southern.railfan.net Open in urlscan Pro
64.200.85.103 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://southern.railfan.net/
Submission: On January 16 via api (January 16th 2024, 5:44:10 am UTC) from US — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 10 HTTP transactions. The main IP is 64.200.85.103, located in United States and belongs to LEVEL3, US. The main domain is southern.railfan.net.

This is the only time southern.railfan.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	64.200.85.103 64.200.85.103	3356 (LEVEL3) (LEVEL3)
1 2	216.139.23.3 216.139.23.3	4307 (SVINET-1) (SVINET-1)
10	2

9 64.200.85.103 (United States)

ASN3356 (LEVEL3, US)
PTR: Southern.Railfan.net

southern.railfan.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.139.23.3 (Watsonville, United States) 1 redirects

ASN4307 (SVINET-1, US)
PTR: www.garlic.net

www.garlic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	railfan.net southern.railfan.net	90 KB
2	garlic.com 1 redirects www.garlic.com	5 KB
10	2

	Domain	Requested by
9	southern.railfan.net	southern.railfan.net
2	www.garlic.com	1 redirects southern.railfan.net
10	2

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 3 frames:

Primary Page: http://southern.railfan.net/
Frame ID: C1344D9CA4A14B965E3E78642B31E982
Requests: 1 HTTP requests in this frame

Frame: http://southern.railfan.net/old_top.html
Frame ID: A5B9CC0549F59602358650F0CCDA807D
Requests: 3 HTTP requests in this frame

Frame: http://southern.railfan.net/top1.html
Frame ID: DA3A18DAFAC478F55B5D7EDBBBEAA4FB
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SOUTHERN Railfan

Page Statistics

10
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

95 kB
Transfer

92 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://www.garlic.com/~tomd/copyrightsr.jpg HTTP 301
https://www.garlic.com/~tomd/copyrightsr.jpg

10 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response southern.railfan.net/	186 B 433 B	2132ms 745ms	Document text/html	64.200.85.103 LEVEL3
General Check archive.org Show headers Download Go to Full URL http://southern.railfan.net/ Protocol HTTP/1.1 Server 64.200.85.103 , United States, ASN3356 (LEVEL3, US), Reverse DNS Southern.Railfan.net Software Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26 / Resource Hash `1f6508e229c2640955f86717f2d3416ec022b5bafac3fa3d81873c84642dc8a9` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 186 Content-Type text/html Date Tue, 16 Jan 2024 05:44:04 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26
GET H/1.1	200 OK	old_top.html Show response southern.railfan.net/ Frame A5B9	2 KB 2 KB	184ms 183ms	Document text/html	64.200.85.103 LEVEL3
General Check archive.org Show headers Download Go to Full URL http://southern.railfan.net/old_top.html Requested by Host: southern.railfan.net URL: http://southern.railfan.net/ Protocol HTTP/1.1 Server 64.200.85.103 , United States, ASN3356 (LEVEL3, US), Reverse DNS Southern.Railfan.net Software Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26 / Resource Hash `f9b67fafbceb3f6e128ee21d2cc4d61780688c5af23b080938e1c54cf4c45fe8` Request headers Referer http://southern.railfan.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 1721 Content-Type text/html Date Tue, 16 Jan 2024 05:44:05 GMT Keep-Alive timeout=5, max=99 Server Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26
GET H/1.1	200 OK	top1.html Show response southern.railfan.net/ Frame DA3A	872 B 1 KB	196ms 196ms	Document text/html	64.200.85.103 LEVEL3
General Check archive.org Show headers Download Go to Full URL http://southern.railfan.net/top1.html Requested by Host: southern.railfan.net URL: http://southern.railfan.net/ Protocol HTTP/1.1 Server 64.200.85.103 , United States, ASN3356 (LEVEL3, US), Reverse DNS Southern.Railfan.net Software Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26 / Resource Hash `5941d5a228751c2914f23cddb467f8361026b3a30ef84706c57296815bed0344` Request headers Referer http://southern.railfan.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection Keep-Alive Content-Length 872 Content-Type text/html Date Tue, 16 Jan 2024 05:44:05 GMT Keep-Alive timeout=5, max=100 Server Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26
GET H/1.1	200 OK	logo3b2.gif southern.railfan.net/images/ Frame A5B9	9 KB 10 KB	336ms 334ms	Image image/gif	64.200.85.103 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL http://southern.railfan.net/images/logo3b2.gif Requested by Host: southern.railfan.net URL: http://southern.railfan.net/old_top.html Protocol HTTP/1.1 Server 64.200.85.103 , United States, ASN3356 (LEVEL3, US), Reverse DNS Southern.Railfan.net Software Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26 / Resource Hash `83337f79385673892f139723f998d87db5249b0e2e2acffd4d1af5b0021764ee` Request headers accept-language de-DE,de;q=0.9 Referer http://southern.railfan.net/old_top.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 05:44:05 GMT Last-Modified Tue, 01 Sep 1998 21:54:24 GMT Server Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26 ETag "258a-336ced3296400" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 9610
GET H/1.1	200 OK	railfan.gif southern.railfan.net/images/ Frame A5B9	886 B 1 KB	387ms 382ms	Image image/gif	64.200.85.103 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL http://southern.railfan.net/images/railfan.gif Requested by Host: southern.railfan.net URL: http://southern.railfan.net/old_top.html Protocol HTTP/1.1 Server 64.200.85.103 , United States, ASN3356 (LEVEL3, US), Reverse DNS Southern.Railfan.net Software Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26 / Resource Hash `93405e231d236402ee585076612543ef91c0dce8aa404f8ed89eccbf2e2ef1da` Request headers accept-language de-DE,de;q=0.9 Referer http://southern.railfan.net/old_top.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 05:44:05 GMT Last-Modified Tue, 01 Sep 1998 21:54:30 GMT Server Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26 ETag "376-336ced384f180" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 886
GET H/1.1	200 OK	header.jpg southern.railfan.net/images/ Frame DA3A	14 KB 15 KB	569ms 283ms	Image image/jpeg	64.200.85.103 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL http://southern.railfan.net/images/header.jpg Requested by Host: southern.railfan.net URL: http://southern.railfan.net/top1.html Protocol HTTP/1.1 Server 64.200.85.103 , United States, ASN3356 (LEVEL3, US), Reverse DNS Southern.Railfan.net Software Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26 / Resource Hash `b6410025eff51e6a0d0399051226ca187d2320f380ad1cbcdfa140a854799fe1` Request headers accept-language de-DE,de;q=0.9 Referer http://southern.railfan.net/top1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 05:44:06 GMT Last-Modified Tue, 01 Sep 1998 21:53:34 GMT Server Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26 ETag "3969-336ced02e7380" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 14697
GET H/1.1	200 OK	6100.jpg southern.railfan.net/images/home/ Frame DA3A	42 KB 42 KB	676ms 390ms	Image image/jpeg	64.200.85.103 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL http://southern.railfan.net/images/home/6100.jpg Requested by Host: southern.railfan.net URL: http://southern.railfan.net/top1.html Protocol HTTP/1.1 Server 64.200.85.103 , United States, ASN3356 (LEVEL3, US), Reverse DNS Southern.Railfan.net Software Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26 / Resource Hash `51de40861276ed6900dc80891a05d7439b2ca7eb737ed66be3b1e17c097a1ece` Request headers accept-language de-DE,de;q=0.9 Referer http://southern.railfan.net/top1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 05:44:06 GMT Last-Modified Mon, 25 May 1998 04:01:07 GMT Server Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26 ETag "a81a-32ef84a8306c0" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 43034
GET H/1.1	200 OK	nice_trp.jpg southern.railfan.net/images/home/ Frame DA3A	6 KB 6 KB	905ms 537ms	Image image/jpeg	64.200.85.103 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL http://southern.railfan.net/images/home/nice_trp.jpg Requested by Host: southern.railfan.net URL: http://southern.railfan.net/top1.html Protocol HTTP/1.1 Server 64.200.85.103 , United States, ASN3356 (LEVEL3, US), Reverse DNS Southern.Railfan.net Software Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26 / Resource Hash `a6167c25f04f3de8415b174da4f3ec78bfe3f6c47ccc73cc57a304a7264d51bb` Request headers accept-language de-DE,de;q=0.9 Referer http://southern.railfan.net/top1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 05:44:06 GMT Last-Modified Mon, 25 May 1998 04:00:44 GMT Server Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26 ETag "164f-32ef849241300" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 5711
GET H2	200	copyrightsr.jpg www.garlic.com/~tomd/ Frame DA3A Redirect Chain http://www.garlic.com/~tomd/copyrightsr.jpg https://www.garlic.com/~tomd/copyrightsr.jpg	5 KB 5 KB	490ms 158ms	Image image/jpeg	216.139.23.3 SVINET-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.garlic.com/~tomd/copyrightsr.jpg Requested by Host: southern.railfan.net URL: http://southern.railfan.net/top1.html Protocol H2 Server 216.139.23.3 Watsonville, United States, ASN4307 (SVINET-1, US), Reverse DNS www.garlic.net Software Apache/2 / Resource Hash `40eac6be24d2818aaab0f0eb7c6fa860efe30df4f27dcba3d50e4c43dcbaa917` Request headers accept-language de-DE,de;q=0.9 Referer http://southern.railfan.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers date Tue, 16 Jan 2024 05:44:05 GMT last-modified Sun, 01 Mar 2020 02:42:00 GMT server Apache/2 accept-ranges bytes etag "12b1-59fc203d02e00" content-length 4785 content-type image/jpeg Redirect headers Location https://www.garlic.com/~tomd/copyrightsr.jpg Date Tue, 16 Jan 2024 05:44:05 GMT Server Apache/2 Connection Keep-Alive Keep-Alive timeout=2, max=100 Content-Length 252 Content-Type text/html; charset=iso-8859-1
GET H/1.1	200 OK	Count.cgi southern.railfan.net/cgi-bin/ Frame DA3A	13 KB 13 KB	936ms 568ms	Image image/gif	64.200.85.103 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL http://southern.railfan.net/cgi-bin/Count.cgi?df=tomd.dat&dd=L Requested by Host: southern.railfan.net URL: http://southern.railfan.net/top1.html Protocol HTTP/1.1 Server 64.200.85.103 , United States, ASN3356 (LEVEL3, US), Reverse DNS Southern.Railfan.net Software Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26 / Resource Hash `1ade7f608e51cb768eb5e66a155e4eba9b6951286b6e754fa4b4e9093fab9ed4` Request headers accept-language de-DE,de;q=0.9 Referer http://southern.railfan.net/top1.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36 Response headers Date Tue, 16 Jan 2024 05:44:06 GMT Server Apache/2.4.58 (FreeBSD) OpenSSL/1.1.1q-freebsd PHP/8.1.26 Connection Keep-Alive Keep-Alive timeout=5, max=100 Transfer-Encoding chunked Content-Type image/gif

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

southern.railfan.net
www.garlic.com
216.139.23.3
64.200.85.103
1ade7f608e51cb768eb5e66a155e4eba9b6951286b6e754fa4b4e9093fab9ed4
1f6508e229c2640955f86717f2d3416ec022b5bafac3fa3d81873c84642dc8a9
40eac6be24d2818aaab0f0eb7c6fa860efe30df4f27dcba3d50e4c43dcbaa917
51de40861276ed6900dc80891a05d7439b2ca7eb737ed66be3b1e17c097a1ece
5941d5a228751c2914f23cddb467f8361026b3a30ef84706c57296815bed0344
83337f79385673892f139723f998d87db5249b0e2e2acffd4d1af5b0021764ee
93405e231d236402ee585076612543ef91c0dce8aa404f8ed89eccbf2e2ef1da
a6167c25f04f3de8415b174da4f3ec78bfe3f6c47ccc73cc57a304a7264d51bb
b6410025eff51e6a0d0399051226ca187d2320f380ad1cbcdfa140a854799fe1
f9b67fafbceb3f6e128ee21d2cc4d61780688c5af23b080938e1c54cf4c45fe8

southern.railfan.net Open in urlscan Pro 64.200.85.103 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

10 Requests

0 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

95 kBTransfer

92 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

southern.railfan.net Open in urlscan Pro
64.200.85.103 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

95 kB
Transfer

92 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions