urlscan.io logo urlscan.io
SecurityTrails logo

s3.us-east-005.backblazeb2.com Open in urlscan Pro
149.137.137.254  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://60324d63af9fa80386e6c516b43ac87fa4c.pages.dev/
Effective URL: https://s3.us-east-005.backblazeb2.com/ageratum-wanky-animalcula/index.html?xtoken=7bf5c6938838191e7a0939612a575a5e84605917cb82c3e3020b...
Submission: On October 22 via manual from HU — Scanned from SE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 6 HTTP transactions. The main IP is 149.137.137.254, located in United States and belongs to BACKBLAZE, US. The main domain is s3.us-east-005.backblazeb2.com. The Cisco Umbrella rank of the primary domain is 19496.
TLS certificate: Issued by R3 on October 17th 2023. Valid for: 3 months.
This is the only time s3.us-east-005.backblazeb2.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.66.44.142 13335 (CLOUDFLAR...)
2 142.250.185.106 15169 (GOOGLE)
1 162.254.39.141 22612 (NAMECHEAP...)
1 149.137.137.254 40401 (BACKBLAZE)
6 5
Domain Requested by
2 ajax.googleapis.com 60324d63af9fa80386e6c516b43ac87fa4c.pages.dev
s3.us-east-005.backblazeb2.com
1 s3.us-east-005.backblazeb2.com 60324d63af9fa80386e6c516b43ac87fa4c.pages.dev
1 fetchlnk.truesharingzone.site ajax.googleapis.com
1 60324d63af9fa80386e6c516b43ac87fa4c.pages.dev
0 thebrowdetails.fetchlnk.truesharingzone.site Failed ajax.googleapis.com
6 5

This site contains no links.

Subject Issuer Validity Valid
60324d63af9fa80386e6c516b43ac87fa4c.pages.dev
E1		 2023-10-19 -
2024-01-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
fetchlnk.truesharingzone.site
Sectigo RSA Domain Validation Secure Server CA		 2023-10-09 -
2024-10-09		 a year crt.sh
backblazeb2.com
R3		 2023-10-17 -
2024-01-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://s3.us-east-005.backblazeb2.com/ageratum-wanky-animalcula/index.html?xtoken=7bf5c6938838191e7a0939612a575a5e84605917cb82c3e3020b6e4ce24ea45e
Frame ID: 619F6D90B8F06EBBDEBD9C7673AF17A1
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://60324d63af9fa80386e6c516b43ac87fa4c.pages.dev/ Page URL
  2. https://s3.us-east-005.backblazeb2.com/ageratum-wanky-animalcula/index.html?xtoken=7bf5c6938838191e7a0939612a575a5e... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

287 kB
Transfer

362 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://60324d63af9fa80386e6c516b43ac87fa4c.pages.dev/ Page URL
  2. https://s3.us-east-005.backblazeb2.com/ageratum-wanky-animalcula/index.html?xtoken=7bf5c6938838191e7a0939612a575a5e84605917cb82c3e3020b6e4ce24ea45e Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
60324d63af9fa80386e6c516b43ac87fa4c.pages.dev/ 		21 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://60324d63af9fa80386e6c516b43ac87fa4c.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.44.142 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77e6c676ce2e89ef76a924112c8606b70c77f153a2b3c100210208e5ec35e4cf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
81a34078da7698fa-ARN
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 22 Oct 2023 16:52:37 GMT
etag
W/"417776dec59d6d308fcb1b38f50432b9"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4U2RTz7DrfS4NMNcFUHH526SjDBOfCEJGttMiw4Tn79ssp9okUSl4HztlZ64FubhvJ%2FCpBrbtV%2BlM6g8NnCjulPLxA9wVbV1ttMzvHQ%2BefCUmtkW27h04KUliKVio%2FsTajUvebRkAcunj6fjH%2BDDlNC19Dm2mLaikM%2FZat2rwGQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.4/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js
Requested by
Host: 60324d63af9fa80386e6c516b43ac87fa4c.pages.dev
URL: https://60324d63af9fa80386e6c516b43ac87fa4c.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
sffe /
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://60324d63af9fa80386e6c516b43ac87fa4c.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 14:16:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31154
x-xss-protection
0
last-modified
Tue, 04 Apr 2023 03:27:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Oct 2024 14:16:35 GMT
truncated
/ 		13 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff1197d661ec23e0e8ae066305396bc0d8fb478d2ded1e994249974f7fa6cb1f

Request headers

accept-language
se-SE,se;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
get.php
fetchlnk.truesharingzone.site/ 		147 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fetchlnk.truesharingzone.site/get.php
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.254.39.141 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
premium288-5.web-hosting.com
Software
LiteSpeed / PHP/8.0.30
Resource Hash

Request headers

Accept
text/html, */*; q=0.01
Referer
https://60324d63af9fa80386e6c516b43ac87fa4c.pages.dev/
accept-language
se-SE,se;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 22 Oct 2023 16:52:40 GMT
content-encoding
br
server
LiteSpeed
x-powered-by
PHP/8.0.30
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-turbo-charged-by
LiteSpeed
content-length
113
Primary Request index.html
s3.us-east-005.backblazeb2.com/ageratum-wanky-animalcula/ 		153 KB
153 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s3.us-east-005.backblazeb2.com/ageratum-wanky-animalcula/index.html?xtoken=7bf5c6938838191e7a0939612a575a5e84605917cb82c3e3020b6e4ce24ea45e
Requested by
Host: 60324d63af9fa80386e6c516b43ac87fa4c.pages.dev
URL: https://60324d63af9fa80386e6c516b43ac87fa4c.pages.dev/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.137.137.254 , United States, ASN40401 (BACKBLAZE, US),
Reverse DNS
s3.us-east-005.backblazeb2.com
Software
/
Resource Hash
8cfaa99eed0700a40043d92455debbecf5e95fad5c93ae6fd3cb788e3bddc71a

Request headers

Referer
https://60324d63af9fa80386e6c516b43ac87fa4c.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
se-SE,se;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
156461
Content-Type
text/html
Date
Sun, 22 Oct 2023 16:52:40 GMT
ETag
"bd08e169d1b95c71aa2fe778ad3a3b26"
Keep-Alive
timeout=5
Last-Modified
Sun, 22 Oct 2023 13:35:24 GMT
x-amz-id-2
aZRI5rGX1ORNkLGKTNEM4wDb8NKc41GJT
x-amz-request-id
bfdc28c72257eef8
x-amz-version-id
4_zae09fe299d8b547886b4081b_f103c38a3a0da44d1_d20231022_m133524_c005_v0501009_t0017_u01697981724370
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: s3.us-east-005.backblazeb2.com
URL: https://s3.us-east-005.backblazeb2.com/ageratum-wanky-animalcula/index.html?xtoken=7bf5c6938838191e7a0939612a575a5e84605917cb82c3e3020b6e4ce24ea45e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
se-SE,se;q=0.9
Referer
https://s3.us-east-005.backblazeb2.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 18:18:53 GMT
x-content-type-options
nosniff
age
81228
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89476
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Oct 2024 18:18:53 GMT
CHVi0Dn
thebrowdetails.fetchlnk.truesharingzone.site/TehwaNuL/r76RPAoaS/ZMaT7fTcLp/fK6JNjM8L/gd5z6ig/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
thebrowdetails.fetchlnk.truesharingzone.site
URL
https://thebrowdetails.fetchlnk.truesharingzone.site/TehwaNuL/r76RPAoaS/ZMaT7fTcLp/fK6JNjM8L/gd5z6ig/CHVi0Dn

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| gtRfStCk function| isAllBase64Chars function| testJSON function| getStringAfterUrlHash function| setCookie function| getCookie function| eraseCookie function| getRandDirStructure function| makeid function| getRandomArbitrary function| geturlparameter

1 Cookies

Domain/Path Name / Value
s3.us-east-005.backblazeb2.com/ Name: chlnk
Value: irk0OwqwPm6wfhVaGdFipzTZf4VNe9Wp0qohD1cinS8nV7f4Tk2WwDRnelesCFV5Gl46kWPknFFfdW5e8SrhcP55

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff