1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 3 HTTP transactions. The main IP is 162.240.220.176, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is 1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 23rd 2023. Valid for: 3 months.

This is the only time 1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.22.0.232 104.22.0.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	162.240.220.176 162.240.220.176	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	34.121.55.179 34.121.55.179	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.214.26.111 35.214.26.111	15169 (GOOGLE) (GOOGLE)
3	3

1 104.22.0.232 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.240.220.176 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps-9289118.netban-tarke.com

1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.121.55.179 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 179.55.121.34.bc.googleusercontent.com

gbsn.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.26.111 (London, United Kingdom)

ASN15169 (GOOGLE, US)
PTR: 111.26.214.35.bc.googleusercontent.com

www.cavendish-tagg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	cavendish-tagg.com www.cavendish-tagg.com	108 KB
1	gbsn.org gbsn.org	9 KB
1	duckdns.org 1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org	13 KB
1	cutt.ly 1 redirects cutt.ly — Cisco Umbrella Rank: 86224	389 B
3	4

	Domain	Requested by
1	www.cavendish-tagg.com	1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org
1	gbsn.org	1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org
1	1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org
1	cutt.ly	1 redirects
3	4

This site contains no links.

Subject Issuer	Validity	Valid
1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org cPanel, Inc. Certification Authority	`2023-01-23` - `2023-04-23`	3 months	crt.sh
gbsn.org R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.cavendish-tagg.com R3	`2022-12-07` - `2023-03-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org/
Frame ID: 994D1A4E79E33297C65BD46E6B2CB413
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cutt.ly/h9fdYGo HTTP 301
https://1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

3
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

130 kB
Transfer

129 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cutt.ly/h9fdYGo HTTP 301
https://1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response 1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org/ Redirect Chain https://cutt.ly/h9fdYGo https://1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org/	13 KB 13 KB	1554ms 785ms	Document text/html	162.240.220.176 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.240.220.176 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS vps-9289118.netban-tarke.com Software Apache / Resource Hash `4c90422499e2679591b3d60ca2c87c088976df7b4f071a7ac8f57d440564a70b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=UTF-8 Date Mon, 23 Jan 2023 13:16:22 GMT Keep-Alive timeout=5, max=100 Server Apache Transfer-Encoding chunked Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-cache, no-store, must-revalidate cf-cache-status DYNAMIC cf-ray 78e0cdaf3d4e29aa-MEL content-type text/html; charset=UTF-8 date Mon, 23 Jan 2023 13:16:22 GMT expires Thu, 19 Nov 1981 08:52:00 GMT location https://1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org/ pragma no-cache server cloudflare vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	dhl-logo.png gbsn.org/wp-content/uploads/2020/07/	9 KB 9 KB	1413ms 546ms	Image image/png	34.121.55.179 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://gbsn.org/wp-content/uploads/2020/07/dhl-logo.png Requested by Host: 1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org URL: https://1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.121.55.179 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 179.55.121.34.bc.googleusercontent.com Software nginx / Resource Hash `c8f3ca531986621102afd471c9d9003b5e0fc6d4681d51cfbd735f14cebc7ed8` Request headers accept-language en-AU,en;q=0.9 Referer https://1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Mon, 23 Jan 2023 13:16:25 GMT last-modified Thu, 19 May 2022 09:41:24 GMT server nginx etag "628610c4-224b" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 8779
GET H2	200	car.png www.cavendish-tagg.com/wp-content/uploads/2017/01/	108 KB 108 KB	1999ms 790ms	Image image/png	35.214.26.111 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.cavendish-tagg.com/wp-content/uploads/2017/01/car.png Requested by Host: 1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org URL: https://1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.214.26.111 London, United Kingdom, ASN15169 (GOOGLE, US), Reverse DNS 111.26.214.35.bc.googleusercontent.com Software nginx / Resource Hash `619dc8c670e01372eb0ccc108d9f6b26e129f64b0a8fed87ab07b0e30adc2b9b` Request headers accept-language en-AU,en;q=0.9 Referer https://1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36 Response headers date Mon, 23 Jan 2023 13:16:25 GMT last-modified Tue, 24 Jan 2017 11:18:07 GMT server nginx etag "588737ef-1b00f" x-proxy-cache-info DT:1 content-type image/png cache-control max-age=31536000 host-header 8441280b0c35cbc1147f8ba998a563a7 accept-ranges bytes content-length 110607 expires Tue, 23 Jan 2024 13:16:25 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cutt.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: d345fftb8sae4rut6u68aai4qd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org
cutt.ly
gbsn.org
www.cavendish-tagg.com
104.22.0.232
162.240.220.176
34.121.55.179
35.214.26.111
4c90422499e2679591b3d60ca2c87c088976df7b4f071a7ac8f57d440564a70b
619dc8c670e01372eb0ccc108d9f6b26e129f64b0a8fed87ab07b0e30adc2b9b
c8f3ca531986621102afd471c9d9003b5e0fc6d4681d51cfbd735f14cebc7ed8

1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org Open in urlscan Pro 162.240.220.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

3 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

130 kBTransfer

129 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

Indicators

1d8f6417-2063-45f7-8e46-981695655cad.duckdns.org Open in urlscan Pro
162.240.220.176 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

130 kB
Transfer

129 kB
Size

1
Cookies

3 HTTP transactions
0 data transactions