urlscan.io logo urlscan.io
SecurityTrails logo

wexefeyuzi.top Open in urlscan Pro
91.215.85.242  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://barsandbrew.com/yK2s81zB#blu7p71agpozghufxo7t2pcxsibs5mz5kbwi3
Effective URL: https://wexefeyuzi.top/dash/?p=284f988
Submission: On March 22 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 6 domains to perform 10 HTTP transactions. The main IP is 91.215.85.242, located in Russian Federation and belongs to PROSPERO-AS, RU. The main domain is wexefeyuzi.top.
TLS certificate: Issued by R3 on March 18th 2024. Valid for: 3 months.
This is the only time wexefeyuzi.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.93.20.144 57523 (CHANGWAY-AS)
2 193.143.1.175 198953 (PROTON66)
1 142.250.67.10 15169 (GOOGLE)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 139.99.133.174 16276 (OVH)
5 91.215.85.242 200593 (PROSPERO-AS)
10 5
1    45.93.20.144 (Russian Federation)

ASN57523 (CHANGWAY-AS, HK)
barsandbrew.com
2    193.143.1.175 (Moscow, Russian Federation)

ASN198953 (PROTON66, RU)
guryfuytu.top
1    142.250.67.10 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f10.1e100.net
ajax.googleapis.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    139.99.133.174 (Sydney, Australia)

ASN16276 (OVH, FR)
PTR: vps-3a55735c.vps.ovh.ca
pro.ip-api.com
5    91.215.85.242 (Russian Federation)

ASN200593 (PROSPERO-AS, RU)
wexefeyuzi.top
Apex Domain
Subdomains		 Transfer
5 wexefeyuzi.top
wexefeyuzi.top
12 KB
2 guryfuytu.top
guryfuytu.top
2 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5960
440 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 387
2 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 716
30 KB
1 barsandbrew.com
barsandbrew.com
908 B
10 6
Domain Requested by
5 wexefeyuzi.top guryfuytu.top
wexefeyuzi.top
2 guryfuytu.top ajax.googleapis.com
1 pro.ip-api.com ajax.googleapis.com
1 cdnjs.cloudflare.com guryfuytu.top
1 ajax.googleapis.com guryfuytu.top
1 barsandbrew.com 1 redirects
10 6

This site contains no links.

Subject Issuer Validity Valid
guryfuytu.top
R3		 2024-03-17 -
2024-06-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2023-12-21 -
2025-01-20		 a year crt.sh
wexefeyuzi.top
R3		 2024-03-18 -
2024-06-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://wexefeyuzi.top/dash/?p=284f988
Frame ID: F1A99F0369F341EA6303BB38C0EC1AE9
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IhRE1ng2ns

Page URL History Show full URLs

  1. https://barsandbrew.com/yK2s81zB HTTP 302
    https://guryfuytu.top/?u=a41374&o=c4y2&label=dd3&r=9223372036854775807=9223372036854775807 Page URL
  2. https://wexefeyuzi.top/dash/?p=284f988 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div [^>]*id="__nuxt"
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

4
Countries

47 kB
Transfer

3471 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://barsandbrew.com/yK2s81zB HTTP 302
    https://guryfuytu.top/?u=a41374&o=c4y2&label=dd3&r=9223372036854775807=9223372036854775807 Page URL
  2. https://wexefeyuzi.top/dash/?p=284f988 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://barsandbrew.com/yK2s81zB HTTP 302
  • https://guryfuytu.top/?u=a41374&o=c4y2&label=dd3&r=9223372036854775807=9223372036854775807

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
guryfuytu.top/
Redirect Chain
  • https://barsandbrew.com/yK2s81zB
  • https://guryfuytu.top/?u=a41374&o=c4y2&label=dd3&r=9223372036854775807=9223372036854775807
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://guryfuytu.top/?u=a41374&o=c4y2&label=dd3&r=9223372036854775807=9223372036854775807
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.143.1.175 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PHP/7.4.33
Resource Hash
c7ac8afd5760856d7c3d689a0ef85b208b1cbb4df7fd6a0b47b0e9508c475ab8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1173
Content-Type
text/html; charset=utf-8
Date
Fri, 22 Mar 2024 00:20:12 GMT
Expires
Fri, 22 Mar 2024 00:20:12 GMT
Server
nginx
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.33

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Mar 2024 00:20:11 GMT
Expires
0
Last-Modified
Fri, 22 Mar 2024 00:20:11 GMT
Location
https://guryfuytu.top/?u=a41374&o=c4y2&label=dd3&r=9223372036854775807=9223372036854775807
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.7.0/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js
Requested by
Host: guryfuytu.top
URL: https://guryfuytu.top/?u=a41374&o=c4y2&label=dd3&r=9223372036854775807=9223372036854775807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.10 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f10.1e100.net
Software
sffe /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://guryfuytu.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 15 Mar 2024 13:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
557557
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30433
x-xss-protection
0
last-modified
Wed, 17 May 2023 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 15 Mar 2025 13:27:36 GMT
device.min.js
cdnjs.cloudflare.com/ajax/libs/device.js/0.2.7/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/device.js/0.2.7/device.min.js
Requested by
Host: guryfuytu.top
URL: https://guryfuytu.top/?u=a41374&o=c4y2&label=dd3&r=9223372036854775807=9223372036854775807
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eff979b9e48677d58bca83cbe1c830ed046b4bd567a2a03d8030981c6654bf2f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://guryfuytu.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 00:20:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1843748
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
971
last-modified
Mon, 04 May 2020 16:09:29 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e39-ce0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kAIxHxGeBMsNSKvcclj1YxC0c8kp11TT9ICoCXIh0HoQSmnUkChyVjmUBmRdd7OxlVCxMHDj6i4dZuO9K4deF%2Bvxy35ZlrJXSmEMhTZp0YL7%2FmUbAQUTBPuSEWraqmqrJkewA3vf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
868203bd98aea955-SYD
expires
Wed, 12 Mar 2025 00:20:13 GMT
/
pro.ip-api.com/json/ 		284 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?key=LCrrWlmVK1ZgH1W
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.99.133.174 Sydney, Australia, ASN16276 (OVH, FR),
Reverse DNS
vps-3a55735c.vps.ovh.ca
Software
/
Resource Hash
fcbc310591686c82bcfb419ab67639855b0d6ba435d8bc871d5d963de3af8a61

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://guryfuytu.top/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 22 Mar 2024 00:20:13 GMT
Content-Length
284
Content-Type
application/json; charset=utf-8
click_stat.php
guryfuytu.top/lander/check/ 		38 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://guryfuytu.top/lander/check/click_stat.php?u=465&o=63&l=dd3&country=AU&browser=Chrome&device=0
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.143.1.175 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Referer
https://guryfuytu.top/?u=a41374&o=c4y2&label=dd3&r=9223372036854775807=9223372036854775807
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 22 Mar 2024 00:20:13 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Primary Request /
wexefeyuzi.top/dash/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wexefeyuzi.top/dash/?p=284f988
Requested by
Host: guryfuytu.top
URL: https://guryfuytu.top/?u=a41374&o=c4y2&label=dd3&r=9223372036854775807=9223372036854775807
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.215.85.242 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3d77aaf8b5b6b06e50058c8e09a2229e503b8c88574431f3d75a63f66fd631bf

Request headers

Referer
https://guryfuytu.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 22 Mar 2024 00:20:14 GMT
Server
nginx/1.18.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
entry.4e713294.js
wexefeyuzi.top/_nuxt/ 		3 MB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://wexefeyuzi.top/_nuxt/entry.4e713294.js
Requested by
Host: wexefeyuzi.top
URL: https://wexefeyuzi.top/dash/?p=284f988
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.215.85.242 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Referer
https://wexefeyuzi.top/dash/?p=284f988
Origin
https://wexefeyuzi.top
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 00:20:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Mar 2024 21:49:24 GMT
Server
nginx/1.18.0
ETag
W/"65ef7c64-36d85b"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Sat, 23 Mar 2024 00:20:14 GMT
entry.816a5a0f.css
wexefeyuzi.top/_nuxt/ 		49 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wexefeyuzi.top/_nuxt/entry.816a5a0f.css
Requested by
Host: wexefeyuzi.top
URL: https://wexefeyuzi.top/dash/?p=284f988
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.215.85.242 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
816a5a0f5b2b5e79d25af268686381bfd7f2d7db7e04c59adc55731d13b67812

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://wexefeyuzi.top/dash/?p=284f988
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 00:20:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Mar 2024 21:49:24 GMT
Server
nginx/1.18.0
ETag
W/"65ef7c64-c34d"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Sat, 23 Mar 2024 00:20:14 GMT
url.0b90d914.js
wexefeyuzi.top/_nuxt/ 		0
603 B 		Other
General
Check archive.org
Download Go to
Full URL
https://wexefeyuzi.top/_nuxt/url.0b90d914.js
Requested by
Host: wexefeyuzi.top
URL: https://wexefeyuzi.top/dash/?p=284f988
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.215.85.242 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wexefeyuzi.top/dash/?p=284f988
Origin
https://wexefeyuzi.top
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 00:20:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Mar 2024 21:49:24 GMT
Server
nginx/1.18.0
ETag
W/"65ef7c64-16e"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Sat, 23 Mar 2024 00:20:14 GMT
error-component.e8645654.js
wexefeyuzi.top/_nuxt/ 		0
990 B 		Other
General
Check archive.org
Download Go to
Full URL
https://wexefeyuzi.top/_nuxt/error-component.e8645654.js
Requested by
Host: wexefeyuzi.top
URL: https://wexefeyuzi.top/dash/?p=284f988
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
91.215.85.242 , Russian Federation, ASN200593 (PROSPERO-AS, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wexefeyuzi.top/dash/?p=284f988
Origin
https://wexefeyuzi.top
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Fri, 22 Mar 2024 00:20:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Mar 2024 21:49:24 GMT
Server
nginx/1.18.0
ETag
W/"65ef7c64-49e"
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Sat, 23 Mar 2024 00:20:15 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x1288 function| _0x494e object| __NUXT__

5 Cookies

Domain/Path Name / Value
barsandbrew.com/ Name: _subid
Value: 1knpp2q108sf
barsandbrew.com/ Name: 0c9c8
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjM5XCI6MTcxMTA2NjgxMSxcIjZcIjoxNzExMDY2ODExfSxcImNhbXBhaWduc1wiOntcIjMwXCI6MTcxMTA2NjgxMSxcIjNcIjoxNzExMDY2ODExfSxcInRpbWVcIjoxNzExMDY2ODExfSJ9.eYWG_Q0GFncLuLKDEo89AEJy0wz-3-7NNnYeiOQP8lo
.guryfuytu.top/ Name: u
Value: a41374
.guryfuytu.top/ Name: o
Value: c4y2
.guryfuytu.top/ Name: l
Value: dd3