link.babi.gdn - urlscan.io

Summary

This website contacted 3 IPs in 4 countries across 7 domains to perform 6 HTTP transactions. The main IP is 52.211.95.198, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is link.babi.gdn.

This is the only time link.babi.gdn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	199.59.242.151 199.59.242.151	395082 (BODIS-NJ) (BODIS-NJ - Bodis)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	18.185.198.225 18.185.198.225	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3 3	184.168.131.241 184.168.131.241	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1 1	185.237.96.130 185.237.96.130	204548 (CLOUDWEBM...) (CLOUDWEBMANAGE-IL-FR)
1 1	185.70.187.96 185.70.187.96	57043 (HOSTKEY-AS) (HOSTKEY-AS)
1	52.211.95.198 52.211.95.198	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	3

4 199.59.242.151 (New York, United States)

ASN395082 (BODIS-NJ - Bodis, LLC, US)

avasaglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.198.225 (Cambridge, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-185-198-225.eu-central-1.compute.amazonaws.com

zeroredirect13.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.168.131.241 (Scottsdale, United States) 3 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net

exclusive.photos	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.237.96.130 (None, ) 1 redirects

ASN204548 (CLOUDWEBMANAGE-IL-FR, GB)

go.trackingplatform.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.70.187.96 (Netherlands) 1 redirects

ASN57043 (HOSTKEY-AS, NL)

kq6.bestworkserv.company	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.95.198 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-211-95-198.eu-west-1.compute.amazonaws.com

link.babi.gdn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	avasaglobal.com avasaglobal.com	18 KB
3	exclusive.photos 3 redirects exclusive.photos	439 B
1	babi.gdn link.babi.gdn	3 KB
1	bestworkserv.company 1 redirects kq6.bestworkserv.company	470 B
1	trackingplatform.xyz 1 redirects go.trackingplatform.xyz	256 B
1	zeroredirect13.com 1 redirects zeroredirect13.com	456 B
1	google.com www.google.com	71 KB
6	7

	Domain	Requested by
4	avasaglobal.com	avasaglobal.com
3	exclusive.photos	3 redirects
1	link.babi.gdn	avasaglobal.com
1	kq6.bestworkserv.company	1 redirects
1	go.trackingplatform.xyz	1 redirects
1	zeroredirect13.com	1 redirects
1	www.google.com	avasaglobal.com
6	7

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://link.babi.gdn/c/7a719dd3fe1d2de1?&%3F%3Fkw=exclusive.photos&fallback=1&group_id=483&cntrl=00000&pid=584&redid=74633&gsid=483&campaign_id=1228&p_id=584&id=XNSX.exclusive.photos%3A%3A1538307453.66%7C%7C150501673%7C%7C0%7C%7C-r74633-t483&impid=38e9ff34-c4a5-11e8-82e7-fa245441bcee
Frame ID: 0FE057F5FAC06307DDDA2E9F0D369B45
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://avasaglobal.com/ Page URL
http://zeroredirect13.com/r3d-dl.com?adTagId=55c5ba40-31b6-11e7-8599-0e81439a55b2&cpm=0.00001&keywords... HTTP 302
http://exclusive.photos/ HTTP 302
http://exclusive.photos/UQOoZ/ HTTP 302
http://exclusive.photos/ HTTP 301
http://go.trackingplatform.xyz/exclusive.photos HTTP 302
http://kq6.bestworkserv.company/?kw=exclusive.photos&s1=exclusive.photos&s2=1538307453.66-150501673-0-&s3=&f... HTTP 302
http://link.babi.gdn/c/7a719dd3fe1d2de1?&%3F%3Fkw=exclusive.photos&fallback=1&group_id=483&cntrl=... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

