proof.antiraid.win Open in urlscan Pro
185.87.157.182 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://proof.antiraid.win/
Effective URL:
http://proof.antiraid.win/setup.php
Submission Tags: phish.gg anti.fish automated Search All
Submission: On April 20 via api (April 20th 2023, 12:16:08 am UTC) from DE — Scanned from NL

Summary HTTP 11 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 185.87.157.182, located in Rotterdam, Netherlands and belongs to ASN-F2X, NL. The main domain is proof.antiraid.win.

This is the only time proof.antiraid.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 12	185.87.157.182 185.87.157.182		57112 (ASN-F2X) (ASN-F2X)
11	1

12 185.87.157.182 (Rotterdam, Netherlands) 1 redirects

ASN57112 (ASN-F2X, NL)

proof.antiraid.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	antiraid.win 1 redirects proof.antiraid.win	162 KB
11	1

	Domain	Requested by
12	proof.antiraid.win	1 redirects proof.antiraid.win
11	1

This site contains links to these domains. Also see Links.

Domain
codecanyon.net

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://proof.antiraid.win/setup.php
Frame ID: A7844CD3546CF9F4D8EA77DE8116BDE2
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IMABuildeRz v3 | Activation

Page URL History Show full URLs

http://proof.antiraid.win/ HTTP 302
http://proof.antiraid.win/setup.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

161 kB
Transfer

485 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://codecanyon.net/downloads/
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://proof.antiraid.win/ HTTP 302
http://proof.antiraid.win/setup.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request setup.php Show response proof.antiraid.win/ Redirect Chain http://proof.antiraid.win/ http://proof.antiraid.win/setup.php	8 KB 3 KB	114ms 84ms	Document text/html	185.87.157.182 ASN-F2X
General Check archive.org Show headers Download Go to Full URL http://proof.antiraid.win/setup.php Protocol HTTP/1.1 Server 185.87.157.182 Rotterdam, Netherlands, ASN57112 (ASN-F2X, NL), Reverse DNS Software LiteSpeed / Resource Hash `56cc6f8fda151511d36b4f5db9652deaccbcd9dd4f8a124d074393218c1c6796` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers connection Keep-Alive content-encoding gzip content-length 2511 content-type text/html; charset=UTF-8 date Thu, 20 Apr 2023 00:16:01 GMT server LiteSpeed vary Accept-Encoding Redirect headers cache-control no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0 connection Keep-Alive content-encoding gzip content-length 27560 content-type text/html; charset=UTF-8 date Thu, 20 Apr 2023 00:16:01 GMT expires Tue, 03 Jul 2001 06:00:00 GMT last-modified Thu, 20 Apr 2023 00:16:01 GMT location setup.php pragma no-cache server LiteSpeed vary Accept-Encoding
GET H/1.1	200 OK	bootstrap.min.css proof.antiraid.win/templates/default/bootstrap/css/	118 KB 20 KB	48ms 48ms	Stylesheet text/css	185.87.157.182 ASN-F2X
General Check archive.org Show headers Download Go to Full URL http://proof.antiraid.win/templates/default/bootstrap/css/bootstrap.min.css Requested by Host: proof.antiraid.win URL: http://proof.antiraid.win/setup.php Protocol HTTP/1.1 Server 185.87.157.182 Rotterdam, Netherlands, ASN57112 (ASN-F2X, NL), Reverse DNS Software LiteSpeed / Resource Hash `5a3d04065b97f90b944ef57c99fcc2614e96002413fcd9cfea6e0470d1308ea3` Request headers accept-language nl-NL,nl;q=0.9 Referer http://proof.antiraid.win/setup.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 00:16:01 GMT content-encoding gzip last-modified Tue, 13 Feb 2018 16:04:34 GMT server LiteSpeed etag "1d97e-5a830c92-aa153f;gz" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 connection Keep-Alive accept-ranges bytes content-length 19702 expires Thu, 27 Apr 2023 00:16:01 GMT
GET H/1.1	200 OK	AdminLTE.min.css proof.antiraid.win/templates/default/AdminLTE/css/	88 KB 15 KB	105ms 74ms	Stylesheet text/css	185.87.157.182 ASN-F2X
General Check archive.org Show headers Download Go to Full URL http://proof.antiraid.win/templates/default/AdminLTE/css/AdminLTE.min.css Requested by Host: proof.antiraid.win URL: http://proof.antiraid.win/setup.php Protocol HTTP/1.1 Server 185.87.157.182 Rotterdam, Netherlands, ASN57112 (ASN-F2X, NL), Reverse DNS Software LiteSpeed / Resource Hash `fa678e5679118669b13a4e4f9aaaae359e6b57e7ddb3b71c3ae90b7d6140b121` Request headers accept-language nl-NL,nl;q=0.9 Referer http://proof.antiraid.win/setup.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 00:16:01 GMT content-encoding gzip last-modified Fri, 23 Feb 2018 23:30:16 GMT server LiteSpeed etag "1601c-5a90a408-aa150c;gz" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 connection Keep-Alive accept-ranges bytes content-length 14763 expires Thu, 27 Apr 2023 00:16:01 GMT
GET H/1.1	200 OK	all-skins.min.css proof.antiraid.win/templates/default/AdminLTE/css/	40 KB 4 KB	107ms 75ms	Stylesheet text/css	185.87.157.182 ASN-F2X
General Check archive.org Show headers Download Go to Full URL http://proof.antiraid.win/templates/default/AdminLTE/css/all-skins.min.css Requested by Host: proof.antiraid.win URL: http://proof.antiraid.win/setup.php Protocol HTTP/1.1 Server 185.87.157.182 Rotterdam, Netherlands, ASN57112 (ASN-F2X, NL), Reverse DNS Software LiteSpeed / Resource Hash `e5e998ea42306cdbaca43e5fbc23a2ca1631d41664c57f60ebaed459d3487451` Request headers accept-language nl-NL,nl;q=0.9 Referer http://proof.antiraid.win/setup.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 00:16:01 GMT content-encoding gzip last-modified Wed, 19 Oct 2016 08:34:24 GMT server LiteSpeed etag "9f35-58073010-aa150d;gz" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 connection Keep-Alive accept-ranges bytes content-length 3323 expires Thu, 27 Apr 2023 00:16:01 GMT
GET H/1.1	200 OK	fonts.css proof.antiraid.win/templates/default/assets/css/	1 KB 638 B	88ms 57ms	Stylesheet text/css	185.87.157.182 ASN-F2X
General Check archive.org Show headers Download Go to Full URL http://proof.antiraid.win/templates/default/assets/css/fonts.css Requested by Host: proof.antiraid.win URL: http://proof.antiraid.win/setup.php Protocol HTTP/1.1 Server 185.87.157.182 Rotterdam, Netherlands, ASN57112 (ASN-F2X, NL), Reverse DNS Software LiteSpeed / Resource Hash `26e0dcce19a68f92324ac61d17166707e4aa90cf5c49dc5f343519ded8174e3b` Request headers accept-language nl-NL,nl;q=0.9 Referer http://proof.antiraid.win/setup.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 00:16:01 GMT content-encoding gzip last-modified Sat, 27 May 2017 16:49:10 GMT server LiteSpeed etag "4c5-5929ae06-aa1513;gz" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 connection Keep-Alive accept-ranges bytes content-length 268 expires Thu, 27 Apr 2023 00:16:01 GMT
GET H/1.1	200 OK	font-awesome.min.css proof.antiraid.win/templates/default/font-awesome/css/	30 KB 7 KB	62ms 31ms	Stylesheet text/css	185.87.157.182 ASN-F2X
General Check archive.org Show headers Download Go to Full URL http://proof.antiraid.win/templates/default/font-awesome/css/font-awesome.min.css Requested by Host: proof.antiraid.win URL: http://proof.antiraid.win/setup.php Protocol HTTP/1.1 Server 185.87.157.182 Rotterdam, Netherlands, ASN57112 (ASN-F2X, NL), Reverse DNS Software LiteSpeed / Resource Hash `799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd` Request headers accept-language nl-NL,nl;q=0.9 Referer http://proof.antiraid.win/setup.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 00:16:01 GMT content-encoding gzip last-modified Tue, 23 May 2017 16:43:54 GMT server LiteSpeed etag "7918-592466ca-aa1551;gz" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 connection Keep-Alive accept-ranges bytes content-length 7050 expires Thu, 27 Apr 2023 00:16:01 GMT
GET H/1.1	200 OK	imabuilder.css proof.antiraid.win/templates/default/assets/css/	11 KB 3 KB	105ms 74ms	Stylesheet text/css	185.87.157.182 ASN-F2X
General Check archive.org Show headers Download Go to Full URL http://proof.antiraid.win/templates/default/assets/css/imabuilder.css Requested by Host: proof.antiraid.win URL: http://proof.antiraid.win/setup.php Protocol HTTP/1.1 Server 185.87.157.182 Rotterdam, Netherlands, ASN57112 (ASN-F2X, NL), Reverse DNS Software LiteSpeed / Resource Hash `0997933c1d0af7a0289691720d541720be206be1f713f182a9dc2facf756a543` Request headers accept-language nl-NL,nl;q=0.9 Referer http://proof.antiraid.win/setup.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 00:16:01 GMT content-encoding gzip last-modified Wed, 14 Oct 2020 23:17:16 GMT server LiteSpeed etag "2a31-5f8786fc-aa1514;gz" vary Accept-Encoding content-type text/css cache-control public, max-age=604800 connection Keep-Alive accept-ranges bytes content-length 2927 expires Thu, 27 Apr 2023 00:16:01 GMT
GET H/1.1	200 OK	version.png proof.antiraid.win/templates/default/assets/img/	26 KB 26 KB	30ms 30ms	Image image/png	185.87.157.182 ASN-F2X
General Check archive.org Show headers Download Go to Show image Full URL http://proof.antiraid.win/templates/default/assets/img/version.png Requested by Host: proof.antiraid.win URL: http://proof.antiraid.win/setup.php Protocol HTTP/1.1 Server 185.87.157.182 Rotterdam, Netherlands, ASN57112 (ASN-F2X, NL), Reverse DNS Software LiteSpeed / Resource Hash `fdbf4ec9ede01bd7f8a8a1587e6557584f525012d0c3e6e20f4494b32c0e4464` Request headers accept-language nl-NL,nl;q=0.9 Referer http://proof.antiraid.win/setup.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 00:16:01 GMT last-modified Thu, 21 May 2020 18:09:12 GMT server LiteSpeed etag "66b4-5ec6c3c8-aa1539;;;" content-type image/png cache-control public, max-age=604800 connection Keep-Alive accept-ranges bytes content-length 26292 expires Thu, 27 Apr 2023 00:16:01 GMT
GET H/1.1	200 OK	jquery-2.2.3.min.js Show response proof.antiraid.win/templates/default/jQuery/	84 KB 30 KB	115ms 46ms	Script application/x-javascript	185.87.157.182 ASN-F2X
General Check archive.org Show headers Download Go to Full URL http://proof.antiraid.win/templates/default/jQuery/jquery-2.2.3.min.js Requested by Host: proof.antiraid.win URL: http://proof.antiraid.win/setup.php Protocol HTTP/1.1 Server 185.87.157.182 Rotterdam, Netherlands, ASN57112 (ASN-F2X, NL), Reverse DNS Software LiteSpeed / Resource Hash `6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a` Request headers accept-language nl-NL,nl;q=0.9 Referer http://proof.antiraid.win/setup.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 00:16:01 GMT content-encoding gzip last-modified Wed, 19 Oct 2016 08:34:24 GMT server LiteSpeed etag "14e9b-58073010-aa2428;gz" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 connection Keep-Alive accept-ranges bytes content-length 29923 expires Thu, 27 Apr 2023 00:16:01 GMT
GET H/1.1	200 OK	bootstrap.min.js Show response proof.antiraid.win/templates/default/bootstrap/js/	36 KB 10 KB	30ms 30ms	Script application/x-javascript	185.87.157.182 ASN-F2X
General Check archive.org Show headers Download Go to Full URL http://proof.antiraid.win/templates/default/bootstrap/js/bootstrap.min.js Requested by Host: proof.antiraid.win URL: http://proof.antiraid.win/setup.php Protocol HTTP/1.1 Server 185.87.157.182 Rotterdam, Netherlands, ASN57112 (ASN-F2X, NL), Reverse DNS Software LiteSpeed / Resource Hash `2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a` Request headers accept-language nl-NL,nl;q=0.9 Referer http://proof.antiraid.win/setup.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 00:16:01 GMT content-encoding gzip last-modified Wed, 21 Dec 2016 19:57:58 GMT server LiteSpeed etag "9004-585adec6-aa1549;gz" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=604800 connection Keep-Alive accept-ranges bytes content-length 9764 expires Thu, 27 Apr 2023 00:16:01 GMT
GET H/1.1	200 OK	FjallaOne.woff proof.antiraid.win/templates/default/assets/fonts/	44 KB 44 KB	31ms 31ms	Font application/font-woff	185.87.157.182 ASN-F2X
General Check archive.org Show headers Download Go to Full URL http://proof.antiraid.win/templates/default/assets/fonts/FjallaOne.woff Requested by Host: proof.antiraid.win URL: http://proof.antiraid.win/templates/default/assets/css/fonts.css Protocol HTTP/1.1 Server 185.87.157.182 Rotterdam, Netherlands, ASN57112 (ASN-F2X, NL), Reverse DNS Software LiteSpeed / Resource Hash `420bf29835a17e5e92ede9017fc9672ed29c0235cbd0e9f9c2c995f2bcd7d2c3` Request headers Referer http://proof.antiraid.win/templates/default/assets/css/fonts.css Origin http://proof.antiraid.win accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 00:16:01 GMT last-modified Tue, 24 Mar 2015 02:14:18 GMT server LiteSpeed etag "afd8-5510c87a-aa151a;;;" content-type application/font-woff connection Keep-Alive accept-ranges bytes content-length 45016

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			proof.antiraid.win/	1969-12-31 23:59:59	Name: PHPSESSID Value: aoitj2henhgru4mhkcdbfhn2d9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

proof.antiraid.win
185.87.157.182
0997933c1d0af7a0289691720d541720be206be1f713f182a9dc2facf756a543
26e0dcce19a68f92324ac61d17166707e4aa90cf5c49dc5f343519ded8174e3b
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
420bf29835a17e5e92ede9017fc9672ed29c0235cbd0e9f9c2c995f2bcd7d2c3
56cc6f8fda151511d36b4f5db9652deaccbcd9dd4f8a124d074393218c1c6796
5a3d04065b97f90b944ef57c99fcc2614e96002413fcd9cfea6e0470d1308ea3
6b6de0d4db7876d1183a3edb47ebd3bbbf93f153f5de1ba6645049348628109a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
e5e998ea42306cdbaca43e5fbc23a2ca1631d41664c57f60ebaed459d3487451
fa678e5679118669b13a4e4f9aaaae359e6b57e7ddb3b71c3ae90b7d6140b121
fdbf4ec9ede01bd7f8a8a1587e6557584f525012d0c3e6e20f4494b32c0e4464

proof.antiraid.win Open in urlscan Pro 185.87.157.182 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

161 kBTransfer

485 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

Indicators

proof.antiraid.win Open in urlscan Pro
185.87.157.182 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

161 kB
Transfer

485 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions