ckrf1.com Open in urlscan Pro
192.99.16.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ckrf1.com/
Effective URL:
http://ckrf1.com/servlet/control;jsessionid=4A2FA7ED985FD38C995C50A284F25042
Submission Tags: falconsandbox
Submission: On January 27 via api (January 27th 2022, 6:24:48 am UTC) from US — Scanned from CA

Summary HTTP 1 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 1 HTTP transactions. The main IP is 192.99.16.68, located in Canada and belongs to OVH, FR. The main domain is ckrf1.com.

This is the only time ckrf1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 2	192.99.16.68 192.99.16.68		16276 (OVH) (OVH)
1	1

2 192.99.16.68 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ns5001863.ip-192-99-16.net

ckrf1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	ckrf1.com 1 redirects ckrf1.com	704 B
1	1

	Domain	Requested by
2	ckrf1.com	1 redirects
1	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://ckrf1.com/servlet/control;jsessionid=4A2FA7ED985FD38C995C50A284F25042
Frame ID: D5DB45C0B69DA9B5190A7549F47274A2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

http://ckrf1.com/ HTTP 302
http://ckrf1.com/servlet/control;jsessionid=4A2FA7ED985FD38C995C50A284F25042 Page URL

Page Statistics

1
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

0 kB
Transfer

1 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ckrf1.com/ HTTP 302
http://ckrf1.com/servlet/control;jsessionid=4A2FA7ED985FD38C995C50A284F25042 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	403 Forbidden	Primary Request control;jsessionid=4A2FA7ED985FD38C995C50A284F25042 Show response ckrf1.com/servlet/ Redirect Chain http://ckrf1.com/ http://ckrf1.com/servlet/control;jsessionid=4A2FA7ED985FD38C995C50A284F25042	555 B 373 B	10ms 10ms	Document text/html	192.99.16.68 OVH
General Check archive.org Show headers Download Go to Full URL http://ckrf1.com/servlet/control;jsessionid=4A2FA7ED985FD38C995C50A284F25042 Protocol HTTP/1.1 Server 192.99.16.68 , Canada, ASN16276 (OVH, FR), Reverse DNS ns5001863.ip-192-99-16.net Software nginx/1.15.7 / Resource Hash `e9ec3139af2dae36b47c1bc07da0dc7fc5743795278f56e7d2a75cb0f9a175c9` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language en-CA,en;q=0.9 Response headers Server nginx/1.15.7 Date Thu, 27 Jan 2022 06:24:43 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Content-Encoding gzip Redirect headers Server nginx/1.15.7 Date Thu, 27 Jan 2022 06:24:43 GMT Content-Type text/html;charset=ISO-8859-1 Content-Length 0 Connection keep-alive Location http://ckrf1.com/servlet/control;jsessionid=4A2FA7ED985FD38C995C50A284F25042

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ckrf1.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 4A2FA7ED985FD38C995C50A284F25042

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://ckrf1.com/servlet/control;jsessionid=4A2FA7ED985FD38C995C50A284F25042 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ckrf1.com
192.99.16.68
e9ec3139af2dae36b47c1bc07da0dc7fc5743795278f56e7d2a75cb0f9a175c9

ckrf1.com Open in urlscan Pro 192.99.16.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

1 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

0 kBTransfer

1 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

1 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

ckrf1.com Open in urlscan Pro
192.99.16.68 Public Scan

Screenshot
Live screenshot

Full Image

1
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

0 kB
Transfer

1 kB
Size

1
Cookies

1 HTTP transactions
0 data transactions