URL: http://ask.gophanon.cf/
Submission: On May 16 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3036::6815:3f88, located in United States and belongs to CLOUDFLARENET, US. The main domain is ask.gophanon.cf.
This is the only time ask.gophanon.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a03:2880:f08... 32934 (FACEBOOK)
4 4
Apex Domain
Subdomains
Transfer
1 fbsbx.com
lookaside.fbsbx.com — Cisco Umbrella Rank: 9261
1 coinkolik.com
www.coinkolik.com
19 KB
1 beincrypto.com
tr.beincrypto.com
546 KB
1 beincrypto.com.tr
beincrypto.com.tr
571 B
1 gophanon.cf
ask.gophanon.cf
14 KB
4 5
Domain Requested by
1 lookaside.fbsbx.com ask.gophanon.cf
1 www.coinkolik.com ask.gophanon.cf
1 tr.beincrypto.com ask.gophanon.cf
1 beincrypto.com.tr 1 redirects
1 ask.gophanon.cf
4 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-20 -
2023-06-20
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-02-23 -
2023-05-24
3 months crt.sh

This page contains 1 frames:

Primary Page: http://ask.gophanon.cf/
Frame ID: 630757D79EAAC1858376C00261788E1D
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Bitcoin (BTC) - czym jest kryptowaluta Bitcoin i giełda BTC?

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

4
Requests

50 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

579 kB
Transfer

596 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://beincrypto.com.tr/wp-content/uploads/2020/01/telegram-hacker-1200x780.png HTTP 301
  • https://tr.beincrypto.com/wp-content/uploads/2020/01/telegram-hacker-1200x780.png

4 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ask.gophanon.cf/
34 KB
14 KB
Document
General
Full URL
http://ask.gophanon.cf/
Protocol
HTTP/1.1
Server
2606:4700:3036::6815:3f88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85617e911edad40e9f99cd210d9b8ae1bc93cbe400f6908de7db353ffcf6e77f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
7c86e76cc9ab18fb-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 16 May 2023 22:02:16 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxaaH39Zj3SEuuy34%2BKXxArMkqwEz6rT4%2FVoruSkRNsiEb8A0Nf5i8O6xdOQHwTcLkaRgVLrg1jfXYmD4PcpbVThSMVBikQ6NIJyDcTBdfsWll4FO0doukvrcnXgEVPcW%2BaHFF6lII4wd0il%2F6M%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
telegram-hacker-1200x780.png
tr.beincrypto.com/wp-content/uploads/2020/01/
Redirect Chain
  • https://beincrypto.com.tr/wp-content/uploads/2020/01/telegram-hacker-1200x780.png
  • https://tr.beincrypto.com/wp-content/uploads/2020/01/telegram-hacker-1200x780.png
544 KB
546 KB
Image
General
Full URL
https://tr.beincrypto.com/wp-content/uploads/2020/01/telegram-hacker-1200x780.png
Requested by
Host: ask.gophanon.cf
URL: http://ask.gophanon.cf/
Protocol
H2
Server
2606:4700::6812:444 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58888fa1f7fe6ff4e629ab1d2ffd731309e003ca38310bab45ee25fb9a5bc49d
Security Headers
Name Value
Content-Security-Policy script-src https://beincrypto.com https://*.beincrypto.com https://gateway.ari10.com https://snap.licdn.com https://*.survicate.com https://*.surviocdn.com https://surviocdn.com https://*.survio.com https://survio.com https://a.omappapi.com https://player.ausha.co https://www.facebook.com https://connect.facebook.net https://ajax.cloudflare.com https://*.youtube.com https://tools.luckyorange.com https://js.hs-analytics.net https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hsforms.net https://js.hs-scripts.com https://*.hotjar.com https://*.twitter.com https://*.pcdn.co https://*.googleapis.com https://secure.gravatar.com https://*.gstatic.com https://*.google.com https://www.googleoptimize.com https://www.googleanalytics.com https://www.googletagmanager.com https://www.google-analytics.com https://static.ads-twitter.com https://clinfo-dot-analyticsbeincrypto.appspot.com https://stats.g.doubleclick.net https://t.co https://p.adsymptotic.com https://js.hscollectedforms.net https://servedbyadbutler.com https://api.coingecko.com https://*.yandex.ru https://www.datadoghq-browser-agent.com https://*.browser-intake-datadoghq.com https://unpkg.com https://cdn.whizzco.com https://cdn.bmcdn5.com https://*.aniview.com https://*.avplayer.com https://cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; worker-src 'self' 'unsafe-inline' blob:;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ask.gophanon.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 22:02:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-security-policy
script-src https://beincrypto.com https://*.beincrypto.com https://gateway.ari10.com https://snap.licdn.com https://*.survicate.com https://*.surviocdn.com https://surviocdn.com https://*.survio.com https://survio.com https://a.omappapi.com https://player.ausha.co https://www.facebook.com https://connect.facebook.net https://ajax.cloudflare.com https://*.youtube.com https://tools.luckyorange.com https://js.hs-analytics.net https://js.hsleadflows.net https://js.hs-banner.com https://js.hsadspixel.net https://js.hsforms.net https://js.hs-scripts.com https://*.hotjar.com https://*.twitter.com https://*.pcdn.co https://*.googleapis.com https://secure.gravatar.com https://*.gstatic.com https://*.google.com https://www.googleoptimize.com https://www.googleanalytics.com https://www.googletagmanager.com https://www.google-analytics.com https://static.ads-twitter.com https://clinfo-dot-analyticsbeincrypto.appspot.com https://stats.g.doubleclick.net https://t.co https://p.adsymptotic.com https://js.hscollectedforms.net https://servedbyadbutler.com https://api.coingecko.com https://*.yandex.ru https://www.datadoghq-browser-agent.com https://*.browser-intake-datadoghq.com https://unpkg.com https://cdn.whizzco.com https://cdn.bmcdn5.com https://*.aniview.com https://*.avplayer.com https://cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; worker-src 'self' 'unsafe-inline' blob:;
content-security-policy-report-only
report-to cf-csp-endpoint
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
556573
x-xss-protection
1; mode=block
x-gateway-cache-status
MISS
x-gateway-request-id
054ba0491e0d54185777941923932eeb
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 10 Feb 2022 02:34:36 GMT
server
cloudflare
etag
"620479bc-87e1d"
vary
Accept-Encoding
x-gateway-skip-cache
0
content-type
image/png
x-gateway-cache-key
1683272156.203||https|tr.beincrypto.com|||/wp-content/uploads/2020/01/telegram-hacker-1200x780.png
cache-control
public, max-age=31536000
permissions-policy
geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-frame-options
SAMEORIGIN
accept-ranges
bytes
cf-ray
7c86e76fea261e20-FRA
expires
Wed, 15 May 2024 22:02:17 GMT

Redirect headers

x-gateway-request-id
99cbf7b6a2193b751c4ba265b6a1cdd9
date
Tue, 16 May 2023 22:02:16 GMT
strict-transport-security
max-age=0
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
x-gateway-skip-cache
1
x-gateway-cache-key
1640611738.46||https|beincrypto.com.tr|||/wp-content/uploads/2020/01/telegram-hacker-1200x780.png
location
https://tr.beincrypto.com/wp-content/uploads/2020/01/telegram-hacker-1200x780.png
content-type
text/html
cache-control
public, max-age=1200
cf-ray
7c86e76e58d1902a-FRA
expires
Tue, 16 May 2023 22:22:16 GMT
Og%CC%86uz-Evren-K%C4%B1l%C4%B1c%CC%A7-Coinkolik-Yazar%C4%B1-250x200.jpg
www.coinkolik.com/wp-content/uploads/2020/01/
18 KB
19 KB
Image
General
Full URL
https://www.coinkolik.com/wp-content/uploads/2020/01/Og%CC%86uz-Evren-K%C4%B1l%C4%B1c%CC%A7-Coinkolik-Yazar%C4%B1-250x200.jpg
Requested by
Host: ask.gophanon.cf
URL: http://ask.gophanon.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22fb2ea90a287c91ca51ed0a2967b8a54e325a40f1dc5ee3b7bc26ca6cd2dfe9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ask.gophanon.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 16 May 2023 22:02:16 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18902
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Mar 2021 04:09:33 GMT
server
cloudflare
etag
"604997fd-49d6"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KapgKXXEUB7SRzEwDex0emDrw1%2Bp6XpHoFTEEOqSyyMLDgtnTIvlAAnA3SsjlR9R5o6XuG02qkFcxK1XoU2A2LU%2BQBRMao%2FnBr3%2FcVfeLY08p70jaj7hb1vubZJqnrtXgSBSw37pc%2F0cHzxY0rq1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7c86e76e5f0d5bf9-FRA
expires
Tue, 23 May 2023 22:02:16 GMT
/
lookaside.fbsbx.com/lookaside/crawler/media/
0
0
Image
General
Full URL
https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id=209385946284782
Requested by
Host: ask.gophanon.cf
URL: http://ask.gophanon.cf/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ask.gophanon.cf/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

3 Cookies

Domain/Path Name / Value
ask.gophanon.cf/ Name: ch1c
Value: b
.beincrypto.com.tr/ Name: __cf_bm
Value: DdUDXSxwfq6uVcKaXo8soei.1KqEVBHT52amwlQemF8-1684274536-0-AQwMi4rmD6Sm5x9+7ELp/ibBnziEZMSw2nTn6kaV7rCAhafYSoDybUVl+iTCifU6/j1cG9Wf9JAg4/lym+FW2YA=
.beincrypto.com/ Name: __cf_bm
Value: B0e6ncjbu39golnmtywtAw70IkEV4WhR95iBL21HB44-1684274537-0-Ad2XosnXoFYwRKqeoaVxDmoUnb2mJc2XM6rdApk3mzpioRMJ4I6yGO12kFcauUq5/uPJraeAFuoYITHRZMsvHGapyVfQVlKlOL5mLwLeW7XB