6
Requests

0 %
HTTPS

14 %
IPv6

7
Domains

7
Subdomains

3
IPs

4
Countries

91 kB
Transfer

240 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://avasaglobal.com/ Page URL
http://zeroredirect13.com/r3d-dl.com?adTagId=55c5ba40-31b6-11e7-8599-0e81439a55b2&cpm=0.00001&keywords=hotels,bitcoin,walmart,carinsurance,finances,banking&fallbackUrl=Exclusive.Photos HTTP 302
http://exclusive.photos/ HTTP 302
http://exclusive.photos/UQOoZ/ HTTP 302
http://exclusive.photos/ HTTP 301
http://go.trackingplatform.xyz/exclusive.photos HTTP 302
http://kq6.bestworkserv.company/?kw=exclusive.photos&s1=exclusive.photos&s2=1538307453.66-150501673-0-&s3=&fallback=1 HTTP 302
http://link.babi.gdn/c/7a719dd3fe1d2de1?&%3F%3Fkw=exclusive.photos&fallback=1&group_id=483&cntrl=00000&pid=584&redid=74633&gsid=483&campaign_id=1228&p_id=584&id=XNSX.exclusive.photos%3A%3A1538307453.66%7C%7C150501673%7C%7C0%7C%7C-r74633-t483&impid=38e9ff34-c4a5-11e8-82e7-fa245441bcee Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
avasaglobal.com/ 4 KB
4 KB 286ms
96ms Document
text/html 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to

Full URL: http://avasaglobal.com/
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: c361d2b38381389eaadb22527dbad820cce81be7a612eab85763ea95f590f376

Request headers

Host: avasaglobal.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server: nginx
Date: Sun, 30 Sep 2018 11:37:32 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_wqa56XkR2UvVj1euAvyoeV6nLsP1+9wQHgT7Ipexl1hbTuIL9ghgzFL+uAlwBi28yQkmkHugWoJk5cA6SCUZ2A==

GET
H/1.1 200
OK caf.js Show response
www.google.com/adsense/domains/ 219 KB
71 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/adsense/domains/caf.js

Requested by

Host: avasaglobal.com
URL: http://avasaglobal.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5dc90abf1d9d2b7edd8128301023329b99fabbaac5a1deaef3a1ee4df325a9fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://avasaglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Sep 2018 11:37:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "18303692062970067145"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Sep 2018 11:37:32 GMT

GET
H/1.1 200
OK px.gif
avasaglobal.com/ 42 B
271 B 96ms
95ms Image
image/gif 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://avasaglobal.com/px.gif?ch=1&rn=3.2586194665483372
Requested by: Host: avasaglobal.com
URL: http://avasaglobal.com/
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: avasaglobal.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://avasaglobal.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://avasaglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Sep 2018 11:37:32 GMT
Last-Modified: Mon, 24 Sep 2018 16:12:08 GMT
Server: nginx
ETag: "5ba90cd8-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK px.gif
avasaglobal.com/ 42 B
271 B 192ms
95ms Image
image/gif 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://avasaglobal.com/px.gif?ch=2&rn=3.2586194665483372
Requested by: Host: avasaglobal.com
URL: http://avasaglobal.com/
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: avasaglobal.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://avasaglobal.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://avasaglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 30 Sep 2018 11:37:32 GMT
Last-Modified: Mon, 24 Sep 2018 16:12:08 GMT
Server: nginx
ETag: "5ba90cd8-2a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42

GET
H/1.1 200
OK glp Show response
avasaglobal.com/ 13 KB
13 KB 122ms
122ms Script
text/javascript 199.59.242.151
Bodis

General

Check archive.org

Show headers Download Go to

Full URL: http://avasaglobal.com/glp?r=&u=http%3A%2F%2Favasaglobal.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Requested by: Host: avasaglobal.com
URL: http://avasaglobal.com/
Protocol: HTTP/1.1
Server: 199.59.242.151 New York, United States, ASN395082 (BODIS-NJ - Bodis, LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: d490ce1d94d657bd21730a68cf779195c4a6e4a2bcd1af91e082c88a364a6a54

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: avasaglobal.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://avasaglobal.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://avasaglobal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Sep 2018 11:37:32 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

Primary Request

Cookie set 7a719dd3fe1d2de1 Show response
link.babi.gdn/c/
Redirect Chain

http://zeroredirect13.com/r3d-dl.com?adTagId=55c5ba40-31b6-11e7-8599-0e81439a55b2&cpm=0.00001&keywords=hotels,bitcoin,walmart,carinsurance,finances,banking&fallbackUrl=Exclusive.Photos
http://exclusive.photos/
http://exclusive.photos/UQOoZ/
http://exclusive.photos/
http://go.trackingplatform.xyz/exclusive.photos
http://kq6.bestworkserv.company/?kw=exclusive.photos&s1=exclusive.photos&s2=1538307453.66-150501673-0-&s3=&fallback=1
http://link.babi.gdn/c/7a719dd3fe1d2de1?&%3F%3Fkw=exclusive.photos&fallback=1&group_id=483&cntrl=00000&pid=584&redid=74633&gsid=483&campaign_id=1228&p_id=584&id=XNSX.exclusive.photos%3A%3A153830745...

5 KB
3 KB

109ms
61ms

Document
text/html

52.211.95.198
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://link.babi.gdn/c/7a719dd3fe1d2de1?&%3F%3Fkw=exclusive.photos&fallback=1&group_id=483&cntrl=00000&pid=584&redid=74633&gsid=483&campaign_id=1228&p_id=584&id=XNSX.exclusive.photos%3A%3A1538307453.66%7C%7C150501673%7C%7C0%7C%7C-r74633-t483&impid=38e9ff34-c4a5-11e8-82e7-fa245441bcee
Requested by: Host: avasaglobal.com
URL: http://avasaglobal.com/glp?r=&u=http%3A%2F%2Favasaglobal.com%2F&rw=1600&rh=1200&ww=1600&wh=1200
Protocol: HTTP/1.1
Server: 52.211.95.198 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-211-95-198.eu-west-1.compute.amazonaws.com
Software: nginx / PHP/7.0.31
Resource Hash: 940a5935bbd1b1326222a6b67056324b623272c9c0ca33f928cfb972d15be87a

Request headers

Host: link.babi.gdn
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://avasaglobal.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: http://avasaglobal.com/

Response headers

Server: nginx
Date: Sun, 30 Sep 2018 11:37:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: unique_1243885=unique_1243885; expires=Mon, 01-Oct-2018 11:37:33 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5bb0b57dea7db753852393; expires=Mon, 01-Oct-2018 11:37:33 GMT; Max-Age=86400; path=/; HttpOnly unique_1243885=unique_1243885; expires=Mon, 01-Oct-2018 11:37:33 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5bb0b57dea7db753852393; expires=Mon, 01-Oct-2018 11:37:33 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=396035; expires=Tue, 30-Oct-2018 11:37:33 GMT; Max-Age=2592000; path=/; HttpOnly unique_1243885=unique_1243885; expires=Mon, 01-Oct-2018 11:37:33 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5bb0b57dea7db753852393; expires=Mon, 01-Oct-2018 11:37:33 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=396035; expires=Tue, 30-Oct-2018 11:37:33 GMT; Max-Age=2592000; path=/; HttpOnly
X-Powered-By: PHP/7.0.31
Content-Encoding: gzip

Redirect headers

Date: Sun, 30 Sep 2018 11:37:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-ImpID: 38e9ff34-c4a5-11e8-82e7-fa245441bcee
Location: http://link.babi.gdn/c/7a719dd3fe1d2de1?&%3F%3Fkw=exclusive.photos&fallback=1&group_id=483&cntrl=00000&pid=584&redid=74633&gsid=483&campaign_id=1228&p_id=584&id=XNSX.exclusive.photos%3A%3A1538307453.66%7C%7C150501673%7C%7C0%7C%7C-r74633-t483&impid=38e9ff34-c4a5-11e8-82e7-fa245441bcee

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
link.babi.gdn/	1970-01-18 20:01:39	Name: scriptHash Value: 396035
link.babi.gdn/	1970-01-18 19:19:53	Name: unique_id Value: 5bb0b57dea7db753852393
link.babi.gdn/	1970-01-18 19:19:53	Name: unique_1243885 Value: unique_1243885

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avasaglobal.com
exclusive.photos
go.trackingplatform.xyz
kq6.bestworkserv.company
link.babi.gdn
www.google.com
zeroredirect13.com
18.185.198.225
184.168.131.241
185.237.96.130
185.70.187.96
199.59.242.151
2a00:1450:4001:812::2004
52.211.95.198
5dc90abf1d9d2b7edd8128301023329b99fabbaac5a1deaef3a1ee4df325a9fd
940a5935bbd1b1326222a6b67056324b623272c9c0ca33f928cfb972d15be87a
c361d2b38381389eaadb22527dbad820cce81be7a612eab85763ea95f590f376
d490ce1d94d657bd21730a68cf779195c4a6e4a2bcd1af91e082c88a364a6a54
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

link.babi.gdn Open in urlscan Pro 52.211.95.198 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

0 %HTTPS

14 %IPv6

7 Domains

7 Subdomains

3 IPs

4 Countries

91 kBTransfer

240 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

3 Cookies

Indicators

link.babi.gdn Open in urlscan Pro
52.211.95.198 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

0 %
HTTPS

14 %
IPv6

7
Domains

7
Subdomains

3
IPs

4
Countries

91 kB
Transfer

240 kB
Size

3
Cookies

6 HTTP transactions
0 data transactions