bafkreieaovft4kpdahbingxicyb6dqbhjxqnvfkmxrdv7shtqzfeguulla.ipfs.dweb.link Open in urlscan Pro
209.94.90.1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bafkreieaovft4kpdahbingxicyb6dqbhjxqnvfkmxrdv7shtqzfeguulla.ipfs.dweb.link/	15 KB 6 KB	351ms 18ms	Document text/html	209.94.90.1 PROTOCOL
General Check archive.org Show headers Download Go to Full URL https://bafkreieaovft4kpdahbingxicyb6dqbhjxqnvfkmxrdv7shtqzfeguulla.ipfs.dweb.link/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 209.94.90.1 , United States, ASN40680 (PROTOCOL, US), Reverse DNS Software openresty / Resource Hash 80754b3e29e301c2869ae81603e1c0274de0da954cbc475fc8f3864a43528b58 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-headers X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output access-control-allow-methods GET HEAD OPTIONS GET, POST, OPTIONS access-control-allow-origin * access-control-expose-headers Content-Range, X-Chunked-Output, X-Stream-Output cache-control public, max-age=29030400, immutable content-encoding br content-type text/html date Mon, 08 Jan 2024 14:34:02 GMT etag "bafkreieaovft4kpdahbingxicyb6dqbhjxqnvfkmxrdv7shtqzfeguulla" server openresty strict-transport-security max-age=31536000; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding x-ipfs-lb-pop gateway-bank1-ny5 x-ipfs-path /ipfs/bafkreieaovft4kpdahbingxicyb6dqbhjxqnvfkmxrdv7shtqzfeguulla/ x-ipfs-pop ipfs-bank4-ny5 x-ipfs-roots bafkreieaovft4kpdahbingxicyb6dqbhjxqnvfkmxrdv7shtqzfeguulla x-proxy-cache MISS
GET H2	200	jquery-1.9.1.js Show response code.jquery.com/	262 KB 78 KB	370ms 7ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.9.1.js Requested by Host: bafkreieaovft4kpdahbingxicyb6dqbhjxqnvfkmxrdv7shtqzfeguulla.ipfs.dweb.link URL: https://bafkreieaovft4kpdahbingxicyb6dqbhjxqnvfkmxrdv7shtqzfeguulla.ipfs.dweb.link/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40 Request headers accept-language en-US,en;q=0.9 Referer https://bafkreieaovft4kpdahbingxicyb6dqbhjxqnvfkmxrdv7shtqzfeguulla.ipfs.dweb.link/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 08 Jan 2024 14:34:02 GMT content-encoding gzip via 1.1 varnish age 9922235 x-cache HIT content-length 79506 x-served-by cache-lga21940-LGA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1704724443.846675,VS0,VE0 etag W/"28feccc0-4185d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 2868
GET H2	200	crypto-js.min.js Show response cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/	47 KB 14 KB	384ms 22ms	Script application/javascript	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js Requested by Host: bafkreieaovft4kpdahbingxicyb6dqbhjxqnvfkmxrdv7shtqzfeguulla.ipfs.dweb.link URL: https://bafkreieaovft4kpdahbingxicyb6dqbhjxqnvfkmxrdv7shtqzfeguulla.ipfs.dweb.link/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://bafkreieaovft4kpdahbingxicyb6dqbhjxqnvfkmxrdv7shtqzfeguulla.ipfs.dweb.link/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Mon, 08 Jan 2024 14:34:02 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 262220 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 13972 last-modified Sat, 14 Aug 2021 20:33:09 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "61182885-3694" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSYGNnx%2Fn%2BrzSmQn0iKdmezB%2FWPdo3n%2BS3CfoJHtsXb6BmvI4yjNzvNsecggTPgr3p51AJAqg7I8%2F%2FNUj65zKJDL02RG%2FWis1c%2Byj%2FbqUiU1FH0r%2Bzgb9l4p%2FVZU4k%2FOPPeqZ1v3"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 842528b7cce85e6b-EWR expires Sat, 28 Dec 2024 14:34:02 GMT
GET		preload-outlook.gif kv1v2k46e4h.gkalga.online/static/media/	0 0
GET		preload-outlook.gif kxo9c47le2i.ygaigakg.online/static/media/	0 0
GET H/1.1	200 OK	/ Show response pro.ip-api.com/json/	288 B 444 B	67ms 14ms	XHR application/json	208.95.112.2 TUT-AS
General Check archive.org Show headers Download Go to Full URL https://pro.ip-api.com/json/?key=pD3jjrEbn4o2CQ1 Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-1.9.1.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 208.95.112.2 , United States, ASN53334 (TUT-AS, US), Reverse DNS Software / Resource Hash e5a9a587bcba88398b1139415c60cd49eaf6ecd53de3ef14957adf712dc6ad3e Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://bafkreieaovft4kpdahbingxicyb6dqbhjxqnvfkmxrdv7shtqzfeguulla.ipfs.dweb.link/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 08 Jan 2024 14:34:03 GMT Content-Length 288 Content-Type application/json; charset=utf-8
POST		/ kv1v2k46e4h.gkalga.online/obufsssssssscaaatoion/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

kv1v2k46e4h.gkalga.online

URL

https://kv1v2k46e4h.gkalga.online/static/media/preload-outlook.gif

Domain

kxo9c47le2i.ygaigakg.online

URL

https://kxo9c47le2i.ygaigakg.online/static/media/preload-outlook.gif

Domain

kv1v2k46e4h.gkalga.online

URL

https://kv1v2k46e4h.gkalga.online/obufsssssssscaaatoion/

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| _0x16973d function| _0x4ff83a function| _0x50921e function| _0x151013 function| _0x1037d1 function| _0x580176 function| _0x278f11 function| _0xa01c8c function| _0x2c78f1 function| _0xb51c34 function| _0x2ad128 function| _0x5701a5 function| _0x443629 function| _0x2c2cd8 object| div1 string| Page_type string| IGOBZL string| cbbg function| _0x4740 function| _0x2b83 string| fFXJmGfP string| kaka90nal string| ka45k459final2 string| kak0011afinal string| getjsonnn number| countttingerr function| $ function| jQuery object| CryptoJS

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kv1v2k46e4h.gkalga.online/static/media/preload-outlook.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://kxo9c47le2i.ygaigakg.online/static/media/preload-outlook.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://kv1v2k46e4h.gkalga.online/obufsssssssscaaatoion/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bafkreieaovft4kpdahbingxicyb6dqbhjxqnvfkmxrdv7shtqzfeguulla.ipfs.dweb.link
cdnjs.cloudflare.com
code.jquery.com
kv1v2k46e4h.gkalga.online
kxo9c47le2i.ygaigakg.online
pro.ip-api.com
kv1v2k46e4h.gkalga.online
kxo9c47le2i.ygaigakg.online
104.17.25.14
151.101.2.137
208.95.112.2
209.94.90.1
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40
80754b3e29e301c2869ae81603e1c0274de0da954cbc475fc8f3864a43528b58
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
e5a9a587bcba88398b1139415c60cd49eaf6ecd53de3ef14957adf712dc6ad3e