www.yyv.co Open in urlscan Pro
104.25.220.16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.yyv.co/AQjUY?dfhjethffrthfggtytdsfgh?
Effective URL:
http://www.yyv.co/notfound/
Submission: On June 01 via automatic, source phishtank (June 1st 2017, 7:22:24 pm UTC)

Summary HTTP 8 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 8 HTTP transactions. The main IP is 104.25.220.16, located in San Francisco, United States and belongs to CLOUDFLARENET - CloudFlare, Inc., US. The main domain is www.yyv.co.

This is the only time www.yyv.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.25.220.16 104.25.220.16	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
4	104.20.13.25 104.20.13.25	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	151.101.12.207 151.101.12.207	54113 (FASTLY) (FASTLY - Fastly)
1	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
8	4

2 104.25.220.16 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

www.yyv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.20.13.25 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

www.linkbucks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.207 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	linkbucks.com www.linkbucks.com	9 KB
2	yyv.co www.yyv.co	4 KB
1	nr-data.net bam.nr-data.net	57 B
1	newrelic.com js-agent.newrelic.com	9 KB
8	4

	Domain	Requested by
4	www.linkbucks.com	www.yyv.co
2	www.yyv.co
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.yyv.co
8	4

This site contains links to these domains. Also see Links.

Domain
www.linkbucks.com

Subject Issuer	Validity	Valid
*.d.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2017-04-11` - `2017-12-21`	8 months	crt.sh
*.nr-data.net GeoTrust SSL CA - G3	`2016-03-17` - `2018-03-17`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://www.yyv.co/notfound/
Frame ID: 24049.1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

