ramazanii.com Open in urlscan Pro
2606:4700:3034::681b:8253 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7
Submission Tags: @ipnigh
Submission: On March 02 via api (March 2nd 2020, 5:40:58 am UTC) from GB

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 22 HTTP transactions. The main IP is 2606:4700:3034::681b:8253, located in United States and belongs to CLOUDFLARENET, US. The main domain is ramazanii.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 26th 2020. Valid for: 7 months.

This is the only time ramazanii.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Apple (Online)

Domain & IP information

	IP Address		AS Autonomous System
22	2606:4700:303... 2606:4700:3034::681b:8253		13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	1

22 2606:4700:3034::681b:8253 (United States)

ASN13335 (CLOUDFLARENET, US)

ramazanii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	ramazanii.com ramazanii.com	858 KB
22	1

	Domain	Requested by
22	ramazanii.com	ramazanii.com
22	1

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-26` - `2020-10-09`	7 months	crt.sh

This page contains 1 frames:

Primary Page: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7
Frame ID: 1F3B63B7395971E4F33829C44F308676
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

22
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

858 kB
Transfer

1831 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ramazanii.com/apple/	4 KB 2 KB	280ms 232ms	Document text/html	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.3.13 Resource Hash `f06adf6909568b671c8f1a92f441fac16f3079e1d6176da9e792e602f99ade29` Request headers :method GET :authority ramazanii.com :scheme https :path /apple/?web_session=9aa3e07bcc7dfb9be7 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 sec-fetch-dest document accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest document Response headers status 200 date Mon, 02 Mar 2020 05:40:41 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=dcaa969c39a1879f8e2c8492038797ac51583127641; expires=Wed, 01-Apr-20 05:40:41 GMT; path=/; domain=.ramazanii.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=9eb566deae381280fbb54dd30cf315e6; path=/ x-powered-by PHP/7.3.13 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache vary Accept-Encoding,User-Agent cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 56d8c8cd0c73c2e5-FRA content-encoding br
GET H2	200	master.css ramazanii.com/apple/assets/	21 KB 4 KB	13ms 13ms	Stylesheet text/css	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ramazanii.com/apple/assets/master.css Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1b05c2a9472d160c3643819bee9228c6e382202f6767c304b390044bfbc83432` Request headers Referer https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Mon, 02 Mar 2020 05:40:41 GMT content-encoding br cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:53:25 GMT server cloudflare age 2200 etag W/"9000d7e-53c0-59fcf95e1b139-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type text/css status 200 cache-control max-age=14400 cf-ray 56d8c8ce8f42c2e5-FRA
GET H2	200	master.js Show response ramazanii.com/apple/assets/	4 KB 965 B	13ms 12ms	Script application/javascript	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ramazanii.com/apple/assets/master.js Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `41a7b58c6de9fb3c8dc908e4be867230037f8376f93f08e44fd2fb2e673de8e1` Request headers Referer https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest script Response headers date Mon, 02 Mar 2020 05:40:41 GMT content-encoding br cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:53:24 GMT server cloudflare age 2200 etag W/"9000d7f-10c7-59fcf95de1370-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type application/javascript status 200 cache-control max-age=14400 cf-ray 56d8c8ce8f46c2e5-FRA
GET H2	200	font.css ramazanii.com/apple/assets/	1 KB 306 B	10ms 10ms	Stylesheet text/css	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ramazanii.com/apple/assets/font.css Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5499558d9ae9173b7a988fa7a74d2f0096cfb662b00cbf7ad44c04bd07863395` Request headers Referer https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Mon, 02 Mar 2020 05:40:41 GMT content-encoding br cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:53:24 GMT server cloudflare age 2200 etag W/"9000d7c-415-59fcf95d3268d-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type text/css status 200 cache-control max-age=14400 cf-ray 56d8c8ce9f6dc2e5-FRA
GET H2	200	countries.css ramazanii.com/apple/assets/	12 KB 2 KB	14ms 13ms	Stylesheet text/css	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ramazanii.com/apple/assets/countries.css Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f38b27ea50a4b601a3cde4453479781faeb6e92c45f7c555006bba12badddd39` Request headers Referer https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Mon, 02 Mar 2020 05:40:41 GMT content-encoding br cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:53:24 GMT server cloudflare age 2200 etag W/"9000d7b-3054-59fcf95d082c4-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type text/css status 200 cache-control max-age=14400 cf-ray 56d8c8ce9f6ec2e5-FRA
GET H2	200	credit.css ramazanii.com/apple/assets/	1 KB 257 B	15ms 14ms	Stylesheet text/css	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ramazanii.com/apple/assets/credit.css Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6697a26dfeae768de277e607a4787175bc29c983ae1dde50e7cf70f85884ede3` Request headers Referer https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest style Response headers date Mon, 02 Mar 2020 05:40:41 GMT content-encoding br cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:53:23 GMT server cloudflare age 2200 etag W/"9000d7a-404-59fcf95cdd72c-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type text/css status 200 cache-control max-age=14400 cf-ray 56d8c8ce9f6fc2e5-FRA
GET H2	200	apple.png ramazanii.com/apple/img/	1 KB 1 KB	10ms 9ms	Image image/png	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ramazanii.com/apple/img/apple.png Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0324ce3517183ac6681e58929d4ff4c917c798780786af31900bece4a1dcc9d4` Request headers Referer https://ramazanii.com/apple/assets/master.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Mon, 02 Mar 2020 05:40:41 GMT cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:55:02 GMT server cloudflare age 2200 etag "9000d91-477-59fcf9baf7dfa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 56d8c8cebfa3c2e5-FRA content-length 1143
GET H2	200	search.png ramazanii.com/apple/img/	1 KB 1 KB	11ms 10ms	Image image/png	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ramazanii.com/apple/img/search.png Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a7208cdaf7cc7ebe80434079cd386c3ad0b9433a1211cf34cf0abea189111fc3` Request headers Referer https://ramazanii.com/apple/assets/master.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Mon, 02 Mar 2020 05:40:41 GMT cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:55:09 GMT server cloudflare age 2200 etag "9000d9f-4fd-59fcf9c1aa7ad" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 56d8c8cebfa4c2e5-FRA content-length 1277
GET H2	200	shopping-bag.png ramazanii.com/apple/img/	710 B 815 B	12ms 12ms	Image image/png	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ramazanii.com/apple/img/shopping-bag.png Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `acf04c9e472d5ef05e1090b767d203741de913a32a1fd9e9ac5a0739b27c0b4d` Request headers Referer https://ramazanii.com/apple/assets/master.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Mon, 02 Mar 2020 05:40:41 GMT cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:55:10 GMT server cloudflare age 2200 etag "9000da0-2c6-59fcf9c226427" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 56d8c8cebfa5c2e5-FRA content-length 710
GET H2	200	menu.png ramazanii.com/apple/img/	262 B 344 B	11ms 10ms	Image image/png	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ramazanii.com/apple/img/menu.png Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f3687be4052f05dbcf261b4e3d8f4629548cb1959746d643059844654e8662d8` Request headers Referer https://ramazanii.com/apple/assets/master.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Mon, 02 Mar 2020 05:40:41 GMT cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:55:08 GMT server cloudflare age 2200 etag "9000d9d-106-59fcf9c0e054a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 56d8c8cebfa6c2e5-FRA content-length 262
GET H2	200	cross.png ramazanii.com/apple/img/	582 B 689 B	10ms 9ms	Image image/png	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ramazanii.com/apple/img/cross.png Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7c4f1a01bc9d4e74c3d99ebf620016c9ed87f1fe3f1bc0748d7a4749ae167e05` Request headers Referer https://ramazanii.com/apple/assets/master.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Mon, 02 Mar 2020 05:40:41 GMT cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:55:06 GMT server cloudflare age 2200 etag "9000d99-246-59fcf9befabba" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 56d8c8cebfa7c2e5-FRA content-length 582
GET H2	200	background.jpg ramazanii.com/apple/img/	310 KB 310 KB	13ms 12ms	Image image/jpeg	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ramazanii.com/apple/img/background.jpg Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `80d7c4158ea60fed4e394e00a580aa46a23d4566bda143eca32d319a7959ab08` Request headers Referer https://ramazanii.com/apple/assets/master.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Mon, 02 Mar 2020 05:40:41 GMT cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:55:13 GMT server cloudflare age 2200 etag "9000d96-4d717-59fcf9c57cc15" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 56d8c8cebfa8c2e5-FRA content-length 317207
GET H2	200	loading.gif ramazanii.com/apple/img/	3 KB 3 KB	10ms 9ms	Image image/gif	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ramazanii.com/apple/img/loading.gif Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0c4d1b66cbed8c0ba7bfe1d047409e80b99684794ba66e9556503890eae17f2d` Request headers Referer https://ramazanii.com/apple/assets/master.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Mon, 02 Mar 2020 05:40:41 GMT cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:55:08 GMT server cloudflare age 2200 etag "9000d9c-c88-59fcf9c074e88" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 56d8c8cebfa9c2e5-FRA content-length 3208
GET H2	200	appleid.png ramazanii.com/apple/img/	5 KB 5 KB	12ms 12ms	Image image/png	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ramazanii.com/apple/img/appleid.png Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c691a459c75691e086dfbbacf08d2f4591a8316f11484ff99a5ca500a172e2b4` Request headers Referer https://ramazanii.com/apple/assets/master.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Mon, 02 Mar 2020 05:40:41 GMT cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:55:03 GMT server cloudflare age 2200 etag "9000d93-1252-59fcf9bc3e0bf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 56d8c8cebfabc2e5-FRA content-length 4690
GET H2	200	SF-UI-Text-Regular.otf ramazanii.com/apple/fonts/	310 KB 98 KB	24ms 24ms	Font font/otf	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ramazanii.com/apple/fonts/SF-UI-Text-Regular.otf Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `60d5093e58f648e0676ac12c989bfe5ce53b6ae7e3c97d879896bcf2f8e1558a` Request headers Referer https://ramazanii.com/apple/assets/font.css Origin https://ramazanii.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 02 Mar 2020 05:40:41 GMT content-encoding br cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:53:56 GMT server cloudflare age 2200 etag W/"9000d87-4d6e0-59fcf97c006d2-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type font/otf status 200 cache-control max-age=14400 cf-ray 56d8c8cebfadc2e5-FRA
GET H2	200	arrow.png ramazanii.com/apple/img/	898 B 1005 B	10ms 9ms	Image image/png	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ramazanii.com/apple/img/arrow.png Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `effc7bd489cdb03edab7d92c1e732a03b510b1488e48bf38aa3c8bd0c3c464b9` Request headers Referer https://ramazanii.com/apple/assets/master.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Mon, 02 Mar 2020 05:40:41 GMT cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:55:04 GMT server cloudflare age 2200 etag "9000d94-382-59fcf9bc88058" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 56d8c8cebfb0c2e5-FRA content-length 898
GET H2	200	rarrow.png ramazanii.com/apple/img/	484 B 647 B	16ms 16ms	Image image/png	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ramazanii.com/apple/img/rarrow.png Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b2eff858ea8f2e25316315458ff77df56865bd93fb60ce33c86302e0672165cc` Request headers Referer https://ramazanii.com/apple/assets/master.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Mon, 02 Mar 2020 05:40:41 GMT cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:55:09 GMT server cloudflare age 2200 etag "9000d9e-1e4-59fcf9c145e4c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 56d8c8cecfb6c2e5-FRA content-length 484
GET H2	200	sprite.jpg ramazanii.com/apple/img/	104 KB 104 KB	16ms 16ms	Image image/jpeg	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ramazanii.com/apple/img/sprite.jpg Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bd5f4ed541a56a96e91ac8419bac78377be866769be15787f78e0d242a15b0b6` Request headers Referer https://ramazanii.com/apple/assets/master.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Mon, 02 Mar 2020 05:40:41 GMT cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:55:11 GMT server cloudflare age 2200 etag "9000da1-19e4f-59fcf9c3eaa76" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 56d8c8cecfb7c2e5-FRA content-length 106063
GET H2	200	germany.png ramazanii.com/apple/img/flags/	2 KB 2 KB	16ms 16ms	Image image/png	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ramazanii.com/apple/img/flags/germany.png Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b146cfd7c6b9ed2204b9fc610e15d406aa0991e5641bce50f05193be8f1cde02` Request headers Referer https://ramazanii.com/apple/assets/countries.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Dest image Response headers date Mon, 02 Mar 2020 05:40:41 GMT cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:55:29 GMT server cloudflare age 2200 etag "9000de0-766-59fcf9d511c8c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 56d8c8cecfb9c2e5-FRA content-length 1894
GET H2	200	SF-UI-Display-Medium.otf ramazanii.com/apple/fonts/	302 KB 102 KB	20ms 19ms	Font font/otf	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ramazanii.com/apple/fonts/SF-UI-Display-Medium.otf Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e8b89877190ddaf2351c3104dc989809c9211b8a4d57c8f50d19ed813a24e812` Request headers Referer https://ramazanii.com/apple/assets/font.css Origin https://ramazanii.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 02 Mar 2020 05:40:41 GMT content-encoding br cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:53:35 GMT server cloudflare age 2200 etag W/"9000d84-4b974-59fcf9684c762-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type font/otf status 200 cache-control max-age=14400 cf-ray 56d8c8cecfbac2e5-FRA
GET H2	200	SF-UI-Display-Light.otf ramazanii.com/apple/fonts/	296 KB 101 KB	23ms 23ms	Font font/otf	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ramazanii.com/apple/fonts/SF-UI-Display-Light.otf Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `46bffd6cbaa0c9f985c55d051e2ba574eb20f23c906fb2a0d96e53bc5066c9f2` Request headers Referer https://ramazanii.com/apple/assets/font.css Origin https://ramazanii.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 02 Mar 2020 05:40:41 GMT content-encoding br cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:54:08 GMT server cloudflare age 2200 etag W/"9000d83-4a120-59fcf9873b318-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type font/otf status 200 cache-control max-age=14400 cf-ray 56d8c8cecfbcc2e5-FRA
GET H2	200	System%20San%20Francisco%20Display%20Regular.ttf ramazanii.com/apple/fonts/	451 KB 118 KB	23ms 23ms	Font font/ttf	2606:4700:3034::681b:8253 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ramazanii.com/apple/fonts/System%20San%20Francisco%20Display%20Regular.ttf Requested by Host: ramazanii.com URL: https://ramazanii.com/apple/?web_session=9aa3e07bcc7dfb9be7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::681b:8253 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `236aad5fb102c930f0e3729e74f5afb88a6461b85dfed9da25f0263347d2d843` Request headers Referer https://ramazanii.com/apple/assets/font.css Origin https://ramazanii.com Sec-Fetch-Dest font User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 02 Mar 2020 05:40:41 GMT content-encoding br cf-cache-status HIT last-modified Sun, 01 Mar 2020 18:54:17 GMT server cloudflare age 2200 etag W/"9000d89-70c58-59fcf99045695-gzip" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding,User-Agent content-type font/ttf status 200 cache-control max-age=14400 cf-ray 56d8c8cecfbec2e5-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Apple (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| processLogin

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ramazanii.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9eb566deae381280fbb54dd30cf315e6
			.ramazanii.com/	1970-01-19 08:28:39	Name: __cfduid Value: dcaa969c39a1879f8e2c8492038797ac51583127641

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ramazanii.com
2606:4700:3034::681b:8253
0324ce3517183ac6681e58929d4ff4c917c798780786af31900bece4a1dcc9d4
0c4d1b66cbed8c0ba7bfe1d047409e80b99684794ba66e9556503890eae17f2d
1b05c2a9472d160c3643819bee9228c6e382202f6767c304b390044bfbc83432
236aad5fb102c930f0e3729e74f5afb88a6461b85dfed9da25f0263347d2d843
41a7b58c6de9fb3c8dc908e4be867230037f8376f93f08e44fd2fb2e673de8e1
46bffd6cbaa0c9f985c55d051e2ba574eb20f23c906fb2a0d96e53bc5066c9f2
5499558d9ae9173b7a988fa7a74d2f0096cfb662b00cbf7ad44c04bd07863395
60d5093e58f648e0676ac12c989bfe5ce53b6ae7e3c97d879896bcf2f8e1558a
6697a26dfeae768de277e607a4787175bc29c983ae1dde50e7cf70f85884ede3
7c4f1a01bc9d4e74c3d99ebf620016c9ed87f1fe3f1bc0748d7a4749ae167e05
80d7c4158ea60fed4e394e00a580aa46a23d4566bda143eca32d319a7959ab08
a7208cdaf7cc7ebe80434079cd386c3ad0b9433a1211cf34cf0abea189111fc3
acf04c9e472d5ef05e1090b767d203741de913a32a1fd9e9ac5a0739b27c0b4d
b146cfd7c6b9ed2204b9fc610e15d406aa0991e5641bce50f05193be8f1cde02
b2eff858ea8f2e25316315458ff77df56865bd93fb60ce33c86302e0672165cc
bd5f4ed541a56a96e91ac8419bac78377be866769be15787f78e0d242a15b0b6
c691a459c75691e086dfbbacf08d2f4591a8316f11484ff99a5ca500a172e2b4
e8b89877190ddaf2351c3104dc989809c9211b8a4d57c8f50d19ed813a24e812
effc7bd489cdb03edab7d92c1e732a03b510b1488e48bf38aa3c8bd0c3c464b9
f06adf6909568b671c8f1a92f441fac16f3079e1d6176da9e792e602f99ade29
f3687be4052f05dbcf261b4e3d8f4629548cb1959746d643059844654e8662d8
f38b27ea50a4b601a3cde4453479781faeb6e92c45f7c555006bba12badddd39

ramazanii.com Open in urlscan Pro 2606:4700:3034::681b:8253 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

22 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

858 kBTransfer

1831 kBSize

2 Cookies

0 Outgoing links

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

2 Cookies

Indicators

ramazanii.com Open in urlscan Pro
2606:4700:3034::681b:8253 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

858 kB
Transfer

1831 kB
Size

2
Cookies

22 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!