fl1.scintillatingindependentvisit.shop Open in urlscan Pro
2606:4700:3033::6815:44e5 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://fl1.scintillatingindependentvisit.shop/wbpage4/sweeps-plays/index.html
Submission: On March 13 via api (March 13th 2024, 10:25:04 pm UTC) from US — Scanned from US

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 10 HTTP transactions. The main IP is 2606:4700:3033::6815:44e5, located in United States and belongs to CLOUDFLARENET, US. The main domain is fl1.scintillatingindependentvisit.shop.

This is the only time fl1.scintillatingindependentvisit.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3033::6815:44e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	139.45.197.251 139.45.197.251	9002 (RETN-AS) (RETN-AS)
2	139.45.197.250 139.45.197.250	9002 (RETN-AS) (RETN-AS)
10	3

3 2606:4700:3033::6815:44e5 (United States)

ASN13335 (CLOUDFLARENET, US)

fl1.scintillatingindependentvisit.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.251 (United Kingdom)

ASN9002 (RETN-AS, GB)

gauvaiho.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jouteetu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.250 (United Kingdom)

ASN9002 (RETN-AS, GB)

amunfezanttor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	jouteetu.net jouteetu.net — Cisco Umbrella Rank: 30771
3	scintillatingindependentvisit.shop fl1.scintillatingindependentvisit.shop	36 KB
2	amunfezanttor.com amunfezanttor.com — Cisco Umbrella Rank: 50577	369 B
2	gauvaiho.net gauvaiho.net — Cisco Umbrella Rank: 297719	14 KB
10	4

	Domain	Requested by
3	jouteetu.net	gauvaiho.net
3	fl1.scintillatingindependentvisit.shop	fl1.scintillatingindependentvisit.shop gauvaiho.net
2	amunfezanttor.com	gauvaiho.net
2	gauvaiho.net	fl1.scintillatingindependentvisit.shop gauvaiho.net
10	4

This site contains no links.

Subject Issuer	Validity	Valid
amunfezanttor.com R3	`2024-01-31` - `2024-04-30`	3 months	crt.sh
jouteetu.net R3	`2024-02-24` - `2024-05-24`	3 months	crt.sh
gauvaiho.net R3	`2024-01-30` - `2024-04-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://fl1.scintillatingindependentvisit.shop/wbpage4/sweeps-plays/index.html
Frame ID: 13E4857DF64DABB764C490199E6A71E5
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Parabéns!

Page Statistics

10
Requests

60 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

51 kB
Transfer

72 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.html Show response
fl1.scintillatingindependentvisit.shop/wbpage4/sweeps-plays/ 9 KB
5 KB 467ms
313ms Document
text/html 2606:4700:3033::6815:44e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://fl1.scintillatingindependentvisit.shop/wbpage4/sweeps-plays/index.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:44e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f4fa3f31ab96f252166c879afb4a0b87b7cde5929ac9c776c23f5e4ed075457

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 863f6ff45f4a4396-EWR
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 13 Mar 2024 22:24:59 GMT
Last-Modified: Thu, 07 Dec 2023 05:54:05 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2B0%2F2zvyjNuZwsd4ydFO0A4omV8BHxikkoQCOVGr%2FVg0rgHUSMVDn8EZM9Ndoy1mDu700VfnXkmTuGhOVGRUe3j3G3vTZfxUA9076DcCv6vs%2BJI6UuHpj14ElNpaQ%2FSTfhYyfZ4IaJ2uGQlEDLyJB8HYhL9ROHtTELFSup0oMKu3F8K6Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK page.png
fl1.scintillatingindependentvisit.shop/wbpage4/sweeps-plays/ 29 KB
30 KB 361ms
361ms Image
image/png 2606:4700:3033::6815:44e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fl1.scintillatingindependentvisit.shop/wbpage4/sweeps-plays/page.png
Requested by: Host: fl1.scintillatingindependentvisit.shop
URL: http://fl1.scintillatingindependentvisit.shop/wbpage4/sweeps-plays/index.html
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:44e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 634ef46290703c4bf21e3438de38d1e6aada68abf2680911cdf01ad9bb218b81

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 13 Mar 2024 22:25:00 GMT
CF-Cache-Status: MISS
Last-Modified: Thu, 07 Dec 2023 05:54:04 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "742b-60be518657902"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDK3lnRcO9XO%2FEmTJBGTuX0ba03V586okhRoPSgm3fAC4djitBKxiz8eWO9ji3r7Gr45iopNdB72wTCBdExia0DsqEoj8MrqI5Pm49z%2FodlAh%2BoQKTNVvYvPD1fMbdeNqkvmV8xYUdmY16jsI6kB5TsqcrVOzLeuJXxJB%2Fp%2FkSmacUH9nA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 863f6ff6090a4396-EWR
alt-svc: h3=":443"; ma=86400
Content-Length: 29739

GET
H/1.1 200
OK micro.tag.min.js Show response
gauvaiho.net/pfe/current/ 35 KB
14 KB 227ms
214ms Script
application/javascript 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Requested by: Host: fl1.scintillatingindependentvisit.shop
URL: http://fl1.scintillatingindependentvisit.shop/wbpage4/sweeps-plays/index.html
Protocol: HTTP/1.1
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: ac659687f647d5e86d31f6d9e4be3cd6a5534d01532d1310e8ced114919e0afb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Mar 2024 22:25:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Mar 2024 08:40:28 GMT
Server: nginx
ETag: W/"65f014fc-8a1a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

OPTIONS
H2 200 event
amunfezanttor.com/ 0
0 407ms
171ms Preflight
text/plain 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amunfezanttor.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://fl1.scintillatingindependentvisit.shop
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: http://fl1.scintillatingindependentvisit.shop
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 13 Mar 2024 22:25:00 GMT
server: nginx

POST
H2 200 custom
jouteetu.net/ 0
0 322ms
101ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gauvaiho.net
URL: http://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 200
OK sw-check-permissions-4eee0.js
fl1.scintillatingindependentvisit.shop/ 0
1 KB 292ms
290ms Other
application/javascript 2606:4700:3033::6815:44e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://fl1.scintillatingindependentvisit.shop/sw-check-permissions-4eee0.js?zoneId=4984707
Requested by: Host: gauvaiho.net
URL: http://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:44e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 13 Mar 2024 22:25:00 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 04 May 2022 10:33:35 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"236-5de2d285fa983"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rt1%2F%2BiRTa0XCPt0GqXWKB0TtOdth%2FRdv%2FUket6HS25qTpnkGWluMAiUC6b5r6mZ7zF%2BpeeGvxqobCFiAiMlNYQtiSMxlbs6BnhOv5Uyxddm4gfKR1DcPkyUhYPKdmDFYnsvkiDTvIO7LfZroa9rVhp4BpZ7L6FtIEZCBkkxjPZS%2Fujg6Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 863f6ff7ff258c2f-EWR
alt-svc: h3=":443"; ma=86400

POST
H2 200 custom
jouteetu.net/ 0
0 322ms
102ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gauvaiho.net
URL: http://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 zone
gauvaiho.net/ 0
275 B 464ms
233ms Ping
text/plain 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://gauvaiho.net/zone?&pub=0&zone_id=4984707&is_mobile=false&domain=fl1.scintillatingindependentvisit.shop&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.496&trace_id=67de8e3d-f0b3-48d8-a18c-78b0ef2de9fa&action=prerequest

Requested by

Host: gauvaiho.net
URL: http://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-trace-id: 147cf53879c6fc67db886f2f7bfc9788
date: Wed, 13 Mar 2024 22:25:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
access-control-allow-origin: http://fl1.scintillatingindependentvisit.shop
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 0

POST
H2 200 custom
jouteetu.net/ 0
0 321ms
102ms Ping
application/json 139.45.197.251
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jouteetu.net/custom
Requested by: Host: gauvaiho.net
URL: http://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 event Show response
amunfezanttor.com/ 94 B
369 B 341ms
107ms Fetch
application/json 139.45.197.250
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://amunfezanttor.com/event

Requested by

Host: gauvaiho.net
URL: http://gauvaiho.net/pfe/current/micro.tag.min.js?z=4984707&sw=/sw-check-permissions-4eee0.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.250 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

3a20b8da6930c922b982802af1635d22a8d744b247231daad563f41352e519ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 13 Mar 2024 22:25:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: http://fl1.scintillatingindependentvisit.shop
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
content-length: 94

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| s function| go function| getParam object| zfgformats

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amunfezanttor.com
fl1.scintillatingindependentvisit.shop
gauvaiho.net
jouteetu.net
139.45.197.250
139.45.197.251
2606:4700:3033::6815:44e5
2f4fa3f31ab96f252166c879afb4a0b87b7cde5929ac9c776c23f5e4ed075457
3a20b8da6930c922b982802af1635d22a8d744b247231daad563f41352e519ff
634ef46290703c4bf21e3438de38d1e6aada68abf2680911cdf01ad9bb218b81
ac659687f647d5e86d31f6d9e4be3cd6a5534d01532d1310e8ced114919e0afb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

fl1.scintillatingindependentvisit.shop Open in urlscan Pro 2606:4700:3033::6815:44e5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

60 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

51 kBTransfer

72 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

fl1.scintillatingindependentvisit.shop Open in urlscan Pro
2606:4700:3033::6815:44e5 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

60 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

51 kB
Transfer

72 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions