urlscan.io logo urlscan.io
SecurityTrails logo

bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link Open in urlscan Pro
2602:fea2:2::1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protect-us.mimecast.com/s/CchSCgJkBBhlA5z7KHNCYAF?domain=selligenttier.naylorcampaigns.com
Effective URL: https://bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link/
Submission: On November 17 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 7 HTTP transactions. The main IP is 2602:fea2:2::1, located in and belongs to . The main domain is bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link.
TLS certificate: Issued by R3 on November 7th 2023. Valid for: 3 months.
This is the only time bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 205.139.111.113 3561 (CENTURYLI...)
1 144.202.229.149 17378 (AS17378)
1 2 104.247.160.136 42846 (GUZELHOST...)
1 2602:fea2:2::1 ()
1 2a04:4e42::649 ()
1 2606:4700::68... ()
1 2606:4700:303... ()
7 7
2    205.139.111.113 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)
PTR: us-api.mimecast.com
protect-us.mimecast.com
1    144.202.229.149 (United States)

ASN17378 (AS17378, US)
PTR: selligenttier.naylorcampaigns.com
selligenttier.naylorcampaigns.com
2    104.247.160.136 (Turkey)

ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR)
PTR: sunucu.demobul.net
evalaw.windaliorganizasyon.com
1    2602:fea2:2::1 (None, )

ASN- ()
bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link
1    2a04:4e42::649 (None, )

ASN- ()
code.jquery.com
1    2606:4700::6811:190e (None, )

ASN- ()
cdnjs.cloudflare.com
1    2606:4700:3035::6815:2475 (None, )

ASN- ()
gm9hvnmcepb.lkalzzop.online
Domain Requested by
2 evalaw.windaliorganizasyon.com 1 redirects selligenttier.naylorcampaigns.com
2 protect-us.mimecast.com 2 redirects
1 gm9hvnmcepb.lkalzzop.online
1 cdnjs.cloudflare.com bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link
1 code.jquery.com bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link
1 bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link evalaw.windaliorganizasyon.com
1 selligenttier.naylorcampaigns.com
0 w1gku6od7ib.gakgalag.online Failed
7 8

This site contains no links.

Subject Issuer Validity Valid
*.naylorcampaigns.com
Network Solutions OV Server CA 2		 2023-02-10 -
2024-01-24		 a year crt.sh
dweb.link
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
lkalzzop.online
E1		 2023-09-21 -
2023-12-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link/
Frame ID: A62C64E011781EA66E5E24D0BE924ABF
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://protect-us.mimecast.com/s/CchSCgJkBBhlA5z7KHNCYAF?domain=selligenttier.naylorcampaigns.com HTTP 307
    https://protect-us.mimecast.com/r/mxixo6N1eXnnO5xD0V-psA1lzXeh3JdEWLG7XMMa63l1SpdacaSz-99RqFXAtkZ7NHRj_iYkLR... HTTP 307
    https://selligenttier.naylorcampaigns.com/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTYyNDExMiZtZXNzYW... Page URL
  2. http://evalaw.windaliorganizasyon.com/evalaw Page URL
  3. http://evalaw.windaliorganizasyon.com/red.php?e=66d696368656c6c65406576616c61772e6e6574 HTTP 302
    https://bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

