Submission Tags: c2 malware lokibot Search All
Submission: On January 26 via api from US — Scanned from NL
TLS certificate: Issued by GTS CA 1P5 on December 14th 2022. Valid for: 3 months.
This is the only time efvsx.ga was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
|IP Address||AS Autonomous System|
|1||2a06:98c1:312... 2a06:98c1:3120::3||13335 (CLOUDFLAR...) (CLOUDFLARENET)|
ASN13335 (CLOUDFLARENET, US)
This site contains no links.
GTS CA 1P5
This page contains 1 frames:
Frame ID: CCE54ED3D0DACFC2D25D6E0D9E6A45E2
Requests: 1 HTTP requests in this frame
Detected technologiesPHP (Programming Languages) Expand
0 Outgoing links
These are links going to different origins than the main page.
There were HTTP redirect chains for the following requests:
1 HTTP transactions
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.object| oncontentvisibilityautostatechange
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
efvsx.ga 2a06:98c1:3120::3 ea45832c706ac255750167295804d942ff7375a67213a0487de1c027c7dc8011