2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev Open in urlscan Pro
35.247.106.28 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/
Submission: On November 03 via automatic, source phishtank (November 3rd 2024, 4:26:05 am UTC) — Scanned from US

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 35.247.106.28, located in The Dalles, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is 2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev.
TLS certificate: Issued by R10 on September 24th 2024. Valid for: 3 months.

This is the only time 2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	35.247.106.28 35.247.106.28	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
1	2600:1408:c40... 2600:1408:c400:1c::17d4:fa8e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.26.12.205 104.26.12.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.117.59.81 34.117.59.81	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::5f	15169 (GOOGLE) (GOOGLE)
12	7

6 35.247.106.28 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.106.247.35.bc.googleusercontent.com

2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:1c::17d4:fa8e (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

th.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.12.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	replit.dev 2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev	109 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 412 fonts.googleapis.com — Cisco Umbrella Rank: 30	32 KB
1	ipinfo.io ipinfo.io — Cisco Umbrella Rank: 7629	455 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2041	296 B
1	bing.com th.bing.com — Cisco Umbrella Rank: 145	3 KB
0	sirv.com Failed ocastant.sirv.com Failed
12	6

	Domain	Requested by
6	2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev	2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev
1	fonts.googleapis.com	2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev
1	ipinfo.io	ajax.googleapis.com
1	api.ipify.org	ajax.googleapis.com
1	th.bing.com	2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev
1	ajax.googleapis.com	2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev
0	ocastant.sirv.com Failed	2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev
12	7

This site contains no links.

Subject Issuer	Validity	Valid
*.kirk.replit.dev R10	`2024-09-24` - `2024-12-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 04	`2024-06-24` - `2025-06-19`	a year	crt.sh
ipify.org WE1	`2024-09-15` - `2024-12-14`	3 months	crt.sh
ipinfo.io R11	`2024-10-01` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/
Frame ID: 4B5AE28EC9B8301B2A42801BACA176E5
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

92 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

145 kB
Transfer

199 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/ 3 KB
4 KB 441ms
114ms Document
text/html 35.247.106.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.247.106.28 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.106.247.35.bc.googleusercontent.com
Software: /
Resource Hash: 4c158af6b2a9ec1ec8f2d98641da32936ac84d86aff67fdafd172fe36d70c00a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Content-Length: 3508
Content-Type: text/html; charset=UTF-8
Date: Sun, 03 Nov 2024 04:26:00 GMT
Host: 2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev
Replit-Cluster: kirk
X-Robots-Tag: none, noindex, noarchive, nofollow, nositelinkssearchbox, noimageindex none, noindex, noarchive, nofollow, nositelinkssearchbox, noimageindex

GET
H/1.1 404
Not Found bootstrap.min.css
2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/ 0
0 110ms
109ms Stylesheet
text/html 35.247.106.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/bootstrap.min.css
Requested by: Host: 2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev
URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.247.106.28 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.106.247.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/

Response headers

X-Robots-Tag: none, noindex, noarchive, nofollow, nositelinkssearchbox, noimageindex, none, noindex, noarchive, nofollow, nositelinkssearchbox, noimageindex
Content-Length: 550
Replit-Cluster: kirk
Date: Sun, 03 Nov 2024 04:26:00 GMT
Content-Type: text/html; charset=UTF-8
Host: 2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev

GET
H/1.1 200
OK util.css
2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/ 85 KB
85 KB 230ms
119ms Stylesheet
text/css 35.247.106.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/util.css
Requested by: Host: 2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev
URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.247.106.28 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.106.247.35.bc.googleusercontent.com
Software: /
Resource Hash: 84626f194baa778443f1b25702b0ad494daa3fe68f3beab4e3530bb69b71bbbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/

Response headers

X-Robots-Tag: none, noindex, noarchive, nofollow, nositelinkssearchbox, noimageindex, none, noindex, noarchive, nofollow, nositelinkssearchbox, noimageindex
Content-Length: 86798
Replit-Cluster: kirk
Date: Sun, 03 Nov 2024 04:26:00 GMT
Content-Type: text/css; charset=UTF-8
Host: 2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev

GET
H/1.1 200
OK main.css
2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/ 14 KB
14 KB 433ms
117ms Stylesheet
text/css 35.247.106.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/main.css
Requested by: Host: 2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev
URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.247.106.28 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.106.247.35.bc.googleusercontent.com
Software: /
Resource Hash: bf61e367cf4a2acace2303bc8b8217e503ec8832b3c98b357ecb4da6c04e119d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/

Response headers

X-Robots-Tag: none, noindex, noarchive, nofollow, nositelinkssearchbox, noimageindex, none, noindex, noarchive, nofollow, nositelinkssearchbox, noimageindex
Content-Length: 14366
Replit-Cluster: kirk
Date: Sun, 03 Nov 2024 04:26:00 GMT
Content-Type: text/css; charset=UTF-8
Host: 2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 212ms
70ms Script
text/javascript 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: 2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev
URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/

Response headers

content-encoding: gzip
age: 202157
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Fri, 31 Oct 2025 20:16:43 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 20:16:43 GMT
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31021
x-xss-protection: 0
server: sffe

GET
H2 200 OIP.zfLrpMnYW_CrFIId4vgxYgHaHa
th.bing.com/th/id/ 3 KB
3 KB 385ms
119ms Image
image/jpeg 2600:1408:c400:1c::17d4:fa8e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://th.bing.com/th/id/OIP.zfLrpMnYW_CrFIId4vgxYgHaHa?w=183&h=183&c=7&r=0&o=5&pid=1.7
Requested by: Host: 2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev
URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:1c::17d4:fa8e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d91c5480974376caef87ae981bd821547e262804c3c22b5fc98e17a812dea75e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/

Response headers

nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
timing-allow-origin: *
cache-control: public, max-age=1209548
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=QUZE"}]}
access-control-allow-methods: GET, POST, OPTIONS
x-check-cacheable: YES
access-control-allow-origin: *
x-cache: TCP_MISS from a23-220-106-142.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
content-length: 2751
alt-svc: h3=":443"; ma=93600
date: Sun, 03 Nov 2024 04:26:00 GMT
akamai-grn: 0.8e6adc17.1730607960.1b9d9271
content-type: image/jpeg
access-control-allow-headers: *

GET
H/1.1 200
OK saxes.js Show response
2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/ 5 KB
5 KB 433ms
115ms Script
application/javascript 35.247.106.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/saxes.js
Requested by: Host: 2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev
URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.247.106.28 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.106.247.35.bc.googleusercontent.com
Software: /
Resource Hash: 2b301b0867bacb161b7188ce0cef45d18f51c88b1bbbeb54ed4c12557f5e136c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/

Response headers

X-Robots-Tag: none, noindex, noarchive, nofollow, nositelinkssearchbox, noimageindex, none, noindex, noarchive, nofollow, nositelinkssearchbox, noimageindex
Content-Length: 4876
Replit-Cluster: kirk
Date: Sun, 03 Nov 2024 04:26:00 GMT
Content-Type: application/javascript
Host: 2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev

GET
H2 200 / Show response
api.ipify.org/ 22 B
296 B 191ms
87ms XHR
application/json 104.26.12.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3f0c5bd17ead8dcb853264a2c853c2b6612212c0c17d0742d458412886257f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8dc99a8b3d55495a-MIA
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=38802&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3990&recv_bytes=2343&delivery_rate=101630&cwnd=246&unsent_bytes=0&cid=ba79f5445c717ccd&ts=93&x=0"
content-length: 22
date: Sun, 03 Nov 2024 04:26:00 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
H2 200 / Show response
ipinfo.io/ 252 B
455 B 195ms
88ms XHR
application/json 34.117.59.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

b8213c2d825b9018c914f5aaf62a6ea041395aa46c7a42f5607cceb8b38f44f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172
date: Sun, 03 Nov 2024 04:26:00 GMT
x-xss-protection: 1; mode=block
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET images.png
ocastant.sirv.com/dunkin/ 0
0

GET
H2 200 css
fonts.googleapis.com/ 794 B
841 B 262ms
82ms Font
text/css 2607:f8b0:4004:c0b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins

Requested by

Host: 2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev
URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a619c7ffa7d48d0a2901958b94251ccf03df56d451086b23af37adc84ed00fe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev
Referer: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 03 Nov 2024 04:26:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 03 Nov 2024 04:26:00 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 03 Nov 2024 02:54:38 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 404
Not Found favicon.ico
2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/ 544 B
939 B 108ms
108ms Other
text/html 35.247.106.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.247.106.28 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.106.247.35.bc.googleusercontent.com
Software: /
Resource Hash: 28e8d6ca16281b61453fc074393a70dd88728734fd6546313f5197b9ab243b44

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/

Response headers

X-Robots-Tag: none, noindex, noarchive, nofollow, nositelinkssearchbox, noimageindex, none, noindex, noarchive, nofollow, nositelinkssearchbox, noimageindex
Content-Length: 544
Replit-Cluster: kirk
Date: Sun, 03 Nov 2024 04:26:01 GMT
Content-Type: text/html; charset=UTF-8
Host: 2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ocastant.sirv.com
URL: https://ocastant.sirv.com/dunkin/images.png

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/bootstrap.min.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/ Message: Failed to decode downloaded font: https://fonts.googleapis.com/css?family=Poppins
other	warning	URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/ Message: OTS parsing error: invalid sfntVersion: 791289964
other	warning	URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/ Message: Failed to decode downloaded font: https://fonts.googleapis.com/css?family=Poppins
other	warning	URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/ Message: OTS parsing error: invalid sfntVersion: 791289964
other	warning	URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/ Message: Failed to decode downloaded font: https://fonts.googleapis.com/css?family=Poppins
other	warning	URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/ Message: OTS parsing error: invalid sfntVersion: 791289964
other	warning	URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/ Message: Failed to decode downloaded font: https://fonts.googleapis.com/css?family=Poppins
other	warning	URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/ Message: OTS parsing error: invalid sfntVersion: 791289964
network	error	URL: https://2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev
ajax.googleapis.com
api.ipify.org
fonts.googleapis.com
ipinfo.io
ocastant.sirv.com
th.bing.com
ocastant.sirv.com
104.26.12.205
2600:1408:c400:1c::17d4:fa8e
2607:f8b0:4004:c07::5f
2607:f8b0:4004:c0b::5f
34.117.59.81
35.247.106.28
28e8d6ca16281b61453fc074393a70dd88728734fd6546313f5197b9ab243b44
2b301b0867bacb161b7188ce0cef45d18f51c88b1bbbeb54ed4c12557f5e136c
4c158af6b2a9ec1ec8f2d98641da32936ac84d86aff67fdafd172fe36d70c00a
84626f194baa778443f1b25702b0ad494daa3fe68f3beab4e3530bb69b71bbbd
a619c7ffa7d48d0a2901958b94251ccf03df56d451086b23af37adc84ed00fe9
b8213c2d825b9018c914f5aaf62a6ea041395aa46c7a42f5607cceb8b38f44f2
bf61e367cf4a2acace2303bc8b8217e503ec8832b3c98b357ecb4da6c04e119d
c3f0c5bd17ead8dcb853264a2c853c2b6612212c0c17d0742d458412886257f6
d91c5480974376caef87ae981bd821547e262804c3c22b5fc98e17a812dea75e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev Open in urlscan Pro 35.247.106.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

50 %IPv6

6 Domains

7 Subdomains

7 IPs

2 Countries

145 kBTransfer

199 kBSize

0 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

10 Console Messages

Indicators

2aa6f95d-097e-4566-afd1-38000e858f3f-00-3qbvk95gpdo4r.kirk.replit.dev Open in urlscan Pro
35.247.106.28 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

145 kB
Transfer

199 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions