balance.13141efgtrvbhjd.com Open in urlscan Pro
34.96.197.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.eskylocate.com/
Effective URL:
https://balance.13141efgtrvbhjd.com/
Submission: On October 03 via api (October 3rd 2023, 10:00:19 am UTC) from PL — Scanned from PL

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 6 domains to perform 8 HTTP transactions. The main IP is 34.96.197.12, located in Hong Kong, Hong Kong and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is balance.13141efgtrvbhjd.com.
TLS certificate: Issued by R3 on October 2nd 2023. Valid for: 3 months.

This is the only time balance.13141efgtrvbhjd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	156.234.127.116 156.234.127.116	40065 (CNSERVERS) (CNSERVERS)
2	34.96.197.12 34.96.197.12	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	3

1 156.234.127.116 (Hong Kong, Hong Kong)

ASN40065 (CNSERVERS, US)

www.eskylocate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.197.12 (Hong Kong, Hong Kong)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 12.197.96.34.bc.googleusercontent.com

balance.13141efgtrvbhjd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	13141efgtrvbhjd.com balance.13141efgtrvbhjd.com	2 KB
1	eskylocate.com www.eskylocate.com	301 B
0	ehdyxpj33.com Failed g14adf.ehdyxpj33.com Failed b25rfd.ehdyxpj33.com Failed
0	b5dgdh2ww.com Failed j3asfh.b5dgdh2ww.com Failed
0	tjdh8cg5h.com Failed u2afhj.tjdh8cg5h.com Failed
0	dhxpj1q2w.com Failed akd3gf.dhxpj1q2w.com Failed
8	6

	Domain	Requested by
2	balance.13141efgtrvbhjd.com	www.eskylocate.com balance.13141efgtrvbhjd.com
1	www.eskylocate.com
0	b25rfd.ehdyxpj33.com Failed	balance.13141efgtrvbhjd.com
0	g14adf.ehdyxpj33.com Failed	balance.13141efgtrvbhjd.com
0	j3asfh.b5dgdh2ww.com Failed	balance.13141efgtrvbhjd.com
0	u2afhj.tjdh8cg5h.com Failed	balance.13141efgtrvbhjd.com
0	akd3gf.dhxpj1q2w.com Failed	balance.13141efgtrvbhjd.com
8	7

This site contains no links.

Subject Issuer	Validity	Valid
djfidicjmwos.com ZeroSSL RSA Domain Secure Site CA	`2022-11-09` - `2023-02-07`	3 months	crt.sh
balance.13141efgtrvbhjd.com R3	`2023-10-02` - `2023-12-31`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://balance.13141efgtrvbhjd.com/
Frame ID: CC57A1B3AD74A4C2CA21FC5DDBA7CD57
Requests: 3 HTTP requests in this frame

Frame: https://akd3gf.dhxpj1q2w.com/?_rid=0.9760016370657916
Frame ID: EA2087BEA2870F7971E2D415E3A0150C
Requests: 1 HTTP requests in this frame

Frame: https://u2afhj.tjdh8cg5h.com/?_rid=0.9842160788597158
Frame ID: A209B8E6D0CAFB2E4D736928CB7F75FC
Requests: 1 HTTP requests in this frame

Frame: https://j3asfh.b5dgdh2ww.com/?_rid=0.7719629740785714
Frame ID: 312547CFD9AB0BC81E433785B7C75C32
Requests: 1 HTTP requests in this frame

Frame: https://g14adf.ehdyxpj33.com/?_rid=0.540991509370971
Frame ID: ABA8D0CA7862E351C0441C8E72370F27
Requests: 1 HTTP requests in this frame

Frame: https://b25rfd.ehdyxpj33.com/?_rid=0.30755770269942095
Frame ID: F70EC700FBE59E49D1D6C824D68DDD77
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.eskylocate.com/ Page URL
https://balance.13141efgtrvbhjd.com/ Page URL
https://balance.13141efgtrvbhjd.com/ Page URL

Page Statistics

8
Requests

25 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

3
IPs

1
Countries

3 kB
Transfer

2 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.eskylocate.com/ Page URL
https://balance.13141efgtrvbhjd.com/ Page URL
https://balance.13141efgtrvbhjd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 ok	/ Show response www.eskylocate.com/	165 B 301 B	2920ms 196ms	Document text/html	156.234.127.116 CNSERVERS
General Check archive.org Show headers Download Go to Full URL https://www.eskylocate.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 156.234.127.116 Hong Kong, Hong Kong, ASN40065 (CNSERVERS, US), Reverse DNS Software nginx / Resource Hash `636a7936ea5220d6d79d85863c70b6a39344524f7bf62009a1060a9ef0f95830` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language pl-PL,pl;q=0.9 Response headers Cache-Control no-cache Connection close Content-Length 165 Date Tue, 03 Oct 2023 10:00:17 GMT Server nginx
GET H/1.1	200 OK	/ Show response balance.13141efgtrvbhjd.com/	685 B 802 B	1329ms 234ms	Document text/html	34.96.197.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://balance.13141efgtrvbhjd.com/ Requested by Host: www.eskylocate.com URL: https://www.eskylocate.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.96.197.12 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.197.96.34.bc.googleusercontent.com Software / Resource Hash `6a48b76d5c48950c42545a9a48f87c98ff419c5a4144d4438d65829c33da024e` Request headers Referer https://www.eskylocate.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language pl-PL,pl;q=0.9 Response headers Content-Length 685 Content-Type text/html; charset=utf-8 Date Tue, 03 Oct 2023 10:00:14 GMT
GET H/1.1	200 OK	Primary Request / Show response balance.13141efgtrvbhjd.com/	1 KB 2 KB	272ms 271ms	Document text/html	34.96.197.12 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://balance.13141efgtrvbhjd.com/ Requested by Host: balance.13141efgtrvbhjd.com URL: https://balance.13141efgtrvbhjd.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 34.96.197.12 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 12.197.96.34.bc.googleusercontent.com Software / Resource Hash `8582bea29503290f62cec10804fdd447a66bd96f5964103690735b4913f89d67` Request headers Referer https://balance.13141efgtrvbhjd.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36 accept-language pl-PL,pl;q=0.9 Response headers Accept-Ranges bytes Content-Length 1504 Content-Type text/html; charset=utf-8 Date Tue, 03 Oct 2023 10:00:18 GMT
GET		/ akd3gf.dhxpj1q2w.com/ Frame EA20	0 0

GET		/ u2afhj.tjdh8cg5h.com/ Frame A209	0 0

GET		/ j3asfh.b5dgdh2ww.com/ Frame 3125	0 0

GET		/ g14adf.ehdyxpj33.com/ Frame ABA8	0 0

GET		/ b25rfd.ehdyxpj33.com/ Frame F70E	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: akd3gf.dhxpj1q2w.com
URL: https://akd3gf.dhxpj1q2w.com/?_rid=0.9760016370657916

Domain: u2afhj.tjdh8cg5h.com
URL: https://u2afhj.tjdh8cg5h.com/?_rid=0.9842160788597158

Domain: j3asfh.b5dgdh2ww.com
URL: https://j3asfh.b5dgdh2ww.com/?_rid=0.7719629740785714

Domain: g14adf.ehdyxpj33.com
URL: https://g14adf.ehdyxpj33.com/?_rid=0.540991509370971

Domain: b25rfd.ehdyxpj33.com
URL: https://b25rfd.ehdyxpj33.com/?_rid=0.30755770269942095

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			balance.13141efgtrvbhjd.com/	1970-01-20 15:12:10	Name: _GATE_DID_ Value: GQ$RGQ$#HG%QRQ#R!@#RWE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

akd3gf.dhxpj1q2w.com
b25rfd.ehdyxpj33.com
balance.13141efgtrvbhjd.com
g14adf.ehdyxpj33.com
j3asfh.b5dgdh2ww.com
u2afhj.tjdh8cg5h.com
www.eskylocate.com
akd3gf.dhxpj1q2w.com
b25rfd.ehdyxpj33.com
g14adf.ehdyxpj33.com
j3asfh.b5dgdh2ww.com
u2afhj.tjdh8cg5h.com
156.234.127.116
34.96.197.12
636a7936ea5220d6d79d85863c70b6a39344524f7bf62009a1060a9ef0f95830
6a48b76d5c48950c42545a9a48f87c98ff419c5a4144d4438d65829c33da024e
8582bea29503290f62cec10804fdd447a66bd96f5964103690735b4913f89d67

balance.13141efgtrvbhjd.com Open in urlscan Pro 34.96.197.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

8 Requests

25 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

3 IPs

1 Countries

3 kBTransfer

2 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

1 Cookies

Indicators

balance.13141efgtrvbhjd.com Open in urlscan Pro
34.96.197.12 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

25 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

3
IPs

1
Countries

3 kB
Transfer

2 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions