cfnr.yungo-klanten.be Open in urlscan Pro
2a00:1c98:1000:11f3:0:2:b827:c820 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cfnr.yungo-klanten.be/
Submission: On December 28 via api (December 28th 2023, 11:02:04 pm UTC) from US — Scanned from US

Summary HTTP 5 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 2a00:1c98:1000:11f3:0:2:b827:c820, located in Belgium and belongs to COMBELL-AS, BE. The main domain is cfnr.yungo-klanten.be.
TLS certificate: Issued by R3 on November 19th 2023. Valid for: 3 months.

This is the only time cfnr.yungo-klanten.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1c98:100... 2a00:1c98:1000:11f3:0:2:b827:c820	34762 (COMBELL-AS) (COMBELL-AS)
4	2606:4700:303... 2606:4700:3034::6815:6c7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	3

1 2a00:1c98:1000:11f3:0:2:b827:c820 (Belgium)

ASN34762 (COMBELL-AS, BE)

cfnr.yungo-klanten.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3034::6815:6c7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.prinsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	prinsh.com cdn.prinsh.com	66 KB
1	yungo-klanten.be cfnr.yungo-klanten.be	1 KB
5	2

	Domain	Requested by
4	cdn.prinsh.com	cfnr.yungo-klanten.be
1	cfnr.yungo-klanten.be
5	2

This site contains no links.

Subject Issuer	Validity	Valid
cfnr.yungo-klanten.be R3	`2023-11-19` - `2024-02-17`	3 months	crt.sh
prinsh.com GTS CA 1P5	`2023-11-12` - `2024-02-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://cfnr.yungo-klanten.be/
Frame ID: 27AA4B39F2AEFFC9EC8C5B18D78EF9B2
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hacked By ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Virus Botnet X Grem HaiDz - Team Hacker Viet Nam

Page Statistics

5
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

68 kB
Transfer

161 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response cfnr.yungo-klanten.be/	4 KB 1 KB	846ms 113ms	Document text/html	2a00:1c98:1000:11f3:0:2:b827:c820 COMBELL-AS
General Check archive.org Show headers Download Go to Full URL https://cfnr.yungo-klanten.be/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a00:1c98:1000:11f3:0:2:b827:c820 , Belgium, ASN34762 (COMBELL-AS, BE), Reverse DNS Software nginx / Resource Hash `9289964be12063c514fd011e581ed7c7cfd84c90ca667d6546e41f86265f4b2b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding br content-type text/html date Thu, 28 Dec 2023 23:01:59 GMT etag W/"e08-60d8e34c35e80" last-modified Thu, 28 Dec 2023 09:04:42 GMT server nginx
GET H2	200	nprinsh-stext.css cdn.prinsh.com/NathanPrinsley-textstyle/	5 KB 2 KB	174ms 89ms	Stylesheet text/css	2606:4700:3034::6815:6c7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prinsh.com/NathanPrinsley-textstyle/nprinsh-stext.css Requested by Host: cfnr.yungo-klanten.be URL: https://cfnr.yungo-klanten.be/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:6c7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Prinsh.com Resource Hash `d599aa9efc5057b273aa7667661a1c9a91852bf8d71639063374190c93046632` Request headers accept-language en-US,en;q=0.9 Referer https://cfnr.yungo-klanten.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-fastly-request-id 048c0d2da2edf51ef51d84763c29715ef87f02ff date Thu, 28 Dec 2023 23:01:59 GMT via 1.1 varnish content-encoding br expires Thu, 28 Dec 2023 23:11:59 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-proxy-cache HIT x-powered-by Prinsh.com x-cache MISS alt-svc h3=":443"; ma=86400 x-served-by cache-nyc-kteb1890039-NYC last-modified Tue, 27 Jun 2023 07:49:41 GMT server cloudflare x-github-request-id DB22:04B7:2DB1976:3D4D0B0:658A7607 x-timer S1703572999.379845,VS0,VE9 author Nathan Prinsley etag W/"649a9495-13bc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=on9QtW%2BROk%2FwSJ7KGCBDLRTizOVNWgz3pwloWndLXD1wbjBksNdfRQp5No9K7qaKTPvSAMQTL8QbVCUhlKtQTRKU4fdxf3FoyCgIJDd2ftwOsVPHQNGzbjcIOR1jrAxsl9kdUKKGDTQzAPWhtg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 x-origin-cache HIT cf-ray 83cd6da6dd616aed-BUF x-cache-hits 0
GET H2	200	NathanPrinsley-AnonymousLogo.png cdn.prinsh.com/data-1/images/	58 KB 59 KB	182ms 98ms	Image image/png	2606:4700:3034::6815:6c7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.prinsh.com/data-1/images/NathanPrinsley-AnonymousLogo.png Requested by Host: cfnr.yungo-klanten.be URL: https://cfnr.yungo-klanten.be/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:6c7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Prinsh.com Resource Hash `edb13d6a384b0795bf7595adedf6c157746bcc7dcb9b075c3470476f3323b628` Request headers accept-language en-US,en;q=0.9 Referer https://cfnr.yungo-klanten.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-fastly-request-id 778dd335d3fdf5c6f311b903695bd919442aa292 date Thu, 28 Dec 2023 23:01:59 GMT via 1.1 varnish expires Thu, 28 Dec 2023 23:11:59 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-proxy-cache MISS x-powered-by Prinsh.com x-cache MISS alt-svc h3=":443"; ma=86400 content-length 59847 x-served-by cache-ewr18176-EWR last-modified Tue, 27 Jun 2023 07:49:41 GMT server cloudflare x-github-request-id 76F4:4C04:121E422:1886580:6585793D x-timer S1703246142.050239,VS0,VE21 author Nathan Prinsley etag "649a9495-e9c7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4IaBd1viqo5lEKOoOObbbkKtXnZufb29d3dFVqBdguGD8bgqUtG7jR1NtEFHnTj%2FRoc4YQGSXcrCXMtg8iF81FzBjZCSIaWdYmbF1v2fFs2TUdVWm8Ame9UcOfp4bsZKaO%2BGxhLx5SWpst9ypg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control max-age=14400 accept-ranges bytes cf-ray 83cd6da6dd636aed-BUF x-cache-hits 0
GET H2	200	efek-salju.js Show response cdn.prinsh.com/NathanPrinsley-effect/	15 KB 5 KB	189ms 104ms	Script application/javascript	2606:4700:3034::6815:6c7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prinsh.com/NathanPrinsley-effect/efek-salju.js Requested by Host: cfnr.yungo-klanten.be URL: https://cfnr.yungo-klanten.be/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:6c7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Prinsh.com Resource Hash `a61855babb55fac4b8782356afd66e606bed43a1b12a4fe9454e2473be006c08` Request headers accept-language en-US,en;q=0.9 Referer https://cfnr.yungo-klanten.be/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-fastly-request-id 8473cf3ac048dd4d9e5c5f95ea956880cf346b8e date Thu, 28 Dec 2023 23:01:59 GMT via 1.1 varnish content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expires Thu, 28 Dec 2023 23:11:59 GMT x-powered-by Prinsh.com x-cache MISS x-proxy-cache MISS alt-svc h3=":443"; ma=86400 x-served-by cache-ewr18124-EWR last-modified Tue, 27 Jun 2023 07:49:41 GMT server cloudflare x-github-request-id 4694:1095:289958:3DA1D0:656B780D x-timer S1701541901.033900,VS0,VE20 author Nathan Prinsley etag W/"649a9495-3d17" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IHvIMc7hSxWiklqqLgIL0PpQ1OHzFqeY7oyVklGoOl0brdKeTmt0ALYdBPSyKta2aIVR0Hhdt0E48lIgghIUijAgV1goL5SHDv8HhhkMV88c9jvCGlHESrL%2BXWR0tcoDypUJQ7VhHx08pjLgw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=14400 cf-ray 83cd6da6dd626aed-BUF x-cache-hits 0
GET H2	206	axel-johansson_miracles.mp3 cdn.prinsh.com/data-1/mp3/	78 KB 0	237ms 174ms	Media audio/mp3	2606:4700:3034::6815:6c7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.prinsh.com/data-1/mp3/axel-johansson_miracles.mp3 Requested by Host: cfnr.yungo-klanten.be URL: https://cfnr.yungo-klanten.be/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:6c7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Prinsh.com Resource Hash Request headers Referer https://cfnr.yungo-klanten.be/ Accept-Encoding identity;q=1, ;q=0 accept-language* en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Range bytes=0- Response headers x-fastly-request-id 83b53fb59088f84d94025247930c0a5161289eb5 date Thu, 28 Dec 2023 23:01:59 GMT via 1.1 varnish cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} expires Thu, 28 Dec 2023 23:11:59 GMT x-powered-by Prinsh.com x-cache MISS Content-Range bytes 0-2662536/2662537 x-proxy-cache MISS alt-svc h3=":443"; ma=86400 Content-Length 2662537 x-served-by cache-nyc-kteb1890031-NYC last-modified Tue, 27 Jun 2023 07:49:41 GMT server cloudflare x-github-request-id E7D4:1AE7:5A6E8F:80F331:658DFE67 x-timer S1703804520.526647,VS0,VE80 author Nathan Prinsley etag "649a9495-28a089" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUApSrKpe3ujW2DD%2BZWJBnoku9BgpuKEgKBfccHaczRzbQi1JmprE26CCg92%2FTmOxCNMTD0CVJaVpLgs7QNKQw9EsP4KIDgIpctGkFfsPar6rwvvKLj5il31NWt6xTUI6c4wq535%2FwXSn23kUw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type audio/mp3 access-control-allow-origin * cache-control max-age=14400 cf-ray 83cd6da6dd646aed-BUF x-cache-hits 0
GET DATA	200 OK	truncated /	382 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	180 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	354 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/svg+xml

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| snowStorm function| SnowStorm

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.prinsh.com
cfnr.yungo-klanten.be
2606:4700:3034::6815:6c7
2a00:1c98:1000:11f3:0:2:b827:c820
6cf4ddc728ae2116b65b72832d21cdf33961c094ce95ea8a5b676b7d71212f82
77fc7e2cee3f1b71326ab2d9e121017b176205d0c8bbb013dfe7ebfccb2c5cab
9289964be12063c514fd011e581ed7c7cfd84c90ca667d6546e41f86265f4b2b
a61855babb55fac4b8782356afd66e606bed43a1b12a4fe9454e2473be006c08
b4f80028ddc6dc380c89927fb2d2d3dd9c580a24f99db9b93e32ce0b607d5c88
d599aa9efc5057b273aa7667661a1c9a91852bf8d71639063374190c93046632
edb13d6a384b0795bf7595adedf6c157746bcc7dcb9b075c3470476f3323b628

cfnr.yungo-klanten.be Open in urlscan Pro 2a00:1c98:1000:11f3:0:2:b827:c820 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

68 kBTransfer

161 kBSize

0 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

Indicators

cfnr.yungo-klanten.be Open in urlscan Pro
2a00:1c98:1000:11f3:0:2:b827:c820 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

68 kB
Transfer

161 kB
Size

0
Cookies

5 HTTP transactions
3 data transactions