urlscan.io logo urlscan.io
SecurityTrails logo

weffkemining.com Open in urlscan Pro
15.197.142.173  Public Scan

Go To Rescan Add Verdict Report
URL: http://weffkemining.com/
Submission: On July 24 via api from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 2 HTTP transactions. The main IP is 15.197.142.173, located in United States and belongs to AMAZON-02, US. The main domain is weffkemining.com.
This is the only time weffkemining.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15.197.142.173 16509 (AMAZON-02)
2 2 2a05:d014:275... 16509 (AMAZON-02)
1 1 2a05:d014:275... 16509 (AMAZON-02)
1 52.58.153.27 16509 (AMAZON-02)
2 2
1    15.197.142.173 (United States)

ASN16509 (AMAZON-02, US)
PTR: a4ec4c6ea1c92e2e6.awsglobalaccelerator.com
weffkemining.com
2    2a05:d014:275:cb00:ec0d:12e2:df27:aa60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
hopeful-poitras-654e5a.bitballoon.com
drop.netlify.app
1    2a05:d014:275:cb01:8909:43f0:2069:7b77 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
drop.netlify.com
1    52.58.153.27 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-153-27.eu-central-1.compute.amazonaws.com
app.netlify.com
Apex Domain
Subdomains		 Transfer
2 netlify.com
drop.netlify.com
app.netlify.com — Cisco Umbrella Rank: 239349
127 B
1 netlify.app
drop.netlify.app
197 B
1 bitballoon.com
hopeful-poitras-654e5a.bitballoon.com
262 B
1 weffkemining.com
weffkemining.com
832 B
2 4
Domain Requested by
1 app.netlify.com weffkemining.com
1 drop.netlify.app 1 redirects
1 drop.netlify.com 1 redirects
1 hopeful-poitras-654e5a.bitballoon.com 1 redirects
1 weffkemining.com
2 5

This site contains no links.

Subject Issuer Validity Valid
*.netlify.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-07-12 -
2022-08-12		 a year crt.sh

This page contains 2 frames:

Primary Page: http://weffkemining.com/
Frame ID: 37946E6A2F685A420DC3EFD1B45B6B8C
Requests: 1 HTTP requests in this frame

Frame: https://app.netlify.com/drop
Frame ID: 62F7ED496A03E713357D7EC45BA080D2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

** WeffkeMining - Mining for everyone **

Page Statistics

2
Requests

50 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

2
IPs

2
Countries

1 kB
Transfer

1 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://hopeful-poitras-654e5a.bitballoon.com/ HTTP 301
  • https://drop.netlify.com/ HTTP 301
  • https://drop.netlify.app/ HTTP 301
  • https://app.netlify.com/drop

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
weffkemining.com/ 		587 B
832 B 		Document
General
Check archive.org
Download Go to
Full URL
http://weffkemining.com/
Protocol
HTTP/1.1
Server
15.197.142.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a4ec4c6ea1c92e2e6.awsglobalaccelerator.com
Software
ip-100-74-2-100.eu-west-2.compute.internal /
Resource Hash
8b6d6ef2508d651bb9e4733e67c439650b766448ac207ef363ba973cde49ae9d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
587
Content-Type
text/html; charset=utf-8
Date
Sun, 24 Jul 2022 15:40:32 GMT
Server
ip-100-74-2-100.eu-west-2.compute.internal
X-Request-Id
6c56b525-7366-4738-a964-b524cd71edde
drop
app.netlify.com/ Frame 62F7
Redirect Chain
  • http://hopeful-poitras-654e5a.bitballoon.com/
  • https://drop.netlify.com/
  • https://drop.netlify.app/
  • https://app.netlify.com/drop
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.netlify.com/drop
Requested by
Host: weffkemining.com
URL: http://weffkemining.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.58.153.27 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-153-27.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
http://weffkemining.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
12114
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
4111
content-security-policy-report-only
default-src 'none';font-src 'self' data:;frame-src 'self' *.netlify.com *.firebaseio.com www.youtube-nocookie.com;script-src 'self' 'report-sample' 'unsafe-eval' 'sha256-tzJL5BjE+aPYtfDUO3L7snZrc/Q6owQNo7slbmDNg/Q=' 'sha256-AgvGePdDJa6NZD8ERuNYMTJHnHzDo1j+fLfMuyfYi04=' 'sha256-U1KH1Sp+ZiVrNvh2Xp9GZh+Dyr3YNC83yhqlkscMqa8=' 'sha256-s/ZYW0L0m1aNcKA9YVxtN8vNT2Qb3BX9IJ64Ffhe984=' *.siteintercept.qualtrics.com siteintercept.qualtrics.com *.firebaseio.com cdn.sift.com www.google-analytics.com www.googletagmanager.com cdn.segment.com *.hs-analytics.net *.hs-scripts.com *.hs-banner.com netlify-cdp-loader.netlify.app;connect-src *;img-src * data:;style-src 'self' 'unsafe-inline' d33wubrfki0l68.cloudfront.net;base-uri 'self';form-action 'self';report-uri https://csp-report.browser-intake-datadoghq.com/api/v2/logs?dd-api-key=pubd771a23f8cb1e4f45f24b5fd37e11a96&dd-evp-origin=content-security-policy&ddsource=csp-report
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 12:18:39 GMT
etag
"d399ea424250d6858f1b09e8507ea979-ssl-df"
referrer-policy
no-referrer-when-downgrade
server
Netlify
server-timing
cr;desc="hit-fresh", ds;dur=0, dc;desc="aws-fra", cg;desc="global-production", cl;dur=4111, tls;desc="new";dur=41
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
deny
x-nf-request-id
01G8RDW1FNFAZHVQTVGGFYRB3G
x-xss-protection
1; mode=block

Redirect headers

age
70965
cache-control
public, max-age=0, must-revalidate
content-length
43
content-type
text/plain; charset=utf-8
date
Sat, 23 Jul 2022 19:57:48 GMT
location
https://app.netlify.com/drop
server
Netlify
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-nf-request-id
01G8RDW1BQPE2FFWG3G3QA3VTZ

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation

0 Cookies

1 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://app.netlify.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.netlify.com
drop.netlify.app
drop.netlify.com
hopeful-poitras-654e5a.bitballoon.com
weffkemining.com
15.197.142.173
2a05:d014:275:cb00:ec0d:12e2:df27:aa60
2a05:d014:275:cb01:8909:43f0:2069:7b77
52.58.153.27
8b6d6ef2508d651bb9e4733e67c439650b766448ac207ef363ba973cde49ae9d