71 %
HTTPS

57 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

101 kB
Transfer

356 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-us.mimecast.com/s/CchSCgJkBBhlA5z7KHNCYAF?domain=selligenttier.naylorcampaigns.com HTTP 307
    https://protect-us.mimecast.com/r/mxixo6N1eXnnO5xD0V-psA1lzXeh3JdEWLG7XMMa63l1SpdacaSz-99RqFXAtkZ7NHRj_iYkLRCQQZIx5Vyt3CfzTYafpTJhuKIeECIvfSXH_wmPWMOiIZC0a2XymewiPrCpC8JJFa7Ma2pFV4IxC5z_2zSQERQ6Lz59oYCh6_yaIhmHJM8c6loaadL8ckw_rM4faPjFc3CwPK0sUqSdGw5sMyeCn_759kD8Th8yVrqeY7wT0MiIZKSqsAXmYu3Ip2cayOJDqcDbmUX2Bmtq_AdIhva6U5WDsrF4X-OkT92ndrNckpDRgyPD4tK-j45fuxttfp6VQp8Oah52ZN1z3pKu2V2fzyGST1_cAG9JG2JARYLzXWNQpQ2igoIJ9eXTb3Qzw5tAAB_r_wtlbzoushn33oK2XehXuvfZ0mGACyijnBfaWoCi62vL8651IABMdgAtDUOwtReSpieD9Rxl9LrC1zAwJ9fRDWSxj4pMEKqgt4ThoUwmzf3xT5LKGWogTQQQZOS40QORCQolVKDKFLxuRQaNMxai8twlmAILhWt_a4kU04HRSWOPfe9kpHYpUjEaajsqoPxJaczihsVIDzmuEalIMvdk6R36VKdd_PVL6QA25WRNL1-NqL96NAJqbAcgrYwcqWFMAElKAx1WwBEvHLdvHqC-eDCupHltlrjAUOVR9ZxDlBlU-AvJIUAXwQH5y-GCfJ2sba8wTDMmmCRaycAfZ-hakBVvatCmKtqdcR2SQpmE11ChJXfQIw2pLYbc7Qm1G8q9YNU6MeyKGAT3cYfxsqez1JMY1EtHWhS83Jzd4u4blkCPRHgltard2ahu_64K0wE1bWwaUsn7IEs5HeulZ6izajc-w85AYEU0FdzkvHtscqm_L5nRZA1W8g4IBWRN5OnFcPD_1M4tOYIzygb74UgOYpX49f-UnhhcrlgGjgzllBHY-cH_TqFCFCSCBb6sAKKrrw9O49Ky30rTxaFIQTvveMQBHlah-wIpDl0WLwR_D7Y5y49Gd3GPmw75XQM8cJp1m49z3HXwin79-rz7FWzNwgHAaGpaK74hMBNUTlM6-Bb996L0xiNMdKclE7PtZ9tE54BGZDgiIOIv8MoeFRd2O3MxTBNyw3TePMbubF1kVEYx9BXvySWAp772LqbteY_tt4Ua0nbnFnQI_3bApWRUGERD9dSKX_9GnivtO_hMrUMfslODo_Ln_Mt4rKJdSkWf1CDUSYfTasGuHRs8_eVh9IIEVoJ9gfxu1-f5kCLEKB-fBYvRipjHzcclVDloQ1WbrI01Wzc-2vrniRyBYYTpduL1CD6UV1O2SVlzWv3RVSRxhnq8TR5VRH00GMg_5IlVgdsd-WgrbNhuQMxX0mNpD1ad9_LcpqwBGrE-mUfJHg3GKeYFZwyb85s3dHH34ldmdl-Vc6CplU57Ci2-wbyfuO4rl8ui6Unh43s3afnebbVcqw_iSuOa3bZbLpDKj5dzTlmhDRyV81F90IQjKOD0sNv1YHtYL9SebAhgk0ssKyiFsV2g0NNRrLzelXxJlMMNmphqQunLvQQmJF21vmOzqGBk0uInbXYBC-3XJsiTSA_NCt5zHMOStHGSan3XVJ8AEcLVl9ehj1N9vuwrOXRe8PFvW4-ow9G8-rZkhl2f8BH9FI7OMf0-DlsO1_ThuFjQgneYelwpFI__ZT6xNQEoPFXX1kap4-2-5o_KfCSTxs1ZqkXXPLTT-GxEkIB3vjnraAz4kuVnHkGy89LQgGn298qsTelY7Y5fl96kAHOcPuRYAW_Lmel7K4mkLEH6JqmTF7sZrHpWwFLgE-PxtNAyzv_4cR5Hp0yNotMBmXB4vthSHAflOeaTHA57Lp6f1ftXtI_4ZGloA3RE5BRXnJMl_lCbLcsD5LbXbelUjS6FKnTwUQNz1WydIj9Lf2v-xD-kVLqb2bf8A9kZow3TqRKFQlsRmkfmTq43n3of-XGmagGrPtoXxtAG3h32fN5TZZHlDeA5xjTjrMW08UHCk3bZPD3RCeLvSM65Cp6FtjcrrgkbV_QY_--oGmDtwUObnjmzjYWRCIm0B44jXPVNgjyljaAyaMKD22rr5ZCpPDzAsbTbgqep6EQetMJ0ZteHfr1E5rmhcJYsZ9N5YGxJOHEM9LdskQ5i7rcswLRpQ6cdE9xn20Kx4cvYyfc-KGznKB0Sq1jB8XC6RgDIP2ozcff50K3HnYiVy7Hv4JYGib6xLLZm4SnPIjr905zcOfIuxvTPkd2VlFBOTK6mdbEzgMjJq0wMYpKpvZPUN8Q3d0h4RezFVX5I-cPCwqUe54HPvEy-k3541PUuI7UAJLjtDPrGfAP22qwg-MOMWNagmedLl0WPSIe9tjbmj8ImT9aPxuPgDgQepkx2tN7b_r09E8wyvqZit_Dw9QQaaALZA5c9JqwDzIMs27buqPLJeGNBdk-IfqK4Z72dUskYdL2BmFtfLEKqRGJUDSEYEaoJg6q3eZzg8iCpVFhIeGT_i_vo2Q6HJ3df_5s51CuKPwco_eR_yMa9dzp9iEPLoi778zHrOx3MxtpJB5dEwV5wQnuDW5KnLFR6tibh_ZuewVnjVKRb4HR3bQ9jdNIt2UuEu4uhr8-XPqzlcFlsK0NzAlH-m5zAGE6yT1PQtw HTTP 307
    https://selligenttier.naylorcampaigns.com/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTYyNDExMiZtZXNzYWdlaWQ9NjI0MTEyJmRhdGFiYXNlaWQ9NjI0MTEyJnNlcmlhbD0xNjgyODQwNyZlbWFpbGlkPVRpbUBFbGV2YXRlZGNnLmNvbSZ1c2VyaWQ9MjExMTg2JnRhcmdldGlkPSZtbj0mZmw9Jm12aWQ9JmV4dHJhPSYmJg==&&&9999&&&http://evalaw.windaliorganizasyon.com/evalaw Page URL
  2. http://evalaw.windaliorganizasyon.com/evalaw Page URL
  3. http://evalaw.windaliorganizasyon.com/red.php?e=66d696368656c6c65406576616c61772e6e6574 HTTP 302
    https://bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://protect-us.mimecast.com/s/CchSCgJkBBhlA5z7KHNCYAF?domain=selligenttier.naylorcampaigns.com HTTP 307
  • https://protect-us.mimecast.com/r/mxixo6N1eXnnO5xD0V-psA1lzXeh3JdEWLG7XMMa63l1SpdacaSz-99RqFXAtkZ7NHRj_iYkLRCQQZIx5Vyt3CfzTYafpTJhuKIeECIvfSXH_wmPWMOiIZC0a2XymewiPrCpC8JJFa7Ma2pFV4IxC5z_2zSQERQ6Lz59oYCh6_yaIhmHJM8c6loaadL8ckw_rM4faPjFc3CwPK0sUqSdGw5sMyeCn_759kD8Th8yVrqeY7wT0MiIZKSqsAXmYu3Ip2cayOJDqcDbmUX2Bmtq_AdIhva6U5WDsrF4X-OkT92ndrNckpDRgyPD4tK-j45fuxttfp6VQp8Oah52ZN1z3pKu2V2fzyGST1_cAG9JG2JARYLzXWNQpQ2igoIJ9eXTb3Qzw5tAAB_r_wtlbzoushn33oK2XehXuvfZ0mGACyijnBfaWoCi62vL8651IABMdgAtDUOwtReSpieD9Rxl9LrC1zAwJ9fRDWSxj4pMEKqgt4ThoUwmzf3xT5LKGWogTQQQZOS40QORCQolVKDKFLxuRQaNMxai8twlmAILhWt_a4kU04HRSWOPfe9kpHYpUjEaajsqoPxJaczihsVIDzmuEalIMvdk6R36VKdd_PVL6QA25WRNL1-NqL96NAJqbAcgrYwcqWFMAElKAx1WwBEvHLdvHqC-eDCupHltlrjAUOVR9ZxDlBlU-AvJIUAXwQH5y-GCfJ2sba8wTDMmmCRaycAfZ-hakBVvatCmKtqdcR2SQpmE11ChJXfQIw2pLYbc7Qm1G8q9YNU6MeyKGAT3cYfxsqez1JMY1EtHWhS83Jzd4u4blkCPRHgltard2ahu_64K0wE1bWwaUsn7IEs5HeulZ6izajc-w85AYEU0FdzkvHtscqm_L5nRZA1W8g4IBWRN5OnFcPD_1M4tOYIzygb74UgOYpX49f-UnhhcrlgGjgzllBHY-cH_TqFCFCSCBb6sAKKrrw9O49Ky30rTxaFIQTvveMQBHlah-wIpDl0WLwR_D7Y5y49Gd3GPmw75XQM8cJp1m49z3HXwin79-rz7FWzNwgHAaGpaK74hMBNUTlM6-Bb996L0xiNMdKclE7PtZ9tE54BGZDgiIOIv8MoeFRd2O3MxTBNyw3TePMbubF1kVEYx9BXvySWAp772LqbteY_tt4Ua0nbnFnQI_3bApWRUGERD9dSKX_9GnivtO_hMrUMfslODo_Ln_Mt4rKJdSkWf1CDUSYfTasGuHRs8_eVh9IIEVoJ9gfxu1-f5kCLEKB-fBYvRipjHzcclVDloQ1WbrI01Wzc-2vrniRyBYYTpduL1CD6UV1O2SVlzWv3RVSRxhnq8TR5VRH00GMg_5IlVgdsd-WgrbNhuQMxX0mNpD1ad9_LcpqwBGrE-mUfJHg3GKeYFZwyb85s3dHH34ldmdl-Vc6CplU57Ci2-wbyfuO4rl8ui6Unh43s3afnebbVcqw_iSuOa3bZbLpDKj5dzTlmhDRyV81F90IQjKOD0sNv1YHtYL9SebAhgk0ssKyiFsV2g0NNRrLzelXxJlMMNmphqQunLvQQmJF21vmOzqGBk0uInbXYBC-3XJsiTSA_NCt5zHMOStHGSan3XVJ8AEcLVl9ehj1N9vuwrOXRe8PFvW4-ow9G8-rZkhl2f8BH9FI7OMf0-DlsO1_ThuFjQgneYelwpFI__ZT6xNQEoPFXX1kap4-2-5o_KfCSTxs1ZqkXXPLTT-GxEkIB3vjnraAz4kuVnHkGy89LQgGn298qsTelY7Y5fl96kAHOcPuRYAW_Lmel7K4mkLEH6JqmTF7sZrHpWwFLgE-PxtNAyzv_4cR5Hp0yNotMBmXB4vthSHAflOeaTHA57Lp6f1ftXtI_4ZGloA3RE5BRXnJMl_lCbLcsD5LbXbelUjS6FKnTwUQNz1WydIj9Lf2v-xD-kVLqb2bf8A9kZow3TqRKFQlsRmkfmTq43n3of-XGmagGrPtoXxtAG3h32fN5TZZHlDeA5xjTjrMW08UHCk3bZPD3RCeLvSM65Cp6FtjcrrgkbV_QY_--oGmDtwUObnjmzjYWRCIm0B44jXPVNgjyljaAyaMKD22rr5ZCpPDzAsbTbgqep6EQetMJ0ZteHfr1E5rmhcJYsZ9N5YGxJOHEM9LdskQ5i7rcswLRpQ6cdE9xn20Kx4cvYyfc-KGznKB0Sq1jB8XC6RgDIP2ozcff50K3HnYiVy7Hv4JYGib6xLLZm4SnPIjr905zcOfIuxvTPkd2VlFBOTK6mdbEzgMjJq0wMYpKpvZPUN8Q3d0h4RezFVX5I-cPCwqUe54HPvEy-k3541PUuI7UAJLjtDPrGfAP22qwg-MOMWNagmedLl0WPSIe9tjbmj8ImT9aPxuPgDgQepkx2tN7b_r09E8wyvqZit_Dw9QQaaALZA5c9JqwDzIMs27buqPLJeGNBdk-IfqK4Z72dUskYdL2BmFtfLEKqRGJUDSEYEaoJg6q3eZzg8iCpVFhIeGT_i_vo2Q6HJ3df_5s51CuKPwco_eR_yMa9dzp9iEPLoi778zHrOx3MxtpJB5dEwV5wQnuDW5KnLFR6tibh_ZuewVnjVKRb4HR3bQ9jdNIt2UuEu4uhr8-XPqzlcFlsK0NzAlH-m5zAGE6yT1PQtw HTTP 307
  • https://selligenttier.naylorcampaigns.com/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTYyNDExMiZtZXNzYWdlaWQ9NjI0MTEyJmRhdGFiYXNlaWQ9NjI0MTEyJnNlcmlhbD0xNjgyODQwNyZlbWFpbGlkPVRpbUBFbGV2YXRlZGNnLmNvbSZ1c2VyaWQ9MjExMTg2JnRhcmdldGlkPSZtbj0mZmw9Jm12aWQ9JmV4dHJhPSYmJg==&&&9999&&&http://evalaw.windaliorganizasyon.com/evalaw

