grabify.link - urlscan.io

Summary

This website contacted 1 IPs in 4 countries across 5 domains to perform 4 HTTP transactions. The main IP is 104.27.157.221, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is grabify.link.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on February 4th 2019. Valid for: 6 months.

This is the only time grabify.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2a00:1450:400... 2a00:1450:4001:825::2013	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	13.75.119.113 13.75.119.113	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2 2	51.68.70.9 51.68.70.9	16276 (OVH) (OVH)
4	104.27.157.221 104.27.157.221	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	1

2 2a00:1450:4001:825::2013 (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

tr.actusvriffse.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
goto.lightredirections.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.75.119.113 (Hong Kong, Hong Kong) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

s.yam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.68.70.9 (United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: 9.ip-51-68-70.eu

gotonext.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.27.157.221 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

grabify.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	grabify.link grabify.link	17 KB
2	gotonext.club 2 redirects gotonext.club	506 B
1	lightredirections.com 1 redirects goto.lightredirections.com	231 B
1	yam.com 1 redirects s.yam.com	295 B
1	actusvriffse.org 1 redirects tr.actusvriffse.org	230 B
4	5

	Domain	Requested by
4	grabify.link	grabify.link
2	gotonext.club	2 redirects
1	goto.lightredirections.com	1 redirects
1	s.yam.com	1 redirects
1	tr.actusvriffse.org	1 redirects
4	5

This site contains no links.

Subject Issuer	Validity	Valid
sni251565.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-02-04` - `2019-08-13`	6 months	crt.sh

This page contains 1 frames:

Primary Page: https://grabify.link/W85BG3
Frame ID: A18274BF68077E7D3B20DFF7A8FE70B6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://tr.actusvriffse.org/?REDACTED HTTP 302
https://s.yam.com/StpXz HTTP 302
http://goto.lightredirections.com/ HTTP 302
http://gotonext.club/slp HTTP 301
http://gotonext.club/slp/ HTTP 302
https://grabify.link/W85BG3 Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i

Page Statistics

4
Requests

100 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

1
IPs

4
Countries

17 kB
Transfer

71 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tr.actusvriffse.org/?REDACTED HTTP 302
https://s.yam.com/StpXz HTTP 302
http://goto.lightredirections.com/ HTTP 302
http://gotonext.club/slp HTTP 301
http://gotonext.club/slp/ HTTP 302
https://grabify.link/W85BG3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request W85BG3 Show response grabify.link/ Redirect Chain http://tr.actusvriffse.org/?REDACTED https://s.yam.com/StpXz http://goto.lightredirections.com/ http://gotonext.club/slp http://gotonext.club/slp/ https://grabify.link/W85BG3	4 KB 2 KB	906ms 822ms	Document text/html	104.27.157.221 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://grabify.link/W85BG3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.27.157.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `c1407d32d9a2e995c9096c294d85e99ddc48e4d9e2b8d0218a3aa84189dd8033` Request headers :method GET :authority grabify.link :scheme https :path /W85BG3 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers status 200 date Fri, 22 Mar 2019 15:25:52 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=d13de9e021bb2879d073f8d3b4f9001251553268351; expires=Sat, 21-Mar-20 15:25:51 GMT; path=/; domain=.grabify.link; HttpOnly XSRF-TOKEN=eyJpdiI6IlFYayttUnB0Rmk0TEl1eDB5UWw0VGc9PSIsInZhbHVlIjoibEd4QVFZUXJ1SW8rXC9XV1RrdnQ1ZzdhZ1wvMnNLK2xZK2FzbTJGdmdndW5Pd2Q1eU9hVEUrRU1aaUlySkc3ZzluIiwibWFjIjoiYjY0MTE2YzUyYmJmM2YzZGFjY2ZmNGQ4ZGMxMTg3OTFhOTJlNzgzZjdlMDMyYTVmNDk0NDZmMTk4ZWQ2ZmYwNyJ9; expires=Fri, 22-Mar-2019 17:25:52 GMT; Max-Age=7200; path=/ grabify_ip_logger_session=eyJpdiI6InVvWWVvZGp1cmFPWHo3ell4RVVPWVE9PSIsInZhbHVlIjoiOEhoRFEyM1J6K2c2UmdUZVJhXC80WDNKMTUrd0p2Z3RyYW1jS3FYWjY2NDNqMFdEeFJNQVNiQkNRWStCeEpRSkciLCJtYWMiOiIyMjUxNDQwNGQ5ZTRiMWZkNGVlMzk0YzUzMjFjYWM1YjRhMWM0YmY0MzE1OWMyNjM4MDZkYWVhYzhiMDhjYjBlIn0%3D; expires=Fri, 22-Mar-2019 17:25:52 GMT; Max-Age=7200; path=/; httponly cache-control no-cache, private x-ratelimit-limit 10 x-ratelimit-remaining 8 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 4bb92e3d2efc9c23-AMS content-encoding br Redirect headers Server nginx Date Fri, 22 Mar 2019 15:25:51 GMT Content-Type text/html; charset=UTF-8 Content-Length 0 Connection keep-alive Keep-Alive timeout=60 X-Powered-By PHP/5.6.40 Status 404 Not Found location https://grabify.link/W85BG3
GET H2	200	ads.js Show response grabify.link/js/	21 B 176 B	18ms 17ms	Script application/javascript	104.27.157.221 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://grabify.link/js/ads.js Requested by Host: grabify.link URL: https://grabify.link/W85BG3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.27.157.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316` Request headers :path /js/ads.js pragma no-cache accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority grabify.link cookie __cfduid=d13de9e021bb2879d073f8d3b4f9001251553268351; XSRF-TOKEN=eyJpdiI6IlFYayttUnB0Rmk0TEl1eDB5UWw0VGc9PSIsInZhbHVlIjoibEd4QVFZUXJ1SW8rXC9XV1RrdnQ1ZzdhZ1wvMnNLK2xZK2FzbTJGdmdndW5Pd2Q1eU9hVEUrRU1aaUlySkc3ZzluIiwibWFjIjoiYjY0MTE2YzUyYmJmM2YzZGFjY2ZmNGQ4ZGMxMTg3OTFhOTJlNzgzZjdlMDMyYTVmNDk0NDZmMTk4ZWQ2ZmYwNyJ9; grabify_ip_logger_session=eyJpdiI6InVvWWVvZGp1cmFPWHo3ell4RVVPWVE9PSIsInZhbHVlIjoiOEhoRFEyM1J6K2c2UmdUZVJhXC80WDNKMTUrd0p2Z3RyYW1jS3FYWjY2NDNqMFdEeFJNQVNiQkNRWStCeEpRSkciLCJtYWMiOiIyMjUxNDQwNGQ5ZTRiMWZkNGVlMzk0YzUzMjFjYWM1YjRhMWM0YmY0MzE1OWMyNjM4MDZkYWVhYzhiMDhjYjBlIn0%3D :scheme https :method GET User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 22 Mar 2019 15:25:52 GMT cf-cache-status HIT last-modified Tue, 09 Oct 2018 21:19:34 GMT server cloudflare etag "59fbdec61560d41:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control no-cache accept-ranges bytes cf-ray 4bb92e424d789c23-AMS content-length 21
GET H2	200	jquery-2.5.1.min.js Show response grabify.link/js/	67 KB 14 KB	1191ms 1190ms	Script application/javascript	104.27.157.221 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://grabify.link/js/jquery-2.5.1.min.js Requested by Host: grabify.link URL: https://grabify.link/W85BG3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.27.157.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `a7e571824148337e7378fdca87b4d92edd1aee43ea0d7e70eb115b013fa28a56` Request headers :path /js/jquery-2.5.1.min.js pragma no-cache accept-encoding gzip, deflate, br user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 accept / cache-control no-cache :authority grabify.link cookie __cfduid=d13de9e021bb2879d073f8d3b4f9001251553268351; XSRF-TOKEN=eyJpdiI6IlFYayttUnB0Rmk0TEl1eDB5UWw0VGc9PSIsInZhbHVlIjoibEd4QVFZUXJ1SW8rXC9XV1RrdnQ1ZzdhZ1wvMnNLK2xZK2FzbTJGdmdndW5Pd2Q1eU9hVEUrRU1aaUlySkc3ZzluIiwibWFjIjoiYjY0MTE2YzUyYmJmM2YzZGFjY2ZmNGQ4ZGMxMTg3OTFhOTJlNzgzZjdlMDMyYTVmNDk0NDZmMTk4ZWQ2ZmYwNyJ9; grabify_ip_logger_session=eyJpdiI6InVvWWVvZGp1cmFPWHo3ell4RVVPWVE9PSIsInZhbHVlIjoiOEhoRFEyM1J6K2c2UmdUZVJhXC80WDNKMTUrd0p2Z3RyYW1jS3FYWjY2NDNqMFdEeFJNQVNiQkNRWStCeEpRSkciLCJtYWMiOiIyMjUxNDQwNGQ5ZTRiMWZkNGVlMzk0YzUzMjFjYWM1YjRhMWM0YmY0MzE1OWMyNjM4MDZkYWVhYzhiMDhjYjBlIn0%3D :scheme https :method GET User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Fri, 22 Mar 2019 15:25:53 GMT content-encoding br cf-cache-status MISS last-modified Thu, 21 Mar 2019 03:14:04 GMT server cloudflare etag W/"0e63d2394dfd41:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control no-cache cf-ray 4bb92e424d799c23-AMS
POST H2	200	js Show response grabify.link/api/	16 B 654 B	1274ms 1273ms	XHR application/json	104.27.157.221 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://grabify.link/api/js Requested by Host: grabify.link URL: https://grabify.link/js/jquery-2.5.1.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.27.157.221 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash `25b030b2192bba7f61f1707c44f5cb875a6cd5bfb4867e548757392c30d693b3` Request headers :path /api/js pragma no-cache origin https://grabify.link accept-encoding gzip, deflate, br x-csrf-token ljohmImbuCKQS20azbHZaVTKOi4c8QoXOTQWwN9Y user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 content-type application/x-www-form-urlencoded accept / cache-control no-cache :authority grabify.link cookie __cfduid=d13de9e021bb2879d073f8d3b4f9001251553268351; XSRF-TOKEN=eyJpdiI6IlFYayttUnB0Rmk0TEl1eDB5UWw0VGc9PSIsInZhbHVlIjoibEd4QVFZUXJ1SW8rXC9XV1RrdnQ1ZzdhZ1wvMnNLK2xZK2FzbTJGdmdndW5Pd2Q1eU9hVEUrRU1aaUlySkc3ZzluIiwibWFjIjoiYjY0MTE2YzUyYmJmM2YzZGFjY2ZmNGQ4ZGMxMTg3OTFhOTJlNzgzZjdlMDMyYTVmNDk0NDZmMTk4ZWQ2ZmYwNyJ9; grabify_ip_logger_session=eyJpdiI6InVvWWVvZGp1cmFPWHo3ell4RVVPWVE9PSIsInZhbHVlIjoiOEhoRFEyM1J6K2c2UmdUZVJhXC80WDNKMTUrd0p2Z3RyYW1jS3FYWjY2NDNqMFdEeFJNQVNiQkNRWStCeEpRSkciLCJtYWMiOiIyMjUxNDQwNGQ5ZTRiMWZkNGVlMzk0YzUzMjFjYWM1YjRhMWM0YmY0MzE1OWMyNjM4MDZkYWVhYzhiMDhjYjBlIn0%3D :scheme https user-agents bGpvaG1JbWJ1Q0tRUzIwYXpiSFphVlRLT2k0YzhRb1hPVFFXd045WQ== content-length 1024 :method POST Origin https://grabify.link X-CSRF-TOKEN ljohmImbuCKQS20azbHZaVTKOi4c8QoXOTQWwN9Y User-Agents bGpvaG1JbWJ1Q0tRUzIwYXpiSFphVlRLT2k0YzhRb1hPVFFXd045WQ== User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Fri, 22 Mar 2019 15:25:55 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-ratelimit-remaining 7 content-type application/json status 200 cache-control no-cache, private x-ratelimit-limit 10 set-cookie XSRF-TOKEN=eyJpdiI6IjNmaU1tMitDd3k3WU81MVZVNlpJSWc9PSIsInZhbHVlIjoiSUt3RWVRKzhaXC8xaEN0SUlHTDY4MjBwXC9SNXNoeGR3Z2xHSXNFNklxMTY3SFwvbnZaMlRaZk11ZUlKR2VzZVVVNyIsIm1hYyI6Ijg0NTY2NGU5MDQ0ZDViYjVmZWE3YmVjYzIxZDhkZWRlOTk3ODZhZmE0YzcyODI1ZTlhZDcxZDA0NzM4YzBlZmUifQ%3D%3D; expires=Fri, 22-Mar-2019 17:25:55 GMT; Max-Age=7200; path=/ grabify_ip_logger_session=eyJpdiI6ImVEdUE3YXlDTFNubXYrMEhlaUVJbkE9PSIsInZhbHVlIjoiRk56UVZYWEdDMEw0Q2dKckNEU08zXC91NHp4T21HMld2cTVlU0grNlVoSHFmeUN4VjlhVFFTVWJEaVA5Q1NOMzUiLCJtYWMiOiIzZGUzM2VhYjBlNzZiZGMwYmQ0YzViNjdjYTM2NjlhYjNkYjhmNmI4NmNmY2EyMjRiYTQ3Mjg1MjJkMWY0YmYyIn0%3D; expires=Fri, 22-Mar-2019 17:25:55 GMT; Max-Age=7200; path=/; httponly cf-ray 4bb92e4d48769c23-AMS content-length 16

