14icecazino.com
Open in
urlscan Pro
2a07:180::52
Public Scan
Effective URL: https://14icecazino.com/en/register?atp=%7BATP%7D&goto=sitereg&click_id=27aebu3fmmf&plid=13518&bnid=26798&lang=nl&cc=NL&...
Submission Tags: phishingrod
Submission: On January 13 via api from DE — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on January 8th 2024. Valid for: 3 months.
This is the only time 14icecazino.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 1 | 2a07:180::435 2a07:180::435 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
1 6 | 2a07:180::213 2a07:180::213 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
2 | 2a07:180::52 2a07:180::52 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
7 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
hazagnanniefaro.com
1 redirects
hazagnanniefaro.com — Cisco Umbrella Rank: 601064 |
567 KB |
2 |
14icecazino.com
14icecazino.com |
633 B |
1 |
lalielynaualish.com
1 redirects
lalielynaualish.com — Cisco Umbrella Rank: 922161 |
684 B |
1 |
offvulcan.ru
1 redirects
offvulcan.ru |
964 B |
7 | 4 |
Domain | Requested by | |
---|---|---|
6 | hazagnanniefaro.com |
1 redirects
hazagnanniefaro.com
|
2 | 14icecazino.com |
hazagnanniefaro.com
|
1 | lalielynaualish.com | 1 redirects |
1 | offvulcan.ru | 1 redirects |
7 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
hazagnanniefaro.com GTS CA 1P5 |
2023-11-15 - 2024-02-13 |
3 months | crt.sh |
14icecazino.com GTS CA 1P5 |
2024-01-08 - 2024-04-07 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://14icecazino.com/en/register?atp=%7BATP%7D&goto=sitereg&click_id=27aebu3fmmf&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D&ref=mb_BQDONAAArmgAALwbAAA.2024-01.13.ATP&uuid=149ca4a214ed52d2ce2adb2ea4fe994e7ba999a7
Frame ID: 744D8F31F30F637F686B8B492DFF252B
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://offvulcan.ru/
HTTP 302
https://lalielynaualish.com/13518/26798?lp=00&click_id=27aebu3fmmf&sub_id_1={REPLACE}&sub_id_2={REPLACE}... HTTP 302
https://hazagnanniefaro.com/ice/p7100?atp=%7BATP%7D&goto=sitereg&click_id=27aebu3fmmf&plid=13518&bnid=26... HTTP 302
https://hazagnanniefaro.com/m1219/check/en/register?atp=%7BATP%7D&goto=sitereg&click_id=27aebu3fmmf&plid... Page URL
- https://14icecazino.com/en/register?atp=%7BATP%7D&goto=sitereg&click_id=27aebu3fmmf&plid=13518&bnid=... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://offvulcan.ru/
HTTP 302
https://lalielynaualish.com/13518/26798?lp=00&click_id=27aebu3fmmf&sub_id_1={REPLACE}&sub_id_2={REPLACE}&sub_id_3={REPLACE}&sub_id_4={REPLACE}¶m={ATP} HTTP 302
https://hazagnanniefaro.com/ice/p7100?atp=%7BATP%7D&goto=sitereg&click_id=27aebu3fmmf&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D HTTP 302
https://hazagnanniefaro.com/m1219/check/en/register?atp=%7BATP%7D&goto=sitereg&click_id=27aebu3fmmf&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D&ref=mb_BQDONAAArmgAALwbAAA.2024-01.13.ATP&uuid=149ca4a214ed52d2ce2adb2ea4fe994e7ba999a7&_fragment=%21%2Fauth%2Fregister Page URL
- https://14icecazino.com/en/register?atp=%7BATP%7D&goto=sitereg&click_id=27aebu3fmmf&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D&ref=mb_BQDONAAArmgAALwbAAA.2024-01.13.ATP&uuid=149ca4a214ed52d2ce2adb2ea4fe994e7ba999a7 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://offvulcan.ru/ HTTP 302
- https://lalielynaualish.com/13518/26798?lp=00&click_id=27aebu3fmmf&sub_id_1={REPLACE}&sub_id_2={REPLACE}&sub_id_3={REPLACE}&sub_id_4={REPLACE}¶m={ATP} HTTP 302
- https://hazagnanniefaro.com/ice/p7100?atp=%7BATP%7D&goto=sitereg&click_id=27aebu3fmmf&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D HTTP 302
- https://hazagnanniefaro.com/m1219/check/en/register?atp=%7BATP%7D&goto=sitereg&click_id=27aebu3fmmf&plid=13518&bnid=26798&lang=nl&cc=NL&sub_id_1=%7BREPLACE%7D&sub_id_2=%7BREPLACE%7D&sub_id_3=%7BREPLACE%7D&sub_id_4=%7BREPLACE%7D&ref=mb_BQDONAAArmgAALwbAAA.2024-01.13.ATP&uuid=149ca4a214ed52d2ce2adb2ea4fe994e7ba999a7&_fragment=%21%2Fauth%2Fregister
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
register
hazagnanniefaro.com/m1219/check/en/ Redirect Chain
|
3 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle-341220101100.min.js
hazagnanniefaro.com/assets/js/ |
35 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lm-1.0.0.min.js
hazagnanniefaro.com/assets/js/ |
189 B 314 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ms-1.0.3.min.js
hazagnanniefaro.com/assets/js/ |
817 B 487 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ice.gif
hazagnanniefaro.com/assets/img/meta-redirect/ |
549 KB 550 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blank.gif
14icecazino.com/ |
43 B 527 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
register
14icecazino.com/en/ |
44 B 106 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
14 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
offvulcan.ru/ | Name: _subid Value: 27aebu3fmmf |
|
offvulcan.ru/ | Name: 9f1b9 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjU3MjJcIjoxNzA1MTA2NjU5fSxcImNhbXBhaWduc1wiOntcIjMyNlwiOjE3MDUxMDY2NTl9LFwidGltZVwiOjE3MDUxMDY2NTl9In0.6V9d0kPWSHiu9Fd9ymMDd3EECnQ3IiW-hX5stN-GjIY |
|
offvulcan.ru/ | Name: _token Value: uuid_27aebu3fmmf_27aebu3fmmf65a1dce34b5f50.87700069 |
|
lalielynaualish.com/ | Name: _HGAU Value: 4f96b474-1d26-4df0-a280-a98ed5e0f37c |
|
lalielynaualish.com/ | Name: vst_cnt_18903 Value: 1 |
|
.lalielynaualish.com/ | Name: __cf_bm Value: Ft8GNM7gvS2k7nr6Iqw2vgN0N3fksr7lwr2h4XS4S90-1705106659-1-AYPVy8zAVASfEHTTzHKmvF0NOI8GNnfYLKzgAIntCgGo4hkqy9d9FHH+64UC+G/T93MwrygCM6IJ39iXxmOZySU= |
|
hazagnanniefaro.com/ | Name: promouuid Value: 149ca4a214ed52d2ce2adb2ea4fe994e7ba999a7 |
|
hazagnanniefaro.com/ | Name: 109aeb7c64a90b623139dcadd9b770a9 Value: 1 |
|
.hazagnanniefaro.com/ | Name: __cf_bm Value: GYSwfXRsu0ieb5MHPKS4eznlpc0umK4Hn2uXYqi2RrI-1705106659-1-Adv5KmQKQRskPIfRSAJGbol0uhBwup+qU5ztPIi32dcjRT/qZfs6NIpxpnvEfEqYkT3gpEb3xp/0f8ka2vTqb5I= |
|
hazagnanniefaro.com/ | Name: bl Value: 1 |
|
hazagnanniefaro.com/ | Name: bic Value: 1 |
|
hazagnanniefaro.com/ | Name: bct Value: 0 |
|
hazagnanniefaro.com/ | Name: fp Value: d326b4523aa19aea01cfbf5217fa90dd |
|
.14icecazino.com/ | Name: __cf_bm Value: Ls5gmH9Mms8ohxgLuJnMNRMe9PPyS5ULBUj0DJtmk48-1705106659-1-AXlYRzNjLZLqeNvgaU4HtJLV74401h5jNE4uwUEy/BZeCU1WCOHBzROOLqa/tDXnoYdYsPPO70sB0RTk2JRILoU= |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
14icecazino.com
hazagnanniefaro.com
lalielynaualish.com
offvulcan.ru
2a06:98c1:3120::3
2a07:180::213
2a07:180::435
2a07:180::52
0405fc1f27636448050c4f267b89d9d75250af8f5eb0d0720bfafc5b64090a85
08dd5a669ddce08beff7fcd7ca5bd30984f8862ac2c2811e70b1b60209a35399
32d8deb718317002d73112a5a15a8c48596860cbc1b3977b958afa38a24d01c4
72bd990665a3e23e453cbc32142e0adc634dcf9ce65098207d7697807daa6730
85a0c518e104fa9db78ddaf5e944ed7632bf3e87369cf9cf32a3251365a5b697
e31f8e72213757385a19d7209cacd13de382b710e5d53f061323f57a0318c567