8
Requests

25 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

22 kB
Transfer

43 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.linkbucks.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response www.yyv.co/notfound/ Redirect Chain http://www.yyv.co/AQjUY?dfhjethffrthfggtytdsfgh? http://www.yyv.co/notfound/	6 KB 3 KB	94ms 93ms	Document text/html	104.25.220.16 CloudFlare
General Check archive.org Show headers Download Go to Full URL http://www.yyv.co/notfound/ Protocol HTTP/1.1 Server 104.25.220.16 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / ASP.NET Resource Hash `612716b83e19c098e4679831da24f1ceafa82219844da3027f81c5a21529b5bc` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host www.yyv.co Accept-Language en-US,en;q=0.8 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Cache-Control no-cache Cookie __cfduid=d95a044a6e1b4d3503142523265941eac1496344934 Connection keep-alive User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Response headers Date Thu, 01 Jun 2017 19:22:14 GMT Content-Encoding gzip Server cloudflare-nginx X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Transfer-Encoding chunked Content-Type text/html; charset=utf-8 Set-Cookie ASP.NET_SessionId=qogxumfpifovnakounxfvcu5; path=/; HttpOnly Cache-Control private Connection keep-alive CF-RAY 36848a5f91706487-FRA Redirect headers Date Thu, 01 Jun 2017 19:22:14 GMT Server cloudflare-nginx X-Powered-By ASP.NET Location /notfound/ Set-Cookie __cfduid=d95a044a6e1b4d3503142523265941eac1496344934; expires=Fri, 01-Jun-18 19:22:14 GMT; path=/; domain=.yyv.co; HttpOnly Connection keep-alive CF-RAY 36848a5ef1026487-FRA Content-Length 4865
GET H/1.1	200 OK	Cookie set ads.css www.linkbucks.com/tmpl/mint/css/	4 KB 1012 B	49ms 37ms	Stylesheet text/css	104.20.13.25 CloudFlare
General Check archive.org Show headers Download Go to Full URL http://www.linkbucks.com/tmpl/mint/css/ads.css Requested by Host: www.yyv.co URL: http://www.yyv.co/notfound/ Protocol HTTP/1.1 Server 104.20.13.25 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / ASP.NET Resource Hash `a31e860ba7dc44e345739f1cd5365d23131ada121260a248f64973430293cc0c` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host www.linkbucks.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Accept text/css,/;q=0.1 Referer http://www.yyv.co/notfound/ Connection keep-alive Cache-Control no-cache Referer http://www.yyv.co/notfound/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Response headers Date Thu, 01 Jun 2017 19:22:14 GMT Content-Encoding gzip Vary Accept-Encoding CF-Cache-Status HIT Last-Modified Thu, 13 Feb 2014 20:08:02 GMT Server cloudflare-nginx X-Powered-By ASP.NET ETag W/"c174d14cf728cf1:0" Transfer-Encoding chunked Content-Type text/css Set-Cookie __cfduid=d48e12ebbaaddb2e3abed3290b69a36f51496344934; expires=Fri, 01-Jun-18 19:22:14 GMT; path=/; domain=.linkbucks.com; HttpOnly Cache-Control public, max-age=14400 Connection keep-alive CF-RAY 36848a6047472750-FRA Expires Thu, 01 Jun 2017 23:22:14 GMT
GET H/1.1	200 OK	Cookie set int_logo.gif www.linkbucks.com/tmpl/mint/img/	2 KB 2 KB	23ms 11ms	Image image/gif	104.20.13.25 CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL http://www.linkbucks.com/tmpl/mint/img/int_logo.gif Requested by Host: www.yyv.co URL: http://www.yyv.co/notfound/ Protocol HTTP/1.1 Server 104.20.13.25 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / ASP.NET Resource Hash `31fc504d1b3745b1a3da821d035002c830602894ef08173baad229484e6f1a8d` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host www.linkbucks.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://www.yyv.co/notfound/ Connection keep-alive Cache-Control no-cache Referer http://www.yyv.co/notfound/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Response headers Date Thu, 01 Jun 2017 19:22:14 GMT CF-Cache-Status HIT Last-Modified Sun, 16 Dec 2012 15:00:34 GMT Server cloudflare-nginx X-Powered-By ASP.NET ETag "9490c2199edbcd1:0" Vary Accept-Encoding Content-Type image/gif Set-Cookie __cfduid=db206607e82433f437581a4acecc23a7d1496344934; expires=Fri, 01-Jun-18 19:22:14 GMT; path=/; domain=.linkbucks.com; HttpOnly Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 36848a604736647b-FRA Content-Length 2325 Expires Thu, 01 Jun 2017 23:22:14 GMT
GET H/1.1	200 OK	warning.png www.linkbucks.com/tmpl/mint/img/	4 KB 4 KB	10ms 10ms	Image image/png	104.20.13.25 CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL http://www.linkbucks.com/tmpl/mint/img/warning.png Requested by Host: www.yyv.co URL: http://www.yyv.co/notfound/ Protocol HTTP/1.1 Server 104.20.13.25 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / ASP.NET Resource Hash `6af2e63f750a5152eb310903319386fdad345dbbad3545c64d515898dce0c26a` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host www.linkbucks.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://www.yyv.co/notfound/ Cookie __cfduid=db206607e82433f437581a4acecc23a7d1496344934 Connection keep-alive Cache-Control no-cache Referer http://www.yyv.co/notfound/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Response headers Date Thu, 01 Jun 2017 19:22:14 GMT CF-Cache-Status HIT Last-Modified Sun, 16 Dec 2012 15:00:34 GMT Server cloudflare-nginx X-Powered-By ASP.NET ETag "e9ec8199edbcd1:0" Vary Accept-Encoding Content-Type image/png Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 36848a605747647b-FRA Content-Length 4567 Expires Thu, 01 Jun 2017 23:22:14 GMT
GET H/1.1	200 OK	nr-1026.min.js Show response js-agent.newrelic.com/	22 KB 9 KB	21ms 6ms	Script application/javascript	151.101.12.207 Fastly
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-1026.min.js Requested by Host: www.yyv.co URL: http://www.yyv.co/notfound/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.207 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software AmazonS3 / Resource Hash `2d10816bada4d94734c1cb7e191ffb89ea7d9bb5c11b3e680f6b00c3a28d4e41` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host js-agent.newrelic.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Accept / Referer http://www.yyv.co/notfound/ Connection keep-alive Cache-Control no-cache Referer http://www.yyv.co/notfound/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Response headers Date Thu, 01 Jun 2017 19:22:14 GMT Content-Encoding gzip x-amz-request-id 0914FEC784ABF006 X-Cache HIT Connection keep-alive Content-Length 8844 x-amz-id-2 yAwOE3oXgEDy8s2JBtuuoSl6Ifmhqzhj1gKcSITArOYW8yYr7LDFBjP+b2t5AK7i8yvzo8xWP6g= X-Served-By cache-fra1222-FRA Last-Modified Mon, 06 Mar 2017 21:10:03 GMT Server AmazonS3 X-Timer S1496344934.495496,VS0,VE0 ETag "230c916aaa9194e21891a639a9c2b8eb" Vary Accept-Encoding Content-Type application/javascript Via 1.1 varnish Cache-Control public, max-age=7200, stale-if-error=604800 Accept-Ranges bytes X-Cache-Hits 663882
GET H/1.1	200 OK	int_top_bg.gif www.linkbucks.com/tmpl/mint/img/	2 KB 2 KB	11ms 10ms	Image image/gif	104.20.13.25 CloudFlare
General Check archive.org Show headers Download Go to Show image Full URL http://www.linkbucks.com/tmpl/mint/img/int_top_bg.gif Protocol HTTP/1.1 Server 104.20.13.25 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / ASP.NET Resource Hash `fece6413b092bd94e198639a3daf7a343284ce42257507339537126f7752dc88` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host www.linkbucks.com Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://www.linkbucks.com/tmpl/mint/css/ads.css Cookie __cfduid=d48e12ebbaaddb2e3abed3290b69a36f51496344934 Connection keep-alive Cache-Control no-cache Referer http://www.linkbucks.com/tmpl/mint/css/ads.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Response headers Date Thu, 01 Jun 2017 19:22:14 GMT CF-Cache-Status HIT Last-Modified Sun, 16 Dec 2012 15:00:34 GMT Server cloudflare-nginx X-Powered-By ASP.NET ETag "a5b7c2199edbcd1:0" Vary Accept-Encoding Content-Type image/gif Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 36848a6087782750-FRA Content-Length 1610 Expires Thu, 01 Jun 2017 23:22:14 GMT
GET H/1.1	200 OK	favicon.ico www.yyv.co/	2 KB 1 KB	97ms 97ms	Other image/x-icon	104.25.220.16 CloudFlare
General Check archive.org Show headers Download Go to Full URL http://www.yyv.co/favicon.ico Protocol HTTP/1.1 Server 104.25.220.16 San Francisco, United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US), Reverse DNS Software cloudflare-nginx / ASP.NET Resource Hash `aa9cc1c075bb17d7072b0ef4f502153eda6ab165f1aeb218ec39bd238ed25b88` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch Host www.yyv.co Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Accept image/webp,image/,/;q=0.8 Referer* http://www.yyv.co/notfound/ Cookie __cfduid=d95a044a6e1b4d3503142523265941eac1496344934; ASP.NET_SessionId=qogxumfpifovnakounxfvcu5 Connection keep-alive Cache-Control no-cache Referer http://www.yyv.co/notfound/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Response headers Date Thu, 01 Jun 2017 19:22:14 GMT Content-Encoding gzip Vary Accept-Encoding CF-Cache-Status REVALIDATED Last-Modified Mon, 26 Oct 2015 11:46:34 GMT Server cloudflare-nginx X-Powered-By ASP.NET ETag W/"5496acf6e3fd11:0" Transfer-Encoding chunked Content-Type image/x-icon Cache-Control public, max-age=604800 Connection keep-alive CF-RAY 36848a6082216487-FRA Expires Thu, 08 Jun 2017 19:22:14 GMT
GET H/1.1	200 OK	Cookie set ee706e17f3 Show response bam.nr-data.net/1/	57 B 57 B	420ms 104ms	Script text/javascript	162.247.242.20 New Relic
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/ee706e17f3?a=3357626&v=1026.7a27a3e&to=ZwQBbRYFCEFWBRZeDl5OImo0SwpbWQ0MWBVWDhZXAEoHQUce&rst=290&ref=http://www.yyv.co/notfound/&ap=1&be=215&fe=261&dc=217&perf=%7B%22timing%22:%7B%22of%22:1496344934219,%22n%22:0,%22r%22:1,%22re%22:113,%22f%22:113,%22dn%22:113,%22dne%22:113,%22c%22:113,%22ce%22:113,%22rq%22:114,%22rp%22:207,%22rpe%22:208,%22dl%22:208,%22di%22:217,%22ds%22:218,%22de%22:218,%22dc%22:260,%22l%22:260,%22le%22:262%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-1026.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US), Reverse DNS bam-8.nr-data.net Software / Resource Hash `f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23` Request headers Pragma no-cache Accept-Encoding gzip, deflate, sdch, br Host bam.nr-data.net Accept-Language en-US,en;q=0.8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Accept / Referer http://www.yyv.co/notfound/ Connection keep-alive Cache-Control no-cache Referer http://www.yyv.co/notfound/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36 Response headers Set-Cookie JSESSIONID=83f2c541f8c33fd8;Path=/;Domain=.nr-data.net;Secure Content-Type text/javascript;charset=ISO-8859-1 Content-Length 57 Expires Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.yyv.co/	1970-01-01 00:00:00	Name: ASP.NET_SessionId Value: qogxumfpifovnakounxfvcu5
			.yyv.co/	2018-06-01 19:22:14	Name: __cfduid Value: d95a044a6e1b4d3503142523265941eac1496344934

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
js-agent.newrelic.com
www.linkbucks.com
www.yyv.co
104.20.13.25
104.25.220.16
151.101.12.207
162.247.242.20
2d10816bada4d94734c1cb7e191ffb89ea7d9bb5c11b3e680f6b00c3a28d4e41
31fc504d1b3745b1a3da821d035002c830602894ef08173baad229484e6f1a8d
612716b83e19c098e4679831da24f1ceafa82219844da3027f81c5a21529b5bc
6af2e63f750a5152eb310903319386fdad345dbbad3545c64d515898dce0c26a
a31e860ba7dc44e345739f1cd5365d23131ada121260a248f64973430293cc0c
aa9cc1c075bb17d7072b0ef4f502153eda6ab165f1aeb218ec39bd238ed25b88
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fece6413b092bd94e198639a3daf7a343284ce42257507339537126f7752dc88

www.yyv.co Open in urlscan Pro 104.25.220.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

8 Requests

25 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

22 kBTransfer

43 kBSize

2 Cookies

1 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

www.yyv.co Open in urlscan Pro
104.25.220.16 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

25 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

22 kB
Transfer

43 kB
Size

2
Cookies

8 HTTP transactions
0 data transactions