1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs Open in urlscan Pro
172.67.195.212 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://f1ava.com/
Effective URL:
https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 23 via api (November 23rd 2024, 11:47:41 am UTC) from IT — Scanned from SG

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 10 HTTP transactions. The main IP is 172.67.195.212, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs.
TLS certificate: Issued by WE1 on November 8th 2024. Valid for: 3 months.

This is the only time 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	129.226.219.193 129.226.219.193	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
9	172.67.195.212 172.67.195.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	124.220.205.65 124.220.205.65	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
10	3

1 129.226.219.193 (Singapore, Singapore) 1 redirects

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

f1ava.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.67.195.212 (United States)

ASN13335 (CLOUDFLARENET, US)

1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.220.205.65 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

cdn.dcloud.net.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	l7a5d4s.sbs 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs	4 MB
1	dcloud.net.cn cdn.dcloud.net.cn — Cisco Umbrella Rank: 69293	420 B
1	f1ava.com 1 redirects f1ava.com	230 B
10	3

	Domain	Requested by
9	1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs	1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs
1	cdn.dcloud.net.cn	1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs
1	f1ava.com	1 redirects
10	3

This site contains no links.

Subject Issuer	Validity	Valid
l7a5d4s.sbs WE1	`2024-11-08` - `2025-02-06`	3 months	crt.sh
*.dcloud.net.cn Certum Domain Validation CA SHA2	`2024-08-12` - `2025-09-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/
Frame ID: E38B17B61E8ABFB557FD1EA726470B46
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome

Page URL History Show full URLs

http://f1ava.com/ HTTP 307
https://f1ava.com/ HTTP 302
https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Page URL

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

3852 kB
Transfer

5569 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://f1ava.com/ HTTP 307
https://f1ava.com/ HTTP 302
https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Redirect Chain http://f1ava.com/ https://f1ava.com/ https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/	823 B 1 KB	231ms 208ms	Document text/html	172.67.195.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.195.212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `66994e24485fd0833d18e4bba38899a06af63f2fbdca0a4780c55de29f71c8ff` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e70ece0591d7974-SIN content-encoding zstd content-type text/html date Sat, 23 Nov 2024 11:47:35 GMT last-modified Fri, 22 Nov 2024 11:29:58 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tt5vxZFp9OduTO3L8ovE4D0UXRfCbl7uRV7TtHTaMOP6Tl9o3jz0mz3nPOoupH1Jd7W9MbLEdX%2FZ5U7cDrAHzEhSFUCOVZl4VYgPyv3XLApad0DrIVzgAMB22dvaUYuS83P1rzdeWearM1IPihS0J3fVbnjr09EyNita84rF0Q%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=1865&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4252&recv_bytes=5804&delivery_rate=1034&cwnd=12000&unsent_bytes=0&cid=80b1a4bba15e8b62&ts=215&x=1" cfExtPri cfHdrFlush;dur=0 Redirect headers Connection keep-alive Content-Type text/html; charset=UTF-8 Date Sat, 23 Nov 2024 11:47:35 GMT Location https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs Server nginx Transfer-Encoding chunked
GET H3	200	index.5841170f.css 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/	94 KB 30 KB	283ms 282ms	Stylesheet text/css	172.67.195.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/index.5841170f.css Requested by Host: 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs URL: https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.195.212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4e6a00614c255a1b81c141ee550c873a0921af58ec0778bb25f335e35819d175` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"67406b36-1789d" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2FFLlttriYwqAXLC2veE6hb1RmYOtvqMI0i%2FwYP9hk5XZqSXsuDHnaAVFwrBbqXSBFQFdnCKZduKnxl1v3Akcuk%2FJGLiQhfdvNwRLqlz3wPVtIPIxnRPt9tiBXPVIphVcnVel6tkjh3HRnjIJfYhj0TjuYXe8DEOt25%2FHghlXw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e70ece1cac07974-SIN alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2346&sent=30&recv=22&lost=0&retrans=0&sent_bytes=20860&recv_bytes=7141&delivery_rate=47523&cwnd=14400&unsent_bytes=0&cid=80b1a4bba15e8b62&ts=514&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 23 Nov 2024 11:47:35 GMT content-type text/css last-modified Fri, 22 Nov 2024 11:29:58 GMT vary Accept-Encoding priority u=0,i=?0
GET H3	200	chunk-vendors.2b6b7657.js Show response 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/js/	856 KB 303 KB	258ms 257ms	Script application/javascript	172.67.195.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/js/chunk-vendors.2b6b7657.js Requested by Host: 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs URL: https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.195.212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f8e8afef42e04da3e7b6dedb58e48c6e0c6697bedb438b2d6d474de4095a0686` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"67406b36-d5e49" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ouQJosdRcVQZLY3l1B%2BPymZtMi5yUyZ1CToPqu9x6f95KRhYntIqL0M%2BGMv%2FJzIxUv8AYzoeQJ6H0hB5gC2J2BUyi5ZHKG%2BUN3mi4QCRC4LfuQYnfKCQGBZRMIFT4n12DsKFSXY74L%2BLVWcXQH748idgP8KbHjIYha4eQgTdRA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e70ece1cac27974-SIN alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=1911&sent=17&recv=16&lost=0&retrans=0&sent_bytes=5519&recv_bytes=6883&delivery_rate=555379&cwnd=12000&unsent_bytes=0&cid=80b1a4bba15e8b62&ts=488&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 23 Nov 2024 11:47:35 GMT content-type application/javascript last-modified Fri, 22 Nov 2024 11:29:58 GMT vary Accept-Encoding priority u=1,i=?0
GET H3	200	index.5b5919aa.js Show response 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/js/	1 MB 211 KB	287ms 286ms	Script application/javascript	172.67.195.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/js/index.5b5919aa.js Requested by Host: 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs URL: https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.195.212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `acfab37d3b37985ae831c5f6c120efd20c23ddcfc1f47b577ed6908f59668ede` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"67406b36-1060a8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mDrNShTHV1fEHGZb7bNTcz8oEpcE0wjOAo3FyXIS623jVtprwD77sZNDCThz9PlK%2BBsi0nF7F2zrrovfYG7G9UjrHCOBkYbgw5tmy02LaGQO1Auu57PIrZAUPZTmPqzHbIRuhSkt%2FerMFATm%2FEL9yDdVY7v45o1w%2FdqHQZB2vg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e70ece1cac37974-SIN alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2795&sent=57&recv=28&lost=0&retrans=0&sent_bytes=51897&recv_bytes=7399&delivery_rate=598099&cwnd=27600&unsent_bytes=0&cid=80b1a4bba15e8b62&ts=520&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 23 Nov 2024 11:47:35 GMT content-type application/javascript last-modified Fri, 22 Nov 2024 11:29:58 GMT vary Accept-Encoding priority u=1,i=?0
GET H3	200	pages-welcome-welcome.12d03d8f.js Show response 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/js/	20 KB 7 KB	204ms 203ms	Script application/javascript	172.67.195.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/js/pages-welcome-welcome.12d03d8f.js Requested by Host: 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs URL: https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/js/index.5b5919aa.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.195.212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ef8a8471bef5b3323c8c28a92b6eaaffd0d44295b5bb27442f00156eec1ab90c` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"67406b36-512b" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=osbAUs5WvrCmi8Dd44VHFWBF7pmeUzLTJ0hEmBgjsc5yEjgdN3GIQhzTz4BE1D2Ag%2FcZJgDamDVkMOvGgt%2BoCLIzvq7pHTHxRxIqmWceaGQzHSc%2BfWoNZiS4yEGkPt08MHyw%2BcOhdlH4U7uXG2OIYX%2F36mGtpGCF8hC%2Bk468jA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e70ece879f47974-SIN alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2213&sent=502&recv=112&lost=0&retrans=0&sent_bytes=575146&recv_bytes=11429&delivery_rate=7656982&cwnd=57600&unsent_bytes=0&cid=80b1a4bba15e8b62&ts=1506&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 23 Nov 2024 11:47:36 GMT content-type application/javascript last-modified Fri, 22 Nov 2024 11:29:58 GMT vary Accept-Encoding priority u=3,i=?0
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers Content-Type image/svg+xml
GET H3	200	SFPRODISPLAYREGULAR.OTF 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/font/	292 KB 293 KB	341ms 340ms	Font application/octet-stream	172.67.195.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/font/SFPRODISPLAYREGULAR.OTF Requested by Host: 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs URL: https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.195.212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `71a2162c852e87baa6440c983e406283391646778c8bc74e57b00613a3412f80` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Origin https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs Referer https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Response headers cf-cache-status MISS etag "67406b36-48fc0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BgFbuZJpQzlDxoFGDjwDyJkDAWXcoeAWk0HunBiiGhkdzSX%2BPO14I0t8z53FtIli81%2BSgxzkc4rFF2NBh7DTM%2F2aKYHpUo35q9THgcxhfMDPm68k%2FUWHzXRQbhhta66aMQQVWzS4JtTnxYNClJIW2%2BBU8xE4e0dsBoMmPjwmpQ%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2247&sent=525&recv=119&lost=0&retrans=0&sent_bytes=598596&recv_bytes=12755&delivery_rate=6232737&cwnd=57600&unsent_bytes=0&cid=80b1a4bba15e8b62&ts=1851&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 23 Nov 2024 11:47:36 GMT content-type application/octet-stream last-modified Fri, 22 Nov 2024 11:29:58 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e70ece9bb4e7974-SIN accept-ranges bytes content-length 298944 server cloudflare
GET H3	200	1.64245345.gif 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/img/	3 MB 3 MB	308ms 307ms	Image image/gif	172.67.195.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/img/1.64245345.gif Requested by Host: 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs URL: https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.195.212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `cea9fc3b8ca1e81d2405e3ba9932f4e11d6e7a88071af79a11f1f42521656f99` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"67406b36-32d417" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EfR%2BgpzwU%2F7ul8QxX3tGfUU%2FsFp2HOaeIGCQ%2BzESn7zEP9ChOJ%2FkPQBEWsgvSDYq41RodOMDZUUYB9J9TaRWM2aIvwSlSScH%2FIbFIHqdTq75U12%2FqMSIcpw98ovsPC0oOTEj1BvpzfGja4tz7y6w84eInEBy7DLDcNhEQUBsuA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e70ece9cb627974-SIN alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2142&sent=512&recv=117&lost=0&retrans=0&sent_bytes=583240&recv_bytes=12666&delivery_rate=5573&cwnd=57600&unsent_bytes=0&cid=80b1a4bba15e8b62&ts=1828&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 23 Nov 2024 11:47:36 GMT content-type image/gif last-modified Fri, 22 Nov 2024 11:29:58 GMT vary Accept-Encoding priority u=3,i
GET H3	200	3.png 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/fla/	3 KB 1 KB	195ms 194ms	Image image/png	172.67.195.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/fla/3.png Requested by Host: 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs URL: https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.195.212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3c344e718bc06f6de09391b8b44e1637a7d2b5f4dd854a10e4f8db5c25623933` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag W/"67406b36-c15" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PVl8pnDmpqovAhqB7Wwnx5EqlgyTeQdT%2F7jtb6a%2BiPFKZaG8dvjfWOL0aP5bqAGT%2FIYjVyj7kQczJR8Tg%2BlPKkm%2FiWW3pASsjMYsC7Mciv2f2WhQ3Ffl3RO2fJlcBR5ElPXf4Ct7XZopIi%2BhDXh5gf44FQCIriIpk3TrpDUOxQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e70ece9db727974-SIN alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2206&sent=511&recv=116&lost=0&retrans=0&sent_bytes=582072&recv_bytes=12621&delivery_rate=33801&cwnd=57600&unsent_bytes=0&cid=80b1a4bba15e8b62&ts=1721&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 23 Nov 2024 11:47:36 GMT content-type image/png last-modified Fri, 22 Nov 2024 11:29:58 GMT vary Accept-Encoding priority u=3,i
GET H3	200	2.png 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/fla/	851 B 2 KB	195ms 194ms	Other image/png	172.67.195.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/fla/2.png Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.195.212 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `61af793265ed1a7af57f26dd43c25894fffc7fb2dfe51d76003f91a82b2fdb18` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Response headers cf-cache-status MISS etag "67406b36-353" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nQT946rC%2FwdHWpZxzDbdVyHkSOKzXDCj9b2OfO4OeGhmNdYoBSDiFFiikb5eTeZ8cw2L93zJLdKbhO%2BzHcmzMITtgWtIcVcbg%2Bfp45qTAchHxs0j8m708fLwdmIcE1yRrO%2BXq9GmL95vgeiuz0PnmYt5Q5d8UKhFK985FhLQqA%3D%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=2633&sent=3447&recv=494&lost=28&retrans=28&sent_bytes=4068951&recv_bytes=30101&delivery_rate=12839411&cwnd=63839&unsent_bytes=0&cid=80b1a4bba15e8b62&ts=3153&x=1", cfExtPri, cfHdrFlush;dur=0 date Sat, 23 Nov 2024 11:47:38 GMT content-type image/png last-modified Fri, 22 Nov 2024 11:29:58 GMT vary Accept-Encoding priority u=1,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e70ecf2ce177974-SIN accept-ranges bytes content-length 851 server cloudflare
GET H2	200	shadow-grey.png cdn.dcloud.net.cn/img/	136 B 420 B	567ms 185ms	Image image/png	124.220.205.65 TENCENT-NET-AP Sh...
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.dcloud.net.cn/img/shadow-grey.png Requested by Host: 1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs URL: https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/static/index.5841170f.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 124.220.205.65 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN), Reverse DNS Software nginx / Resource Hash `ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs/ Response headers cache-control max-age=14400 etag "5cf8b5bf-88" expires Sat, 23 Nov 2024 15:47:39 GMT accept-ranges bytes content-length 136 date Sat, 23 Nov 2024 11:47:39 GMT content-type image/png last-modified Thu, 06 Jun 2019 06:42:07 GMT server nginx

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.dcloud.net.cn/	1970-01-21 10:48:42	Name: __uni__uid Value: rBEQRWdBwNtuaedQA6R2Ag==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs
cdn.dcloud.net.cn
f1ava.com
124.220.205.65
129.226.219.193
172.67.195.212
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
3c344e718bc06f6de09391b8b44e1637a7d2b5f4dd854a10e4f8db5c25623933
4e6a00614c255a1b81c141ee550c873a0921af58ec0778bb25f335e35819d175
61af793265ed1a7af57f26dd43c25894fffc7fb2dfe51d76003f91a82b2fdb18
66994e24485fd0833d18e4bba38899a06af63f2fbdca0a4780c55de29f71c8ff
71a2162c852e87baa6440c983e406283391646778c8bc74e57b00613a3412f80
acfab37d3b37985ae831c5f6c120efd20c23ddcfc1f47b577ed6908f59668ede
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
cea9fc3b8ca1e81d2405e3ba9932f4e11d6e7a88071af79a11f1f42521656f99
ef8a8471bef5b3323c8c28a92b6eaaffd0d44295b5bb27442f00156eec1ab90c
f8e8afef42e04da3e7b6dedb58e48c6e0c6697bedb438b2d6d474de4095a0686

1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs Open in urlscan Pro 172.67.195.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

3852 kBTransfer

5569 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

1 Cookies

Indicators

1ecb2cabf1e2a3881850ac3bbe012779.l7a5d4s.sbs Open in urlscan Pro
172.67.195.212 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

3852 kB
Transfer

5569 kB
Size

1
Cookies

10 HTTP transactions
1 data transactions