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
track
selligenttier.naylorcampaigns.com/
Redirect Chain
  • https://protect-us.mimecast.com/s/CchSCgJkBBhlA5z7KHNCYAF?domain=selligenttier.naylorcampaigns.com
  • https://protect-us.mimecast.com/r/mxixo6N1eXnnO5xD0V-psA1lzXeh3JdEWLG7XMMa63l1SpdacaSz-99RqFXAtkZ7NHRj_iYkLRCQQZIx5Vyt3CfzTYafpTJhuKIeECIvfSXH_wmPWMOiIZC0a2XymewiPrCpC8JJFa7Ma2pFV4IxC5z_2zSQERQ6Lz5...
  • https://selligenttier.naylorcampaigns.com/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTYyNDExMiZtZXNzYWdlaWQ9NjI0MTEyJmRhdGFiYXNlaWQ9NjI0MTEyJnNlcmlhbD0xNjgyODQwNyZlbWFpbGlkPVRpbUBFb...
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://selligenttier.naylorcampaigns.com/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTYyNDExMiZtZXNzYWdlaWQ9NjI0MTEyJmRhdGFiYXNlaWQ9NjI0MTEyJnNlcmlhbD0xNjgyODQwNyZlbWFpbGlkPVRpbUBFbGV2YXRlZGNnLmNvbSZ1c2VyaWQ9MjExMTg2JnRhcmdldGlkPSZtbj0mZmw9Jm12aWQ9JmV4dHJhPSYmJg==&&&9999&&&http://evalaw.windaliorganizasyon.com/evalaw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.202.229.149 , United States, ASN17378 (AS17378, US),
Reverse DNS
selligenttier.naylorcampaigns.com
Software
/
Resource Hash
691e5d53cfcea97b2c273358704d6c0e147bfa9c0e97586671e1a17556813fbc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate, max-age=0, no-store
Connection
close
Content-Length
1594
Content-Type
text/html;charset=ascii
Date
Fri, 17 Nov 2023 20:27:24 GMT
Expires
-1
Pragma
no-cache
Server

Redirect headers

Cache-control
no-store
Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 20:27:24 GMT
Location
https://selligenttier.naylorcampaigns.com/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTYyNDExMiZtZXNzYWdlaWQ9NjI0MTEyJmRhdGFiYXNlaWQ9NjI0MTEyJnNlcmlhbD0xNjgyODQwNyZlbWFpbGlkPVRpbUBFbGV2YXRlZGNnLmNvbSZ1c2VyaWQ9MjExMTg2JnRhcmdldGlkPSZtbj0mZmw9Jm12aWQ9JmV4dHJhPSYmJg==&&&9999&&&http://evalaw.windaliorganizasyon.com/evalaw#66d696368656c6c65406576616c61772e6e6574
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Robots-Tag
noindex, nofollow
evalaw
evalaw.windaliorganizasyon.com/ 		164 B
643 B 		Document
General
Check archive.org
Download Go to
Full URL
http://evalaw.windaliorganizasyon.com/evalaw
Requested by
Host: selligenttier.naylorcampaigns.com
URL: https://selligenttier.naylorcampaigns.com/track?type=click&enid=ZWFzPTEmbXNpZD0mYXVpZD0mbWFpbGluZ2lkPTYyNDExMiZtZXNzYWdlaWQ9NjI0MTEyJmRhdGFiYXNlaWQ9NjI0MTEyJnNlcmlhbD0xNjgyODQwNyZlbWFpbGlkPVRpbUBFbGV2YXRlZGNnLmNvbSZ1c2VyaWQ9MjExMTg2JnRhcmdldGlkPSZtbj0mZmw9Jm12aWQ9JmV4dHJhPSYmJg==&&&9999&&&http://evalaw.windaliorganizasyon.com/evalaw
Protocol
HTTP/1.1
Server
104.247.160.136 , Turkey, ASN42846 (GUZELHOSTING GNET INTERNET TELEKOMUNIKASYON A.S., TR),
Reverse DNS
sunucu.demobul.net
Software
LiteSpeed / PHP/7.3.33
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-encoding
gzip
content-length
154
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 20:27:26 GMT
edit
Set-Cookie (.*) "$1;HttpOnly;Secure"
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-powered-by
PHP/7.3.33
x-xss-protection
1; mode=block
Primary Request /
bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link/
Redirect Chain
  • http://evalaw.windaliorganizasyon.com/red.php?e=66d696368656c6c65406576616c61772e6e6574
  • https://bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link/
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link/
Requested by
Host: evalaw.windaliorganizasyon.com
URL: http://evalaw.windaliorganizasyon.com/evalaw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:fea2:2::1 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
458d9bbdbc6aac6ac0e39125175fbd892835324a8563942f9d1159b33c7c7945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://evalaw.windaliorganizasyon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
X-Requested-With, Range, Content-Range, X-Chunked-Output, X-Stream-Output
access-control-allow-methods
GET HEAD OPTIONS GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Range, X-Chunked-Output, X-Stream-Output
cache-control
public, max-age=29030400, immutable
content-encoding
gzip
content-type
text/html
date
Fri, 17 Nov 2023 20:27:30 GMT
etag
W/"bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu"
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
x-ipfs-gateway-host
ipfs-bank6-dc13
x-ipfs-lb-pop
gateway-bank3-dc13
x-ipfs-path
/ipfs/bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu/
x-ipfs-pop
ipfs-bank6-dc13
x-ipfs-roots
bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu
x-proxy-cache
MISS

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 20:27:28 GMT
edit
Set-Cookie (.*) "$1;HttpOnly;Secure"
location
https://bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link/##66d696368656c6c65406576616c61772e6e6574
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-powered-by
PHP/7.3.33
x-xss-protection
1; mode=block
jquery-1.9.1.js
code.jquery.com/ 		262 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.js
Requested by
Host: bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link
URL: https://bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 20:27:30 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5450643
x-cache
HIT, HIT
content-length
79506
x-served-by
cache-lga21952-LGA, cache-mia-kmia1760030-MIA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700252851.879884,VS0,VE0
etag
W/"28feccc0-4185d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
757, 476
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
Requested by
Host: bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link
URL: https://bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 20:27:30 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
29433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13972
last-modified
Sat, 14 Aug 2021 20:33:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61182885-3694"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtBIhdAvssPIsDv48QBBmUoP7pmwzYGb%2BT2M%2FsHZL3D3waehRB%2FC4mb1OeSr8A4qNnegGexHVq9w4hhOq77fQcd%2Bm2GphlSKMkcYPxHYnmd7re7u%2FG2bCQ4GtU4YmnM9%2BRN8bArghHvmhpjIXIubKaHM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
827ab6fdfe356c87-MIA
expires
Wed, 06 Nov 2024 20:27:30 GMT
preload-outlook.gif
w1gku6od7ib.gakgalag.online/static/media/ 		0
0
preload-outlook.gif
gm9hvnmcepb.lkalzzop.online/static/media/ 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gm9hvnmcepb.lkalzzop.online/static/media/preload-outlook.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2475 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bafkreicfrwn33pdkvrvmby4reulv7pmjfa2tesufmokc7hirlgzty7dziu.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 20:27:31 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-disposition
inline; filename="preload-outlook.gif"
alt-svc
h3=":443"; ma=86400
content-length
197044
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 04 Nov 2023 22:18:46 GMT
server
cloudflare
x-frame-options
DENY
vary
origin, Accept-Encoding
content-type
image/gif
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvUxvdq21IrV%2BAeG16fvY%2BdHRarUrOC41nvkDHeoGlqsp51caE4Q9e%2F371e59IxmeZjOymOHd4yy7zfUkU4zAI9tAg6Yb0F8Op4LJwlOQ6z%2F73JI43ayg5snYV%2FgyckHkJTYqSN%2FY4DSKMRR9FRL4mSBGh4beDMKqLs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
827ab6fe0896b3e0-MIA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
w1gku6od7ib.gakgalag.online
URL
https://w1gku6od7ib.gakgalag.online/static/media/preload-outlook.gif

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies