urlscan.io logo urlscan.io
SecurityTrails logo

www.sa5617.live Open in urlscan Pro
104.21.66.191  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.sa5617.live/
Submission: On December 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 104.21.66.191, located in and belongs to CLOUDFLARENET, US. The main domain is www.sa5617.live.
TLS certificate: Issued by GTS CA 1P5 on December 9th 2023. Valid for: 3 months.
This is the only time www.sa5617.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 104.21.66.191 13335 (CLOUDFLAR...)
1 104.18.30.111 13335 (CLOUDFLAR...)
4 2
Apex Domain
Subdomains		 Transfer
3 sa5617.live
www.sa5617.live
39 KB
1 afunimg8.com
web-res-ccc.afunimg8.com
2 KB
4 2
Domain Requested by
3 www.sa5617.live www.sa5617.live
1 web-res-ccc.afunimg8.com www.sa5617.live
4 2

This site contains no links.

Subject Issuer Validity Valid
sa5617.live
GTS CA 1P5		 2023-12-09 -
2024-03-08		 3 months crt.sh
afunimg8.com
GTS CA 1P5		 2023-10-19 -
2024-01-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.sa5617.live/
Frame ID: A3B975B260B90DE2DA7190108A2ACE65
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Receba 100 BRL de graça,Pix SAQUE RÁPIDO.

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

41 kB
Transfer

181 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sa5617.live/ 		179 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sa5617.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.66.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Nuxt
Resource Hash
ba39a2f86bd5dea9ca53249f2784e775baed3266d709dacc9338a93fd12303be

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
200590
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=300
cf-cache-status
HIT
cf-ray
834e8cc15c1c434f-EWR
content-encoding
br
content-type
text/html;charset=utf-8
date
Wed, 13 Dec 2023 13:28:21 GMT
last-modified
Mon, 11 Dec 2023 05:45:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHFswAE9taFy1XgatdStoOSCjy0fyQr7iG7UDw7pDAzOn0vBzcq4IX2QZPyN3Fa%2F8T8XpgTwOxGewIoDuffaiiNE6JdyL38%2Ffeu0Q7nMIQyeQcz0psI%2FwasNa5%2BC%2BhwVhTg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding
x-powered-by
Nuxt
entry.30bfcea6.js
www.sa5617.live/static/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sa5617.live/static/entry.30bfcea6.js
Requested by
Host: www.sa5617.live
URL: https://www.sa5617.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.66.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.sa5617.live/
Origin
https://www.sa5617.live
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:28:22 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9niLPFd1bsLz9L8bZhHZ1TNrNGmIt%2Fb8iGihDUFOMDJBrWCbBc0puFZM1C0rKAcmh%2F60PWI5NX%2BDyTTihLRN796jdne%2F9D%2F2XfvxrCiWxyAsGZxpH8LSkUh1TeWUNkzgwqc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
834e8cc19c52434f-EWR
alt-svc
h3=":443"; ma=86400
entry.f9204d8a.css
www.sa5617.live/static/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sa5617.live/static/entry.f9204d8a.css
Requested by
Host: www.sa5617.live
URL: https://www.sa5617.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.66.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.sa5617.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:28:22 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifcFhJx%2F1Wn%2BXeYCyMQ%2BUfvTojEBWdwXOVdr3tbuYaCiH8g1K6rMQlNLsxN6jj%2BQLwkOmfobmLWIaKO%2F4lbuj8Isvxp1TYzR6DvXnXxROQNB4Zm3WUvhHaSnMddOO4%2BRcJw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
834e8cc19c50434f-EWR
alt-svc
h3=":443"; ma=86400
loading.png
web-res-ccc.afunimg8.com/cdn-cgi/image/format=auto/afun/home/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://web-res-ccc.afunimg8.com/cdn-cgi/image/format=auto/afun/home/loading.png?skin=202310301710
Requested by
Host: www.sa5617.live
URL: https://www.sa5617.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bf4dbc907ee42eb58e1b48a3ac765ceec6eb69f29000dce391986c7c4e4ff76
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.sa5617.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 13 Dec 2023 13:28:22 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
1425
cf-resized
internal=ok/h q=0 n=15+0 c=0+23 v=2023.9.8 l=1425
last-modified
Mon, 30 Oct 2023 10:26:09 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"cf6ELlpdPwbkt16MF8vanKszCl1gWqs-rDoNB_ezzVDQ:653f84c1-1163"
vary
Accept, Accept-Encoding
content-type
image/avif
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
834e8cc3d9d65e73-EWR

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| globalObject object| __NUXT__

1 Cookies

Domain/Path Name / Value
.afunimg8.com/ Name: __cf_bm
Value: rdEi21Qtwya_IbOnlhLbpuqLaoj4FTu11ZVs9BCbh8g-1702474102-1-ATfEN0Lxsz6p8IuJgGya/xPpm2bdM41e3vmfBYPrFRWavIFyp6k575gciJop+6rX51jLVyUJ3WRhAyigb7WMSMM=

2 Console Messages

Source Level URL
Text
network error URL: https://www.sa5617.live/static/entry.f9204d8a.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.sa5617.live/static/entry.30bfcea6.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

web-res-ccc.afunimg8.com
www.sa5617.live
104.18.30.111
104.21.66.191
6bf4dbc907ee42eb58e1b48a3ac765ceec6eb69f29000dce391986c7c4e4ff76
ba39a2f86bd5dea9ca53249f2784e775baed3266d709dacc9338a93fd12303be