www.ai-promo-78.shop

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 2606:4700:30::681b:b580, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.ai-promo-78.shop.

This is the only time www.ai-promo-78.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:30:... 2606:4700:30::681f:4733	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2606:4700:30:... 2606:4700:30::681b:b580	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700:30:... 2606:4700:30::681b:b480	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2

1 2606:4700:30::681f:4733 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

1.2fa-qvt.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:30::681b:b580 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.ai-promo-78.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:b480 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.ai-promo-78.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	ai-promo-78.shop www.ai-promo-78.shop	15 KB
1	2fa-qvt.icu 1 redirects 1.2fa-qvt.icu	775 B
4	2

	Domain	Requested by
4	www.ai-promo-78.shop	www.ai-promo-78.shop
1	1.2fa-qvt.icu	1 redirects
4	2

This site contains links to these domains. Also see Links.

Domain
go.bqr3.review

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://www.ai-promo-78.shop/57/e1.html?os=Windows
Frame ID: 42F0259673A062B9BA6201567CC202CE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://1.2fa-qvt.icu/zp-redirect?target=http://www.ai-promo-78.shop/57/e1.html?os=Windows&osversi... HTTP 302
http://www.ai-promo-78.shop/57/e1.html?os=Windows Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Page Statistics

4
Requests

0 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

15 kB
Transfer

19 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://go.bqr3.review/click
Title: x

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1.2fa-qvt.icu/zp-redirect?target=http://www.ai-promo-78.shop/57/e1.html?os=Windows&osversion=Windows%207&cep=2PaVT7hjvUhjkW9H8epsOUFgrfPxUFqP47j39Sp1cejXjHnb_MfzU5yeTyuo-TxODPCfj2eJvmzGoFII5FbXHIt2wa_1_EQmzFonkSEYHwuQzfYWc87l_ngCPAdIDmImGD9rRaKOiRqK6Hyq9Y8hCyvuKzCeNmK5P59S6a4X-4KXaxAGj9KlMgnWmaywWboQ2KeVJUrMtcSa7fFvIRbIT0_6UeYFAdWmGsS23SwHNVCXxAAhTKpAWT2Ru8AmfDU81_AlJRjfQcy2lvcyfGrECB6QiWxqchUxuMc0H_Wt7BPwOcX6vZU0WxkEk3aY5qDIddpVepuHA-ttQ0uZp_iBj-y-_zs-bcn6bAm6NO5WVP8&caid=ed2ea035-2762-447b-ade9-acc3d8da3192&zpid=d391c376-0a44-11e9-b881-12c4735d2800&cid=&rt=DJ HTTP 302
http://www.ai-promo-78.shop/57/e1.html?os=Windows Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set e1.html Show response www.ai-promo-78.shop/57/ Redirect Chain http://1.2fa-qvt.icu/zp-redirect?target=http://www.ai-promo-78.shop/57/e1.html?os=Windows&osversion=Windows%207&cep=2PaVT7hjvUhjkW9H8epsOUFgrfPxUFqP47j39Sp1cejXjHnb_MfzU5yeTyuo-TxODPCfj2eJvmzGoFII5... http://www.ai-promo-78.shop/57/e1.html?os=Windows	6 KB 3 KB	53ms 13ms	Document text/html	2606:4700:30::681b:b580 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.ai-promo-78.shop/57/e1.html?os=Windows Protocol HTTP/1.1 Server 2606:4700:30::681b:b580 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PleskLin Resource Hash `a7ac1efbd158b098e8b81fc62d5581b3c3443efc93ad5069925bb06d080c3dd5` Request headers Host www.ai-promo-78.shop Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 28 Dec 2018 02:28:29 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=da22c15956efdd9b77670dfa7bfcdb16f1545964109; expires=Sat, 28-Dec-19 02:28:29 GMT; path=/; domain=.ai-promo-78.shop; HttpOnly Last-Modified Thu, 27 Dec 2018 18:55:31 GMT X-Powered-By PleskLin Server cloudflare CF-RAY 4900980306009720-FRA Content-Encoding gzip Redirect headers Date Fri, 28 Dec 2018 02:28:29 GMT Content-Length 0 Connection keep-alive Set-Cookie __cfduid=dcd3e56f47dfe27562548ee4c8f522c371545964109; expires=Sat, 28-Dec-19 02:28:29 GMT; path=/; domain=.2fa-qvt.icu; HttpOnly ed2ea035-2762-447b-ade9-acc3d8da3192-v4=ed2ea035-2762-447b-ade9-acc3d8da3192;domain=1.2fa-qvt.icu;path=/;HttpOnly cep-v4=http%3A%2F%2Fwww.ai-promo-78.shop%2F57%2Fe1.html%3Fos%3DWindows;Max-Age=86400;Expires=Sat, 29-Dec-2018 02:28:29 GMT;domain=1.2fa-qvt.icu;path=/;HttpOnly Cache-Control no-store, no-cache, pre-check=0, post-check=0 Expires Thu, 01 Jan 1970 00:00:00 GMT Location http://www.ai-promo-78.shop/57/e1.html?os=Windows Pragma no-cache Server cloudflare CF-RAY 49009802b0fb6409-FRA
GET H/1.1	200 OK	alert.png www.ai-promo-78.shop/57/	2 KB 3 KB	39ms 38ms	Image image/png	2606:4700:30::681b:b580 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL http://www.ai-promo-78.shop/57/alert.png Requested by Host: www.ai-promo-78.shop URL: http://www.ai-promo-78.shop/57/e1.html?os=Windows Protocol HTTP/1.1 Server 2606:4700:30::681b:b580 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PleskLin Resource Hash `42f0b2d60cc89423aa81f6d03d76f29374ab347478a32e53506c137cbcca50f4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.ai-promo-78.shop User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://www.ai-promo-78.shop/57/e1.html?os=Windows Cookie __cfduid=da22c15956efdd9b77670dfa7bfcdb16f1545964109 Connection keep-alive Cache-Control no-cache Referer http://www.ai-promo-78.shop/57/e1.html?os=Windows User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 28 Dec 2018 02:28:29 GMT CF-Cache-Status HIT Last-Modified Tue, 25 Dec 2018 06:53:19 GMT Server cloudflare X-Powered-By PleskLin ETag "5c21d3df-9e2" Vary Accept-Encoding Content-Type image/png Cache-Control public, max-age=14400 Connection keep-alive Accept-Ranges bytes CF-RAY 4900980326039720-FRA Content-Length 2530 Expires Fri, 28 Dec 2018 06:28:29 GMT
GET H/1.1	200 OK	backfix.min.js Show response www.ai-promo-78.shop/57/	2 KB 1 KB	32ms 17ms	Script application/javascript	2606:4700:30::681b:b480 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.ai-promo-78.shop/57/backfix.min.js Requested by Host: www.ai-promo-78.shop URL: http://www.ai-promo-78.shop/57/e1.html?os=Windows Protocol HTTP/1.1 Server 2606:4700:30::681b:b480 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PleskLin Resource Hash `5b42b91ac56fc39de5ca75a66c038e7f4933604735fe6af37bb4d1e84a2caf86` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.ai-promo-78.shop User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept / Referer http://www.ai-promo-78.shop/57/e1.html?os=Windows Cookie __cfduid=da22c15956efdd9b77670dfa7bfcdb16f1545964109 Connection keep-alive Cache-Control no-cache Referer http://www.ai-promo-78.shop/57/e1.html?os=Windows User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Fri, 28 Dec 2018 02:28:29 GMT Content-Encoding gzip Vary Accept-Encoding CF-Cache-Status HIT Last-Modified Tue, 25 Dec 2018 06:53:19 GMT Server cloudflare X-Powered-By PleskLin ETag W/"5c21d3df-7ad" Transfer-Encoding chunked Content-Type application/javascript Cache-Control public, max-age=14400 Connection keep-alive CF-RAY 49009803404bc274-FRA Expires Fri, 28 Dec 2018 06:28:29 GMT
GET H/1.1	206 Partial Content	alert.ogg www.ai-promo-78.shop/57/	8 KB 8 KB	11ms 10ms	Media audio/ogg	2606:4700:30::681b:b580 Cloudflare
General Check archive.org Show headers Download Go to Full URL http://www.ai-promo-78.shop/57/alert.ogg Requested by Host: www.ai-promo-78.shop URL: http://www.ai-promo-78.shop/57/7diu.html?os=Windows Protocol HTTP/1.1 Server 2606:4700:30::681b:b580 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / PleskLin Resource Hash `96b21456badcde7cd7783ed51d039bf29e75b1292938de0c8b2ccb875eee80ac` Request headers Pragma no-cache Accept-Encoding identity;q=1, ;q=0 Host* www.ai-promo-78.shop User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 chrome-proxy frfr Accept / Cache-Control no-cache Referer http://www.ai-promo-78.shop/57/7diu.html?os=Windows Cookie __cfduid=da22c15956efdd9b77670dfa7bfcdb16f1545964109 Connection keep-alive Range bytes=0- Referer http://www.ai-promo-78.shop/57/7diu.html?os=Windows Accept-Encoding identity;q=1, ;q=0 User-Agent* Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Range bytes=0- chrome-proxy frfr Response headers Date Fri, 28 Dec 2018 02:28:29 GMT Last-Modified Tue, 25 Dec 2018 06:53:19 GMT Server cloudflare X-Powered-By PleskLin ETag "5c21d3df-2038" Content-Type audio/ogg Content-Range bytes 0-8247/8248 Connection keep-alive CF-RAY 4900980366099720-FRA Content-Length 8248

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ai-promo-78.shop/	1970-01-19 06:11:40	Name: __cfduid Value: da22c15956efdd9b77670dfa7bfcdb16f1545964109

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.2fa-qvt.icu
www.ai-promo-78.shop
2606:4700:30::681b:b480
2606:4700:30::681b:b580
2606:4700:30::681f:4733
42f0b2d60cc89423aa81f6d03d76f29374ab347478a32e53506c137cbcca50f4
5b42b91ac56fc39de5ca75a66c038e7f4933604735fe6af37bb4d1e84a2caf86
96b21456badcde7cd7783ed51d039bf29e75b1292938de0c8b2ccb875eee80ac
a7ac1efbd158b098e8b81fc62d5581b3c3443efc93ad5069925bb06d080c3dd5

www.ai-promo-78.shop Open in urlscan Pro 2606:4700:30::681b:b580 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

0 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

15 kBTransfer

19 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

1 Cookies

Indicators

www.ai-promo-78.shop Open in urlscan Pro
2606:4700:30::681b:b580 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

0 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

15 kB
Transfer

19 kB
Size

1
Cookies

4 HTTP transactions
0 data transactions