bank.rebiwesgui.cf - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3031::6815:36f6, located in United States and belongs to CLOUDFLARENET, US. The main domain is bank.rebiwesgui.cf.

This is the only time bank.rebiwesgui.cf was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3031::6815:36f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
1	34.239.220.159 34.239.220.159	14618 (AMAZON-AES) (AMAZON-AES)
1	103.4.217.3 103.4.217.3	63940 (DRAGONHIS...) (DRAGONHISPEED-AS-AP dragonhispeed)
5	4

2 2606:4700:3031::6815:36f6 (United States)

ASN13335 (CLOUDFLARENET, US)

bank.rebiwesgui.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.132 (United States)

ASN54113 (FASTLY, US)

fastly.4sqi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.220.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-220-159.compute-1.amazonaws.com

via.placeholder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.4.217.3 (Thailand)

ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH)

www.omnoi.go.th	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	rebiwesgui.cf bank.rebiwesgui.cf	12 KB
1	omnoi.go.th www.omnoi.go.th	179 KB
1	placeholder.com via.placeholder.com — Cisco Umbrella Rank: 21443	606 B
1	4sqi.net fastly.4sqi.net — Cisco Umbrella Rank: 48362	70 KB
5	4

	Domain	Requested by
2	bank.rebiwesgui.cf	bank.rebiwesgui.cf
1	www.omnoi.go.th	bank.rebiwesgui.cf
1	via.placeholder.com	bank.rebiwesgui.cf
1	fastly.4sqi.net	bank.rebiwesgui.cf
5	4

This site contains no links.

Subject Issuer	Validity	Valid
*.4sqi.net R3	`2023-01-06` - `2023-04-06`	3 months	crt.sh
placeholder.com Amazon RSA 2048 M01	`2023-01-25` - `2024-02-23`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://bank.rebiwesgui.cf/
Frame ID: EB371AFA32E53F4D3B02D8C084A3280A
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

เที่ยวบินโบรคเกนโบว์ - นูเรมเบิร์ก

Page Statistics

5
Requests

40 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

262 kB
Transfer

288 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bank.rebiwesgui.cf/ 38 KB
11 KB 607ms
309ms Document
text/html 2606:4700:3031::6815:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://bank.rebiwesgui.cf/
Protocol: HTTP/1.1
Server: 2606:4700:3031::6815:36f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3aefad023c5e371f47e133872cd7a5fddc85a6cd621d42b5438d819f786efca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 79abef311f4109ce-MIA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 17 Feb 2023 04:56:04 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6c5kHVUHk2JsJozDgPBbAcksUvqH2A1BTkn0GJLNg1s%2FzJ2E854POtQg9XZoNfUqxj70w4LF%2BFlpmJh%2Btl5ZKp4%2BSM4LemFI%2FuHCTB4OmZ25nd6Kd3D0la3%2F5ov%2FbA0IrYBIgCyKZ73SvDdiuAjmt4%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 2292681_57bBWacmSrE-nPcHMVIFHnA31FnFVP_NEoEVDrYN6tk.jpg
fastly.4sqi.net/img/general/600x600/ 69 KB
70 KB 465ms
91ms Image
image/jpeg 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fastly.4sqi.net/img/general/600x600/2292681_57bBWacmSrE-nPcHMVIFHnA31FnFVP_NEoEVDrYN6tk.jpg
Requested by: Host: bank.rebiwesgui.cf
URL: http://bank.rebiwesgui.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec037d7c6908e87fe1510e6d1d0c96cf009c73b30338cf698e41b868a264f557

Request headers

accept-language: en-US,en;q=0.9
Referer: http://bank.rebiwesgui.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Sun, 17 Jan 2038 00:00:00 GMT
x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Fri, 17 Feb 2023 04:56:04 GMT
x-amz-request-id: Y9MZA2ER0BWAT3SM
age: 1372783
x-cache: HIT, MISS
fastly-io-info: ifsz=158418 idim=720x960 ifmt=jpeg ofsz=70840 odim=600x600 ofmt=jpeg
fastly-stats: io=1
content-length: 70840
x-amz-id-2: PCWnO9TJASP+VfRRUs3Klr8JUfIFprddrz/nkQ7oEwKvCdgbVKwBWViz/EYI2r6ZcRQCT6H04qE=
x-served-by: cache-iad-kjyo7100072-IAD, cache-pdk17866-PDK
server: AmazonS3
x-timer: S1676609765.736549,VS0,VE16
etag: "XY36Wh1fIre6VHyAkqZkQY5PwYMoA4vztn0wfvuwrSM"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 6, 0

