comms.evlink9.net - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 2606:4700::6812:197f, located in United States and belongs to CLOUDFLARENET, US. The main domain is comms.evlink9.net.
TLS certificate: Issued by GTS CA 1P5 on February 17th 2024. Valid for: 3 months.

This is the only time comms.evlink9.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700::68... 2606:4700::6812:197f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223f:4e00:d:a0b1:e40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2

1 2606:4700::6812:197f (United States)

ASN13335 (CLOUDFLARENET, US)

comms.evlink9.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:4e00:d:a0b1:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d1vqahcsakjpkp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	cloudfront.net d1vqahcsakjpkp.cloudfront.net	64 KB
1	evlink9.net comms.evlink9.net	8 KB
3	2

	Domain	Requested by
2	d1vqahcsakjpkp.cloudfront.net	comms.evlink9.net
1	comms.evlink9.net
3	2

This site contains links to these domains. Also see Links.

Domain
finwelleads.co.za
saconsumer.co.za

Subject Issuer	Validity	Valid
*.evlink9.net GTS CA 1P5	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://comms.evlink9.net/public/messages/view-online/0FPXfym3cOiCMRQr/bneKd60GYhy0VDkJ/69140537e70122ac
Frame ID: 8FAB5DE2C7E8FB26C267D0BFE9A6A31B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

3
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

72 kB
Transfer

114 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://finwelleads.co.za/Default.aspx

Search URL Search Domain Scan URL

URL: https://saconsumer.co.za/
Title: Get SA Consumer News

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 69140537e70122ac Show response
comms.evlink9.net/public/messages/view-online/0FPXfym3cOiCMRQr/bneKd60GYhy0VDkJ/ 51 KB
8 KB 631ms
571ms Document
text/html 2606:4700::6812:197f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://comms.evlink9.net/public/messages/view-online/0FPXfym3cOiCMRQr/bneKd60GYhy0VDkJ/69140537e70122ac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:197f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ed8f9f3f2ed2ab6631bb6eb4cdba44bf912fab15588bc74989eddc6fa9773bf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 86118ebc6ddabb74-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Mar 2024 08:46:55 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare

GET
H2 200 logo.png
d1vqahcsakjpkp.cloudfront.net/users/assets/1804/images/ 7 KB
7 KB 46ms
14ms Image
image/png 2600:9000:223f:4e00:d:a0b1:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1vqahcsakjpkp.cloudfront.net/users/assets/1804/images/logo.png?v=1597832747014

Requested by

Host: comms.evlink9.net
URL: https://comms.evlink9.net/public/messages/view-online/0FPXfym3cOiCMRQr/bneKd60GYhy0VDkJ/69140537e70122ac

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:4e00:d:a0b1:e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9c4c29393c6b3874634b604cb11d73108b1bf8fdd14bdea4d12b4b38419fc0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comms.evlink9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 13:13:37 GMT
strict-transport-security: max-age=2592000
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-P5
age: 243199
cf-polished: origSize=7748, status=vary_header_present
x-cache: Hit from cloudfront
content-disposition: inline; filename="logo.png"
content-length: 6755
x-request-id: 2wkW875ASQpT5BvJvKeWE
cf-bgj: imgq:100,h2pri
last-modified: Mon, 04 Mar 2024 06:03:32 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 85fa5d42d82b380f-FRA
x-amz-cf-id: ob8N0XQuMlehDJLcSexZoYs1oQ6MTTLnNMNz5BEdqJa-QjpjaLCK_g==
expires: Wed, 05 Mar 2025 13:13:37 GMT

GET
H2 200 LoanCalculator.JPG
d1vqahcsakjpkp.cloudfront.net/users/assets/1804/images/ 56 KB
57 KB 38ms
7ms Image
image/jpeg 2600:9000:223f:4e00:d:a0b1:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1vqahcsakjpkp.cloudfront.net/users/assets/1804/images/LoanCalculator.JPG?v=1648123701057

Requested by

Host: comms.evlink9.net
URL: https://comms.evlink9.net/public/messages/view-online/0FPXfym3cOiCMRQr/bneKd60GYhy0VDkJ/69140537e70122ac

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:4e00:d:a0b1:e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27039247f4d54758ee30228949b1ca3d7c4404616fab4b3e87b896b79f22ad43

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comms.evlink9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:22:03 GMT
strict-transport-security: max-age=2592000
via: 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-P5
age: 271493
cf-polished: origSize=60941, status=vary_header_present
x-cache: Hit from cloudfront
content-disposition: inline; filename="LoanCalculator.jpg"
content-length: 57618
x-request-id: 57rukBxKbWDT8-QUuaDcM
cf-bgj: imgq:100,h2pri
last-modified: Sat, 24 Feb 2024 07:46:12 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 85f7aa7cbb5171e2-FRA
x-amz-cf-id: _iRbGmOH0EyRPAzJR6x2ZEEbdfJpkI7NIdFA4DJnffYSRc2JVcgBtw==
expires: Wed, 05 Mar 2025 05:22:03 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			comms.evlink9.net/	1969-12-31 23:59:59	Name: EVSESSIONID Value: 8j9v4cg2thap7dgr0pg6r05gac
			.evlink9.net/	1970-01-20 18:58:09	Name: __cf_bm Value: jwdYNkl6bRsnIp30FJpfltCx8lQSGd0utQCA2NdFDfg-1709887615-1.0.1.1-1Rjk_Jo7unk8QqrZ9tWhN1uaqrqjOVAaZSLToRsspCPISp0WzBWaPMCCJeDOIfAddYh8gSgD7WGxpEkSXbGtyg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

comms.evlink9.net
d1vqahcsakjpkp.cloudfront.net
2600:9000:223f:4e00:d:a0b1:e40:93a1
2606:4700::6812:197f
27039247f4d54758ee30228949b1ca3d7c4404616fab4b3e87b896b79f22ad43
4ed8f9f3f2ed2ab6631bb6eb4cdba44bf912fab15588bc74989eddc6fa9773bf
c9c4c29393c6b3874634b604cb11d73108b1bf8fdd14bdea4d12b4b38419fc0d

comms.evlink9.net Open in urlscan Pro 2606:4700::6812:197f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

3 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

72 kBTransfer

114 kBSize

2 Cookies

2 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

comms.evlink9.net Open in urlscan Pro
2606:4700::6812:197f Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

72 kB
Transfer

114 kB
Size

2
Cookies

3 HTTP transactions
0 data transactions