urlscan.io logo urlscan.io
SecurityTrails logo

widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht Open in urlscan Pro
2606:4700:3034::ac43:d432  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ddei5-0-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2frb.gy%2f84g4p&umid=C25B8846-FEC6-6E05-9494-3FA27AC71795...
Effective URL: https://widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht/
Submission: On June 23 via manual from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3034::ac43:d432, located in United States and belongs to CLOUDFLARENET, US. The main domain is widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht.
TLS certificate: Issued by GTS CA 1P5 on May 16th 2023. Valid for: 3 months.
This is the only time widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.187.90.1 16509 (AMAZON-02)
1 1 99.83.245.29 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 3
1    54.187.90.1 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-90-1.us-west-2.compute.amazonaws.com
ddei5-0-ctp.trendmicro.com
1    99.83.245.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: acc5742fcb14a0ac1.awsglobalaccelerator.com
rb.gy
1    2606:4700:3034::ac43:d432 (United States)

ASN13335 (CLOUDFLARENET, US)
widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht
2    2606:4700:20::681a:66b (United States)

ASN13335 (CLOUDFLARENET, US)
static.elfsight.com
1    2606:4700:20::ac43:486a (United States)

ASN13335 (CLOUDFLARENET, US)
core.service.elfsight.com
Apex Domain
Subdomains		 Transfer
3 elfsight.com
static.elfsight.com — Cisco Umbrella Rank: 15272
core.service.elfsight.com — Cisco Umbrella Rank: 167898
697 KB
1 elfsig.ht
widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht
842 B
1 rb.gy
rb.gy — Cisco Umbrella Rank: 87989
183 B
1 trendmicro.com
ddei5-0-ctp.trendmicro.com
119 B
4 4
Domain Requested by
2 static.elfsight.com widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht
static.elfsight.com
1 core.service.elfsight.com static.elfsight.com
1 widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht
1 rb.gy 1 redirects
1 ddei5-0-ctp.trendmicro.com 1 redirects
4 5

This site contains links to these domains. Also see Links.

Domain
elfsight.com
Subject Issuer Validity Valid
elfsig.ht
GTS CA 1P5		 2023-05-16 -
2023-08-14		 3 months crt.sh
elfsight.com
Cloudflare Inc ECC CA-3		 2023-03-31 -
2024-03-30		 a year crt.sh

This page contains 1 frames:

Primary Page: https://widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht/
Frame ID: 0BE0FFEDE911E2A46E6481D0AE6654B4
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://ddei5-0-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2frb.gy%2f84g4p&umid=C25B8846-FEC6-6E... HTTP 302
    https://rb.gy/84g4p HTTP 301
    https://widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht/ Page URL

