windows.fog-play.com Open in urlscan Pro
2a03:6f00:1::5c35:60f5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://windows.fog-play.com/
Submission Tags: @phishunt_io
Submission: On July 20 via api (July 20th 2024, 7:19:46 pm UTC) from DE — Scanned from DE

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 2a03:6f00:1::5c35:60f5, located in Russian Federation and belongs to TIMEWEB-AS, RU. The main domain is windows.fog-play.com.
TLS certificate: Issued by R10 on July 20th 2024. Valid for: 3 months.

This is the only time windows.fog-play.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	2a03:6f00:1::... 2a03:6f00:1::5c35:60f5		9123 (TIMEWEB-AS) (TIMEWEB-AS)
12	2

9 2a03:6f00:1::5c35:60f5 (Russian Federation)

ASN9123 (TIMEWEB-AS, RU)

windows.fog-play.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	fog-play.com windows.fog-play.com	333 KB
0	Failed function sub() { [native code] }. Failed
12	2

	Domain	Requested by
9	windows.fog-play.com	windows.fog-play.com
0	scrapbook Failed	windows.fog-play.com
12	2

This site contains no links.

Subject Issuer	Validity	Valid
windows.fog-play.com R10	`2024-07-20` - `2024-10-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://windows.fog-play.com/
Frame ID: BDFF7BB8726AB6B9223E123F7D6AB510
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Windows

Page Statistics

12
Requests

75 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

333 kB
Transfer

567 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response windows.fog-play.com/	9 KB 3 KB	332ms 69ms	Document text/html	2a03:6f00:1::5c35:60f5 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://windows.fog-play.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:1::5c35:60f5 , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash `2da2439072fedb1da1dc1468ae97428caecf05f1c5054bfd7836deb76b1f49b8` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html; charset=utf-8 date Sat, 20 Jul 2024 19:19:42 GMT etag W/"2221-61db097028b61" last-modified Sat, 20 Jul 2024 16:49:05 GMT server nginx/1.24.0 vary Accept-Encoding
GET H2	200	2GUOWqbVnDcz.css windows.fog-play.com/css/	260 KB 32 KB	142ms 141ms	Stylesheet text/css	2a03:6f00:1::5c35:60f5 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://windows.fog-play.com/css/2GUOWqbVnDcz.css Requested by Host: windows.fog-play.com URL: https://windows.fog-play.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:1::5c35:60f5 , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash `4b947fae3e6a7ea0239f0c589ad03dbbeed3e989db7efb17114773d3356c59bf` Request headers Referer https://windows.fog-play.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 19:19:42 GMT content-encoding gzip last-modified Sat, 20 Jul 2024 16:49:05 GMT server nginx/1.24.0 etag W/"669bea81-411ad" vary Accept-Encoding content-type text/css cache-control max-age=31536000 expires Sun, 20 Jul 2025 19:19:42 GMT
GET H2	200	dhTxtZ5R8hit.png windows.fog-play.com/images/	2 KB 2 KB	143ms 142ms	Image image/png	2a03:6f00:1::5c35:60f5 TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://windows.fog-play.com/images/dhTxtZ5R8hit.png Requested by Host: windows.fog-play.com URL: https://windows.fog-play.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:1::5c35:60f5 , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash `bb540a06cf2f44e6addcb61c2d1707f599fcdc5d6d186805f3fc32235637e5b0` Request headers Referer https://windows.fog-play.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 19:19:42 GMT last-modified Sat, 20 Jul 2024 16:49:05 GMT server nginx/1.24.0 etag "669bea81-622" content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 1570 expires Sun, 20 Jul 2025 19:19:42 GMT
GET H2	200	PcgnHFj8jBNx.png windows.fog-play.com/images/	14 KB 14 KB	203ms 203ms	Image image/png	2a03:6f00:1::5c35:60f5 TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://windows.fog-play.com/images/PcgnHFj8jBNx.png Requested by Host: windows.fog-play.com URL: https://windows.fog-play.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:1::5c35:60f5 , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash `9ecdd3ff30c1afa9f005fe6de7f4c54eed7bec7c200b46a1dd01acf707c7bbda` Request headers Referer https://windows.fog-play.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 19:19:42 GMT last-modified Sat, 20 Jul 2024 16:49:05 GMT server nginx/1.24.0 etag "669bea81-37d0" content-type image/png cache-control max-age=31536000 accept-ranges bytes content-length 14288 expires Sun, 20 Jul 2025 19:19:42 GMT
GET H2	200	PsNlMDV8T0Vs.jpg windows.fog-play.com/images/	102 KB 102 KB	187ms 187ms	Image image/jpeg	2a03:6f00:1::5c35:60f5 TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://windows.fog-play.com/images/PsNlMDV8T0Vs.jpg Requested by Host: windows.fog-play.com URL: https://windows.fog-play.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:1::5c35:60f5 , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash `9bcfb86ffade687965d3c640ccd4d5d418e1cd8979965afab1544395f0242d8e` Request headers Referer https://windows.fog-play.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 19:19:42 GMT last-modified Sat, 20 Jul 2024 16:49:05 GMT server nginx/1.24.0 etag "669bea81-1972a" content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes content-length 104234 expires Sun, 20 Jul 2025 19:19:42 GMT
GET H2	200	quF49BbketkK.jpg windows.fog-play.com/images/	126 KB 126 KB	187ms 187ms	Image image/jpeg	2a03:6f00:1::5c35:60f5 TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://windows.fog-play.com/images/quF49BbketkK.jpg Requested by Host: windows.fog-play.com URL: https://windows.fog-play.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:1::5c35:60f5 , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash `b5c75e8ab4553b49a65d88b864bdbec1d9bab5aeb764341b7d3b0fc940119ae9` Request headers Referer https://windows.fog-play.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 19:19:42 GMT last-modified Sat, 20 Jul 2024 16:49:05 GMT server nginx/1.24.0 etag "669bea81-1f8b7" content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes content-length 129207 expires Sun, 20 Jul 2025 19:19:42 GMT
GET H2	200	W8T7oIan0Z0K.jpg windows.fog-play.com/images/	20 KB 21 KB	188ms 187ms	Image image/jpeg	2a03:6f00:1::5c35:60f5 TIMEWEB-AS
General Check archive.org Show headers Download Go to Show image Full URL https://windows.fog-play.com/images/W8T7oIan0Z0K.jpg Requested by Host: windows.fog-play.com URL: https://windows.fog-play.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:1::5c35:60f5 , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash `3ad7a60dae998a699f7b25fe3d0449d468dfc69e1e75ed8a41025a72e8b9008e` Request headers Referer https://windows.fog-play.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 19:19:42 GMT last-modified Sat, 20 Jul 2024 16:49:05 GMT server nginx/1.24.0 etag "669bea81-5192" content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes content-length 20882 expires Sun, 20 Jul 2025 19:19:42 GMT
GET H2	200	YWmxxZWKmJlf.svg windows.fog-play.com/images/	2 KB 761 B	188ms 187ms	Other image/svg+xml	2a03:6f00:1::5c35:60f5 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://windows.fog-play.com/images/YWmxxZWKmJlf.svg Requested by Host: windows.fog-play.com URL: https://windows.fog-play.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:1::5c35:60f5 , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash `642ddacc49d51bb2ec4f4359526847641ca5496f69b868fe788e98fbd0a89386` Request headers Referer https://windows.fog-play.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 19:19:42 GMT content-encoding gzip last-modified Sat, 20 Jul 2024 16:49:05 GMT server nginx/1.24.0 etag W/"669bea81-627" vary Accept-Encoding content-type image/svg+xml cache-control max-age=31536000 expires Sun, 20 Jul 2025 19:19:42 GMT
GET		css2 scrapbook:download:error:https://fonts.googleapis.com/	0 0

GET		btn-hover.png scrapbook:download:error:https://windows.quickprogram.ru/images/	0 0

GET		background.jpg scrapbook:download:error:https://windows.quickprogram.ru/images/	0 0

GET H2	200	Xkx8UsoVQxPM.ico windows.fog-play.com/	33 KB 33 KB	69ms 69ms	Other image/x-icon	2a03:6f00:1::5c35:60f5 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://windows.fog-play.com/Xkx8UsoVQxPM.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:6f00:1::5c35:60f5 , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS Software nginx/1.24.0 / Resource Hash `ed22a87a2f86064c42b61dc72a788c3aefd4bbc79589dc185d28934a054fd58a` Request headers Referer https://windows.fog-play.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 19:19:42 GMT last-modified Sat, 20 Jul 2024 16:49:05 GMT server nginx/1.24.0 accept-ranges bytes etag "821e-61db097029b01" content-length 33310 content-type image/x-icon

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: scrapbook
URL: urn:scrapbook:download:error:https://fonts.googleapis.com/css2?family=Montserrat:wght@300400&family=Orbitron:wght@400500600&display=swap

Domain: scrapbook
URL: urn:scrapbook:download:error:https://windows.quickprogram.ru/images/btn-hover.png

Domain: scrapbook
URL: urn:scrapbook:download:error:https://windows.quickprogram.ru/images/background.jpg

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: urn:scrapbook:download:error:https://fonts.googleapis.com/css2?family=Montserrat:wght@300400&family=Orbitron:wght@400500600&display=swap Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: urn:scrapbook:download:error:https://windows.quickprogram.ru/images/btn-hover.png Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: urn:scrapbook:download:error:https://windows.quickprogram.ru/images/background.jpg Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

scrapbook
windows.fog-play.com
scrapbook
2a03:6f00:1::5c35:60f5
2da2439072fedb1da1dc1468ae97428caecf05f1c5054bfd7836deb76b1f49b8
3ad7a60dae998a699f7b25fe3d0449d468dfc69e1e75ed8a41025a72e8b9008e
4b947fae3e6a7ea0239f0c589ad03dbbeed3e989db7efb17114773d3356c59bf
642ddacc49d51bb2ec4f4359526847641ca5496f69b868fe788e98fbd0a89386
9bcfb86ffade687965d3c640ccd4d5d418e1cd8979965afab1544395f0242d8e
9ecdd3ff30c1afa9f005fe6de7f4c54eed7bec7c200b46a1dd01acf707c7bbda
b5c75e8ab4553b49a65d88b864bdbec1d9bab5aeb764341b7d3b0fc940119ae9
bb540a06cf2f44e6addcb61c2d1707f599fcdc5d6d186805f3fc32235637e5b0
ed22a87a2f86064c42b61dc72a788c3aefd4bbc79589dc185d28934a054fd58a

windows.fog-play.com Open in urlscan Pro 2a03:6f00:1::5c35:60f5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

12 Requests

75 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

333 kBTransfer

567 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

windows.fog-play.com Open in urlscan Pro
2a03:6f00:1::5c35:60f5 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

75 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

333 kB
Transfer

567 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions