trafikteyim.net Open in urlscan Pro
89.43.31.190 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://trafikteyim.net/wp-includes/qq.htm
Submission: On September 06 via automatic, source openphish (September 6th 2017, 8:07:31 am UTC)

Summary HTTP 9 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 9 HTTP transactions. The main IP is 89.43.31.190, located in Turkey and belongs to NETINTERNET, TR. The main domain is trafikteyim.net.

This is the only time trafikteyim.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Yahoo (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	89.43.31.190 89.43.31.190	51559 (NETINTERNET) (NETINTERNET)
7	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
9	3

1 89.43.31.190 (Turkey)

ASN51559 (NETINTERNET, TR)
PTR: d1r92ui.ni.net.tr

trafikteyim.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, DE)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	yimg.com s.yimg.com	8 KB
1	google-analytics.com www.google-analytics.com	16 KB
1	trafikteyim.net trafikteyim.net	5 KB
9	3

	Domain	Requested by
7	s.yimg.com	trafikteyim.net
1	www.google-analytics.com	trafikteyim.net
1	trafikteyim.net
9	3

This site contains links to these domains. Also see Links.

Domain
global.ard.yahoo.com

Subject Issuer	Validity	Valid
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2017-07-31` - `2017-09-14`	a month	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-08-15` - `2017-11-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://trafikteyim.net/wp-includes/qq.htm
Frame ID: 2608.1
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i

Page Statistics

9
Requests

89 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

28 kB
Transfer

69 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://global.ard.yahoo.com/SIG=15qlou0em/M=289534.11591653.14018207.11241642/D=regst/S=150002326:FOOT/Y=YAHOO/EXP=1336853631/L=S7jUadG_XHOEMlXlT4KlQQE7RQ9Owk.uqF8AC3pQ/B=2I7iJUJe5iU-/J=1336846431880059/K=5xF1hztgtZEY2ZFKyNdFUg/A=6066579/R=0/SIG=11lp7krrc/*http://docs.yahoo.com/info/copyright/copyright.html
Title: Copyright/IP Policy

Search URL Search Domain Scan URL

URL: https://global.ard.yahoo.com/SIG=15qlou0em/M=289534.11591653.14018207.11241642/D=regst/S=150002326:FOOT/Y=YAHOO/EXP=1336853631/L=S7jUadG_XHOEMlXlT4KlQQE7RQ9Owk.uqF8AC3pQ/B=2I7iJUJe5iU-/J=1336846431880059/K=5xF1hztgtZEY2ZFKyNdFUg/A=6066579/R=1/SIG=1136qnvkg/*http://docs.yahoo.com/info/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://global.ard.yahoo.com/SIG=15qlou0em/M=289534.11591653.14018207.11241642/D=regst/S=150002326:FOOT/Y=YAHOO/EXP=1336853631/L=S7jUadG_XHOEMlXlT4KlQQE7RQ9Owk.uqF8AC3pQ/B=2I7iJUJe5iU-/J=1336846431880059/K=5xF1hztgtZEY2ZFKyNdFUg/A=6066579/R=2/SIG=11jkmfkej/*http://info.yahoo.com/legal/us/yahoo/sms/tos.html
Title: SMS Terms of Service

Search URL Search Domain Scan URL

URL: https://global.ard.yahoo.com/SIG=15qlou0em/M=289534.11591653.14018207.11241642/D=regst/S=150002326:FOOT/Y=YAHOO/EXP=1336853631/L=S7jUadG_XHOEMlXlT4KlQQE7RQ9Owk.uqF8AC3pQ/B=2I7iJUJe5iU-/J=1336846431880059/K=5xF1hztgtZEY2ZFKyNdFUg/A=6066579/R=3/SIG=11ul6d4cd/*http://help.yahoo.com/l/us/yahoo/edit/id_password/index.html
Title: Help

Search URL Search Domain Scan URL

URL: https://global.ard.yahoo.com/SIG=15qlou0em/M=289534.11591653.14018207.11241642/D=regst/S=150002326:FOOT/Y=YAHOO/EXP=1336853631/L=S7jUadG_XHOEMlXlT4KlQQE7RQ9Owk.uqF8AC3pQ/B=2I7iJUJe5iU-/J=1336846431880059/K=5xF1hztgtZEY2ZFKyNdFUg/A=6066579/R=4/SIG=1163rhhok/*http://privacy.yahoo.com/privacy/us/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://global.ard.yahoo.com/SIG=15qlou0em/M=289534.11591653.14018207.11241642/D=regst/S=150002326:FOOT/Y=YAHOO/EXP=1336853631/L=S7jUadG_XHOEMlXlT4KlQQE7RQ9Owk.uqF8AC3pQ/B=2I7iJUJe5iU-/J=1336846431880059/K=5xF1hztgtZEY2ZFKyNdFUg/A=6066579/R=5/SIG=11475d5s1/*http://info.yahoo.com/relevantads/
Title: About Our Ads

