vcs.dreesteam.com Open in urlscan Pro
66.161.208.69 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://vcs.dreesteam.com/
Effective URL:
http://vcs.dreesteam.com/dteam_rewrite.html
Submission Tags: falconsandbox
Submission: On February 03 via api (February 3rd 2021, 9:32:09 am UTC) from US

Summary HTTP 4 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 66.161.208.69, located in Fort Mitchell, United States and belongs to FUSE-NET, US. The main domain is vcs.dreesteam.com.

This is the only time vcs.dreesteam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 4	66.161.208.69 66.161.208.69		6181 (FUSE-NET) (FUSE-NET)
1	2606:4700:10:... 2606:4700:10::ac43:1e94		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:824::200e		15169 (GOOGLE) (GOOGLE)
4	3

4 66.161.208.69 (Fort Mitchell, United States) 2 redirects

ASN6181 (FUSE-NET, US)
PTR: dreesteam.com

vcs.dreesteam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1e94 (United States)

ASN13335 (CLOUDFLARENET, US)

getbootstrap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	dreesteam.com 2 redirects vcs.dreesteam.com	9 KB
1	youtube.com www.youtube.com
1	getbootstrap.com getbootstrap.com	21 KB
4	3

	Domain	Requested by
4	vcs.dreesteam.com	2 redirects vcs.dreesteam.com
1	www.youtube.com	vcs.dreesteam.com
1	getbootstrap.com	vcs.dreesteam.com
4	3

This site contains links to these domains. Also see Links.

Domain
trades.dreesteam.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-12` - `2021-08-12`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://vcs.dreesteam.com/dteam_rewrite.html
Frame ID: 5C99540BDCE2FD45E39E39E451C507A5
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube.com/embed/LnicocxLvWk?list=PLu2YyOwM18gOdWlzswgjZK0H_8UmaiL4O
Frame ID: 7CA1C798D712234C12769EB2F823B3B0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://vcs.dreesteam.com/ HTTP 302
http://vcs.dreesteam.com/dteam_rewrite.html Page URL

Detected technologies

Jekyll (Static Site Generator) Expand

Overall confidence: 100%
Detected patterns

meta generator /Jekyll (v[\d.]+)?/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

html /<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com\/(?:v|embed)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

4
Requests

50 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

29 kB
Transfer

160 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://trades.dreesteam.com/
Title: DreesTeam 2.0

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://vcs.dreesteam.com/ HTTP 302
http://vcs.dreesteam.com/dteam_rewrite.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://vcs.dreesteam.com/jumbotron.css HTTP 302
http://vcs.dreesteam.com/dteam_rewrite.html

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request dteam_rewrite.html Show response
vcs.dreesteam.com/
Redirect Chain

http://vcs.dreesteam.com/
http://vcs.dreesteam.com/dteam_rewrite.html

4 KB
4 KB

113ms
113ms

Document
text/html

66.161.208.69
FUSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://vcs.dreesteam.com/dteam_rewrite.html
Protocol: HTTP/1.1
Server: 66.161.208.69 Fort Mitchell, United States, ASN6181 (FUSE-NET, US),
Reverse DNS: dreesteam.com
Software: Apache /
Resource Hash: 2521dcc24a5516cac46ea07f96125fb0bb8d9cdfe76edb6ee49af910de27fe41

Request headers

Host: vcs.dreesteam.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 09:31:51 GMT
Server: Apache
Last-Modified: Mon, 25 Mar 2019 14:53:26 GMT
ETag: "22a87-f38-584ec5dee0083"
Accept-Ranges: bytes
Content-Length: 3896
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

Redirect headers

Date: Wed, 03 Feb 2021 09:31:51 GMT
Server: Apache
Location: http://vcs.dreesteam.com/dteam_rewrite.html
Content-Length: 227
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 bootstrap.min.css
getbootstrap.com/docs/4.3/dist/css/ 152 KB
21 KB 66ms
44ms Stylesheet
text/css 2606:4700:10::ac43:1e94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://getbootstrap.com/docs/4.3/dist/css/bootstrap.min.css

Requested by

Host: vcs.dreesteam.com
URL: http://vcs.dreesteam.com/dteam_rewrite.html

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1e94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: http://vcs.dreesteam.com
Referer: http://vcs.dreesteam.com/dteam_rewrite.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 5334ea2188188fcc6d370045c43037bab6c48c52
date: Wed, 03 Feb 2021 09:31:51 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
x-cache-hits: 1
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0808d4f26e00000746bf9be000000001
x-served-by: cache-fra19180-FRA
last-modified: Tue, 19 Jan 2021 16:20:53 GMT
server: cloudflare
x-github-request-id: 3220:13A57:74A9A8:7B04F7:6011FBC8
x-timer: S1612344712.821693,VS0,VE1
etag: W/"600706e5-2606e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=14400
x-proxy-cache: MISS
cf-ray: 61bb2430ac280746-FRA
x-origin-cache: HIT
expires: Wed, 27 Jan 2021 23:58:24 GMT

GET
H/1.1

200
OK

dteam_rewrite.html
vcs.dreesteam.com/
Redirect Chain

http://vcs.dreesteam.com/jumbotron.css
http://vcs.dreesteam.com/dteam_rewrite.html

4 KB
4 KB

112ms
112ms

Stylesheet
text/html

66.161.208.69
FUSE-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://vcs.dreesteam.com/dteam_rewrite.html
Requested by: Host: vcs.dreesteam.com
URL: http://vcs.dreesteam.com/dteam_rewrite.html
Protocol: HTTP/1.1
Server: 66.161.208.69 Fort Mitchell, United States, ASN6181 (FUSE-NET, US),
Reverse DNS: dreesteam.com
Software: Apache /
Resource Hash: 2521dcc24a5516cac46ea07f96125fb0bb8d9cdfe76edb6ee49af910de27fe41

Request headers

Referer: http://vcs.dreesteam.com/dteam_rewrite.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 09:31:51 GMT
Last-Modified: Mon, 25 Mar 2019 14:53:26 GMT
Server: Apache
ETag: "22a87-f38-584ec5dee0083"
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3896

Redirect headers

Location: http://vcs.dreesteam.com/dteam_rewrite.html
Date: Wed, 03 Feb 2021 09:31:51 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 227
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 LnicocxLvWk
www.youtube.com/embed/ Frame 7CA1 0
0 117ms
116ms Document
text/html 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/LnicocxLvWk?list=PLu2YyOwM18gOdWlzswgjZK0H_8UmaiL4O

Requested by

Host: vcs.dreesteam.com
URL: http://vcs.dreesteam.com/dteam_rewrite.html

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/LnicocxLvWk?list=PLu2YyOwM18gOdWlzswgjZK0H_8UmaiL4O
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://vcs.dreesteam.com/dteam_rewrite.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://vcs.dreesteam.com/dteam_rewrite.html

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache
content-type: text/html; charset=utf-8
content-length: 22346
x-content-type-options: nosniff
content-encoding: br
expires: Tue, 27 Apr 1971 19:44:06 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
date: Wed, 03 Feb 2021 09:31:51 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=acFHbjxDmX0; path=/; domain=.youtube.com; secure; expires=Mon, 02-Aug-2021 09:31:51 GMT; httponly; samesite=None YSC=VrsgiHwaiBU; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=acFHbjxDmX0; path=/; domain=.youtube.com; secure; expires=Mon, 02-Aug-2021 09:31:51 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Wed, 03-Feb-2021 10:01:51 GMT CONSENT=PENDING+680; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: VrsgiHwaiBU
			.youtube.com/	1970-01-19 20:11:36	Name: VISITOR_INFO1_LIVE Value: acFHbjxDmX0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

getbootstrap.com
vcs.dreesteam.com
www.youtube.com
2606:4700:10::ac43:1e94
2a00:1450:4001:824::200e
66.161.208.69
2521dcc24a5516cac46ea07f96125fb0bb8d9cdfe76edb6ee49af910de27fe41
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36