urlscan.io logo urlscan.io
SecurityTrails logo

xat.com Open in urlscan Pro
104.22.62.89  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cutt.ly/GHuRycL
Effective URL: https://xat.com/web_gear/chat/linkvalidator.php?name=ONLINECASINO&link=https://www.onlinecasino2go.com/
Submission: On May 11 via manual from NL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 104.22.62.89, located in and belongs to CLOUDFLARENET, US. The main domain is xat.com. The Cisco Umbrella rank of the primary domain is 544568.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 16th 2021. Valid for: a year.
This is the only time xat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 104.22.62.89 13335 (CLOUDFLAR...)
3 1
Apex Domain
Subdomains		 Transfer
3 xat.com
xat.com — Cisco Umbrella Rank: 544568
71 KB
1 cutt.ly
cutt.ly — Cisco Umbrella Rank: 65136
497 B
3 2
Domain Requested by
3 xat.com xat.com
1 cutt.ly 1 redirects
3 2

This site contains links to these domains. Also see Links.

Domain
www.onlinecasino2go.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-16 -
2022-07-15		 a year crt.sh

This page contains 1 frames:

Primary Page: https://xat.com/web_gear/chat/linkvalidator.php?name=ONLINECASINO&link=https://www.onlinecasino2go.com/
Frame ID: D652ADB923436D3413B41B29E70450C6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://cutt.ly/GHuRycL HTTP 301
    https://xat.com/web_gear/chat/linkvalidator.php?name=ONLINECASINO&link=https://www.onlinecas... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

3
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

71 kB
Transfer

257 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cutt.ly/GHuRycL HTTP 301
    https://xat.com/web_gear/chat/linkvalidator.php?name=ONLINECASINO&link=https://www.onlinecasino2go.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request linkvalidator.php
xat.com/web_gear/chat/
Redirect Chain
  • https://cutt.ly/GHuRycL
  • https://xat.com/web_gear/chat/linkvalidator.php?name=ONLINECASINO&link=https://www.onlinecasino2go.com/
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xat.com/web_gear/chat/linkvalidator.php?name=ONLINECASINO&link=https://www.onlinecasino2go.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.62.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07d53433d0f178528972f03ce087c278a3a14b7abc5d9c1e4094cf5c30a70243

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=3600, no-cache="set-cookie"
cf-cache-status
MISS
cf-ray
709bbbc1ed058ff2-FRA
content-encoding
gzip
content-length
2229
content-type
text/html; charset=UTF-8
date
Wed, 11 May 2022 14:51:34 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 11 May 2022 14:51:34 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
709bbbc0c84b9b6e-FRA
content-type
text/html; charset=UTF-8
date
Wed, 11 May 2022 14:51:33 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://xat.com/web_gear/chat/linkvalidator.php?name=ONLINECASINO&link=https://www.onlinecasino2go.com/
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
createjs.1.0.0.min.js
xat.com/content/js/ 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xat.com/content/js/createjs.1.0.0.min.js
Requested by
Host: xat.com
URL: https://xat.com/web_gear/chat/linkvalidator.php?name=ONLINECASINO&link=https://www.onlinecasino2go.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.62.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xat.com/web_gear/chat/linkvalidator.php?name=ONLINECASINO&link=https://www.onlinecasino2go.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 14:51:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 04 Feb 2020 21:40:04 GMT
server
cloudflare
age
77530
etag
W/"5e39e4b4-3b189"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, no-cache="set-cookie"
cf-ray
709bbbc2decf8ff2-FRA
expires
Wed, 11 May 2022 17:19:24 GMT
thief.js
xat.com/images/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xat.com/images/js/thief.js
Requested by
Host: xat.com
URL: https://xat.com/web_gear/chat/linkvalidator.php?name=ONLINECASINO&link=https://www.onlinecasino2go.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.62.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b8bfa539fad2735f3b5bd213930262dfc4cbb3fecf5d9b6ec4c2f9ebfd0550e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://xat.com/web_gear/chat/linkvalidator.php?name=ONLINECASINO&link=https://www.onlinecasino2go.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 11 May 2022 14:51:34 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 17 Oct 2016 11:19:37 GMT
server
cloudflare
age
81951
etag
W/"5804b3c9-3f0d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, no-cache="set-cookie"
cf-ray
709bbbc35fea8ff2-FRA
expires
Wed, 11 May 2022 16:05:43 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| createjs object| JSON3 object| lib object| images object| ss function| readCookie function| CheckLang function| LoadJsImage object| exportRoot

2 Cookies

Domain/Path Name / Value
cutt.ly/ Name: PHPSESSID
Value: k5buov78orn82akjseph49tbio
xat.com/ Name: AWSELB
Value: 6DB913651438F743D6805FD61916335517135C02385AF01BBF2249CB45D4ECC8B40EF5909118101640BC7D36C6E1D91F6413BD6F87D5670D5C6C0C69F120C5AED94150E884

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cutt.ly
xat.com
104.22.62.89
2606:4700:10::ac43:8ee
07d53433d0f178528972f03ce087c278a3a14b7abc5d9c1e4094cf5c30a70243
2b8bfa539fad2735f3b5bd213930262dfc4cbb3fecf5d9b6ec4c2f9ebfd0550e
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5