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 7

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request qq.htm Show response
trafikteyim.net/wp-includes/ 15 KB
5 KB 228ms
74ms Document
text/html 89.43.31.190
NETINTERNET

General

Check archive.org

Show headers Download Go to

Full URL: http://trafikteyim.net/wp-includes/qq.htm
Protocol: HTTP/1.1
Server: 89.43.31.190 , Turkey, ASN51559 (NETINTERNET, TR),
Reverse DNS: d1r92ui.ni.net.tr
Software: Apache /
Resource Hash: 1b47cdb923254303bd39838f008957fb77f820af9a121f4eaa69f96fd46147a2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

Date: Wed, 06 Sep 2017 08:07:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2017 21:09:28 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive, Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4608
Expires: max-age=2592000, public

GET
S 200 reset-fonts-grids_2.1.2.css
s.yimg.com/lq/lib/common/css/ 3 KB
1001 B 9ms
9ms Stylesheet
text/css 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yimg.com/lq/lib/common/css/reset-fonts-grids_2.1.2.css
Requested by: Host: trafikteyim.net
URL: http://trafikteyim.net/wp-includes/qq.htm
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, DE),
Reverse DNS
Software: ATS /
Resource Hash: f424223507d37cfc2149b494c1812f19b820b2ee90900de71bf5e93d11689ecd

Request headers

Referer: http://trafikteyim.net/wp-includes/qq.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Wed, 06 Sep 2017 02:07:45 GMT
content-encoding: gzip
x-ysws-request-id: 43227528-e163-4a45-97e7-259cbb98ad60
age: 21576
status: 200
content-length: 992
last-modified: Wed, 14 Nov 2012 05:53:14 GMT
server: ATS
etag: "YM:1:0489e986-4660-4cd1-b5d6-fa1cab73c17c0004ce6e267c8f0e-gzip"
vary: Accept-Encoding
content-type: text/css
via: HTTP/1.1 web29.use44.mobstor.bf1.yahoo.com UserFiberFramework/1.0, http/1.1 e20.ycpi.deb.yahoo.com (ApacheTrafficServer [cHs f ])
cache-control: public,max-age=315360000
accept-ranges: bytes
x-ysws-visited-replicas: gops.use44.mobstor.vip.bf1.yahoo.com
expires: Sat, 04 Sep 2027 02:07:45 GMT

GET
S 200 uh_slim_ssl-1.0.7.css
s.yimg.com/lq/lib/uh/15/css/ 3 KB
1 KB 9ms
9ms Stylesheet
text/css 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yimg.com/lq/lib/uh/15/css/uh_slim_ssl-1.0.7.css
Requested by: Host: trafikteyim.net
URL: http://trafikteyim.net/wp-includes/qq.htm
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, DE),
Reverse DNS
Software: ATS /
Resource Hash: 0862451d73c7f8082fd19f0ec018d506f303b3342ad6631e21eef8a2398718ad

Request headers

Referer: http://trafikteyim.net/wp-includes/qq.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Tue, 05 Sep 2017 14:10:49 GMT
content-encoding: gzip
x-ysws-request-id: f853968d-94c8-44e4-8237-955ed8493d9d
age: 64593
status: 200
content-length: 1098
last-modified: Wed, 14 Nov 2012 05:20:47 GMT
server: ATS
etag: "YM:1:d67cd13c-9f5b-4e2d-b546-d4efc699a2730004ce6db26e8e04-gzip"
vary: Accept-Encoding
content-type: text/css
via: HTTP/1.1 web11.use44.mobstor.bf1.yahoo.com UserFiberFramework/1.0, http/1.1 e20.ycpi.deb.yahoo.com (ApacheTrafficServer [cHs f ])
cache-control: public,max-age=315360000
accept-ranges: bytes
x-ysws-visited-replicas: gops.use44.mobstor.vip.bf1.yahoo.com
expires: Fri, 03 Sep 2027 14:10:49 GMT

GET
S 200 base.gif
s.yimg.com/lq/i/brand/purplelogo/uh/us/ 905 B
914 B 11ms
11ms Image
image/gif 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.yimg.com/lq/i/brand/purplelogo/uh/us/base.gif
Requested by: Host: trafikteyim.net
URL: http://trafikteyim.net/wp-includes/qq.htm
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, DE),
Reverse DNS
Software: ATS /
Resource Hash: 7a5a21279ac5a0228ea5cabfd54e5643f923a1ec3a6b36e5d8863cd1faf8afd7

Request headers

Referer: http://trafikteyim.net/wp-includes/qq.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Tue, 05 Sep 2017 21:17:51 GMT
via: HTTP/1.1 web29.use44.mobstor.bf1.yahoo.com UserFiberFramework/1.0, http/1.1 e20.ycpi.deb.yahoo.com (ApacheTrafficServer [cHs f ])
x-ysws-request-id: a0ca8415-54be-4f54-85e4-40dbd1f9d9f8
server: ATS
age: 38971
etag: "YM:1:912c5a39-b821-404d-a19e-dfe085d84f530004ce7688f813c1"
content-type: image/gif
status: 200
cache-control: public,max-age=315360000
last-modified: Wed, 14 Nov 2012 15:53:26 GMT
accept-ranges: bytes
content-length: 905
x-ysws-visited-replicas: gops.use44.mobstor.vip.bf1.yahoo.com
expires: Fri, 03 Sep 2027 21:17:51 GMT

GET
S 200 ar_bg.png
s.yimg.com/lq/i/reg/ 1 KB
1 KB 10ms
10ms Image
image/png 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.yimg.com/lq/i/reg/ar_bg.png
Requested by: Host: trafikteyim.net
URL: http://trafikteyim.net/wp-includes/qq.htm
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, DE),
Reverse DNS
Software: ATS /
Resource Hash: 9b9078e2956eeca5bffdee4e2ecb9369f9c9abeafc4ff5e042a5630d382c3f6d

Request headers

Referer: http://trafikteyim.net/wp-includes/qq.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Tue, 05 Sep 2017 12:25:59 GMT
via: HTTP/1.1 web16.use44.mobstor.bf1.yahoo.com UserFiberFramework/1.0, http/1.1 e20.ycpi.deb.yahoo.com (ApacheTrafficServer [cHs f ])
x-ysws-request-id: c5befe5a-8d8e-4d5c-b2a0-171377684b6e
server: ATS
age: 70883
etag: "YM:1:216a705b-ae04-4cd6-9b57-b363423c33200004ce76a950a156"
content-type: image/png
status: 200
cache-control: public,max-age=315360000
last-modified: Wed, 14 Nov 2012 16:02:28 GMT
accept-ranges: bytes
content-length: 1042
x-ysws-visited-replicas: gops.use44.mobstor.vip.bf1.yahoo.com
expires: Fri, 03 Sep 2027 12:25:59 GMT

GET
S 200 uh_sprites_1.5-1.0.3.png
s.yimg.com/lq/lib/uh/15/ 3 KB
3 KB 11ms
11ms Image
image/png 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.yimg.com/lq/lib/uh/15/uh_sprites_1.5-1.0.3.png
Requested by: Host: trafikteyim.net
URL: http://trafikteyim.net/wp-includes/qq.htm
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, DE),
Reverse DNS
Software: ATS /
Resource Hash: 0350180c01b8c78379141a7ff041a4c35681311686d22bee5b10290d116e53d7

Request headers

Referer: https://s.yimg.com/lq/lib/uh/15/css/uh_slim_ssl-1.0.7.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Mon, 04 Sep 2017 08:06:24 GMT
via: HTTP/1.1 web7.use44.mobstor.bf1.yahoo.com UserFiberFramework/1.0, http/1.1 e20.ycpi.deb.yahoo.com (ApacheTrafficServer [cHs f ])
x-ysws-request-id: 0e2c8125-c24a-4a05-afa0-e497be6cd1e4
server: ATS
age: 172858
etag: "YM:1:6db8ffe7-fa89-417a-a35e-19c6791609c00004ce6dbe5e25a8"
content-type: image/png
status: 200
cache-control: public,max-age=315360000
last-modified: Wed, 14 Nov 2012 05:24:07 GMT
accept-ranges: bytes
content-length: 3058
x-ysws-visited-replicas: gops.use44.mobstor.vip.bf1.yahoo.com
expires: Thu, 02 Sep 2027 08:06:24 GMT

GET
S 200 info_metro16_1.gif
s.yimg.com/lq/i/nt/ic/ut/bsc/ 225 B
234 B 12ms
12ms Image
image/gif 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.yimg.com/lq/i/nt/ic/ut/bsc/info_metro16_1.gif
Requested by: Host: trafikteyim.net
URL: http://trafikteyim.net/wp-includes/qq.htm
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, DE),
Reverse DNS
Software: ATS /
Resource Hash: f1db299f84621739d1bebb758e69b00e71e7d229cf4d23cd92b2395aada9121e

Request headers

Referer: http://trafikteyim.net/wp-includes/qq.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Mon, 04 Sep 2017 10:31:14 GMT
via: HTTP/1.1 web18.use44.mobstor.bf1.yahoo.com UserFiberFramework/1.0, http/1.1 e20.ycpi.deb.yahoo.com (ApacheTrafficServer [cHs f ])
x-ysws-request-id: da5e0198-41e2-4d8f-a13c-a5c0451483fb
server: ATS
age: 164168
etag: "YM:1:d188e79f-2326-4ebd-8c42-a7bac83c36ee0004ce76f27995bc"
content-type: image/gif
status: 200
cache-control: public,max-age=315360000
last-modified: Wed, 14 Nov 2012 16:22:56 GMT
accept-ranges: bytes
content-length: 225
x-ysws-visited-replicas: gops.use44.mobstor.vip.bf1.yahoo.com
expires: Thu, 02 Sep 2027 10:31:14 GMT

GET
S 200 reg_gradients.png
s.yimg.com/lq/i/reg/ 325 B
334 B 10ms
10ms Image
image/png 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.yimg.com/lq/i/reg/reg_gradients.png
Requested by: Host: trafikteyim.net
URL: http://trafikteyim.net/wp-includes/qq.htm
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, DE),
Reverse DNS
Software: ATS /
Resource Hash: 809ffdbfa510dcc6706bda2615db76545709b3239e0779efd21322802734f19d

Request headers

Referer: http://trafikteyim.net/wp-includes/qq.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

date: Tue, 05 Sep 2017 12:15:06 GMT
via: HTTP/1.1 web5.use44.mobstor.bf1.yahoo.com UserFiberFramework/1.0, http/1.1 e20.ycpi.deb.yahoo.com (ApacheTrafficServer [cHs f ])
x-ysws-request-id: d2ad53f7-ee5c-43be-a481-5baecc280362
server: ATS
age: 71535
etag: "YM:1:9cf5f68d-4b77-4ec4-a58c-bb832c6e95160004ce76aa358d55"
content-type: image/png
status: 200
cache-control: public,max-age=315360000
last-modified: Wed, 14 Nov 2012 16:02:43 GMT
accept-ranges: bytes
content-length: 325
x-ysws-visited-replicas: gops.use44.mobstor.vip.bf1.yahoo.com
expires: Fri, 03 Sep 2027 12:15:06 GMT

GET
S

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

42 KB
16 KB

19ms
6ms

Script
text/javascript

2a00:1450:4001:820::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: trafikteyim.net
URL: http://trafikteyim.net/wp-includes/qq.htm

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://trafikteyim.net/wp-includes/qq.htm
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.113 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Aug 2017 01:11:09 GMT
server: Golfe2
age: 6323
date: Wed, 06 Sep 2017 06:21:58 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 16022
expires: Wed, 06 Sep 2017 08:21:58 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Yahoo (Online)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

s.yimg.com
trafikteyim.net
www.google-analytics.com
2a00:1288:80:800::7001
2a00:1450:4001:820::200e
89.43.31.190
0350180c01b8c78379141a7ff041a4c35681311686d22bee5b10290d116e53d7
0862451d73c7f8082fd19f0ec018d506f303b3342ad6631e21eef8a2398718ad
1b47cdb923254303bd39838f008957fb77f820af9a121f4eaa69f96fd46147a2
4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5
7a5a21279ac5a0228ea5cabfd54e5643f923a1ec3a6b36e5d8863cd1faf8afd7
809ffdbfa510dcc6706bda2615db76545709b3239e0779efd21322802734f19d
9b9078e2956eeca5bffdee4e2ecb9369f9c9abeafc4ff5e042a5630d382c3f6d
f1db299f84621739d1bebb758e69b00e71e7d229cf4d23cd92b2395aada9121e
f424223507d37cfc2149b494c1812f19b820b2ee90900de71bf5e93d11689ecd

trafikteyim.net Open in urlscan Pro 89.43.31.190 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

9 Requests

89 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

28 kBTransfer

69 kBSize

0 Cookies

6 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

trafikteyim.net Open in urlscan Pro
89.43.31.190 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

28 kB
Transfer

69 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!