take-yourprizes-now.info Open in urlscan Pro
108.61.170.95 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://seilertostskit.tk/
Effective URL:
https://take-yourprizes-now.info/undefined?u=60ekae3&o=unfh21n&t=main1&f=1&fp=ntkn
Submission: On December 13 via api (December 13th 2019, 4:44:49 pm UTC) from US

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 5 countries across 7 domains to perform 10 HTTP transactions. The main IP is 108.61.170.95, located in Germany and belongs to AS-CHOOPA - Choopa, LLC, US. The main domain is take-yourprizes-now.info.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 25th 2019. Valid for: 3 months.

This is the only time take-yourprizes-now.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:30:... 2606:4700:30::6812:37cf	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	87.236.16.221 87.236.16.221	198610 (BEGET-AS) (BEGET-AS)
1	193.238.153.177 193.238.153.177	15626 (ITLAS) (ITLAS)
1 4	108.61.170.95 108.61.170.95	20473 (AS-CHOOPA) (AS-CHOOPA - Choopa)
10	7

1 2606:4700:30::6812:37cf (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

seilertostskit.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.236.16.221 (Russian Federation)

ASN198610 (BEGET-AS, RU)

dieti100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.238.153.177 (Ukraine)

ASN15626 (ITLAS, UA)
PTR: ds26.friendhosting.net

thedarkcorner.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.61.170.95 (Germany) 1 redirects

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 108.61.170.95.vultr.com

take-yourprizes-now.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	take-yourprizes-now.info 1 redirects take-yourprizes-now.info	49 KB
2	cloudflare.com cdnjs.cloudflare.com	4 KB
1	thedarkcorner.org thedarkcorner.org	522 B
1	dieti100.ru dieti100.ru	132 KB
1	googleapis.com ajax.googleapis.com	33 KB
1	jquery.com code.jquery.com	30 KB
1	seilertostskit.tk seilertostskit.tk	4 KB
10	7

	Domain	Requested by
4	take-yourprizes-now.info	1 redirects thedarkcorner.org take-yourprizes-now.info
2	cdnjs.cloudflare.com	seilertostskit.tk
1	thedarkcorner.org	seilertostskit.tk
1	dieti100.ru	seilertostskit.tk
1	ajax.googleapis.com	seilertostskit.tk
1	code.jquery.com	seilertostskit.tk
1	seilertostskit.tk
10	7

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-04-02` - `2020-04-02`	a year	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
thedarkcorner.org Let's Encrypt Authority X3	`2019-12-03` - `2020-03-02`	3 months	crt.sh
take-yourprizes-now.info Let's Encrypt Authority X3	`2019-10-25` - `2020-01-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://take-yourprizes-now.info/undefined?u=60ekae3&o=unfh21n&t=main1&f=1&fp=ntkn
Frame ID: 363A9069D1D84487E120A8F121331082
Requests: 9 HTTP requests in this frame

Frame: https://take-yourprizes-now.info/media/mainstream/iframe.html
Frame ID: EA6AAF254DF79ABD52F63F30B93A0510
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://seilertostskit.tk/ Page URL
http://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1 HTTP 301
https://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1 Page URL
https://take-yourprizes-now.info/undefined?u=60ekae3&o=unfh21n&t=main1&f=1&fp=ntkn Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

10
Requests

90 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

5
Countries

253 kB
Transfer

404 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://seilertostskit.tk/ Page URL
http://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1 HTTP 301
https://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1 Page URL
https://take-yourprizes-now.info/undefined?u=60ekae3&o=unfh21n&t=main1&f=1&fp=ntkn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1 HTTP 301
https://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
seilertostskit.tk/ 12 KB
4 KB 348ms
70ms Document
text/html 2606:4700:30::6812:37cf
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://seilertostskit.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6812:37cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b697bba40f06d4b6d11ae7fc5f4246c57083e15aacd770b95df3f7f8254287b

Request headers

:method: GET
:authority: seilertostskit.tk
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Fri, 13 Dec 2019 16:44:23 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dce93739a7bb35d1e353d2afdaca4d06d1576255463; expires=Sun, 12-Jan-20 16:44:23 GMT; path=/; domain=.seilertostskit.tk; HttpOnly
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 54496704ab8b5994-VIE
content-encoding: br

GET
H2 200 typebase.min.css
cdnjs.cloudflare.com/ajax/libs/typebase.css/0.5.0/ 900 B
497 B 17ms
16ms Stylesheet
text/css 2606:4700::6811:4004
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/typebase.css/0.5.0/typebase.min.css

Requested by

Host: seilertostskit.tk
URL: https://seilertostskit.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c99f5c59d5b4a65e791169585eec4492732964af79169fcbac2668ba7710ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://seilertostskit.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:44:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 19360436
cf-ray: 544967052a69cbb0-VIE
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Mon, 11 Jun 2018 02:30:47 GMT
server: cloudflare
etag: W/"5b1dded7-384"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Wed, 02 Dec 2020 16:44:23 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.000

GET
H2 200 bttn.min.css
cdnjs.cloudflare.com/ajax/libs/bttn.css/0.2.4/ 32 KB
4 KB 18ms
17ms Stylesheet
text/css 2606:4700::6811:4004
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bttn.css/0.2.4/bttn.min.css

Requested by

Host: seilertostskit.tk
URL: https://seilertostskit.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

35c313f00ec245de0d68fea44789d39e28e0d9663225d67a17c4e0fe12fc1b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://seilertostskit.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Dec 2019 16:44:23 GMT
content-encoding: br
cf-cache-status: HIT
age: 20889177
cf-ray: 544967052a6bcbb0-VIE
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:18:17 GMT
server: cloudflare
etag: W/"5afd48d9-8194"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Wed, 02 Dec 2020 16:44:23 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 82ms
67ms Script
application/javascript 2001:4de0:ac19::1:b:1b
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js
Requested by: Host: seilertostskit.tk
URL: https://seilertostskit.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://seilertostskit.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Dec 2019 16:44:23 GMT
Content-Encoding: gzip
Last-Modified: Sat, 20 Jan 2018 17:26:44 GMT
Server: nginx
ETag: W/"5a637bd4-1538f"
Vary: Accept-Encoding
X-HW: 1576255463.dop098.fr8.shc,1576255463.dop098.fr8.t,1576255463.cds057.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30288

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: seilertostskit.tk
URL: https://seilertostskit.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://seilertostskit.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 19 Nov 2019 09:04:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2101203
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Nov 2020 09:04:20 GMT

GET
H/1.1 200
OK ovoshchi-1000-kaloriy.jpg
dieti100.ru/wp-content/uploads/2017/02/ 131 KB
132 KB 245ms
116ms Image
image/jpeg 87.236.16.221
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dieti100.ru/wp-content/uploads/2017/02/ovoshchi-1000-kaloriy.jpg
Requested by: Host: seilertostskit.tk
URL: https://seilertostskit.tk/
Protocol: HTTP/1.1
Server: 87.236.16.221 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.13.4 /
Resource Hash: a07ec3df4f2b53e8220f43a455f703786b8ce4ce57f779ac57c5b373c453770f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Dec 2019 16:44:23 GMT
Last-Modified: Fri, 10 Feb 2017 07:16:32 GMT
Server: nginx-reuseport/1.13.4
ETag: "589d68d0-20d5c"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 134492
Expires: Sun, 12 Jan 2020 16:44:23 GMT

GET
H/1.1 200
OK diets_2
thedarkcorner.org/ 216 B
522 B 865ms
734ms Script
application/javascript 193.238.153.177
ITLAS

General

Check archive.org

Show headers Download Go to

Full URL: https://thedarkcorner.org/diets_2?keyword=%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D1%81%D0%BA%D0%B0%20%D0%B4%D0%B8%D0%B5%D1%82%D0%B0%20%D0%B7%D0%B0%201000%20%D0%BA%D0%B0%D0%BB%D0%BE%D1%80%D0%B8%D0%B8
Requested by: Host: seilertostskit.tk
URL: https://seilertostskit.tk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.238.153.177 , Ukraine, ASN15626 (ITLAS, UA),
Reverse DNS: ds26.friendhosting.net
Software: nginx/1.14.1 / PHP/5.4.16
Resource Hash

Request headers

Referer: https://seilertostskit.tk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Dec 2019 16:44:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Dec 2019 16:44:23 GMT
Server: nginx/1.14.1
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=0
Connection: keep-alive
Expires: Thu, 21 Jul 1977 07:30:00 GMT

GET
H/1.1

200
OK

Cookie set / Show response
take-yourprizes-now.info/
Redirect Chain

http://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1
https://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1

47 KB
47 KB

156ms
106ms

Document
text/html

108.61.170.95
Choopa

General

Check archive.org

Show headers Download Go to

Full URL: https://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1
Requested by: Host: thedarkcorner.org
URL: https://thedarkcorner.org/diets_2?keyword=%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D1%81%D0%BA%D0%B0%20%D0%B4%D0%B8%D0%B5%D1%82%D0%B0%20%D0%B7%D0%B0%201000%20%D0%BA%D0%B0%D0%BB%D0%BE%D1%80%D0%B8%D0%B8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 108.61.170.95 , Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS: 108.61.170.95.vultr.com
Software: nginx/1.12.0 / ASP.NET
Resource Hash: 5e9dbcfc8aedb6245dc28a3eee96a55ee27e0e91656e5914309e1edbb34c088e

Request headers

Host: take-yourprizes-now.info
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx/1.12.0
Date: Fri, 13 Dec 2019 16:44:24 GMT
Content-Type: text/html
Content-Length: 47762
Connection: keep-alive
Cache-Control: private
Set-Cookie: ASP.NET_SessionId=4mb1cusveo3d4pj5v5ltcbnj; path=/; HttpOnly ASP.NET_SessionId=4mb1cusveo3d4pj5v5ltcbnj; path=/; HttpOnly q1=dueihnavp7k1gjaq; path=/ ASP.NET_SessionId=4mb1cusveo3d4pj5v5ltcbnj; path=/; HttpOnly q1=dueihnavp7k1gjaq; path=/ k1=http://play0205.nonametue61.live/3151531273/; path=/
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET

Redirect headers

Server: nginx/1.12.0
Date: Fri, 13 Dec 2019 16:44:24 GMT
Content-Type: text/html
Content-Length: 185
Connection: keep-alive
Location: https://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1

GET
H/1.1 200
OK Cookie set iframe.html
take-yourprizes-now.info/media/mainstream/ Frame EA6A 123 B
454 B 154ms
105ms Document
text/html 108.61.170.95
Choopa

General

Check archive.org

Show headers Download Go to

Full URL: https://take-yourprizes-now.info/media/mainstream/iframe.html
Requested by: Host: take-yourprizes-now.info
URL: https://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 108.61.170.95 , Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS: 108.61.170.95.vultr.com
Software: nginx/1.12.0 / ASP.NET
Resource Hash

Request headers

Host: take-yourprizes-now.info
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: nested-navigate
Referer: https://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1
Accept-Encoding: gzip, deflate, br
Cookie: ASP.NET_SessionId=4mb1cusveo3d4pj5v5ltcbnj; q1=dueihnavp7k1gjaq; k1=http://play0205.nonametue61.live/3151531273/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1

Response headers

Server: nginx/1.12.0
Date: Fri, 13 Dec 2019 16:44:24 GMT
Content-Type: text/html
Content-Length: 123
Connection: keep-alive
Cache-Control: private
Last-Modified: Mon, 11 Nov 2019 06:59:24 GMT
Accept-Ranges: bytes
ETag: "f92be58c5d98d51:0"
Set-Cookie: q1=dueihnavp7k1gjaq; path=/
X-Powered-By: ASP.NET

GET
H/1.1 404
Not Found Primary Request undefined Show response
take-yourprizes-now.info/ 1 KB
1 KB 126ms
126ms Document
text/html 108.61.170.95
Choopa

General

Check archive.org

Show headers Download Go to

Full URL: https://take-yourprizes-now.info/undefined?u=60ekae3&o=unfh21n&t=main1&f=1&fp=ntkn
Requested by: Host: take-yourprizes-now.info
URL: https://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 108.61.170.95 , Germany, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS: 108.61.170.95.vultr.com
Software: nginx/1.12.0 / ASP.NET
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Host: take-yourprizes-now.info
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Referer: https://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1

Response headers

Server: nginx/1.12.0
Date: Fri, 13 Dec 2019 16:44:24 GMT
Content-Type: text/html
Content-Length: 1245
Connection: keep-alive
X-Powered-By: ASP.NET

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			take-yourprizes-now.info/	1969-12-31 23:59:59	Name: q1 Value: dueihnavp7k1gjaq

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://take-yourprizes-now.info/?u=60ekae3&o=unfh21n&t=main1(Line 15) Message: spooky

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
dieti100.ru
seilertostskit.tk
take-yourprizes-now.info
thedarkcorner.org
108.61.170.95
193.238.153.177
2001:4de0:ac19::1:b:1b
2606:4700:30::6812:37cf
2606:4700::6811:4004
2a00:1450:4001:808::200a
87.236.16.221
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c99f5c59d5b4a65e791169585eec4492732964af79169fcbac2668ba7710ac7
35c313f00ec245de0d68fea44789d39e28e0d9663225d67a17c4e0fe12fc1b1c
5b697bba40f06d4b6d11ae7fc5f4246c57083e15aacd770b95df3f7f8254287b
5e9dbcfc8aedb6245dc28a3eee96a55ee27e0e91656e5914309e1edbb34c088e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
a07ec3df4f2b53e8220f43a455f703786b8ce4ce57f779ac57c5b373c453770f
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

take-yourprizes-now.info Open in urlscan Pro 108.61.170.95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

90 %HTTPS

57 %IPv6

7 Domains

7 Subdomains

7 IPs

5 Countries

253 kBTransfer

404 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

take-yourprizes-now.info Open in urlscan Pro
108.61.170.95 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

5
Countries

253 kB
Transfer

404 kB
Size

1
Cookies

10 HTTP transactions
0 data transactions