www.afikey-betihut.co.il Open in urlscan Pro
54.145.162.195 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sslvpn.namoe.com/
Effective URL:
https://www.afikey-betihut.co.il/?utm_source=95356.240934_149572&utm_medium=cpm&utm_campaign=Best%20Web%20Traffic&utm_content=154...
Submission: On December 13 via automatic, source certstream-suspicious (December 13th 2024, 5:32:34 am UTC) — Scanned from IL

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 7 domains to perform 8 HTTP transactions. The main IP is 54.145.162.195, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.afikey-betihut.co.il.
TLS certificate: Issued by E6 on November 1st 2024. Valid for: 3 months.

This is the only time www.afikey-betihut.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	64.190.63.222 64.190.63.222	47846 (SEDO-AS S...) (SEDO-AS SEDO GmbH)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
1 1	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1	54.145.162.195 54.145.162.195	14618 (AMAZON-AES) (AMAZON-AES)
8	4

5 64.190.63.222 (Germany) 2 redirects

ASN47846 (SEDO-AS SEDO GmbH, DE)

sslvpn.namoe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

img.sedoparking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.239.53.32 (New York, United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.sedodna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.145.162.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-162-195.compute-1.amazonaws.com

www.afikey-betihut.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	namoe.com 2 redirects sslvpn.namoe.com	4 KB
1	afikey-betihut.co.il www.afikey-betihut.co.il
1	sedodna.com 1 redirects xml.sedodna.com — Cisco Umbrella Rank: 301377	287 B
1	sedoparking.com img.sedoparking.com — Cisco Umbrella Rank: 65939	15 KB
0	f-static.net Failed cdn-cms-s.f-static.net Failed
0	fastbots.ai Failed app.fastbots.ai Failed
0	cdn-files-a.com Failed files.cdn-files-a.com Failed
8	7

	Domain	Requested by
5	sslvpn.namoe.com	2 redirects sslvpn.namoe.com
1	www.afikey-betihut.co.il	sslvpn.namoe.com
1	xml.sedodna.com	1 redirects
1	img.sedoparking.com
0	cdn-cms-s.f-static.net Failed	www.afikey-betihut.co.il
0	app.fastbots.ai Failed	www.afikey-betihut.co.il
0	files.cdn-files-a.com Failed	www.afikey-betihut.co.il
8	7

This site contains no links.

Subject Issuer	Validity	Valid
sslvpn.namoe.com Encryption Everywhere DV TLS CA - G2	`2024-12-13` - `2025-12-13`	a year	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2024-11-12` - `2025-12-14`	a year	crt.sh
www.afikey-betihut.co.il E6	`2024-11-01` - `2025-01-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.afikey-betihut.co.il/?utm_source=95356.240934_149572&utm_medium=cpm&utm_campaign=Best%20Web%20Traffic&utm_content=1548378
Frame ID: A4D501AFE64890898D77EBE107EE7DF6
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://sslvpn.namoe.com/ Page URL
https://sslvpn.namoe.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Ds36dgii4iN... HTTP 302
https://sslvpn.namoe.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Ds36dgii4iN... HTTP 302
https://xml.sedodna.com/click?i=s36dgii4iNw_0 HTTP 302
https://www.afikey-betihut.co.il/?utm_source=95356.240934_149572&utm_medium=cpm&utm_campaign=Best%20Web%20Tra... Page URL

Page Statistics

8
Requests

63 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

4
IPs

2
Countries

18 kB
Transfer

35 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sslvpn.namoe.com/ Page URL
https://sslvpn.namoe.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Ds36dgii4iNw_0&v=ZmJiZjQ3N2I4OGVkNDdhODlmYTkxOTNiYWExMGViZGYJMQlzc2x2cG4ubmFtb2UuY29tNjc1YmM2ZTE1MzRhNzIuNzA0ODc0OTUJc3NsdnBuLm5hbW9lLmNvbTY3NWJjNmUxNTM0ZWUzLjI5OTM0NDE1CTE3MzQwNjc5MzkJYWRfNjNfMA%3D%3D&l=ogcTbA6r-K-5mV0r7Pnm6CU1w_KlesjDhRSYgz2tbsTFAdY9OKd1ndvE3zo0d_QwhZO4OYU9aIeTgtBlWHQrkuQvJ2W1xqhSKd0fFJuezxIMObLKVbdOt_464edDWWbepcQJdnxf0Zzw6oYfiuSV7SCAQpRjHeOMcgX5SJKmc9Lge0DHpgSfRR7--lpYUeDCWrsk8iju6Y7jLr73zQ8GruIhZJ8VPQL0WlIhMkqyOAU0c-gNgyH6eU_Ytw6wSsDvIvnq3G7jHtV6THLuzSJDquMAKd6kH-b4O6HKCz8NeXsh68b5DE4z0pmThuK96Chbltk55elyKEuGdn3I2Az-XWYpGS2pf11MFQRVd0aaTgL69HyAvX2z7z1Uzk4p5Nix0Yi1ZPzG61-pMlXiXULa-cWxaKVxjpoVZHlyReBpo46QRbRcShCn0YfzxlqmFLcZek1wZ6r7dJnpsgcEMp4RCy6vXBEV_gL5i3R6gS9GRpCPPiodvK6QsIwg3OPqfvbWJAm-bpyCjXuNLHJtN9B3z12oL7v6p75r_EYy-r9v6atuhlQvVNLXUh_IDs_xEbM54MSs1BqFs10RTvNQ7ffSdYjBr7UevXxaVacFV4KuZ4QG2XdQcPu5ec1qADSZr_HW2InNtk08dQgBn607HSGu8PZJMjB98jYYKPnynVD0ZyY3KTtvvu_xzNBFCXfzDCPfCsJNg HTTP 302
https://sslvpn.namoe.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Ds36dgii4iNw_0&v=ZmJiZjQ3N2I4OGVkNDdhODlmYTkxOTNiYWExMGViZGYJMQlzc2x2cG4ubmFtb2UuY29tNjc1YmM2ZTE1MzRhNzIuNzA0ODc0OTUJc3NsdnBuLm5hbW9lLmNvbTY3NWJjNmUxNTM0ZWUzLjI5OTM0NDE1CTE3MzQwNjc5MzkJYWRfNjNfMA%3D%3D&l=ogcTbA6r-K-5mV0r7Pnm6CU1w_KlesjDhRSYgz2tbsTFAdY9OKd1ndvE3zo0d_QwhZO4OYU9aIeTgtBlWHQrkuQvJ2W1xqhSKd0fFJuezxIMObLKVbdOt_464edDWWbepcQJdnxf0Zzw6oYfiuSV7SCAQpRjHeOMcgX5SJKmc9Lge0DHpgSfRR7--lpYUeDCWrsk8iju6Y7jLr73zQ8GruIhZJ8VPQL0WlIhMkqyOAU0c-gNgyH6eU_Ytw6wSsDvIvnq3G7jHtV6THLuzSJDquMAKd6kH-b4O6HKCz8NeXsh68b5DE4z0pmThuK96Chbltk55elyKEuGdn3I2Az-XWYpGS2pf11MFQRVd0aaTgL69HyAvX2z7z1Uzk4p5Nix0Yi1ZPzG61-pMlXiXULa-cWxaKVxjpoVZHlyReBpo46QRbRcShCn0YfzxlqmFLcZek1wZ6r7dJnpsgcEMp4RCy6vXBEV_gL5i3R6gS9GRpCPPiodvK6QsIwg3OPqfvbWJAm-bpyCjXuNLHJtN9B3z12oL7v6p75r_EYy-r9v6atuhlQvVNLXUh_IDs_xEbM54MSs1BqFs10RTvNQ7ffSdYjBr7UevXxaVacFV4KuZ4QG2XdQcPu5ec1qADSZr_HW2InNtk08dQgBn607HSGu8PZJMjB98jYYKPnynVD0ZyY3KTtvvu_xzNBFCXfzDCPfCsJNg HTTP 302
https://xml.sedodna.com/click?i=s36dgii4iNw_0 HTTP 302
https://www.afikey-betihut.co.il/?utm_source=95356.240934_149572&utm_medium=cpm&utm_campaign=Best%20Web%20Traffic&utm_content=1548378 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response sslvpn.namoe.com/	3 KB 2 KB	2472ms 2151ms	Document text/html	64.190.63.222 SEDO-AS SEDO GmbH
General Check archive.org Show headers Download Go to Full URL https://sslvpn.namoe.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.190.63.222 , Germany, ASN47846 (SEDO-AS SEDO GmbH, DE), Reverse DNS Software Parking/1.0 / Resource Hash `355705ec3dddde853b5cd39f8fc483db37fa435e2b0b667bd94f95f134ada8ef` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 13 Dec 2024 05:32:19 GMT expires Mon, 26 Jul 1997 05:00:00 GMT last-modified Fri, 13 Dec 2024 05:32:17 GMT pragma no-cache server Parking/1.0 vary Accept-Encoding x-adblock-key MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_oOWalR02NIKJvXj1H7PGY94GIVLws3qGuM7o5ZZod6o5rQswnwacDcxDXct5mh8C0MlTUnZRzhrua1QX0lfDkQ== x-cache-miss-from parking-f4f7c5ccf-65xpx
GET H2	441	js_preloader.gif sslvpn.namoe.com/img.sedoparking.com/images/	0 19 B	198ms 176ms	Image text/plain	64.190.63.222 SEDO-AS SEDO GmbH
General Check archive.org Show headers Download Go to Show image Full URL https://sslvpn.namoe.com/img.sedoparking.com/images/js_preloader.gif Requested by Host: sslvpn.namoe.com URL: https://sslvpn.namoe.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.190.63.222 , Germany, ASN47846 (SEDO-AS SEDO GmbH, DE), Reverse DNS Software Parking/1.0 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sslvpn.namoe.com/ Response headers date Fri, 13 Dec 2024 05:32:19 GMT server Parking/1.0 content-length 0
GET H2	200	tsc.php sslvpn.namoe.com/search/	0 34 B	203ms 115ms	XHR text/html	64.190.63.222 SEDO-AS SEDO GmbH
General Check archive.org Show headers Download Go to Full URL https://sslvpn.namoe.com/search/tsc.php?ses=ogciDLKZ1AWPohBo90qZy-Bf4zfv7MJvcXy84PNIfDQjLo1Vw254AmIyrm42ML79NFlu-LPSmE2fQ3s2UVyhIQJImtgqzFmMykZ7srY701l4Q9KVW6Po0ONcIPjgcKnqoMM4pk59srjalQPHxyfAYWQk9Wv33w-k-eE1HG7IswUN8b9W1i2fy-6m7PtA4yVidiDW3kDad5jTQBNHUOqWkGpm4mROagQrwojKF4x5UCfdBUlWhLUx6dOHIszfyiwtrJtTbaow9bEKivc0qgE2kDIw8UJu2fdF9oxScWz9UK2HFi6YNh4su6qrSYSvPmzOV5d3gTAyS5r7DqatyTYB8tqZC2S6xfjOcoTfqv7taAcc1YbUcPahTYr774&cv=2 Requested by Host: sslvpn.namoe.com URL: https://sslvpn.namoe.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.190.63.222 , Germany, ASN47846 (SEDO-AS SEDO GmbH, DE), Reverse DNS Software Parking/1.0 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sslvpn.namoe.com/ Response headers x-cache-miss-from parking-f4f7c5ccf-7pvb4 content-length 0 date Fri, 13 Dec 2024 05:32:19 GMT content-type text/html; charset=UTF-8 server Parking/1.0
GET H2	200	sedo_logo.png img.sedoparking.com/templates/logos/	15 KB 15 KB	801ms 259ms	Other image/png	205.234.175.175 CACHENETWORKS
General Check archive.org Show headers Download Go to Full URL https://img.sedoparking.com/templates/logos/sedo_logo.png Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US), Reverse DNS vip1.G-anycast1.cachefly.net Software CFS 0215 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://sslvpn.namoe.com/ Response headers x-cf2 H expires Fri, 20 Dec 2024 05:32:20 GMT x-cf1 11696:fP.lon1:cf:nom:cacheN.lon1-01:H date Fri, 13 Dec 2024 05:32:20 GMT cf4ttl 31536000.000 content-type image/png x-cf-reqid b9e817cc7574cc15ccfdca99d406c9f5 last-modified Mon, 11 Jan 2021 07:44:34 GMT x-cff B cf4age 0 cache-control max-age=604800 x-cf3 H accept-ranges bytes access-control-allow-origin * content-length 15086 x-cfhash "def00c11b1596db4efee6a9fbe64fc27" x-cf-tsc 1724966874 server CFS 0215
GET H2	200	Primary Request / www.afikey-betihut.co.il/ Redirect Chain https://sslvpn.namoe.com/search/redirect.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Ds36dgii4iNw_0&v=ZmJiZjQ3N2I4OGVkNDdhODlmYTkxOTNiYWExMGViZGYJMQlzc2x2cG4ubmFtb2UuY29tNjc1YmM2ZTE1MzRhNzIuNz... https://sslvpn.namoe.com/search/tcerider.php?f=https%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3Ds36dgii4iNw_0&v=ZmJiZjQ3N2I4OGVkNDdhODlmYTkxOTNiYWExMGViZGYJMQlzc2x2cG4ubmFtb2UuY29tNjc1YmM2ZTE1MzRhNzIuNz... https://xml.sedodna.com/click?i=s36dgii4iNw_0 https://www.afikey-betihut.co.il/?utm_source=95356.240934_149572&utm_medium=cpm&utm_campaign=Best%20Web%20Traffic&utm_content=1548378	17 KB 0	1158ms 210ms	Document text/html	54.145.162.195 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://www.afikey-betihut.co.il/?utm_source=95356.240934_149572&utm_medium=cpm&utm_campaign=Best%20Web%20Traffic&utm_content=1548378 Requested by Host: sslvpn.namoe.com URL: https://sslvpn.namoe.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.145.162.195 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-145-162-195.compute-1.amazonaws.com Software Caddy / Resource Hash Request headers Referer https://sslvpn.namoe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes access-control-allow-origin * age 55709 content-encoding gzip content-length 35981 content-type text/html;charset=UTF-8 date Fri, 13 Dec 2024 05:32:23 GMT last-modified Thu, 12 Dec 2024 14:03:54 GMT server Caddy vary Accept-Encoding x-cache HIT x-need-cache true Redirect headers Cache-Control no-store Connection keep-alive Content-Length 0 Date Fri, 13 Dec 2024 05:32:22 GMT Location https://www.afikey-betihut.co.il/?utm_source=95356.240934_149572&utm_medium=cpm&utm_campaign=Best%20Web%20Traffic&utm_content=1548378 Server nginx
GET		normal_66af68dd9e2e3-thumbnail.jpg files.cdn-files-a.com/uploads/6208813/	0 0

GET		embed.js app.fastbots.ai/	0 0

GET		minimize_main_rtl.css cdn-cms-s.f-static.net/versions/2/css/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: files.cdn-files-a.com
URL: https://files.cdn-files-a.com/uploads/6208813/normal_66af68dd9e2e3-thumbnail.jpg

Domain: app.fastbots.ai
URL: https://app.fastbots.ai/embed.js

Domain: cdn-cms-s.f-static.net
URL: https://cdn-cms-s.f-static.net/versions/2/css/minimize_main_rtl.css?v=n84019

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sslvpn.namoe.com/img.sedoparking.com/images/js_preloader.gif Message: Failed to load resource: the server responded with a status of 441 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.fastbots.ai
cdn-cms-s.f-static.net
files.cdn-files-a.com
img.sedoparking.com
sslvpn.namoe.com
www.afikey-betihut.co.il
xml.sedodna.com
app.fastbots.ai
cdn-cms-s.f-static.net
files.cdn-files-a.com
173.239.53.32
205.234.175.175
54.145.162.195
64.190.63.222
355705ec3dddde853b5cd39f8fc483db37fa435e2b0b667bd94f95f134ada8ef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.afikey-betihut.co.il Open in urlscan Pro 54.145.162.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

8 Requests

63 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

4 IPs

2 Countries

18 kBTransfer

35 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

www.afikey-betihut.co.il Open in urlscan Pro
54.145.162.195 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

63 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

4
IPs

2
Countries

18 kB
Transfer

35 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions