URL: https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
Tags: c2 malware tables
Submission: On February 13 via api from CA

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 13 HTTP transactions.
The main IP is 194.67.104.87, located in Russian Federation and belongs to AS-REG, RU. The main domain is canadasecurecheck.info.
TLS certificate: Issued by GlobalSign RSA DV SSL CA 2018 on January 27th 2020. Valid for: a year.
This is the first time this domain was scanned on urlscan.io!

Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 194.67.104.87 197695 (AS-REG)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
13 3
Domain
Subdomains
Transfer
9 canadasecurecheck.info
1 MB
2 gstatic.com
18 KB
2 fonts.googleapis.com
1 KB
13 3
Domain Requested by
9 canadasecurecheck.info canadasecurecheck.info
2 fonts.gstatic.com canadasecurecheck.info
2 fonts.googleapis.com canadasecurecheck.info
13 3

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
www.canadasecurecheck.info
GlobalSign RSA DV SSL CA 2018
2020-01-27 -
2021-01-27
a year
*.storage.googleapis.com
GTS CA 1O1
2020-01-21 -
2020-04-14
3 months
*.google.com
GTS CA 1O1
2020-01-29 -
2020-04-22
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
index.php
/c/lucifer/jp/cc
1 KB
1 KB
Document
General
Full URL
https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.67.104.87 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
194-67-104-87.xen.vps.regruhosting.ru
Software
nginx/1.10.3 / PHP/5.6.38
Resource Hash
8e5458a4974c2668072c0d0d28c54a4a57fe7ac7bb300237ba4dc4aa38e125b5

Request headers

Host
canadasecurecheck.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Server
nginx/1.10.3
Date
Thu, 13 Feb 2020 12:06:58 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1105
Connection
keep-alive
X-Powered-By
PHP/5.6.38
custom.css
/c/lucifer/jp/cc/design
821 KB
821 KB
Stylesheet
General
Full URL
https://canadasecurecheck.info/c/lucifer/jp/cc/design/custom.css
Requested by
Host: canadasecurecheck.info
URL: https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.67.104.87 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
194-67-104-87.xen.vps.regruhosting.ru
Software
nginx/1.10.3 /
Resource Hash
81b4f3ead3c2072cbe79a57a9b50f48c07d2ca8e3dcd1fd24e777db2cf981a00

Request headers

Referer
https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 13 Feb 2020 12:06:58 GMT
Last-Modified
Tue, 23 Jul 2019 23:03:37 GMT
Server
nginx/1.10.3
ETag
"cd246-58e6133e6952d"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
840262
main.css
/c/lucifer/jp/cc/design
44 KB
44 KB
Stylesheet
General
Full URL
https://canadasecurecheck.info/c/lucifer/jp/cc/design/main.css
Requested by
Host: canadasecurecheck.info
URL: https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.67.104.87 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
194-67-104-87.xen.vps.regruhosting.ru
Software
nginx/1.10.3 /
Resource Hash
9f6a5dc0033a17bb8254e083438f2a39386859062118745959ea6349e11733a0

Request headers

Referer
https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Thu, 13 Feb 2020 12:06:58 GMT
Last-Modified
Tue, 23 Jul 2019 23:03:37 GMT
Server
nginx/1.10.3
ETag
"afcc-58e6133e6952d"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45004
jq.js
/c/lucifer/jp/cc/system
236 KB
237 KB
Script
General
Full URL
https://canadasecurecheck.info/c/lucifer/jp/cc/system/jq.js
Requested by
Host: canadasecurecheck.info
URL: https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.67.104.87 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
194-67-104-87.xen.vps.regruhosting.ru
Software
nginx/1.10.3 /
Resource Hash
af6cffef84cf23aedef22c063b68e8553ab0e8c207bdb28c82354271e9072cae

Request headers

Referer
https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 12:06:58 GMT
Last-Modified
Tue, 23 Jul 2019 23:03:37 GMT
Server
nginx/1.10.3
ETag
"3b1dd-58e6133e6b46d"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
242141
jq1.js
/c/lucifer/jp/cc/system
82 KB
83 KB
Script
General
Full URL
https://canadasecurecheck.info/c/lucifer/jp/cc/system/jq1.js
Requested by
Host: canadasecurecheck.info
URL: https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.67.104.87 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
194-67-104-87.xen.vps.regruhosting.ru
Software
nginx/1.10.3 /
Resource Hash
ddca1c366050521d7f470f72ec3cbbfcbc1c5b80a4ce6a2bd51067107ac2f898

Request headers

Referer
https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 12:06:58 GMT
Last-Modified
Tue, 23 Jul 2019 23:03:37 GMT
Server
nginx/1.10.3
ETag
"14989-58e6133e6b46d"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84361
jq2.js
/c/lucifer/jp/cc/system
194 KB
194 KB
Script
General
Full URL
https://canadasecurecheck.info/c/lucifer/jp/cc/system/jq2.js
Requested by
Host: canadasecurecheck.info
URL: https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.67.104.87 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
194-67-104-87.xen.vps.regruhosting.ru
Software
nginx/1.10.3 /
Resource Hash
e8502d89b07e25c82b3f77655e51e1223cc683bf754cb831519cffbea775ebfd

Request headers

Referer
https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 12:06:58 GMT
Last-Modified
Tue, 23 Jul 2019 23:03:37 GMT
Server
nginx/1.10.3
ETag
"307bc-58e6133e6b855"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
198588
jq3.js
/c/lucifer/jp/cc/system
15 KB
15 KB
Script
General
Full URL
https://canadasecurecheck.info/c/lucifer/jp/cc/system/jq3.js
Requested by
Host: canadasecurecheck.info
URL: https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.67.104.87 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
194-67-104-87.xen.vps.regruhosting.ru
Software
nginx/1.10.3 /
Resource Hash
6fa82c9b5a2c86dbc50c757299b8afa6bdbc839e83501cac455f04195af74cb1

Request headers

Referer
https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 12:06:58 GMT
Last-Modified
Tue, 23 Jul 2019 23:03:37 GMT
Server
nginx/1.10.3
ETag
"3ace-58e6133e6b855"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15054
tProtos.js
/c/lucifer/jp/cc/system
789 B
1 KB
Script
General
Full URL
https://canadasecurecheck.info/c/lucifer/jp/cc/system/tProtos.js
Requested by
Host: canadasecurecheck.info
URL: https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.67.104.87 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
194-67-104-87.xen.vps.regruhosting.ru
Software
nginx/1.10.3 /
Resource Hash
fabc41ec5a1eae03d4d802c6f7829af6f9259f7812dec9f128b2bd73c53d2880

Request headers

Referer
https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 12:06:58 GMT
Last-Modified
Tue, 23 Jul 2019 23:03:37 GMT
Server
nginx/1.10.3
ETag
"315-58e6133e6b855"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
789
l.js
/c/lucifer/jp/cc/system
770 B
1 KB
Script
General
Full URL
https://canadasecurecheck.info/c/lucifer/jp/cc/system/l.js
Requested by
Host: canadasecurecheck.info
URL: https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.67.104.87 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
194-67-104-87.xen.vps.regruhosting.ru
Software
nginx/1.10.3 /
Resource Hash
5cf850e8f5ee00f26bee3ba94bada5c5638e490405d8db7f32c7baa98f93446f

Request headers

Referer
https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 12:06:58 GMT
Last-Modified
Tue, 23 Jul 2019 23:03:37 GMT
Server
nginx/1.10.3
ETag
"302-58e6133e6b855"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
770
css?family=Open+Sans:300,400,700
fonts.googleapis.com
7 KB
797 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Requested by
Host: canadasecurecheck.info
URL: https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Feb 2020 12:06:37 GMT
server
ESF
date
Thu, 13 Feb 2020 12:06:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Feb 2020 12:06:37 GMT
css?family=Ubuntu+Condensed
fonts.googleapis.com
2 KB
630 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Ubuntu+Condensed
Requested by
Host: canadasecurecheck.info
URL: https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b5c9af7ba728ed18a351bc388654fbab98bdb8dcb93ce0ab911801c44a38e750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://canadasecurecheck.info/c/lucifer/jp/cc/index.php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 13 Feb 2020 12:06:37 GMT
server
ESF
date
Thu, 13 Feb 2020 12:06:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 13 Feb 2020 12:06:37 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: canadasecurecheck.info
URL: https://canadasecurecheck.info/c/lucifer/jp/cc/system/jq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Origin
https://canadasecurecheck.info
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 02:11:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
1245280
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9132
x-xss-protection
0
expires
Fri, 29 Jan 2021 02:11:57 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: canadasecurecheck.info
URL: https://canadasecurecheck.info/c/lucifer/jp/cc/system/jq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,700
Origin
https://canadasecurecheck.info
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Feb 2020 19:32:54 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:31:11 GMT
server
sffe
age
1010023
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
9080
x-xss-protection
0
expires
Sun, 31 Jan 2021 19:32:54 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| DP_jQuery_1581595597224 object| Login object| login

0 Cookies