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
grabify.link/	1970-01-18 23:27:55	Name: grabify_ip_logger_session Value: eyJpdiI6InVvWWVvZGp1cmFPWHo3ell4RVVPWVE9PSIsInZhbHVlIjoiOEhoRFEyM1J6K2c2UmdUZVJhXC80WDNKMTUrd0p2Z3RyYW1jS3FYWjY2NDNqMFdEeFJNQVNiQkNRWStCeEpRSkciLCJtYWMiOiIyMjUxNDQwNGQ5ZTRiMWZkNGVlMzk0YzUzMjFjYWM1YjRhMWM0YmY0MzE1OWMyNjM4MDZkYWVhYzhiMDhjYjBlIn0%3D
grabify.link/	1970-01-18 23:27:55	Name: XSRF-TOKEN Value: eyJpdiI6IlFYayttUnB0Rmk0TEl1eDB5UWw0VGc9PSIsInZhbHVlIjoibEd4QVFZUXJ1SW8rXC9XV1RrdnQ1ZzdhZ1wvMnNLK2xZK2FzbTJGdmdndW5Pd2Q1eU9hVEUrRU1aaUlySkc3ZzluIiwibWFjIjoiYjY0MTE2YzUyYmJmM2YzZGFjY2ZmNGQ4ZGMxMTg3OTFhOTJlNzgzZjdlMDMyYTVmNDk0NDZmMTk4ZWQ2ZmYwNyJ9
.grabify.link/	1970-01-19 08:13:24	Name: __cfduid Value: d13de9e021bb2879d073f8d3b4f9001251553268351

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

goto.lightredirections.com
gotonext.club
grabify.link
s.yam.com
tr.actusvriffse.org
104.27.157.221
13.75.119.113
2a00:1450:4001:825::2013
51.68.70.9
25b030b2192bba7f61f1707c44f5cb875a6cd5bfb4867e548757392c30d693b3
a7e571824148337e7378fdca87b4d92edd1aee43ea0d7e70eb115b013fa28a56
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
c1407d32d9a2e995c9096c294d85e99ddc48e4d9e2b8d0218a3aa84189dd8033

grabify.link Open in urlscan Pro 104.27.157.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

25 %IPv6

5 Domains

5 Subdomains

1 IPs

4 Countries

17 kBTransfer

71 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

3 Cookies

Indicators

grabify.link Open in urlscan Pro
104.27.157.221 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

1
IPs

4
Countries

17 kB
Transfer

71 kB
Size

3
Cookies

4 HTTP transactions
0 data transactions