Page Statistics

4
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

3
IPs

1
Countries

697 kB
Transfer

2652 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ddei5-0-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2frb.gy%2f84g4p&umid=C25B8846-FEC6-6E05-9494-3FA27AC71795&auth=4fba052b40026ff1bf898fec7f1811f64f6ca083-ccc769452ce6515ad49d16025c5d5abe6a35c9d3 HTTP 302
    https://rb.gy/84g4p HTTP 301
    https://widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht/
Redirect Chain
  • https://ddei5-0-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2frb.gy%2f84g4p&umid=C25B8846-FEC6-6E05-9494-3FA27AC71795&auth=4fba052b40026ff1bf898fec7f1811f64f6ca083-ccc769452ce6515ad49...
  • https://rb.gy/84g4p
  • https://widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht/
720 B
842 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d432 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9147056ac07dac3bae4ea0fd65ce1f30af2e0fc7998ff6f0a734a3a6a74c3fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
7dbb07adad541c44-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 23 Jun 2023 07:31:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZiynzm6bGRU56CaNwHImUbSxA%2F3OMIbawx%2BWTIR8%2FmOHiUo%2BzvBON9sXqCI9iGmb6PZ8u6C1H8LnvaPVmiz7an5ojVxaxPnv5fHOUSkGM9T30UAK%2BzPu665k6Wbva4OtIE4jOo1QQC4oJwzk1iz1vgmulWSObb%2B1aQ65seey0iPDMSQkwrSQLKxhLGARv5p"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store
content-length
0
date
Fri, 23 Jun 2023 07:31:11 GMT
engine
Rebrandly.redirect, version 2.1
expires
-1
location
https://widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht/
strict-transport-security
max-age=15552000
platform.js
static.elfsight.com/platform/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.elfsight.com/platform/platform.js
Requested by
Host: widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht
URL: https://widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f950cd7338e89507da357380e9fdd90e82a2de58cfe3c0fa598ba086577b25d8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 07:31:11 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx00000000000001f564ea5-00649320c5-50d2e50a-sfo2a
age
1244
x-envoy-upstream-healthchecked-cluster
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 16 Jun 2023 06:39:41 GMT
server
cloudflare
etag
W/"822974687946bd7d91154a68c7415632"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw
1687364426.dop243.fr8.t,1687364426.cds258.fr8.hn,1687364426.cds140.fr8.c
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BEKfkKLo%2FRjhW5PBDQEdmhN3uDSSGU4OH%2B6%2F31CssPXvsknqvMUB1bA43XkJYctwb7l3q3L0Mx1V4lBUCMH64UmPuc7JlN%2FuVv2axV8OeF5GTrP7KA1GLWt%2BoGG8m6CmwOEty6Dbbm1KkmEXGLECBAs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=3600
x-rgw-object-type
Normal
cf-ray
7dbb07adead42bc6-FRA
/
core.service.elfsight.com/p/boot/ 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://core.service.elfsight.com/p/boot/?page=https%3A%2F%2Fwidget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht%2F&w=71820a94-02f7-4160-a941-2cec34ab1c1b
Requested by
Host: static.elfsight.com
URL: https://static.elfsight.com/platform/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:486a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6155e026e15d355570a01604b58301c77eb334744f128aaa3911b9e2be9e3f35
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 07:31:11 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
x-dns-prefetch-control
on
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0, 1; mode=block
referrer-policy
no-referrer
server
cloudflare
cross-origin-opener-policy
unsafe-none
etag
W/"1cce-0nB0Tjnd2Qs5WctUlPPsgJY30sM"
x-download-options
noopen
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht
origin-agent-cluster
?1
access-control-allow-credentials
true
cf-apo-via
origin,host
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Arirh9ryAtpV6DdzRk5Lcni8n9KsGfiNNOX0qWeaeGOnMdHIdVlqrm4nluZdZZdT0hvsi2fe7SlqsbiYpSMCJ9Gv7T62RnOZx94p%2FboyunMXMrdVzBa%2FvPfnSJfJKaqYrzf7n9TEMgEGSa23JlWYxdY%2Bfj4vNtw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7dbb07ae2a359067-FRA
formBuilder.js
static.elfsight.com/apps/form-builder/release/f1b22c04b19a85a216aa0419af36b44032fdbaf3/app/ 		3 MB
676 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.elfsight.com/apps/form-builder/release/f1b22c04b19a85a216aa0419af36b44032fdbaf3/app/formBuilder.js
Requested by
Host: static.elfsight.com
URL: https://static.elfsight.com/platform/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:66b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03d8c26f655f13daab9c5fd0fabc3103e5bb5bfd5cb416b4c28f86730e5f96e2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget-71820a9402f74160a9412cec34ab1c1b.elfsig.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 07:31:11 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx00000000000001f56fbdb-006493212d-50d2e5af-sfo2a
age
141018
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 08 Jun 2023 07:32:46 GMT
server
cloudflare
etag
W/"9e097a232f9bd18290eaa7c0deb5e22f"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin, Accept-Encoding
x-hw
1687364453.dop003.am5.t,1687364453.cds109.am5.hn,1687364453.cds316.am5.c
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Btvd5dqGFTvMHaqJp2GpLnlAjKo6m6XGG268Z%2FTC4EOfCO0VnFrhrrtmqQVMT6fxCp02ewPdaLmz%2FOzwKs8wQZxMp9hNbQDIRWbSVMcc2azYc5k9RIP5Q2j1irOhy0YY4K6EFR1VbEy7UzA90MiJ99E%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-rgw-object-type
Normal
cf-ray
7dbb07af5c3b2bc6-FRA

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend string| eappsCustomPlatformUrl object| __core-js_shared__ object| core object| eapps object| regeneratorRuntime object| ace object| __localeData__ function| eappsFormBuilder

2 Cookies

Domain/Path Name / Value
.elfsight.com/ Name: elfsight_csrf
Value: s%3A67C6ExlkTgi5gJk5gU2M1w.ADoOnNIEwKmckhgRbt48xbFBXolLCE2JPTInVfurR9Y
core.service.elfsight.com/ Name: elfsight_viewed_recently
Value: 1