GET
H2 200 50x50
via.placeholder.com/ 480 B
606 B 341ms
149ms Image
image/png 34.239.220.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://via.placeholder.com/50x50
Requested by: Host: bank.rebiwesgui.cf
URL: http://bank.rebiwesgui.cf/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.220.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-220-159.compute-1.amazonaws.com
Software: Werkzeug/2.2.2 Python/3.9.16 /
Resource Hash: 3575eeb164c9c40529fd0f26fa91ca3cb1002a99dd3420486fded18662b10d3d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://bank.rebiwesgui.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 04:56:04 GMT
cache-control: public, max-age=31557600
server: Werkzeug/2.2.2 Python/3.9.16
content-length: 480
content-type: image/png

GET
H/1.1 200
OK 60454.jpg
www.omnoi.go.th/site/images/stories/pr/ 179 KB
179 KB 1294ms
311ms Image
image/jpeg 103.4.217.3
DRAGONHISPEED-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.omnoi.go.th/site/images/stories/pr/60454.jpg
Requested by: Host: bank.rebiwesgui.cf
URL: http://bank.rebiwesgui.cf/
Protocol: HTTP/1.1
Server: 103.4.217.3 , Thailand, ASN63940 (DRAGONHISPEED-AS-AP dragonhispeed, TH),
Reverse DNS
Software: nginx /
Resource Hash: c9cb56e00edd60c1d8aa4862e0960c5c92bf1a0c1a440fbe2d2d489ef46d560f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://bank.rebiwesgui.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 04:56:07 GMT
Last-Modified: Sun, 15 Jul 2018 07:46:34 GMT
Server: nginx
ETag: "5b4afbda-2cc5c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 183388

GET
H/1.1 200
OK email-decode.min.js Show response
bank.rebiwesgui.cf/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 82ms
79ms Script
application/javascript 2606:4700:3031::6815:36f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://bank.rebiwesgui.cf/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: bank.rebiwesgui.cf
URL: http://bank.rebiwesgui.cf/

Protocol

HTTP/1.1

Server

2606:4700:3031::6815:36f6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: http://bank.rebiwesgui.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Fri, 17 Feb 2023 04:56:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 15 Feb 2023 11:11:08 GMT
Server: cloudflare
ETag: W/"63ecbdcc-4d7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knAaqt318kHuHFjB7jlmDexSlVVL%2BS2jDXKwWpOt1wAS0l1u5NGcxDm8NlADCC%2FK1o8ywJX3Rmkb5dAIP%2B8jP2JDmNw0OZW%2BtPnP0XiKhwxwDMZKGVC2Hl%2FvjdhbMvkM4AFFiO8Eb8gjwlhoW7S%2FThU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
X-Frame-Options: DENY
Cache-Control: max-age=172800, public
CF-RAY: 79abef33c9e209ce-MIA
Expires: Sun, 19 Feb 2023 04:56:04 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bank.rebiwesgui.cf/	1969-12-31 23:59:59	Name: ch1c Value: b

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bank.rebiwesgui.cf
fastly.4sqi.net
via.placeholder.com
www.omnoi.go.th
103.4.217.3
151.101.66.132
2606:4700:3031::6815:36f6
34.239.220.159
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3575eeb164c9c40529fd0f26fa91ca3cb1002a99dd3420486fded18662b10d3d
a3aefad023c5e371f47e133872cd7a5fddc85a6cd621d42b5438d819f786efca
c9cb56e00edd60c1d8aa4862e0960c5c92bf1a0c1a440fbe2d2d489ef46d560f
ec037d7c6908e87fe1510e6d1d0c96cf009c73b30338cf698e41b868a264f557

bank.rebiwesgui.cf Open in urlscan Pro 2606:4700:3031::6815:36f6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

40 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

262 kBTransfer

288 kBSize

1 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Indicators

bank.rebiwesgui.cf Open in urlscan Pro
2606:4700:3031::6815:36f6 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

40 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

262 kB
Transfer

288 kB
Size

1
Cookies

5 HTTP transactions
0 data transactions