sfm.xyz - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 184.168.131.241, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is sfm.xyz.

This is the only time sfm.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	184.168.131.241 184.168.131.241	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1 2	199.34.228.59 199.34.228.59	27647 (WEEBLY) (WEEBLY - Weebly)
2	2

1 184.168.131.241 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net

sfm.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.34.228.59 (United States) 1 redirects

ASN27647 (WEEBLY - Weebly, Inc., US)
PTR: pages-custom-15.weebly.com

www.boringbrand.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	boringbrand.xyz 1 redirects www.boringbrand.xyz	349 B
1	sfm.xyz sfm.xyz	625 B
2	2

	Domain	Requested by
2	www.boringbrand.xyz	1 redirects sfm.xyz
1	sfm.xyz
2	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://sfm.xyz/
Frame ID: CFAF8371E95DEAEE2B5F2B878DEB3629
Requests: 1 HTTP requests in this frame

Frame: http://www.boringbrand.xyz/snowflakemaker.html
Frame ID: B652F590217FFE0158CB04CFEDA27B6C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

2
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1 kB
Transfer

0 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.boringbrand.xyz/snowflakemaker HTTP 302
http://www.boringbrand.xyz/snowflakemaker.html

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response sfm.xyz/	448 B 625 B	388ms 187ms	Document text/html	184.168.131.241 GoDaddy.com
General Check archive.org Show headers Download Go to Full URL http://sfm.xyz/ Protocol HTTP/1.1 Server 184.168.131.241 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US), Reverse DNS ip-184-168-131-241.ip.secureserver.net Software nginx/1.12.2 / Resource Hash `c5a6aec6fd13c9dd19f8502303014014c83c0e78ad1103ebacbcca4624c8d579` Request headers Host sfm.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx/1.12.2 Date Sat, 08 Jun 2019 18:37:42 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection close
GET H/1.1	200 OK	Cookie set snowflakemaker.html www.boringbrand.xyz/ Frame B652 Redirect Chain http://www.boringbrand.xyz/snowflakemaker http://www.boringbrand.xyz/snowflakemaker.html	0 0	463ms 462ms	Document text/html	199.34.228.59 Weebly
General Check archive.org Show headers Download Go to Full URL http://www.boringbrand.xyz/snowflakemaker.html Requested by Host: sfm.xyz URL: http://sfm.xyz/ Protocol HTTP/1.1 Server 199.34.228.59 , United States, ASN27647 (WEEBLY - Weebly, Inc., US), Reverse DNS pages-custom-15.weebly.com Software Apache / Resource Hash Request headers Host www.boringbrand.xyz Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://sfm.xyz/ Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://sfm.xyz/ Response headers Date Sat, 08 Jun 2019 18:37:42 GMT Server Apache Set-Cookie is_mobile=0; path=/; domain=www.boringbrand.xyz language=en; expires=Sat, 22-Jun-2019 18:37:42 GMT; Max-Age=1209600; path=/ Vary X-W-SSL,Accept-Encoding,User-Agent Cache-Control private ETag W/"8777ad447296935731b5c7551feee409-gzip" Content-Encoding gzip X-Host pages23.sf2p.intern.weebly.net X-UA-Compatible IE=edge,chrome=1 Content-Length 19192 Keep-Alive timeout=10, max=49 Connection Keep-Alive Content-Type text/html; charset=UTF-8 Redirect headers Date Sat, 08 Jun 2019 18:37:42 GMT Server Apache Vary X-W-SSL,User-Agent Cache-Control private Location /snowflakemaker.html X-Host pages39.sf2p.intern.weebly.net X-UA-Compatible IE=edge,chrome=1 Content-Length 324 Keep-Alive timeout=10, max=62 Connection Keep-Alive Content-Type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.soundcloud.com/	1970-01-22 16:56:19	Name: sc_anonymous_id Value: 866954-242695-43405-890382
.youtube.com/	1970-01-19 07:10:57	Name: PREF Value: f1=50000000
.youtube.com/	1970-01-19 01:20:20	Name: GPS Value: 1
.spotify.com/	1970-01-19 01:21:45	Name: _gid Value: GA1.2.1756052868.1560019064
.spotify.com/	1970-01-19 02:46:43	Name: sp_t Value: 7df9d31237b5071a25f40cbf7b4aa90c
www.boringbrand.xyz/	1970-01-19 01:40:28	Name: language Value: en
www.boringbrand.xyz/	1969-12-31 23:59:59	Name: site_session Value: 5cfc007877a671.78789341
.spotify.com/	1970-01-19 18:51:31	Name: _ga Value: GA1.2.261835845.1560019064
.spotify.com/	1970-01-19 01:21:45	Name: sp_landing Value: http%3A%2F%2Fopen.spotify.com%2Fembed%2Fartist%2F2sQohLh8eFMnXitpz2yoM5
.spotify.com/	1970-01-19 02:03:31	Name: sp_ab Value: %7B%7D
.youtube.com/	1970-01-19 05:39:31	Name: VISITOR_INFO1_LIVE Value: Q9gyupBpOgk
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: qabUjo8Lw78
.spotify.com/	1970-01-19 01:20:19	Name: _gat_gtag_UA_5784146_31 Value: 1
.www.boringbrand.xyz/	1969-12-31 23:59:59	Name: is_mobile Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sfm.xyz
www.boringbrand.xyz
184.168.131.241
199.34.228.59
c5a6aec6fd13c9dd19f8502303014014c83c0e78ad1103ebacbcca4624c8d579

sfm.xyz Open in urlscan Pro 184.168.131.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

2 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

1 kBTransfer

0 kBSize

14 Cookies

0 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

14 Cookies

Indicators

sfm.xyz Open in urlscan Pro
184.168.131.241 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1 kB
Transfer

0 kB
Size

14
Cookies

2 HTTP transactions
0 data transactions