southpolestation.com Open in urlscan Pro
209.17.116.160 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://southpolestation.com/
Submission: On January 14 via api (January 14th 2020, 11:35:41 pm UTC) from US

Summary HTTP 8 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 8 HTTP transactions. The main IP is 209.17.116.160, located in Jacksonville, United States and belongs to DEFENSE-NET - Defense.Net, Inc, US. The main domain is southpolestation.com.

This is the only time southpolestation.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	209.17.116.160 209.17.116.160	55002 (DEFENSE-NET) (DEFENSE-NET - Defense.Net)
1 1	52.21.118.143 52.21.118.143	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:81f::2014	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2620:11d:3001... 2620:11d:3001:1104::230	7872 (USAP-ASN) (USAP-ASN - United States Antarctic Program)
1	2610:20:8800:... 2610:20:8800:6001::45	2648 (NIST-BOULDER) (NIST-BOULDER - NIST/U.S. Dept. of Commerce)
1	217.23.5.11 217.23.5.11	49981 (WORLDSTREAM) (WORLDSTREAM)
8	5

4 209.17.116.160 (Jacksonville, United States)

ASN55002 (DEFENSE-NET - Defense.Net, Inc, US)

southpolestation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.118.143 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: da-us-east-d7-lb-1.afilias.tech

detect.deviceatlas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

detect-deviceatlas-com.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:11d:3001:1104::230 (Centennial, United States)

ASN7872 (USAP-ASN - United States Antarctic Program, US)

www.usap.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2610:20:8800:6001::45 (United States)

ASN2648 (NIST-BOULDER - NIST/U.S. Dept. of Commerce, US)

www.esrl.noaa.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.23.5.11 (Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: srv2.4youreisen.com

counter.digits.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	southpolestation.com southpolestation.com	32 KB
1	digits.net counter.digits.net	692 B
1	noaa.gov www.esrl.noaa.gov	20 KB
1	usap.gov www.usap.gov	81 KB
1	appspot.com detect-deviceatlas-com.appspot.com	295 B
1	deviceatlas.com 1 redirects detect.deviceatlas.com	128 B
8	6

	Domain	Requested by
4	southpolestation.com	southpolestation.com
1	counter.digits.net	southpolestation.com
1	www.esrl.noaa.gov	southpolestation.com
1	www.usap.gov	southpolestation.com
1	detect-deviceatlas-com.appspot.com	southpolestation.com
1	detect.deviceatlas.com	1 redirects
8	6

This site contains links to these domains. Also see Links.

Domain
tgftp.nws.noaa.gov
www.esrl.noaa.gov
www.usap.gov
photolibrary.usap.gov
antarcticmemories.thruhere.net
www.palmerstation.com
www.digits.net

Subject Issuer	Validity	Valid
*.appspot.com GTS CA 1O1	`2019-12-10` - `2020-03-03`	3 months	crt.sh
*.usap.gov DigiCert SHA2 Secure Server CA	`2019-03-26` - `2021-06-18`	2 years	crt.sh
www.esrl.noaa.gov DigiCert SHA2 Secure Server CA	`2018-02-01` - `2021-04-26`	3 years	crt.sh
counter.digits.net Let's Encrypt Authority X3	`2019-12-02` - `2020-03-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://southpolestation.com/
Frame ID: B08EFDEB0A8F176E76F91D5A237E346E
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Page Statistics

8
Requests

50 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

134 kB
Transfer

138 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://tgftp.nws.noaa.gov/weather/current/NZSP.html
Title: text

Search URL Search Domain Scan URL

URL: https://www.esrl.noaa.gov/gmd/obop/spo/met.html
Title: graphic (72 hour data)

Search URL Search Domain Scan URL

URL: https://www.usap.gov/videoclipsandmaps/spwebcam.cfm
Title: USAP webcam

Search URL Search Domain Scan URL

URL: https://www.esrl.noaa.gov/gmd/obop/spo/livecamera.html

Search URL Search Domain Scan URL

URL: https://photolibrary.usap.gov/Portscripts/PortWeb.dll?query&field1=Filename&op1=matches&value=pole-sundog.jpg&catalog=Antarctica&template=USAPgovMidThumbs
Title: Antarctic Photo Library

Search URL Search Domain Scan URL

URL: https://antarcticmemories.thruhere.net/
Title: Antarctic Memories

Search URL Search Domain Scan URL

URL: https://www.palmerstation.com/index.html
Title: Palmer Station

Search URL Search Domain Scan URL

URL: https://www.digits.net/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://detect.deviceatlas.com/redirect.js?m=http://03c66ed.mynetworksolutions.mobi HTTP 301
https://detect-deviceatlas-com.appspot.com/redirect.js?m=http://03c66ed.mynetworksolutions.mobi

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
southpolestation.com/ 12 KB
6 KB 411ms
257ms Document
text/html 209.17.116.160
Defense.Net

General

Check archive.org

Show headers Download Go to

Full URL: http://southpolestation.com/
Protocol: HTTP/1.1
Server: 209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET - Defense.Net, Inc, US),
Reverse DNS
Software: openresty/1.15.8.1 /
Resource Hash: 46aeac222cd3ca752709c1ca054a0d99d07d85d75763bc4b62e49c2837fe46e5

Request headers

Host: southpolestation.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Server: openresty/1.15.8.1
Date: Tue, 14 Jan 2020 23:35:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 08 Jan 2020 23:23:39 GMT
ETag: W/"6168c670-2f00-59ba92eb67e88"
X-Webcom-Cache-Status: BYPASS
Content-Encoding: gzip

GET
H2

200

redirect.js Show response
detect-deviceatlas-com.appspot.com/
Redirect Chain

https://detect.deviceatlas.com/redirect.js?m=http://03c66ed.mynetworksolutions.mobi
https://detect-deviceatlas-com.appspot.com/redirect.js?m=http://03c66ed.mynetworksolutions.mobi

0
295 B

188ms
142ms

Script
text/html

2a00:1450:4001:81f::2014
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://detect-deviceatlas-com.appspot.com/redirect.js?m=http://03c66ed.mynetworksolutions.mobi
Requested by: Host: southpolestation.com
URL: http://southpolestation.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://southpolestation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Tue, 14 Jan 2020 23:35:24 GMT
server: Google Frontend
vary: User-Agent
content-type: text/html; charset=utf-8
status: 200
x-cloud-trace-context: 1ac260ed2e52f2b78f60b600edfda895;o=1
cache-control: max-age=259259
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0

Redirect headers

status: 301
date: Tue, 14 Jan 2020 23:35:24 GMT
server: nginx
content-length: 178
location: https://detect-deviceatlas-com.appspot.com/redirect.js?m=http://03c66ed.mynetworksolutions.mobi
content-type: text/html

GET
H/1.1 200
OK spole00051.jpg
www.usap.gov/videoClipsAndMaps/SouthPoleWebcam/ 81 KB
81 KB 1192ms
263ms Image
image/jpeg 2620:11d:3001:1104::230
United States Ant...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.usap.gov/videoClipsAndMaps/SouthPoleWebcam/spole00051.jpg
Requested by: Host: southpolestation.com
URL: http://southpolestation.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2620:11d:3001:1104::230 Centennial, United States, ASN7872 (USAP-ASN - United States Antarctic Program, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ed270130b002126e54b6f460af1ff1c398ed5a5df57652235a8da9183b525c05

Request headers

Referer: http://southpolestation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 23:35:23 GMT
ETag: "6068b98ed0cad51:0"
Last-Modified: Tue, 14 Jan 2020 11:48:37 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 82590

GET
H/1.1 200
OK steelemarker4.jpg
southpolestation.com/ 5 KB
6 KB 128ms
128ms Image
image/jpeg 209.17.116.160
Defense.Net

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://southpolestation.com/steelemarker4.jpg
Requested by: Host: southpolestation.com
URL: http://southpolestation.com/
Protocol: HTTP/1.1
Server: 209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET - Defense.Net, Inc, US),
Reverse DNS
Software: openresty/1.15.8.1 /
Resource Hash: b574a4620033a8ada1b6fad307cc7af31de8951e205cd8c6e85d12443c8d8954

Request headers

Referer: http://southpolestation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 23:35:23 GMT
Last-Modified: Thu, 31 Jan 2019 03:13:23 GMT
Server: openresty/1.15.8.1
X-Webcom-Cache-Status: BYPASS
ETag: "60fda628-14e4-580b868bd2297"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5348

GET
H/1.1 200
OK medium.jpg
www.esrl.noaa.gov/gmd/webdata/spo/webcam/ 20 KB
20 KB 414ms
139ms Image
image/jpeg 2610:20:8800:6001::45
NIST/U.S. Dept. o...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.esrl.noaa.gov/gmd/webdata/spo/webcam/medium.jpg

Requested by

Host: southpolestation.com
URL: http://southpolestation.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2610:20:8800:6001::45 , United States, ASN2648 (NIST-BOULDER - NIST/U.S. Dept. of Commerce, US),

Reverse DNS

Software

nginx /

Resource Hash

095c8587a486059023a377dfd05a2d39b2bb9c8c8565c0d0bb6a2936e14b2c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: http://southpolestation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 23:35:24 GMT
X-Content-Type-Options: nosniff, nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/jpeg
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes
Content-Length: 20520
x-xss-protection: 1; mode=block, 1; mode=block

GET
H/1.1 200
OK Logo_40wht.gif
southpolestation.com/ 4 KB
4 KB 130ms
130ms Image
image/gif 209.17.116.160
Defense.Net

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://southpolestation.com/Logo_40wht.gif
Requested by: Host: southpolestation.com
URL: http://southpolestation.com/
Protocol: HTTP/1.1
Server: 209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET - Defense.Net, Inc, US),
Reverse DNS
Software: openresty/1.15.8.1 /
Resource Hash: 40251830579c42f6d3ea03af4993d31ff649571886bb53d837d68a5e084b5d0e

Request headers

Referer: http://southpolestation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 23:35:24 GMT
Last-Modified: Wed, 05 Mar 2014 01:23:11 GMT
Server: openresty/1.15.8.1
X-Webcom-Cache-Status: BYPASS
ETag: "6168c67c-f05-4f3d1dd2ffa32"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3845

GET
H/1.1 200
OK polesundog2.jpg
southpolestation.com/ 16 KB
16 KB 262ms
247ms Image
image/jpeg 209.17.116.160
Defense.Net

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://southpolestation.com/polesundog2.jpg
Requested by: Host: southpolestation.com
URL: http://southpolestation.com/
Protocol: HTTP/1.1
Server: 209.17.116.160 Jacksonville, United States, ASN55002 (DEFENSE-NET - Defense.Net, Inc, US),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: 18a26fc5961188842fdc911b7131707307a0e69fd4bb7882ec909246d798851e

Request headers

Referer: http://southpolestation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 23:35:24 GMT
Last-Modified: Mon, 18 May 2015 08:37:34 GMT
Server: openresty/1.13.6.2
X-Webcom-Cache-Status: BYPASS
ETag: "6305812b-3f73-516571b049ba6"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16243

GET
H/1.1 200
OK billspindler
counter.digits.net/wc/-d/4/ 483 B
692 B 130ms
22ms Image
image/png 217.23.5.11
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://counter.digits.net/wc/-d/4/billspindler
Requested by: Host: southpolestation.com
URL: http://southpolestation.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.23.5.11 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: srv2.4youreisen.com
Software: nginx/1.10.2 /
Resource Hash: f1cb456180be504ec02a610c4e8596289d66c85f0645d027c1bff1bd6d590611

Request headers

Referer: http://southpolestation.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Tue, 14 Jan 2020 23:35:24 GMT
Expires: Tue, 14 Jan 2020 23:35:24 GMT
Server: nginx/1.10.2
Connection: keep-alive
Accept-Ranges: none
Content-Length: 483
Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counter.digits.net
detect-deviceatlas-com.appspot.com
detect.deviceatlas.com
southpolestation.com
www.esrl.noaa.gov
www.usap.gov
209.17.116.160
217.23.5.11
2610:20:8800:6001::45
2620:11d:3001:1104::230
2a00:1450:4001:81f::2014
52.21.118.143
095c8587a486059023a377dfd05a2d39b2bb9c8c8565c0d0bb6a2936e14b2c64
18a26fc5961188842fdc911b7131707307a0e69fd4bb7882ec909246d798851e
40251830579c42f6d3ea03af4993d31ff649571886bb53d837d68a5e084b5d0e
46aeac222cd3ca752709c1ca054a0d99d07d85d75763bc4b62e49c2837fe46e5
b574a4620033a8ada1b6fad307cc7af31de8951e205cd8c6e85d12443c8d8954
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed270130b002126e54b6f460af1ff1c398ed5a5df57652235a8da9183b525c05
f1cb456180be504ec02a610c4e8596289d66c85f0645d027c1bff1bd6d590611

southpolestation.com Open in urlscan Pro 209.17.116.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

8 Requests

50 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

134 kBTransfer

138 kBSize

0 Cookies

8 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

southpolestation.com Open in urlscan Pro
209.17.116.160 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

50 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

134 kB
Transfer

138 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions