w23.xyz Open in urlscan Pro
23.224.207.104 Public Scan

URL:
http://w23.xyz/
Submission: On April 13 via api (April 13th 2019, 10:32:53 am UTC) from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 8 HTTP transactions. The main IP is 23.224.207.104, located in Cheyenne, United States and belongs to CNSERVERS - CNSERVERS LLC, US. The main domain is w23.xyz.

This is the only time w23.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3	23.224.207.104 23.224.207.104		40065 (CNSERVERS) (CNSERVERS - CNSERVERS LLC)
8	2

3 23.224.207.104 (Cheyenne, United States)

ASN40065 (CNSERVERS - CNSERVERS LLC, US)

w23.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	w23.xyz w23.xyz	5 KB
0	bootcss.com Failed cdn.bootcss.com Failed
0	3v1.cc Failed api.3v1.cc Failed
8	3

	Domain	Requested by
3	w23.xyz	w23.xyz
0	cdn.bootcss.com Failed	w23.xyz
0	api.3v1.cc Failed	w23.xyz
8	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://w23.xyz/
Frame ID: 16BCF68529F954AC2CAD54A5F3A26753
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://w23.xyz/ Page URL
http://w23.xyz/?security_verify_data=313630302c31323030 Page URL
http://w23.xyz/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i

Page Statistics

8
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

5 kB
Transfer

4 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://w23.xyz/ Page URL
http://w23.xyz/?security_verify_data=313630302c31323030 Page URL
http://w23.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set / Show response w23.xyz/	948 B 1 KB	2369ms 164ms	Document text/html	23.224.207.104 CNSERVERS LLC
General Check archive.org Show headers Download Go to Full URL http://w23.xyz/ Protocol HTTP/1.1 Server 23.224.207.104 Cheyenne, United States, ASN40065 (CNSERVERS - CNSERVERS LLC, US), Reverse DNS Software Firewall/1.8.0 / Resource Hash `d89920f314e1b1d5a2ef9e977600ff27a92891c7f085ea02dce3af89fec04aed` Request headers Host w23.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Server Firewall/1.8.0 Date Sat, 13 Apr 2019 10:32:18 GMT Content-Type text/html Content-Length 948 Connection keep-alive Set-Cookie security_session_verify=d68fb0c0586fcd5c78eb27e80b38b7b0; expires=Tue, 16-Apr-19 18:32:18 GMT; path=/; HttpOnly Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0
GET H/1.1	200 OK	Cookie set / Show response w23.xyz/	906 B 1 KB	166ms 165ms	Document text/html	23.224.207.104 CNSERVERS LLC
General Check archive.org Show headers Download Go to Full URL http://w23.xyz/?security_verify_data=313630302c31323030 Requested by Host: w23.xyz URL: http://w23.xyz/ Protocol HTTP/1.1 Server 23.224.207.104 Cheyenne, United States, ASN40065 (CNSERVERS - CNSERVERS LLC, US), Reverse DNS Software Firewall/1.8.0 / Resource Hash `625d4e66c38b807cbde8a306dc187a3c6c6cd4e675b648c940cdc555db020a2a` Request headers Host w23.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://w23.xyz/ Accept-Encoding gzip, deflate Cookie security_session_verify=d68fb0c0586fcd5c78eb27e80b38b7b0; srcurl=687474703a2f2f7732332e78797a2f Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://w23.xyz/ Response headers Server Firewall/1.8.0 Date Sat, 13 Apr 2019 10:32:18 GMT Content-Type text/html Content-Length 906 Connection keep-alive Set-Cookie security_session_mid_verify=a1ec3f7ff3c3c9f4f074c6711e48cdfa; expires=Tue, 16-Apr-19 18:32:18 GMT; path=/; HttpOnly Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0
GET H/1.1	403 Forbidden	Primary Request / Show response w23.xyz/	2 KB 3 KB	168ms 168ms	Document text/html	23.224.207.104 CNSERVERS LLC
General Check archive.org Show headers Download Go to Full URL http://w23.xyz/ Requested by Host: w23.xyz URL: http://w23.xyz/?security_verify_data=313630302c31323030 Protocol HTTP/1.1 Server 23.224.207.104 Cheyenne, United States, ASN40065 (CNSERVERS - CNSERVERS LLC, US), Reverse DNS Software Firewall/1.8.0 / Resource Hash `3b5b34ebca425d5076a2ff91ed25798cea97e408e90de879022b7467bbe8d9f4` Request headers Host w23.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://w23.xyz/?security_verify_data=313630302c31323030 Accept-Encoding gzip, deflate Cookie security_session_verify=d68fb0c0586fcd5c78eb27e80b38b7b0; security_session_mid_verify=a1ec3f7ff3c3c9f4f074c6711e48cdfa Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://w23.xyz/?security_verify_data=313630302c31323030 Response headers Server Firewall/1.8.0 Date Sat, 13 Apr 2019 10:32:18 GMT Content-Type text/html; charset=utf-8 Content-Length 2368 Connection keep-alive X-Cache MISS from weiidc-mg1
GET		music.css api.3v1.cc/music/	0 0

GET		dandelion.css api.3v1.cc/weiidc/css/	0 0

GET		weimusic1.gif api.3v1.cc/music/	0 0

GET		jquery.min.js cdn.bootcss.com/jquery/3.2.1/	0 0

GET		music.js api.3v1.cc/music/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.3v1.cc
URL: https://api.3v1.cc/music/music.css

Domain: api.3v1.cc
URL: https://api.3v1.cc/weiidc/css/dandelion.css

Domain: api.3v1.cc
URL: https://api.3v1.cc/music/weimusic1.gif

Domain: cdn.bootcss.com
URL: https://cdn.bootcss.com/jquery/3.2.1/jquery.min.js

Domain: api.3v1.cc
URL: https://api.3v1.cc/music/music.js

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
w23.xyz/	1970-01-19 00:03:59	Name: security_session_mid_verify Value: a1ec3f7ff3c3c9f4f074c6711e48cdfa
w23.xyz/	1969-12-31 23:59:59	Name: srcurl Value: 687474703a2f2f7732332e78797a2f
w23.xyz/	1970-01-19 00:03:59	Name: security_session_verify Value: d68fb0c0586fcd5c78eb27e80b38b7b0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.3v1.cc
cdn.bootcss.com
w23.xyz
api.3v1.cc
cdn.bootcss.com
23.224.207.104
3b5b34ebca425d5076a2ff91ed25798cea97e408e90de879022b7467bbe8d9f4
625d4e66c38b807cbde8a306dc187a3c6c6cd4e675b648c940cdc555db020a2a
d89920f314e1b1d5a2ef9e977600ff27a92891c7f085ea02dce3af89fec04aed

w23.xyz Open in urlscan Pro 23.224.207.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

0 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

5 kBTransfer

4 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

3 Cookies

Indicators

w23.xyz Open in urlscan Pro
23.224.207.104 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

0 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

5 kB
Transfer

4 kB
Size

3
Cookies

8 HTTP transactions
0 data transactions