urlscan.io logo urlscan.io
SecurityTrails logo

vvtot150u.cfd Open in urlscan Pro
104.21.50.118  Public Scan

Go To Rescan Add Verdict Report
URL: https://vvtot150u.cfd/get-file-download/65d05b54e07cd__8a1375518111165509de9c2215d3657b3c4bef05/?source=2646&file=file
Submission Tags: @phish_report
Submission: On February 17 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 104.21.50.118, located in and belongs to CLOUDFLARENET, US. The main domain is vvtot150u.cfd.
TLS certificate: Issued by GTS CA 1P5 on February 15th 2024. Valid for: 3 months.
This is the only time vvtot150u.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 104.21.50.118 13335 (CLOUDFLAR...)
1 104.16.87.20 13335 (CLOUDFLAR...)
5 3
Apex Domain
Subdomains		 Transfer
3 vvtot150u.cfd
vvtot150u.cfd
655 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 353
33 KB
0 staggereddam.com Failed
staggereddam.com Failed
5 3
Domain Requested by
3 vvtot150u.cfd vvtot150u.cfd
1 cdn.jsdelivr.net vvtot150u.cfd
0 staggereddam.com Failed vvtot150u.cfd
5 3

This site contains links to these domains. Also see Links.

Domain
href.li
Subject Issuer Validity Valid
vvtot150u.cfd
GTS CA 1P5		 2024-02-15 -
2024-05-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://vvtot150u.cfd/get-file-download/65d05b54e07cd__8a1375518111165509de9c2215d3657b3c4bef05/?source=2646&file=file
Frame ID: AD39A61957FC2AB9C7ACF3DB0E220D11
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

file - FileShare

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

688 kB
Transfer

1908 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
vvtot150u.cfd/get-file-download/65d05b54e07cd__8a1375518111165509de9c2215d3657b3c4bef05/ 		822 KB
484 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vvtot150u.cfd/get-file-download/65d05b54e07cd__8a1375518111165509de9c2215d3657b3c4bef05/?source=2646&file=file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a74ec1580363a183e4de0d7839ae18e1f8c6c1637eb9dc957a7182df93b67445

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
856c56704e6e65cd-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 17 Feb 2024 07:32:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5VBwluY4jSs6iT%2FzswyIwZJ2%2Bh6NSvLj3tNRTxPhQTfjIf83b4Hjm4FcfDMeb5KTsW8qY%2BbZalxF%2FtSi%2BdiKGCku6wL7gDP19zRcVLqNMsH3g70R4KAoNe3dgBbalNhf"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
all.min.css
vvtot150u.cfd/falib/css/ 		100 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vvtot150u.cfd/falib/css/all.min.css
Requested by
Host: vvtot150u.cfd
URL: https://vvtot150u.cfd/get-file-download/65d05b54e07cd__8a1375518111165509de9c2215d3657b3c4bef05/?source=2646&file=file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 07:32:40 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 07 Jan 2023 12:31:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"18e06-5f1abb79f87e0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5GmUdQGwY6cNM9zWM%2FjEbGzmkS85ceKPkUQ6QjMbN%2FDFxWHVEwiHNKIsDgy9uB8%2FZ3wmy1Ml6Axw3PKUU9HURSPHqMj5%2BVImA%2FghNZeGQvD4ujXAqeMYtVgLAKdlLQ%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cf-ray
856c56744b5865cd-FRA
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/ 		227 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css
Requested by
Host: vvtot150u.cfd
URL: https://vvtot150u.cfd/get-file-download/65d05b54e07cd__8a1375518111165509de9c2215d3657b3c4bef05/?source=2646&file=file
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 07:32:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
775709
x-jsd-version
5.3.2
content-encoding
br
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220083-FRA, cache-lga21950-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RI3ZmuQH0pAUvy%2FBqENEz1zvVRp%2BVpXckbw6b%2BoKE0UsHY%2BDAl9Q0p%2FpY6lW1Jw8Q1y2OeLyO4F3BogxDCz50dkgQn1KirC6XNN5DvYV%2BHztFyLw8JtlDRdshgs%2B2OYcRZk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
856c56863a6e4c84-HEL
truncated
/ 		388 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bae624215fa1b25dfb437ccff086112c10c3d25b060196c7044fc212a66f230

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
invoke.js
staggereddam.com/208ef178a9a8a83d7d46d8fb356a0b76/ 		0
0
truncated
/ 		611 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d729e1a71feaba980ddadeaaefe32efc5eba749c12158658843b5821ceaf770

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/jpeg
fa-solid-900.woff2
vvtot150u.cfd/falib/webfonts/ 		147 KB
147 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://vvtot150u.cfd/falib/webfonts/fa-solid-900.woff2
Requested by
Host: vvtot150u.cfd
URL: https://vvtot150u.cfd/falib/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f06540fd77f1effe1e2da8ea10cec4a382dda9cc6ef05d816e1d6de444072f2

Request headers

Referer
https://vvtot150u.cfd/falib/css/all.min.css
Origin
https://vvtot150u.cfd
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 07:32:43 GMT
cf-cache-status
EXPIRED
last-modified
Sat, 07 Jan 2023 12:58:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"24bf4-5f1ac16139c42-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UCVS7hBh6FGtK%2F5jHsm%2FdqRVOxG36Fb6mZJR9A2qfwt7HrgwQu3yX1SnmqQtK99f1jBRmLRZnZxeOR8BngrfUYidIB0CdPk3r2VQzoZldyPeFQ3bycjrFc%2FpuMtl%2Bpr"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cf-ray
856c56871df365cd-FRA
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
staggereddam.com
URL
https://staggereddam.com/208ef178a9a8a83d7d46d8fb356a0b76/invoke.js

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| atOptions

0 Cookies

3 Console Messages

Source Level URL
Text
javascript warning URL: https://vvtot150u.cfd/get-file-download/65d05b54e07cd__8a1375518111165509de9c2215d3657b3c4bef05/?source=2646&file=file(Line 116)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://staggereddam.com/208ef178a9a8a83d7d46d8fb356a0b76/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://vvtot150u.cfd/get-file-download/65d05b54e07cd__8a1375518111165509de9c2215d3657b3c4bef05/?source=2646&file=file(Line 116)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://staggereddam.com/208ef178a9a8a83d7d46d8fb356a0b76/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://staggereddam.com/208ef178a9a8a83d7d46d8fb356a0b76/invoke.js
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED