eventluckispin.zyns.com Open in urlscan Pro
5.189.183.39 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://eventluckispin.zyns.com/
Submission: On December 02 via manual (December 2nd 2020, 8:33:01 am UTC) from GB

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 5.189.183.39, located in Nuremberg, Germany and belongs to CONTABO, DE. The main domain is eventluckispin.zyns.com.

This is the only time eventluckispin.zyns.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
13	5.189.183.39 5.189.183.39	51167 (CONTABO) (CONTABO)
2	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
1	2.16.107.74 2.16.107.74	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	103.247.207.171 103.247.207.171	58521 (GARENA-SG...) (GARENA-SG Garena Online Pte Ltd)
4	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
21	5

13 5.189.183.39 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi475119.contaboserver.net

eventluckispin.zyns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.107.74 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-107-74.deploy.static.akamaitechnologies.com

cdngarenanow-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.247.207.171 (Singapore)

ASN58521 (GARENA-SG Garena Online Pte Ltd, SG)

turnamen.ff.garena.co.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	zyns.com eventluckispin.zyns.com	146 KB
4	gstatic.com fonts.gstatic.com	43 KB
2	googleapis.com fonts.googleapis.com	3 KB
1	garena.co.id turnamen.ff.garena.co.id	474 KB
1	akamaihd.net cdngarenanow-a.akamaihd.net	10 KB
21	5

	Domain	Requested by
13	eventluckispin.zyns.com	eventluckispin.zyns.com
4	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	eventluckispin.zyns.com
1	turnamen.ff.garena.co.id	eventluckispin.zyns.com
1	cdngarenanow-a.akamaihd.net	eventluckispin.zyns.com
21	5

This site contains no links.

Subject Issuer	Validity	Valid
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
*.ff.garena.co.id Let's Encrypt Authority X3	`2020-10-19` - `2021-01-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://eventluckispin.zyns.com/
Frame ID: 6D60D4B12A0CF6EC5779BFBDE8C723FC
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

21
Requests

10 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

676 kB
Transfer

970 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
eventluckispin.zyns.com/ 4 KB
2 KB 192ms
70ms Document
text/html 5.189.183.39
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://eventluckispin.zyns.com/
Protocol: HTTP/1.1
Server: 5.189.183.39 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi475119.contaboserver.net
Software: LiteSpeed /
Resource Hash: 134e0c3197a75d21c8c1d38b7f75ec86d65a94d7e1b69e9c78c1de8ede513c6f

Request headers

Host: eventluckispin.zyns.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Type: text/html
Last-Modified: Mon, 03 Aug 2020 22:57:50 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1462
Date: Wed, 02 Dec 2020 08:32:43 GMT
Server: LiteSpeed

GET
H/1.1 200
OK bootstrap.min.css
eventluckispin.zyns.com/Assets/css/ 114 KB
19 KB 40ms
33ms Stylesheet
text/css 5.189.183.39
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://eventluckispin.zyns.com/Assets/css/bootstrap.min.css
Requested by: Host: eventluckispin.zyns.com
URL: http://eventluckispin.zyns.com/
Protocol: HTTP/1.1
Server: 5.189.183.39 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi475119.contaboserver.net
Software: LiteSpeed /
Resource Hash: 4b4be84eb6b751d4269d69e69bd08658a44dbf3b0ba582430914d9cc4077f1d3

Request headers

Referer: http://eventluckispin.zyns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 08:32:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 22:57:50 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 19201
Expires: Wed, 09 Dec 2020 08:32:43 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 21 KB
2 KB 30ms
18ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Requested by

Host: eventluckispin.zyns.com
URL: http://eventluckispin.zyns.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

201a98cb41efcee55dfb27bffb9e2c403cc873f445b1ee44822b3805df86a9a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://eventluckispin.zyns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 08:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Dec 2020 08:32:43 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Wed, 02 Dec 2020 08:32:43 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 13 KB
1 KB 28ms
16ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Merriweather:400,300,300italic,400italic,700,700italic,900,900italic

Requested by

Host: eventluckispin.zyns.com
URL: http://eventluckispin.zyns.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a4cb71e2178a924d3da06386531aa262a8ef49ce1733405da2c0f3aa84e37d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://eventluckispin.zyns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 08:32:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 Dec 2020 08:32:43 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Wed, 02 Dec 2020 08:32:43 GMT

GET
H/1.1 200
OK font-awesome.min.css
eventluckispin.zyns.com/Assets/font-awesome/css/ 23 KB
6 KB 79ms
59ms Stylesheet
text/css 5.189.183.39
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://eventluckispin.zyns.com/Assets/font-awesome/css/font-awesome.min.css
Requested by: Host: eventluckispin.zyns.com
URL: http://eventluckispin.zyns.com/
Protocol: HTTP/1.1
Server: 5.189.183.39 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi475119.contaboserver.net
Software: LiteSpeed /
Resource Hash: 01d74a54e8c921b9248c1509d59967c39ae3ee6addebb4024d1eb941ae23b088

Request headers

Referer: http://eventluckispin.zyns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 08:32:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 22:57:50 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5389
Expires: Wed, 09 Dec 2020 08:32:43 GMT

GET
H/1.1 200
OK animate.min.css
eventluckispin.zyns.com/Assets/css/ 52 KB
4 KB 86ms
66ms Stylesheet
text/css 5.189.183.39
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://eventluckispin.zyns.com/Assets/css/animate.min.css
Requested by: Host: eventluckispin.zyns.com
URL: http://eventluckispin.zyns.com/
Protocol: HTTP/1.1
Server: 5.189.183.39 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi475119.contaboserver.net
Software: LiteSpeed /
Resource Hash: 85a07b18bdaadf71b43aac789a3103ec138a0223acfbc7e3a99ac65906466a2d

Request headers

Referer: http://eventluckispin.zyns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 08:32:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 22:57:50 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3681
Expires: Wed, 09 Dec 2020 08:32:43 GMT

GET
H/1.1 200
OK creative.css
eventluckispin.zyns.com/Assets/css/ 11 KB
3 KB 65ms
45ms Stylesheet
text/css 5.189.183.39
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://eventluckispin.zyns.com/Assets/css/creative.css
Requested by: Host: eventluckispin.zyns.com
URL: http://eventluckispin.zyns.com/
Protocol: HTTP/1.1
Server: 5.189.183.39 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi475119.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8d4078cb457cf9fb87af1102a9ec334300c62d718c26ade0501875aa4a6034d1

Request headers

Referer: http://eventluckispin.zyns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 08:32:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 22:57:50 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2256
Expires: Wed, 09 Dec 2020 08:32:43 GMT

GET
H/1.1 200
OK button_daftarsekarang.png
eventluckispin.zyns.com/ 8 KB
8 KB 40ms
40ms Image
image/png 5.189.183.39
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://eventluckispin.zyns.com/button_daftarsekarang.png
Requested by: Host: eventluckispin.zyns.com
URL: http://eventluckispin.zyns.com/
Protocol: HTTP/1.1
Server: 5.189.183.39 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi475119.contaboserver.net
Software: LiteSpeed /
Resource Hash: eb1e2b38f7f8d879a2954a17aa63523e9c9c38f2d7a04beaae21b00992cfaa15

Request headers

Referer: http://eventluckispin.zyns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 08:32:43 GMT
Last-Modified: Mon, 03 Aug 2020 22:57:50 GMT
Server: LiteSpeed
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 8039
Expires: Wed, 09 Dec 2020 08:32:43 GMT

GET
H2 200 logo-ff.png
cdngarenanow-a.akamaihd.net/webid/FF/ 9 KB
10 KB 874ms
829ms Image
image/png 2.16.107.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdngarenanow-a.akamaihd.net/webid/FF/logo-ff.png
Requested by: Host: eventluckispin.zyns.com
URL: http://eventluckispin.zyns.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.74 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-107-74.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0571fd20fe2a6802509e1693f3cf529513dcbe2cf518d4af1b673be4ea000c45

Request headers

Referer: http://eventluckispin.zyns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 08:32:43 GMT
content-encoding: gzip
last-modified: Thu, 09 Jan 2020 07:56:52 GMT
server: AkamaiNetStorage
etag: "2bcb3dca2518f3e3c86c4f2a790c6742:1578556619.050175"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 9682

GET
H/1.1 200
OK jquery.js Show response
eventluckispin.zyns.com/Assets/js/ 94 KB
33 KB 78ms
58ms Script
application/javascript 5.189.183.39
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://eventluckispin.zyns.com/Assets/js/jquery.js
Requested by: Host: eventluckispin.zyns.com
URL: http://eventluckispin.zyns.com/
Protocol: HTTP/1.1
Server: 5.189.183.39 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi475119.contaboserver.net
Software: LiteSpeed /
Resource Hash: 24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1

Request headers

Referer: http://eventluckispin.zyns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 08:32:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 22:57:50 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33347
Expires: Wed, 09 Dec 2020 08:32:43 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
eventluckispin.zyns.com/Assets/js/ 35 KB
10 KB 76ms
57ms Script
application/javascript 5.189.183.39
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://eventluckispin.zyns.com/Assets/js/bootstrap.min.js
Requested by: Host: eventluckispin.zyns.com
URL: http://eventluckispin.zyns.com/
Protocol: HTTP/1.1
Server: 5.189.183.39 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi475119.contaboserver.net
Software: LiteSpeed /
Resource Hash: c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892

Request headers

Referer: http://eventluckispin.zyns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 08:32:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 22:57:50 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 9422
Expires: Wed, 09 Dec 2020 08:32:43 GMT

GET
H/1.1 200
OK jquery.easing.min.js Show response
eventluckispin.zyns.com/Assets/js/ 5 KB
2 KB 32ms
31ms Script
application/javascript 5.189.183.39
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://eventluckispin.zyns.com/Assets/js/jquery.easing.min.js
Requested by: Host: eventluckispin.zyns.com
URL: http://eventluckispin.zyns.com/
Protocol: HTTP/1.1
Server: 5.189.183.39 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi475119.contaboserver.net
Software: LiteSpeed /
Resource Hash: ecfc183e33d25d24aa7c06218e0a413488fff8774e4b4b87543c766db9b0b8ba

Request headers

Referer: http://eventluckispin.zyns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 08:32:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 22:57:50 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1900
Expires: Wed, 09 Dec 2020 08:32:43 GMT

GET
H/1.1 200
OK jquery.fittext.js Show response
eventluckispin.zyns.com/Assets/js/ 1 KB
938 B 42ms
30ms Script
application/javascript 5.189.183.39
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://eventluckispin.zyns.com/Assets/js/jquery.fittext.js
Requested by: Host: eventluckispin.zyns.com
URL: http://eventluckispin.zyns.com/
Protocol: HTTP/1.1
Server: 5.189.183.39 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi475119.contaboserver.net
Software: LiteSpeed /
Resource Hash: c499a934a3a4111346993c847d1b0ecd309295fb2d3f0e57b9d44ecaac732e17

Request headers

Referer: http://eventluckispin.zyns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 08:32:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 22:57:50 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 586
Expires: Wed, 09 Dec 2020 08:32:43 GMT

GET
H/1.1 200
OK wow.min.js Show response
eventluckispin.zyns.com/Assets/js/ 8 KB
3 KB 33ms
32ms Script
application/javascript 5.189.183.39
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://eventluckispin.zyns.com/Assets/js/wow.min.js
Requested by: Host: eventluckispin.zyns.com
URL: http://eventluckispin.zyns.com/
Protocol: HTTP/1.1
Server: 5.189.183.39 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi475119.contaboserver.net
Software: LiteSpeed /
Resource Hash: cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5

Request headers

Referer: http://eventluckispin.zyns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 08:32:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 22:57:50 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2697
Expires: Wed, 09 Dec 2020 08:32:43 GMT

GET
H/1.1 200
OK creative.js Show response
eventluckispin.zyns.com/Assets/js/ 1 KB
1 KB 33ms
32ms Script
application/javascript 5.189.183.39
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://eventluckispin.zyns.com/Assets/js/creative.js
Requested by: Host: eventluckispin.zyns.com
URL: http://eventluckispin.zyns.com/
Protocol: HTTP/1.1
Server: 5.189.183.39 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi475119.contaboserver.net
Software: LiteSpeed /
Resource Hash: 41f0297d6be44acaaff666872d5e4318167760ef061bb5205b81875ee4c53ccc

Request headers

Referer: http://eventluckispin.zyns.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 08:32:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Aug 2020 22:57:50 GMT
Server: LiteSpeed
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 675
Expires: Wed, 09 Dec 2020 08:32:43 GMT

GET
H2 200 Free_Fire_Royale_Combat_Season_5_FFRC_Season_5.jpg
turnamen.ff.garena.co.id/wp-content/uploads/2020/06/ 473 KB
474 KB 728ms
183ms Image
image/jpeg 103.247.207.171
GARENA-SG Garena ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://turnamen.ff.garena.co.id/wp-content/uploads/2020/06/Free_Fire_Royale_Combat_Season_5_FFRC_Season_5.jpg
Requested by: Host: eventluckispin.zyns.com
URL: http://eventluckispin.zyns.com/Assets/css/creative.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.247.207.171 , Singapore, ASN58521 (GARENA-SG Garena Online Pte Ltd, SG),
Reverse DNS
Software: nginx/1.19.1 /
Resource Hash: f2867b3e4bff086d84887e79535979df3670186ac47bf2e1ea9ad53f340834d1

Request headers

Referer: http://eventluckispin.zyns.com/Assets/css/creative.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 08:32:43 GMT
last-modified: Wed, 17 Jun 2020 06:36:48 GMT
server: nginx/1.19.1
etag: "5ee9ba00-76548"
content-type: image/jpeg
expires: Thu, 02 Dec 2021 08:32:43 GMT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 484680
x-proxy-cache: HIT

GET
H/1.1 200
OK mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 13ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://eventluckispin.zyns.com
Referer: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Nov 2020 11:20:58 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:10:27 GMT
Server: sffe
Age: 508305
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9080
X-XSS-Protection: 0
Expires: Fri, 26 Nov 2021 11:20:58 GMT

GET
H/1.1 200
OK u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2
fonts.gstatic.com/s/merriweather/v22/ 12 KB
12 KB 13ms
6ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6hPvhPQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Merriweather:400,300,300italic,400italic,700,700italic,900,900italic

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://eventluckispin.zyns.com
Referer: http://fonts.googleapis.com/css?family=Merriweather:400,300,300italic,400italic,700,700italic,900,900italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Dec 2020 06:15:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Sep 2020 17:11:15 GMT
Server: sffe
Age: 94610
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 12192
X-XSS-Protection: 0
Expires: Wed, 01 Dec 2021 06:15:53 GMT

GET
H/1.1 200
OK u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2
fonts.gstatic.com/s/merriweather/v22/ 12 KB
12 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/merriweather/v22/u-440qyriQwlOrhSvowK_l5-fCZMdeX3rg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Merriweather:400,300,300italic,400italic,700,700italic,900,900italic

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://eventluckispin.zyns.com
Referer: http://fonts.googleapis.com/css?family=Merriweather:400,300,300italic,400italic,700,700italic,900,900italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Dec 2020 20:22:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 10 Sep 2020 17:10:13 GMT
Server: sffe
Age: 43838
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 12256
X-XSS-Protection: 0
Expires: Wed, 01 Dec 2021 20:22:05 GMT

GET
H/1.1 200
OK mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 12ms
5ms Font
font/woff2 2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

HTTP/1.1

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://eventluckispin.zyns.com
Referer: http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 01 Dec 2020 21:49:32 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Sep 2020 18:09:28 GMT
Server: sffe
Age: 38591
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 9132
X-XSS-Protection: 0
Expires: Wed, 01 Dec 2021 21:49:32 GMT

GET
H/1.1 200
OK fontawesome-webfonte0a5.woff2
eventluckispin.zyns.com/Assets/font-awesome/fonts/ 55 KB
56 KB 33ms
32ms Font
font/woff2 5.189.183.39
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: http://eventluckispin.zyns.com/Assets/font-awesome/fonts/fontawesome-webfonte0a5.woff2
Requested by: Host: eventluckispin.zyns.com
URL: http://eventluckispin.zyns.com/Assets/font-awesome/css/font-awesome.min.css
Protocol: HTTP/1.1
Server: 5.189.183.39 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi475119.contaboserver.net
Software: LiteSpeed /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Origin: http://eventluckispin.zyns.com
Referer: http://eventluckispin.zyns.com/Assets/font-awesome/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 08:32:43 GMT
Last-Modified: Mon, 03 Aug 2020 22:57:50 GMT
Server: LiteSpeed
Content-Type: font/woff2
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 56780
Expires: Wed, 09 Dec 2020 08:32:43 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdngarenanow-a.akamaihd.net
eventluckispin.zyns.com
fonts.googleapis.com
fonts.gstatic.com
turnamen.ff.garena.co.id
103.247.207.171
2.16.107.74
2a00:1450:4001:814::2003
2a00:1450:4001:814::200a
5.189.183.39
01d74a54e8c921b9248c1509d59967c39ae3ee6addebb4024d1eb941ae23b088
0571fd20fe2a6802509e1693f3cf529513dcbe2cf518d4af1b673be4ea000c45
134e0c3197a75d21c8c1d38b7f75ec86d65a94d7e1b69e9c78c1de8ede513c6f
201a98cb41efcee55dfb27bffb9e2c403cc873f445b1ee44822b3805df86a9a7
24262baafef17092927c3dafe764aaa52a2a371b83ed2249cca7e414df99fac1
41f0297d6be44acaaff666872d5e4318167760ef061bb5205b81875ee4c53ccc
4b4be84eb6b751d4269d69e69bd08658a44dbf3b0ba582430914d9cc4077f1d3
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
7a4cb71e2178a924d3da06386531aa262a8ef49ce1733405da2c0f3aa84e37d3
85a07b18bdaadf71b43aac789a3103ec138a0223acfbc7e3a99ac65906466a2d
8d4078cb457cf9fb87af1102a9ec334300c62d718c26ade0501875aa4a6034d1
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b986fbc59b4f9794ff0d1bd475093053df31b2b79b545daf4125f0abf912716b
c499a934a3a4111346993c847d1b0ecd309295fb2d3f0e57b9d44ecaac732e17
c8eeec83fe8bf655eeeda291466d268770436dde4e3e40416a85d05d3893e892
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
e4fa437e044d3f739bd5e4aa2d1bd94e3952e888baec655763cd7969576001da
eb1e2b38f7f8d879a2954a17aa63523e9c9c38f2d7a04beaae21b00992cfaa15
ecfc183e33d25d24aa7c06218e0a413488fff8774e4b4b87543c766db9b0b8ba
f2867b3e4bff086d84887e79535979df3670186ac47bf2e1ea9ad53f340834d1

eventluckispin.zyns.com Open in urlscan Pro 5.189.183.39 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

21 Requests

10 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

676 kBTransfer

970 kBSize

0 Cookies

0 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

0 Cookies

Indicators

eventluckispin.zyns.com Open in urlscan Pro
5.189.183.39 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

10 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

676 kB
Transfer

970 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!