evsbckej.tules.xyz Open in urlscan Pro
172.67.153.72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://evsbckej.tules.xyz/
Effective URL:
https://evsbckej.tules.xyz/verify.php
Submission: On July 26 via api (July 26th 2024, 6:24:32 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 15 HTTP transactions. The main IP is 172.67.153.72, located in United States and belongs to CLOUDFLARENET, US. The main domain is evsbckej.tules.xyz.
TLS certificate: Issued by WE1 on June 13th 2024. Valid for: 3 months.

This is the only time evsbckej.tules.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	172.67.153.72 172.67.153.72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.67.139.119 172.67.139.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	4

7 172.67.153.72 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

evsbckej.tules.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	tules.xyz 1 redirects evsbckej.tules.xyz	39 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 3618 ka-f.fontawesome.com — Cisco Umbrella Rank: 7493	35 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	107 KB
15	3

	Domain	Requested by
7	evsbckej.tules.xyz	1 redirects evsbckej.tules.xyz
4	ka-f.fontawesome.com	kit.fontawesome.com
4	cdn.jsdelivr.net	evsbckej.tules.xyz
1	kit.fontawesome.com	evsbckej.tules.xyz
15	4

This site contains no links.

Subject Issuer	Validity	Valid
tules.xyz WE1	`2024-06-13` - `2024-09-11`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
ka-f.fontawesome.com WE1	`2024-07-01` - `2024-09-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://evsbckej.tules.xyz/verify.php
Frame ID: 9122A703038C00254CA787CE7C6F39F5
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Konfirmasi: Anda Bukan Robot!

Page URL History Show full URLs

https://evsbckej.tules.xyz/ HTTP 302
https://evsbckej.tules.xyz/verify.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

180 kB
Transfer

1236 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://evsbckej.tules.xyz/ HTTP 302
https://evsbckej.tules.xyz/verify.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request verify.php Show response
evsbckej.tules.xyz/
Redirect Chain

https://evsbckej.tules.xyz/
https://evsbckej.tules.xyz/verify.php

4 KB
2 KB

249ms
247ms

Document
text/html

172.67.153.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://evsbckej.tules.xyz/verify.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.153.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eadbeef6b4f839e8c6339001d18bd2beb6ee0eb4b927fab64a3098933d97a444

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8a966d21aa2a3735-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 26 Jul 2024 18:24:23 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=81Xp4o5Gx1i5vMlDvN%2BrCGpfDplYpkJiKq9XA0PSiZwnhchz39gHVWyaojrOwRwSLeodqz1mzKhXaWJy6M0RkGqOaFkQP%2Fv6R6JlqLiKDX1pF41jN393peg0yjp3JZXscpLpC8A%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8a966d178cf83735-FRA
content-type: text/html; charset=UTF-8
date: Fri, 26 Jul 2024 18:24:23 GMT
location: verify.php
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xs8z%2Bi7FrEhpu9NkXcdhGfiAIEQREK3ZM74hWpxNV%2BRl32LeFzEXNN4WgHqrEWwM8WgG9ihLAVk4SuPqJm1K2wNh7KpTwuf1WqZEu0FPIz1RRW12s3NQaHgq0LmvXDQ6Z6MK7fo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-turbo-charged-by: LiteSpeed

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/ 227 KB
34 KB 444ms
78ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/bootstrap.min.css

Requested by

Host: evsbckej.tules.xyz
URL: https://evsbckej.tules.xyz/verify.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://evsbckej.tules.xyz/
Origin: https://evsbckej.tules.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 Jul 2024 18:24:23 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2741345
x-jsd-version: 5.3.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 34728
x-served-by: cache-fra-eddf8230044-FRA, cache-cph2320025-CPH
x-jsd-version-type: version
etag: W/"38d97-sT73BUPXDB7H/dVqXrydfWQCOFE"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
25 KB 517ms
151ms Stylesheet
text/css 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: evsbckej.tules.xyz
URL: https://evsbckej.tules.xyz/verify.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://evsbckej.tules.xyz/
Origin: https://evsbckej.tules.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 Jul 2024 18:24:23 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4452177
x-jsd-version: 5.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25360
x-served-by: cache-fra-eddf8230097-FRA, cache-cph2320025-CPH
x-jsd-version-type: version
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 bg.jpg
evsbckej.tules.xyz/img/ 36 KB
36 KB 594ms
591ms Image
image/jpeg 172.67.153.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evsbckej.tules.xyz/img/bg.jpg
Requested by: Host: evsbckej.tules.xyz
URL: https://evsbckej.tules.xyz/verify.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.153.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a88fb23c51f685e5f161c3b8c12aa3f9c36baabcb280b1ecebb66811c6fc0416

Request headers

Referer: https://evsbckej.tules.xyz/verify.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:24:24 GMT
cf-cache-status: MISS
last-modified: Sun, 19 May 2024 07:21:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2B3RIiqO9jZmzmenLfMSzkZcOtGJQh7Qti7MkUN8AVA%2FdtUb48eINFeRL3HkIuDCIjWl8HhXGmmioGICUCx9Ltl20pMAj0dj5lKItkCXqRmbTQwM6fBN%2BD7FkJkUut6nEQjYdlk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8a966d237cba3735-FRA
alt-svc: h3=":443"; ma=86400
content-length: 36622
expires: Fri, 02 Aug 2024 18:24:23 GMT

GET
H2 200 a3240eb6ad.js Show response
kit.fontawesome.com/ 13 KB
5 KB 532ms
173ms Script
text/javascript 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/a3240eb6ad.js
Requested by: Host: evsbckej.tules.xyz
URL: https://evsbckej.tules.xyz/verify.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f15c23d75ca9fb0cca1e4afec05a0fd4bc8d53d58166571e23027a635c3f47a

Request headers

Referer: https://evsbckej.tules.xyz/
Origin: https://evsbckej.tules.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:24:24 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 8a966d256d8a1913-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F-XWfMqUCLQDNxA7ZDyi

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 77 KB
24 KB 285ms
99ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: evsbckej.tules.xyz
URL: https://evsbckej.tules.xyz/verify.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://evsbckej.tules.xyz/
Origin: https://evsbckej.tules.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 Jul 2024 18:24:23 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4970144
x-jsd-version: 5.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23943
x-served-by: cache-fra-eddf8230080-FRA, cache-cph2320025-CPH
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/ 79 KB
25 KB 286ms
100ms Script
application/javascript 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/bootstrap.bundle.min.js

Requested by

Host: evsbckej.tules.xyz
URL: https://evsbckej.tules.xyz/verify.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d2ea6c1e0cabca20d18e924b25a1cd0187c38ba7c33f60ab06e1b0402b9bcdb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://evsbckej.tules.xyz/
Origin: https://evsbckej.tules.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 26 Jul 2024 18:24:23 GMT
x-content-type-options: nosniff
content-encoding: br
age: 2726720
x-jsd-version: 5.3.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25082
x-served-by: cache-fra-etou8220068-FRA, cache-cph2320025-CPH
x-jsd-version-type: version
etag: W/"13b1c-zlT4XyePvNXLIpL5wYbu32PNz4g"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.6.0/css/ 94 KB
22 KB 309ms
69ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.6.0/css/free.min.css?token=a3240eb6ad
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a3240eb6ad.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221

Request headers

Referer: https://evsbckej.tules.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:24:24 GMT
content-encoding: gzip
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jul 2024 22:20:40 GMT
server: cloudflare
etag: W/"4ca760f49cd8a14911c81e6c14328874"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2Fdq56obaglqPMdqv0DycfLcaXFl1pN6ryRdVKpVszkg0SqUtm6Y%2Fb%2BoeL%2BBmA49ssRc2ZmfyTPB%2BBIWXUFUxdCLm2U%2F7TBBT5OZ61LOvez0z0vtXP3DomADqYH9mN9BjfHSseqWvA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8a966d294c096ae0-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Lv7ZZlrYp3uYWs9yos6JZaAUiq_SOyOuVr2xSJ_nRglq464d50UIag==

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.6.0/css/ 27 KB
5 KB 385ms
146ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-shims.min.css?token=a3240eb6ad
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a3240eb6ad.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c

Request headers

Referer: https://evsbckej.tules.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:24:24 GMT
content-encoding: gzip
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
etag: W/"5e5b0d8c7be5919570a305b6bc229a36"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ATIdm1OsHRVRupWVJQnf%2F1jaf7kklVreTt7EX1TWV6NhHTN1YjYiD9ZL7GY7uJRX6j05q7gUktv7gmfzb%2F%2F5ihoD4OMsKWb2U9yGrzK5iJ9TGFqfpEnV%2BfHeExSXx7CcxTbR7bVMsw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8a966d294c0c6ae0-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: DdgJiuRNQEgb-n1AMt0ptvXd1I_DI1hWF156PA4IDbcRBI_aoOX_0w==

GET
H3 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.6.0/css/ 823 B
986 B 368ms
144ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v5-font-face.min.css?token=a3240eb6ad
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a3240eb6ad.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01

Request headers

Referer: https://evsbckej.tules.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:24:24 GMT
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
etag: W/"8972ae5004bc634ffa6641be3960e78a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LHHkKkXXwjBnlaGuTRUIub%2BJLSfxEQ%2B4MavU0f%2BeM1QerrH1f3yfZ2ECdA48XJUlSfrCnDaXqQdChtvOv9M4XtEbtB%2BeF8PeQe48ibnXdSXG%2FclmA4gDikcXSFRQ%2F9TaiTERrrDHNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8a966d294c066ae0-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: gRtao4ubejVueBWTZHwUOEglvahwHungdk25KnKEJUuRwdG2aQBDgw==

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.6.0/css/ 2 KB
1 KB 353ms
131ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-font-face.min.css?token=a3240eb6ad
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/a3240eb6ad.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a

Request headers

Referer: https://evsbckej.tules.xyz/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:24:24 GMT
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 15 Jul 2024 22:20:39 GMT
server: cloudflare
etag: W/"a5a0c9048efb7cb5df90023064d09ba4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IKGiS1glva4WJwgDefm6xmTx39umTXEOK3vurmSF2v3Mqt%2FxuNwOSWAU7SCp%2BQOogl3%2Bm1%2FG6IiFLHSHDNOFThuEsZrmaS%2FTGnrfyL50TTCpn6I7EBUwNH%2FImY3NKlfYKhggbVY2Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 8a966d294c046ae0-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: G8pfNDEuu8A6_7YXZ_BhjU2dwP1aDqQqpgqJ9DQ5LonTb66zq0Ti-w==

GET
H3 200 ff.png
evsbckej.tules.xyz/img/ 525 KB
0 2190ms
2189ms Image
image/png 172.67.153.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evsbckej.tules.xyz/img/ff.png
Requested by: Host: evsbckej.tules.xyz
URL: https://evsbckej.tules.xyz/verify.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.153.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://evsbckej.tules.xyz/verify.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 26 Jul 2024 18:24:26 GMT
cf-cache-status: MISS
last-modified: Sun, 19 May 2024 07:21:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7YQa3VzfYEwjNIqJR3B9t4vZkh42hyV6oVGRUcfellkV5ABdDyM71HIorbPUQvlFDs%2B4XO6n62fRRagbLW6JForywRWbfW2KLAmjAScQLrudb%2FVs3JsR4Sjmhh35HWepDhACIF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8a966d284aff3735-FRA
alt-svc: h3=":443"; ma=86400
content-length: 698187
expires: Fri, 02 Aug 2024 18:24:25 GMT

GET
H3 404 laza.woff2
evsbckej.tules.xyz/fonts/ 0
0 462ms
461ms Font
text/html 172.67.153.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://evsbckej.tules.xyz/fonts/laza.woff2
Requested by: Host: evsbckej.tules.xyz
URL: https://evsbckej.tules.xyz/verify.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.153.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://evsbckej.tules.xyz/verify.php
Origin: https://evsbckej.tules.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jul 2024 18:24:24 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dab8HunhWx%2FvT4eBXr5uAjAnJQZg6CkvOlqhz6k3GjSXRxcyMtTKeEDKoJ8gwFKxZ8SlPqahKuV5AB37iATJfcbcVRCoCwOxIY8Q8PjOWyPMIwD3E3jR9loqfp0zRoR0ur2zsEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 8a966d289b5f3735-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 laza.woff
evsbckej.tules.xyz/fonts/ 0
0 425ms
420ms Font
text/html 172.67.153.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://evsbckej.tules.xyz/fonts/laza.woff
Requested by: Host: evsbckej.tules.xyz
URL: https://evsbckej.tules.xyz/verify.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.153.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://evsbckej.tules.xyz/verify.php
Origin: https://evsbckej.tules.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jul 2024 18:24:25 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9k4M4YWA3uZQqUHxUvGCPU%2F0jYjrDaA0sc0LqS4tC3fb5IpuOLJQniTj6j10mLrXuBH4rcdQ7E%2FTIc6VD68w5i2YCkT2U%2Fj8jVXlzqVJq2sr5j1XdzjTqMPvqvy9lH8OVq4rsB8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 8a966d2bcf7e3735-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 laza.ttf
evsbckej.tules.xyz/fonts/ 0
0 958ms
957ms Font
text/html 172.67.153.72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://evsbckej.tules.xyz/fonts/laza.ttf
Requested by: Host: evsbckej.tules.xyz
URL: https://evsbckej.tules.xyz/verify.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.153.72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://evsbckej.tules.xyz/verify.php
Origin: https://evsbckej.tules.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jul 2024 18:24:25 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yrFlpysM1VdAzQv%2FkjmVC75Xp%2BT7cDmbcHtg5MCttonTFvTC59%2BXJ2hMaoJXf0BsgO%2BSLaRCL7iGS%2FgUG3bg1tFLICmdTEgSH%2BUj3w4hWOXSpnMR9KbUPsxIQvFkYfeWsr%2B2J6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 8a966d2e7b173735-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| FontAwesomeKitConfig number| uidEvent object| bootstrap

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			evsbckej.tules.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0f8b6764384ba0ec272294b354d40039

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://evsbckej.tules.xyz/fonts/laza.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://evsbckej.tules.xyz/fonts/laza.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://evsbckej.tules.xyz/fonts/laza.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
evsbckej.tules.xyz
ka-f.fontawesome.com
kit.fontawesome.com
172.67.139.119
172.67.153.72
2606:4700:4400::ac40:93bc
2a04:4e42:600::485
1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01
8f15c23d75ca9fb0cca1e4afec05a0fd4bc8d53d58166571e23027a635c3f47a
a88fb23c51f685e5f161c3b8c12aa3f9c36baabcb280b1ecebb66811c6fc0416
d2ea6c1e0cabca20d18e924b25a1cd0187c38ba7c33f60ab06e1b0402b9bcdb5
d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6
ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a
eadbeef6b4f839e8c6339001d18bd2beb6ee0eb4b927fab64a3098933d97a444
f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221

evsbckej.tules.xyz Open in urlscan Pro 172.67.153.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

50 %IPv6

3 Domains

4 Subdomains

4 IPs

1 Countries

180 kBTransfer

1236 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

evsbckej.tules.xyz Open in urlscan Pro
172.67.153.72 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

180 kB
Transfer

1236 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions