82dbb2e91b5c83c04b879e516a86cf36900bb88c9e708ff49da6f9819f

efexiqazayezidu.tk Open in urlscan Pro 2606:4700:30::681c:e5f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

6 Requests

0 %HTTPS

67 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

57 kBTransfer

69 kBSize

2 Cookies

0 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

2 Cookies

Indicators

efexiqazayezidu.tk Open in urlscan Pro
2606:4700:30::681c:e5f Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

0 %
HTTPS

67 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

57 kB
Transfer

69 kB
Size

2
Cookies

6 HTTP transactions
0 data transactions