klondaika.lv - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 104.18.23.131, located in and belongs to CLOUDFLARENET, US. The main domain is klondaika.lv.
TLS certificate: Issued by GTS CA 1P5 on November 18th 2023. Valid for: 3 months.

This is the only time klondaika.lv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3034::6815:5a1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.18.192.136 104.18.192.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	104.18.23.131 104.18.23.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	3

3 2606:4700:3034::6815:5a1b (United States)

ASN13335 (CLOUDFLARENET, US)

fsg-sargans.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.192.136 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

record.enlabspartners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.23.131 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

klondaika.lv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	klondaika.lv 1 redirects klondaika.lv	10 KB
3	fsg-sargans.ch fsg-sargans.ch	60 KB
1	enlabspartners.com 1 redirects record.enlabspartners.com	568 B
6	3

	Domain	Requested by
4	klondaika.lv	1 redirects fsg-sargans.ch klondaika.lv
3	fsg-sargans.ch	fsg-sargans.ch
1	record.enlabspartners.com	1 redirects
6	3

This site contains no links.

Subject Issuer	Validity	Valid
fsg-sargans.ch E1	`2024-01-08` - `2024-04-07`	3 months	crt.sh
klondaika.lv GTS CA 1P5	`2023-11-18` - `2024-02-16`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://klondaika.lv/casino/?utm_source=affiliate&utm_medium=affiliate&utm_campaign=3225857&affiliate_id=3225857&campaign_id=3225857_1&ref=PTlkDC94GJ9WNw1eMO-fYWNd7ZgqdRLk&&
Frame ID: 3DAEBCD37BCFCB1D4BC0D42949FD7069
Requests: 5 HTTP requests in this frame

Frame: https://klondaika.lv/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 727DC97752D55F835BFE86A1E1CF2202
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Klondaika

Page URL History Show full URLs

https://fsg-sargans.ch/ Page URL
https://record.enlabspartners.com/_tvHNzjJDau_43OyqCFI9gGNd7ZgqdRLk/1 HTTP 301
https://klondaika.lv/casino/?utm_source=affiliate&utm_medium=affiliate&utm_campaign=3225857&affil... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

6
Requests

83 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

70 kB
Transfer

335 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fsg-sargans.ch/ Page URL
https://record.enlabspartners.com/_tvHNzjJDau_43OyqCFI9gGNd7ZgqdRLk/1 HTTP 301
https://klondaika.lv/casino/?utm_source=affiliate&utm_medium=affiliate&utm_campaign=3225857&affiliate_id=3225857&campaign_id=3225857_1&ref=PTlkDC94GJ9WNw1eMO-fYWNd7ZgqdRLk&& Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://klondaika.lv/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://klondaika.lv/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

6 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
fsg-sargans.ch/ 8 KB
4 KB 802ms
592ms Document
text/html 2606:4700:3034::6815:5a1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fsg-sargans.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5a1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 846828e34ac64bc7-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 16 Jan 2024 17:43:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPMtPKSSFIbXE4z4hd7duH7KIkhWbrxIkM3itbEluXbZdCiBFa88slOcCkh%2BIP5V4cPu4InQfqNJ1mj6ijMgJftJhxmOW6wWnt3LuHx%2Bv0DrVguvTImEGM%2BHmBKtnbtosjoUw0pQvWaCyEAfHw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
fsg-sargans.ch/assets/bootstrap/css/ 227 KB
33 KB 362ms
360ms Stylesheet
text/css 2606:4700:3034::6815:5a1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fsg-sargans.ch/assets/bootstrap/css/bootstrap.min.css
Requested by: Host: fsg-sargans.ch
URL: https://fsg-sargans.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5a1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fsg-sargans.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:43:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 27 Dec 2023 20:36:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658c8acc-38da5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzaKDhp56HHVrtAVhl9zMtKpYlVIB87npf%2BIFbgUO6tnsgHSdUu4FSXqAL2WqFEAKlUEzP3vko9DuDyf21YXirNNGmWBtO40hLvnUlSNuJNK3CTGx%2BRUxw4vet%2BTqPhzyvnXdSGmdOiDISZblA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 846828e72dba4bc7-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 17 Jan 2024 17:43:16 GMT

GET
H2 200 bootstrap.min.js
fsg-sargans.ch/assets/bootstrap/js/ 78 KB
24 KB 284ms
283ms Script
application/javascript 2606:4700:3034::6815:5a1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fsg-sargans.ch/assets/bootstrap/js/bootstrap.min.js
Requested by: Host: fsg-sargans.ch
URL: https://fsg-sargans.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:5a1b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://fsg-sargans.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:43:16 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 27 Dec 2023 20:36:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658c8acc-139f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wkb691RuBdw7bvj1CfDydIhM01ni5vcJGidcAzOxq2%2BcHOVArWjw9L4zqUZDsuwk9zW6u3n3cN3Q%2BDvtVRYlFmBQAWS2M0xprH5fWSEpfX6tGIH6R3TakgtuIy4DdtiJjv%2BMSOl%2BsupC%2FOzLqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 846828e72dbb4bc7-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 17 Jan 2024 17:43:16 GMT

GET
H2

403

Primary Request / Show response
klondaika.lv/casino/
Redirect Chain

https://record.enlabspartners.com/_tvHNzjJDau_43OyqCFI9gGNd7ZgqdRLk/1
https://klondaika.lv/casino/?utm_source=affiliate&utm_medium=affiliate&utm_campaign=3225857&affiliate_id=3225857&campaign_id=3225857_1&ref=PTlkDC94GJ9WNw1eMO-fYWNd7ZgqdRLk&&

9 KB
6 KB

752ms
30ms

Document
text/html

104.18.23.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klondaika.lv/casino/?utm_source=affiliate&utm_medium=affiliate&utm_campaign=3225857&affiliate_id=3225857&campaign_id=3225857_1&ref=PTlkDC94GJ9WNw1eMO-fYWNd7ZgqdRLk&&

Requested by

Host: fsg-sargans.ch
URL: https://fsg-sargans.ch/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

104.18.23.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ffa01d0182ffa0f8e4175c6530f222e1056d1fd43c124371bf1c2230e63b97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fsg-sargans.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=15
cf-ray: 846828eff8f839dd-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 16 Jan 2024 17:43:17 GMT
expires: Tue, 16 Jan 2024 17:43:32 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

access-control-allow-origin: *
cache-control: private, no-cache, must-revalidate
cf-cache-status: BYPASS
cf-ray: 846828ea5a8354bb-YYZ
content-type: text/html; charset=utf-8
date: Tue, 16 Jan 2024 17:43:16 GMT
expires: Sat, 26 Jul 1997 05:00:00 GMT
location: https://klondaika.lv/casino/?utm_source=affiliate&utm_medium=affiliate&utm_campaign=3225857&affiliate_id=3225857&campaign_id=3225857_1&ref=PTlkDC94GJ9WNw1eMO-fYWNd7ZgqdRLk&&
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
x-powered-by: ZBan

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a73d274ad89707a9a9fbd31e6591a922fdeb58404e1763f655d25094272e166e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

main.js Show response
klondaika.lv/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 727D
Redirect Chain

https://klondaika.lv/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://klondaika.lv/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
3 KB

29ms
28ms

Script
application/javascript

104.18.23.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klondaika.lv/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Protocol

H2

Server

104.18.23.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50845a0c69929b78e215685b7ed267bdf492b87ce7b3a8c84074977dba7555aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 17:43:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 846828f0fb2939dd-YYZ
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 16 Jan 2024 17:43:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control: max-age=300, public
cf-ray: 846828f0ba8539dd-YYZ
alt-svc: h3=":443"; ma=86400

POST
H3 200 846828eff8f839dd Show response
klondaika.lv/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 727D 0
384 B 64ms
63ms XHR
text/plain 104.18.23.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://klondaika.lv/cdn-cgi/challenge-platform/h/b/jsd/r/846828eff8f839dd

Requested by

Host: klondaika.lv
URL: https://klondaika.lv/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.18.23.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 16 Jan 2024 17:43:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 846828f35dada232-YYZ
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fsg-sargans.ch/	1970-01-20 17:43:50	Name: 320fa3680ce3c6a818949b20e2ed1951 Value: 0
record.enlabspartners.com/	1970-01-21 02:30:49	Name: VID1 Value: KSxDJFQsMzxZLTM8VQpgCg%3D%3D
.enlabspartners.com/	1970-01-21 02:30:49	Name: ZBan Value: PTlkDC94GJ9WNw1eMO-fYWNd7ZgqdRLk
.klondaika.lv/	1970-01-20 17:43:48	Name: __cf_bm Value: oMhrb83sA.dWqJmlFrZLQ1Aa23eYWb.2BeomO3inZl0-1705426997-1-ARy6UxPkb7KT2sOxPpqBjnNrdsZgyZHyLT5V31v8u3MyBtyHEMZ8D/OVf0/+CM4KBP6ODr0zV9qVgKyCDchj8RA=
.klondaika.lv/	1970-01-21 02:29:22	Name: cf_clearance Value: nbgr2MCRCDL.cuqI3HP9BCnvOEnwlIt3kgHqWeBoJhk-1705426998-1-AS4tjdfsIn9CO1XV7JbFIOKtEnyyq6DBhTjagLKrVT7z90uOgXuT7bmxXp+hePId5qeck449Bgy8pjWnyHS1eg8=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://klondaika.lv/casino/?utm_source=affiliate&utm_medium=affiliate&utm_campaign=3225857&affiliate_id=3225857&campaign_id=3225857_1&ref=PTlkDC94GJ9WNw1eMO-fYWNd7ZgqdRLk&& Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fsg-sargans.ch
klondaika.lv
record.enlabspartners.com
104.18.192.136
104.18.23.131
2606:4700:3034::6815:5a1b
0ffa01d0182ffa0f8e4175c6530f222e1056d1fd43c124371bf1c2230e63b97e
50845a0c69929b78e215685b7ed267bdf492b87ce7b3a8c84074977dba7555aa
a73d274ad89707a9a9fbd31e6591a922fdeb58404e1763f655d25094272e166e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

klondaika.lv Open in urlscan Pro 104.18.23.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

83 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

70 kBTransfer

335 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

5 Cookies

1 Console Messages

Indicators

klondaika.lv Open in urlscan Pro
104.18.23.131 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

70 kB
Transfer

335 kB
Size

5
Cookies

6 HTTP transactions
1 data transactions