urlscan.io logo urlscan.io
SecurityTrails logo

bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link Open in urlscan Pro
2602:fea2:2::1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://cassidypinkard.com/
Effective URL: https://bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link/
Submission: On June 23 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 5 domains to perform 5 HTTP transactions. The main IP is 2602:fea2:2::1, located in United States and belongs to PROTOCOL, US. The main domain is bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link.
TLS certificate: Issued by R3 on June 11th 2023. Valid for: 3 months.
This is the only time bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.56.79 13335 (CLOUDFLAR...)
1 2602:fea2:2::1 40680 (PROTOCOL)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
5 4
Apex Domain
Subdomains		 Transfer
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 771
78 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 263
14 KB
1 dweb.link
bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link
34 KB
1 cassidypinkard.com
cassidypinkard.com
721 B
0 blkslzaa.online Failed
blkslzaa.online Failed
5 5
Domain Requested by
1 code.jquery.com bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link
1 cdnjs.cloudflare.com bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link
1 bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link
1 cassidypinkard.com 1 redirects
0 blkslzaa.online Failed code.jquery.com
5 5

This site contains no links.

Subject Issuer Validity Valid
dweb.link
R3		 2023-06-11 -
2023-09-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link/
Frame ID: CA0430A8F91390C7407848FE4C43B9C5
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://cassidypinkard.com/ HTTP 301
    https://bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

5
Requests

60 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

4
IPs

3
Countries

126 kB
Transfer

356 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://cassidypinkard.com/ HTTP 301
    https://bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link/
Redirect Chain
  • http://cassidypinkard.com/
  • https://bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link/
47 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
8345a3af5787e4982fd5264e47b9271ced37cd2033afb9d0ecbe65344b556113
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-methods
GET GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
cache-control
public, max-age=29030400, immutable
content-encoding
gzip
content-type
text/html
date
Fri, 23 Jun 2023 20:49:13 GMT
etag
W/"bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4"
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
x-ipfs-gateway-host
ipfs-bank16-fr2
x-ipfs-lb-pop
gateway-bank3-fr2
x-ipfs-path
/ipfs/bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4/
x-ipfs-pop
ipfs-bank16-fr2
x-ipfs-roots
bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4
x-proxy-cache
MISS

Redirect headers

CF-RAY
7dbf98ac9d7a3a74-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 23 Jun 2023 20:49:13 GMT
Expires
Fri, 23 Jun 2023 21:49:13 GMT
Location
https://bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLf1NZTozQNQHLdNpVd509yJKd8KUzFZOtEDlejNqUWt7fKzQ0LTqEYWl0cqZTblNDkMOwM1KzG8t%2B2VMTyfZ4m1oFFwLDLf7zYoacaPGyM5V0mVoMU%2FbPJaN%2BeXKYABaLgmQbs%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
Requested by
Host: bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link
URL: https://bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 23 Jun 2023 20:49:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5802026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13972
last-modified
Sat, 14 Aug 2021 20:33:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61182885-3694"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyLbV6ECOdkWXKbtGYOUXJ9dv5NuXmz4vVoMsqrrSc6HG05ygcyjND4vb57f1HvjNjtNIrss7e0cD6Gjgi29Mx%2B84f5IoeL%2F5aU0wbJqyzngaYArnP5M%2BRUIJfo%2B6%2FRTEaZgALH%2BBblEqovw%2B%2FdiEsq8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7dbf98adedcf921a-FRA
expires
Wed, 12 Jun 2024 20:49:13 GMT
jquery-1.9.1.js
code.jquery.com/ 		262 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.js
Requested by
Host: bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link
URL: https://bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 23 Jun 2023 20:49:14 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:01 GMT
server
nginx
etag
W/"62f659d5-4185d"
vary
Accept-Encoding
x-hw
1687553354.dop142.fr8.t,1687553354.cds219.fr8.hn,1687553354.cds330.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
79506
/
blkslzaa.online/obufsssssssscaaatoion/ 		0
0
/
blkslzaa.online/obufsssssssscaaatoion/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
blkslzaa.online
URL
http://blkslzaa.online/obufsssssssscaaatoion/
Domain
blkslzaa.online
URL
http://blkslzaa.online/obufsssssssscaaatoion/

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend string| MwPkrEBS string| BBksra string| yTUnWFQm string| xbNv string| PWGDM object| CryptoJS object| key object| decrypted function| _0x2165f9 function| _0x4bc4c7 function| _0x39c0d0 function| _0x8572c2 function| _0x45db6b function| _0x3e1f84 function| _0x54ed72 function| _0x4032f7 function| _0x5419fa function| _0x3abb0f function| _0x275850 function| _0x4e0d61 function| _0x47d924 function| _0xd233e0 function| _0x55c58d function| _0x5ae34a function| _0x5d8609 function| _0x17b369 function| _0x13ab11 function| _0x5c581f function| _0x367e86 function| _0xb86830 function| _0x26d59f function| _0x507d93 function| _0x628286 function| _0x2d72f0 function| _0x5b857 function| _0x20175f function| _0xfade2b function| _0x96c1ec function| _0x431102 function| _0x2cba64 function| _0x51824f function| _0x45687e function| _0x3f08c2 function| _0x37c3e0 function| _0x45ad50 function| _0x3cfa46 function| _0x386d63 function| _0x5b1bdd function| _0x344bad function| _0x5457a9 function| _0x2087f8 function| _0x420ce6 function| _0x43a769 function| _0x39b121 function| _0x224436 function| _0x142e5b function| _0xf122d3 function| _0x3fbcb1 function| _0x14ff7 function| _0x57a22c function| _0x234058 function| _0x1c50af function| _0x3298a2 function| _0x1d3845 function| _0x3a9bed function| _0x514d98 function| _0x333585 function| _0xd0d8d function| _0x28e494 function| _0x239303 function| _0x245f25 function| _0x2c609c function| _0x1cf4e2 function| _0x38bb54 function| _0x5b894b function| _0x521b18 function| _0x246f3b function| _0xc8d4cc function| _0x46c037 function| _0x4a6e95 function| _0xe42d48 function| _0x1b5009 function| _0x144d57 function| _0x13349d function| _0x482c34 function| _0x5428b7 function| _0x598cc3 function| _0x459b object| _0xae12 string| IGOBZL string| cbbg function| _0x3c58 string| kaka90nal string| ka45k459final2 string| kak0011afinal number| countttingerr function| $ function| jQuery

0 Cookies

4 Console Messages

Source Level URL
Text
javascript warning URL: https://bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link/(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link/(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://code.jquery.com/jquery-1.9.1.js(Line 8525)
Message:
Mixed Content: The page at 'https://bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://blkslzaa.online/obufsssssssscaaatoion/'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://code.jquery.com/jquery-1.9.1.js(Line 8525)
Message:
Mixed Content: The page at 'https://bafybeidu2neoo3cchfhe6uhqcuacdpeewccvcetdem6ttzceqhv53lo7a4.ipfs.dweb.link/' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://blkslzaa.online/obufsssssssscaaatoion/'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload