bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link Open in urlscan Pro
209.94.90.1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link/
Submission: On January 08 via api (January 8th 2024, 3:51:12 am UTC) from US — Scanned from US

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 8 HTTP transactions. The main IP is 209.94.90.1, located in United States and belongs to PROTOCOL, US. The main domain is bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link.
TLS certificate: Issued by R3 on November 20th 2023. Valid for: 3 months.

This is the only time bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	209.94.90.1 209.94.90.1	40680 (PROTOCOL) (PROTOCOL)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	208.95.112.2 208.95.112.2	53334 (TUT-AS) (TUT-AS)
8	5

1 209.94.90.1 (United States)

ASN40680 (PROTOCOL, US)

bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.95.112.2 (United States)

ASN53334 (TUT-AS, US)

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 5623	444 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	14 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1219	78 KB
1	dweb.link bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link	6 KB
0	ygaigakg.online Failed zhmk2h2ydm.ygaigakg.online Failed
0	gkalga.online Failed ogtgwtm6j4.gkalga.online Failed
8	6

	Domain	Requested by
1	pro.ip-api.com	code.jquery.com
1	cdnjs.cloudflare.com	bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link
1	code.jquery.com	bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link
1	bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link
0	zhmk2h2ydm.ygaigakg.online Failed
0	ogtgwtm6j4.gkalga.online Failed	code.jquery.com
8	6

This site contains no links.

Subject Issuer	Validity	Valid
dweb.link R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-21` - `2025-01-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link/
Frame ID: F9CD6F7E772A9B055E83AE3DD76A6E7A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

50 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

98 kB
Transfer

324 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link/ 14 KB
6 KB 358ms
20ms Document
text/html 209.94.90.1
PROTOCOL

General

Check archive.org

Show headers Download Go to

Full URL

https://bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.94.90.1 , United States, ASN40680 (PROTOCOL, US),

Reverse DNS

Software

openresty /

Resource Hash

5efc6b2cadb7ee02da245e1feffbceb5e0803c07bbaad83190e677142175e682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-methods: GET HEAD OPTIONS GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Range, X-Chunked-Output, X-Stream-Output
cache-control: public, max-age=29030400, immutable
content-encoding: br
content-type: text/html
date: Mon, 08 Jan 2024 03:51:07 GMT
etag: "bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi"
server: openresty
strict-transport-security: max-age=31536000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
x-ipfs-lb-pop: gateway-bank1-ny5
x-ipfs-path: /ipfs/bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi/
x-ipfs-pop: ipfs-bank4-ny5
x-ipfs-roots: bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi
x-proxy-cache: MISS

GET
H2 200 jquery-1.9.1.js Show response
code.jquery.com/ 262 KB
78 KB 337ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.js
Requested by: Host: bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link
URL: https://bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 03:51:08 GMT
content-encoding: gzip
via: 1.1 varnish
age: 9883661
x-cache: HIT
content-length: 79506
x-served-by: cache-lga21926-LGA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1704685868.195786,VS0,VE0
etag: W/"28feccc0-4185d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 2382

GET
H2 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 47 KB
14 KB 353ms
18ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

Requested by

Host: bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link
URL: https://bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 03:51:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3343835
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13972
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61182885-3694"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5d4UAduLZJvf8%2Fnt9Qav2%2FS5s4T6S7GFVTj7rWthT81r0HUxiQtMv8hsLxsUramjGAVkcz8BoPZXNY50L5%2BhLThkBZwDmAkg224p5qd675oH6EPK8J7w7V0ke6lmQGMVG0iiRvwL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84217af44dfb426b-EWR
expires: Sat, 28 Dec 2024 03:51:08 GMT

GET preload-outlook.gif
ogtgwtm6j4.gkalga.online/static/media/ 0
0

GET preload-outlook.gif
zhmk2h2ydm.ygaigakg.online/static/media/ 0
0

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 288 B
444 B 67ms
13ms XHR
application/json 208.95.112.2
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=pD3jjrEbn4o2CQ1
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 208.95.112.2 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: ea5dc4f031d82fcae85c9c1136cc730ff2364a6efab8ee930db38cebd666975a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 08 Jan 2024 03:51:08 GMT
Content-Length: 288
Content-Type: application/json; charset=utf-8

POST /
ogtgwtm6j4.gkalga.online/obufsssssssscaaatoion/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ogtgwtm6j4.gkalga.online
URL: https://ogtgwtm6j4.gkalga.online/static/media/preload-outlook.gif

Domain: zhmk2h2ydm.ygaigakg.online
URL: https://zhmk2h2ydm.ygaigakg.online/static/media/preload-outlook.gif

Domain: ogtgwtm6j4.gkalga.online
URL: https://ogtgwtm6j4.gkalga.online/obufsssssssscaaatoion/

Domain: ogtgwtm6j4.gkalga.online
URL: https://ogtgwtm6j4.gkalga.online/obufsssssssscaaatoion/

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ogtgwtm6j4.gkalga.online/static/media/preload-outlook.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://zhmk2h2ydm.ygaigakg.online/static/media/preload-outlook.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://ogtgwtm6j4.gkalga.online/obufsssssssscaaatoion/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://ogtgwtm6j4.gkalga.online/obufsssssssscaaatoion/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link
cdnjs.cloudflare.com
code.jquery.com
ogtgwtm6j4.gkalga.online
pro.ip-api.com
zhmk2h2ydm.ygaigakg.online
ogtgwtm6j4.gkalga.online
zhmk2h2ydm.ygaigakg.online
104.17.24.14
151.101.2.137
208.95.112.2
209.94.90.1
5efc6b2cadb7ee02da245e1feffbceb5e0803c07bbaad83190e677142175e682
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
ea5dc4f031d82fcae85c9c1136cc730ff2364a6efab8ee930db38cebd666975a

bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link Open in urlscan Pro 209.94.90.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

50 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

5 IPs

2 Countries

98 kBTransfer

324 kBSize

0 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

0 Cookies

4 Console Messages

Security Headers

Indicators

bafkreic67rvszlnx5ybnujc6d7x7xtvv4cadyb53vlmddehgo4kcc5pgqi.ipfs.dweb.link Open in urlscan Pro
209.94.90.1 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

50 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

98 kB
Transfer

324 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions