jpwinslotterbesar.xyz Open in urlscan Pro
172.67.216.252 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pub-7566ed9b8b244b66991e28a23172e254.r2.dev/daftar.html
Effective URL:
https://jpwinslotterbesar.xyz/register?referral=anB3aW5zbG90X2hlcnJ5MQ==
Submission Tags: @phish_report
Submission: On June 11 via api (June 11th 2024, 5:04:39 am UTC) from FI — Scanned from FI

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 5 domains to perform 29 HTTP transactions. The main IP is 172.67.216.252, located in and belongs to . The main domain is jpwinslotterbesar.xyz.
TLS certificate: Issued by WE1 on June 10th 2024. Valid for: 3 months.

This is the only time jpwinslotterbesar.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	104.18.2.35 104.18.2.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.8.238 172.67.8.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	172.67.216.109 172.67.216.109	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.216.252 172.67.216.252	() ()
29	3

2 104.18.2.35 (None, )

ASN13335 (CLOUDFLARENET, US)

pub-7566ed9b8b244b66991e28a23172e254.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.8.238 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.216.109 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nano.ze6rd8wp.autos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.216.252 (None, )

ASN- ()

jpwinslotterbesar.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	r2.dev pub-7566ed9b8b244b66991e28a23172e254.r2.dev	27 KB
1	jpwinslotterbesar.xyz jpwinslotterbesar.xyz
1	ze6rd8wp.autos 1 redirects nano.ze6rd8wp.autos	486 B
1	cutt.ly 1 redirects cutt.ly — Cisco Umbrella Rank: 40350	397 B
0	googleapis.com Failed fonts.googleapis.com Failed
29	5

	Domain	Requested by
2	pub-7566ed9b8b244b66991e28a23172e254.r2.dev
1	jpwinslotterbesar.xyz	jpwinslotterbesar.xyz
1	nano.ze6rd8wp.autos	1 redirects
1	cutt.ly	1 redirects
0	fonts.googleapis.com Failed	jpwinslotterbesar.xyz
29	5

This site contains no links.

Subject Issuer	Validity	Valid
*.r2.dev E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
jpwinslotterbesar.xyz WE1	`2024-06-10` - `2024-09-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://jpwinslotterbesar.xyz/register?referral=anB3aW5zbG90X2hlcnJ5MQ==
Frame ID: 1D2DECF237D85AFBC6DE568B09F7405B
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://pub-7566ed9b8b244b66991e28a23172e254.r2.dev/daftar.html Page URL
https://cutt.ly/weuHEWKy HTTP 301
https://nano.ze6rd8wp.autos/links/ HTTP 302
https://jpwinslotterbesar.xyz/register?referral=anB3aW5zbG90X2hlcnJ5MQ== Page URL

Page Statistics

29
Requests

10 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

27 kB
Transfer

37 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pub-7566ed9b8b244b66991e28a23172e254.r2.dev/daftar.html Page URL
https://cutt.ly/weuHEWKy HTTP 301
https://nano.ze6rd8wp.autos/links/ HTTP 302
https://jpwinslotterbesar.xyz/register?referral=anB3aW5zbG90X2hlcnJ5MQ== Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK daftar.html
pub-7566ed9b8b244b66991e28a23172e254.r2.dev/ 155 B
464 B 1537ms
963ms Document
text/html 104.18.2.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-7566ed9b8b244b66991e28a23172e254.r2.dev/daftar.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.2.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
CF-RAY: 891f0f9b482b8d86-HEL
Connection: keep-alive
Content-Length: 155
Content-Type: text/html
Date: Tue, 11 Jun 2024 05:04:33 GMT
ETag: "626a9913a06ac41bdd96aadf4924fb43"
Last-Modified: Sat, 08 Jun 2024 22:12:09 GMT
Server: cloudflare
Vary: Accept-Encoding

GET
H2

200

Primary Request register
jpwinslotterbesar.xyz/
Redirect Chain

https://cutt.ly/weuHEWKy
https://nano.ze6rd8wp.autos/links/
https://jpwinslotterbesar.xyz/register?referral=anB3aW5zbG90X2hlcnJ5MQ==

10 KB
0

2557ms
1924ms

Document
text/html

172.67.216.252

General

Check archive.org

Show headers Download Go to

Full URL

https://jpwinslotterbesar.xyz/register?referral=anB3aW5zbG90X2hlcnJ5MQ==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.216.252 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://pub-7566ed9b8b244b66991e28a23172e254.r2.dev/daftar.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 891f0fb94d258f5d-CPH
content-encoding: br
content-language: en
content-type: text/html;charset=UTF-8
date: Tue, 11 Jun 2024 05:04:39 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U9M1Y1RylXHfvsrH6VAz9CyKbDxazHqOcbofSFGhJVWWLu5hZw8CiuAtuPARvvrKvcrNFjzXK0zjIDNLE0h3tk7O7e1t32ib2KyN%2FA%2FknwOblxUGziFS7uSqP%2F2cqjk0kET9i4SQT0A%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 891f0faa8f6a92ec-CPH
content-type: text/html; charset=UTF-8
date: Tue, 11 Jun 2024 05:04:36 GMT
location: https://jpwinslotterbesar.xyz/register?referral=anB3aW5zbG90X2hlcnJ5MQ==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pgyqITrbYXgGY7bQlBb6yZKUIQipVvQx25A9CfJfPAhT3KdDrD4UMKFt8e8yPPL8idgf9QLBNIcJFOA39wsdLm%2BjvTLE2rXUuDYEgmJL2YCyE6%2BI3nCRp28SfS0kMMboNyQjP0i6"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.2.12

GET
H/1.1 404
Not Found favicon.ico
pub-7566ed9b8b244b66991e28a23172e254.r2.dev/ 27 KB
27 KB 468ms
468ms Other
text/html 104.18.2.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-7566ed9b8b244b66991e28a23172e254.r2.dev/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.2.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://pub-7566ed9b8b244b66991e28a23172e254.r2.dev/daftar.html
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 11 Jun 2024 05:04:33 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 891f0fa17d268d86-HEL
Content-Length: 27242
Vary: Accept-Encoding
Content-Type: text/html

GET brands.css
jpwinslotterbesar.xyz/resources/plugins/font-awesome-6.0.0/css/ 0
0

GET solid.css
jpwinslotterbesar.xyz/resources/plugins/font-awesome-6.0.0/css/ 0
0

GET fontawesome.css
jpwinslotterbesar.xyz/resources/plugins/font-awesome-6.0.0/css/ 0
0

GET alertify.min.css
jpwinslotterbesar.xyz/resources/plugins/alertify/ 0
0

GET default.min.css
jpwinslotterbesar.xyz/resources/plugins/alertify/ 0
0

GET datatables.min.css
jpwinslotterbesar.xyz/resources/plugins/datatables/ 0
0

GET laydate.min.css
jpwinslotterbesar.xyz/resources/plugins/laydate/theme/default/ 0
0

GET jquery.lightslider.css
jpwinslotterbesar.xyz/resources/plugins/lightslider-1.1.3/css/ 0
0

GET bootstrap.min.css
jpwinslotterbesar.xyz/resources/css/common/ 0
0

GET animate.min.css
jpwinslotterbesar.xyz/resources/css/common/ 0
0

GET magnific-popup.css
jpwinslotterbesar.xyz/resources/css/common/ 0
0

GET shortClass.css
jpwinslotterbesar.xyz/resources/css/common/ 0
0

GET css2
fonts.googleapis.com/ 0
0

GET baseDesktop.css
jpwinslotterbesar.xyz/resources/css/T2/desktop/ 0
0

GET colorjpwinslot.css
jpwinslotterbesar.xyz/resources/css/T2/desktop/ 0
0

GET jquery-3.6.0.min.js
jpwinslotterbesar.xyz/resources/plugins/jquery/ 0
0

GET jquery.cookie.js
jpwinslotterbesar.xyz/resources/plugins/cookie/ 0
0

GET alertify.min.js
jpwinslotterbesar.xyz/resources/plugins/alertify/ 0
0

GET datatables.min.js
jpwinslotterbesar.xyz/resources/plugins/datatables/ 0
0

GET laydate.min.js
jpwinslotterbesar.xyz/resources/plugins/laydate/ 0
0

GET qrcode.js
jpwinslotterbesar.xyz/resources/plugins/qrCode/ 0
0

GET jquery.easing.1.3.js
jpwinslotterbesar.xyz/resources/plugins/lightslider-1.1.3/vendor/ 0
0

GET jquery.lightslider.js
jpwinslotterbesar.xyz/resources/plugins/lightslider-1.1.3/js/ 0
0

GET popper.min.js
jpwinslotterbesar.xyz/resources/js/common/ 0
0

GET bootstrap.min.js
jpwinslotterbesar.xyz/resources/js/common/ 0
0

GET countUp.min.js
jpwinslotterbesar.xyz/resources/plugins/countUp-2.0.7/dist/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/font-awesome-6.0.0/css/brands.css

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/font-awesome-6.0.0/css/solid.css

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/font-awesome-6.0.0/css/fontawesome.css

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/alertify/alertify.min.css

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/alertify/default.min.css

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/datatables/datatables.min.css

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/laydate/theme/default/laydate.min.css

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/lightslider-1.1.3/css/jquery.lightslider.css

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/css/common/bootstrap.min.css

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/css/common/animate.min.css

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/css/common/magnific-popup.css

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/css/common/shortClass.css?version=1.0.11

Domain: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quicksand&display=swap

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/css/T2/desktop/baseDesktop.css?version=1.3.30

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/css/T2/desktop/colorjpwinslot.css?version=1.5.20

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/jquery/jquery-3.6.0.min.js

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/cookie/jquery.cookie.js

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/alertify/alertify.min.js

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/datatables/datatables.min.js

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/laydate/laydate.min.js

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/qrCode/qrcode.js

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/lightslider-1.1.3/vendor/jquery.easing.1.3.js

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/lightslider-1.1.3/js/jquery.lightslider.js

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/js/common/popper.min.js

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/js/common/bootstrap.min.js

Domain: jpwinslotterbesar.xyz
URL: https://jpwinslotterbesar.xyz/resources/plugins/countUp-2.0.7/dist/countUp.min.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cutt.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: 77rq6ro8bup3h5fupa9uis0h9m

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pub-7566ed9b8b244b66991e28a23172e254.r2.dev/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cutt.ly
fonts.googleapis.com
jpwinslotterbesar.xyz
nano.ze6rd8wp.autos
pub-7566ed9b8b244b66991e28a23172e254.r2.dev
fonts.googleapis.com
jpwinslotterbesar.xyz
104.18.2.35
172.67.216.109
172.67.216.252
172.67.8.238

jpwinslotterbesar.xyz Open in urlscan Pro 172.67.216.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

29 Requests

10 %HTTPS

0 %IPv6

5 Domains

5 Subdomains

3 IPs

2 Countries

27 kBTransfer

37 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

jpwinslotterbesar.xyz Open in urlscan Pro
172.67.216.252 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

10 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

2
Countries

27 kB
Transfer

37 kB
Size

1
Cookies

29 HTTP transactions
0 data transactions