jotordrr35.tumblr.com Open in urlscan Pro
74.114.154.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jotordrr35.tumblr.com/
Effective URL:
https://jotordrr35.tumblr.com/
Submission Tags: @phish_report
Submission: On December 20 via api (December 20th 2024, 2:30:17 pm UTC) from FI — Scanned from FI

Summary HTTP 9 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 1 domains to perform 9 HTTP transactions. The main IP is 74.114.154.18, located in Ashburn, United States and belongs to AUTOMATTIC, US. The main domain is jotordrr35.tumblr.com.
TLS certificate: Issued by Sectigo ECC Domain Validation Secure ... on November 25th 2024. Valid for: 4 months.

This is the only time jotordrr35.tumblr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	74.114.154.18 74.114.154.18	2635 (AUTOMATTIC) (AUTOMATTIC)
5	192.0.77.40 192.0.77.40	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.77.3 192.0.77.3	2635 (AUTOMATTIC) (AUTOMATTIC)
9	4

1 74.114.154.18 (Ashburn, United States)

ASN2635 (AUTOMATTIC, US)

jotordrr35.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.77.40 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com

assets.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

66.media.tumblr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	tumblr.com jotordrr35.tumblr.com assets.tumblr.com — Cisco Umbrella Rank: 26795 66.media.tumblr.com — Cisco Umbrella Rank: 115511 www.tumblr.com Failed	249 KB
9	1

	Domain	Requested by
5	assets.tumblr.com	jotordrr35.tumblr.com assets.tumblr.com
2	66.media.tumblr.com	jotordrr35.tumblr.com
1	jotordrr35.tumblr.com
0	www.tumblr.com Failed
9	4

This site contains links to these domains. Also see Links.

Domain
www.tumblr.com
dvdp.tumblr.com

Subject Issuer	Validity	Valid
*.tumblr.com Sectigo ECC Domain Validation Secure Server CA	`2024-11-25` - `2025-03-26`	4 months	crt.sh
*.media.tumblr.com Sectigo ECC Domain Validation Secure Server CA	`2024-01-03` - `2025-02-02`	a year	crt.sh

This page contains 1 frames:

Frame: https://www.tumblr.com/explore?referer=404
Frame ID: E86EC001DCEC0488601BFC54F9B36599
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Not found.

Page URL History Show full URLs

http://jotordrr35.tumblr.com/ HTTP 307
https://jotordrr35.tumblr.com/ Page URL

Detected technologies

Tumblr (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://(?:www\.)?[^/]+\.tumblr\.com/

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

1
Domains

4
Subdomains

4
IPs

1
Countries

276 kB
Transfer

395 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.tumblr.com/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/register
Title: Sign up

Search URL Search Domain Scan URL

URL: https://www.tumblr.com/

Search URL Search Domain Scan URL

URL: https://dvdp.tumblr.com/post/29122608238/120810
Title: Posted by dvdp

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jotordrr35.tumblr.com/ HTTP 307
https://jotordrr35.tumblr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
jotordrr35.tumblr.com/
Redirect Chain

http://jotordrr35.tumblr.com/
https://jotordrr35.tumblr.com/

4 KB
1 KB

1064ms
317ms

Document
text/html

74.114.154.18
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://jotordrr35.tumblr.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.114.154.18 Ashburn, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 19803356b525450b8529fcd7b10254e8315ca28865665e0c933b89630408ddf4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-encoding: br
content-type: text/html
date: Fri, 20 Dec 2024 14:30:12 GMT
etag: W/"67166e1e-10d2"
server: nginx
vary: Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://jotordrr35.tumblr.com/
Non-Authoritative-Reason: HSTS

GET
H2 200 index.build.css
assets.tumblr.com/client/prod/standalone/error-pages/ 63 KB
14 KB 263ms
95ms Stylesheet
text/css 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.tumblr.com/client/prod/standalone/error-pages/index.build.css?_v=da302762836d5bf2aeee0f6522476e59

Requested by

Host: jotordrr35.tumblr.com
URL: https://jotordrr35.tumblr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

f6bf18b988ec643493a2199096a76133eba7e712fefc25551d6d37d079cc993f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://jotordrr35.tumblr.com/

Response headers

strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
cache-control: max-age=315360000, immutable
timing-allow-origin: *
content-encoding: br
x-nc: HIT arn 1
etag: W/"63103f7b-fa74"
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: clear
access-control-allow-origin: *
date: Fri, 20 Dec 2024 14:30:12 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 05:13:31 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 errors.js Show response
assets.tumblr.com/languages/ 63 KB
10 KB 263ms
95ms Script
application/javascript 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.tumblr.com/languages/errors.js?_v=aa8ebc5ca20b127a3a667152c15432a2

Requested by

Host: jotordrr35.tumblr.com
URL: https://jotordrr35.tumblr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

6acba8d22fdfa83f422e2639a0bd0b031609da0c58368d091a495118a090954b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://jotordrr35.tumblr.com/

Response headers

strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
cache-control: max-age=315360000, immutable
timing-allow-origin: *
content-encoding: br
x-nc: HIT arn 1
etag: W/"640bac94-fbc0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: clear
access-control-allow-origin: *
date: Fri, 20 Dec 2024 14:30:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 10 Mar 2023 22:17:56 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 index.build.js Show response
assets.tumblr.com/client/prod/standalone/error-pages/ 22 KB
7 KB 263ms
95ms Script
application/javascript 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.tumblr.com/client/prod/standalone/error-pages/index.build.js?_v=f7b55c2ded2a9d2552e4508af77a98a4

Requested by

Host: jotordrr35.tumblr.com
URL: https://jotordrr35.tumblr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

38b60061a01a0a5ec6e99cc991e2474426117e6f2bed09ea688a012426172687

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://jotordrr35.tumblr.com/

Response headers

strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
cache-control: max-age=315360000, immutable
timing-allow-origin: *
content-encoding: br
x-nc: HIT arn 1
etag: W/"669fd5ad-588d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: clear
access-control-allow-origin: *
date: Fri, 20 Dec 2024 14:30:12 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 23 Jul 2024 16:09:17 GMT
server: nginx
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ca9b6f9a3c6e7aafdde018f36d03deb9a044310d40a172875f2154cf27ac652

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type: image/png

GET
H2 200 tumblr-icons_e24c07a0f2ea4f19997f508adc0110e4.woff2
assets.tumblr.com/fonts/tumblr-icons/ 20 KB
21 KB 286ms
138ms Font
application/font-woff2 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.tumblr.com/fonts/tumblr-icons/tumblr-icons_e24c07a0f2ea4f19997f508adc0110e4.woff2?v=ace24d0e0ad76b7fa49a172b4272c348

Requested by

Host: assets.tumblr.com
URL: https://assets.tumblr.com/client/prod/standalone/error-pages/index.build.css?_v=da302762836d5bf2aeee0f6522476e59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

6419fb77f2ea075aa72d6c447e1930c04c9dbb2e716371add637b2f6f9845dc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://jotordrr35.tumblr.com
Referer: https://assets.tumblr.com/client/prod/standalone/error-pages/index.build.css?_v=da302762836d5bf2aeee0f6522476e59

Response headers

strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
cache-control: max-age=315360000, immutable
timing-allow-origin: *
x-nc: HIT arn 1
etag: "63104592-51ec"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
alt-svc: clear
access-control-allow-origin: *
content-length: 20972
date: Fri, 20 Dec 2024 14:30:13 GMT
content-type: application/font-woff2
last-modified: Thu, 01 Sep 2022 05:39:30 GMT
server: nginx

GET
DATA 200
OK truncated
/ 27 KB
27 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 805eb4e1b7ea173b5d21c9991d3d623649921bec9bb35d5a13df90f65bc242e2

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin: https://jotordrr35.tumblr.com
Referer

Response headers

Content-Type: font/opentype

GET
H2 200 tumblr_m8jk6nInJO1qzt4vjo1_r1_500.gif
66.media.tumblr.com/ 156 KB
157 KB 304ms
102ms Image
image/gif 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://66.media.tumblr.com/tumblr_m8jk6nInJO1qzt4vjo1_r1_500.gif

Requested by

Host: jotordrr35.tumblr.com
URL: https://jotordrr35.tumblr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

34e6134e9e8e9162609d46436c3c5dc96c51024344f2273fe20c83a083c30997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://jotordrr35.tumblr.com/

Response headers

access-control-max-age: 86400
etag: "d82a132a4153342d9b30f59b307b4620-1523937600-12138a4"
access-control-allow-methods: GET
alt-svc: clear
server-timing: dc;desc=arn, cache;desc=HIT;dur=0.0
date: Fri, 20 Dec 2024 14:30:13 GMT
content-type: image/gif
content-disposition: inline; filename="tumblr_m8jk6nInJO1qzt4vjo1_r1_500.gif"
last-modified: Tue, 17 Apr 2018 04:00:00 GMT
strict-transport-security: max-age=31536000; preload
cache-control: max-age=315360000
timing-allow-origin: *
x-nc: HIT arn 6
accept-ranges: bytes
access-control-allow-origin: *
content-length: 159968
server: nginx

GET
H2 200 avatar_8ade00b0bf51_128.png
66.media.tumblr.com/ 23 KB
23 KB 305ms
103ms Image
image/png 192.0.77.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://66.media.tumblr.com/avatar_8ade00b0bf51_128.png

Requested by

Host: jotordrr35.tumblr.com
URL: https://jotordrr35.tumblr.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ea19cd31f01f1ae11ef47cb61535a4413971346bd0fd6cb730b4f54520db69df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://jotordrr35.tumblr.com/

Response headers

access-control-max-age: 86400
etag: "0de6624bd8218ae6e6266f21fd1a367c-1498089600-98b6076"
access-control-allow-methods: GET
alt-svc: clear
server-timing: dc;desc=arn, cache;desc=HIT;dur=0.0
date: Fri, 20 Dec 2024 14:30:13 GMT
content-type: image/png
last-modified: Thu, 22 Jun 2017 00:00:00 GMT
content-disposition: inline; filename="avatar_8ade00b0bf51_128.png"
strict-transport-security: max-age=31536000; preload
cache-control: max-age=31536000
timing-allow-origin: *
x-nc: HIT arn 4
access-control-allow-origin: *
x-frames: 1
content-length: 23305
server: nginx

GET
H2 200 favicon.ico
assets.tumblr.com/images/favicons/ 15 KB
15 KB 73ms
73ms Other
image/x-icon 192.0.77.40
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.tumblr.com/images/favicons/favicon.ico?_v=8bfa6dd3e1249cd567350c606f8574dc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

assets.tumblr.com

Software

nginx /

Resource Hash

5ace840c71cbdaeb74726db7b5cb334f20401d4f7767e5927daae42f661f3872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload, max-age=31536000; preload

Request headers

User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer: https://jotordrr35.tumblr.com/

Response headers

strict-transport-security: max-age=31536000; preload, max-age=31536000; preload
cache-control: max-age=315360000, immutable
timing-allow-origin: *
x-nc: HIT arn 1
etag: "63104592-3aee"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
alt-svc: clear
access-control-allow-origin: *
content-length: 15086
date: Fri, 20 Dec 2024 14:30:13 GMT
content-type: image/x-icon
last-modified: Thu, 01 Sep 2022 05:39:30 GMT
server: nginx

GET explore
www.tumblr.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.tumblr.com
URL: https://www.tumblr.com/explore?referer=404

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| l10nErrors object| l10nKeys

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://jotordrr35.tumblr.com/ Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

66.media.tumblr.com
assets.tumblr.com
jotordrr35.tumblr.com
www.tumblr.com
www.tumblr.com
192.0.77.3
192.0.77.40
74.114.154.18
19803356b525450b8529fcd7b10254e8315ca28865665e0c933b89630408ddf4
34e6134e9e8e9162609d46436c3c5dc96c51024344f2273fe20c83a083c30997
38b60061a01a0a5ec6e99cc991e2474426117e6f2bed09ea688a012426172687
5ace840c71cbdaeb74726db7b5cb334f20401d4f7767e5927daae42f661f3872
6419fb77f2ea075aa72d6c447e1930c04c9dbb2e716371add637b2f6f9845dc3
6acba8d22fdfa83f422e2639a0bd0b031609da0c58368d091a495118a090954b
6ca9b6f9a3c6e7aafdde018f36d03deb9a044310d40a172875f2154cf27ac652
805eb4e1b7ea173b5d21c9991d3d623649921bec9bb35d5a13df90f65bc242e2
ea19cd31f01f1ae11ef47cb61535a4413971346bd0fd6cb730b4f54520db69df
f6bf18b988ec643493a2199096a76133eba7e712fefc25551d6d37d079cc993f

jotordrr35.tumblr.com Open in urlscan Pro 74.114.154.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

9 Requests

89 %HTTPS

0 %IPv6

1 Domains

4 Subdomains

4 IPs

1 Countries

276 kBTransfer

395 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

jotordrr35.tumblr.com Open in urlscan Pro
74.114.154.18 Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

0 %
IPv6

1
Domains

4
Subdomains

4
IPs

1
Countries

276 kB
Transfer

395 kB
Size

0
Cookies

9 HTTP transactions
2 data transactions