wellink.top - urlscan.io

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 4 HTTP transactions. The main IP is 190.115.19.218, located in Belize and belongs to DANCOM LTD, BZ. The main domain is wellink.top.

This is the only time wellink.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	84.201.145.19 84.201.145.19	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1	190.115.19.218 190.115.19.218	262254 (DANCOM LTD) (DANCOM LTD)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
4	3

1 84.201.145.19 (Russian Federation) 1 redirects

ASN200350 (YANDEXCLOUD, RU)

l6a17.neoclassica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 190.115.19.218 (Belize)

ASN262254 (DANCOM LTD, BZ)

wellink.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	jquery.com code.jquery.com	29 KB
1	wellink.top wellink.top
1	neoclassica.org 1 redirects l6a17.neoclassica.org	241 B
0	e-pay.marketing Failed e-pay.marketing Failed
4	4

	Domain	Requested by
1	code.jquery.com	wellink.top
1	wellink.top	wellink.top
1	l6a17.neoclassica.org	1 redirects
0	e-pay.marketing Failed	wellink.top
4	4

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://wellink.top/kks6
Frame ID: 6FE62AB13A03C5648ACE168CC05EB4FC
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://l6a17.neoclassica.org/?l6a17l6a17 HTTP 301
http://wellink.top/kks6 Page URL

Page Statistics

4
Requests

0 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

29 kB
Transfer

84 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://l6a17.neoclassica.org/?l6a17l6a17 HTTP 301
http://wellink.top/kks6 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set kks6 wellink.top/ Redirect Chain http://l6a17.neoclassica.org/?l6a17l6a17 http://wellink.top/kks6	2 KB 0	14119ms 8075ms	Document text/html	190.115.19.218 DANCOM LTD
General Check archive.org Show headers Download Go to Full URL http://wellink.top/kks6 Protocol HTTP/1.1 Server 190.115.19.218 , Belize, ASN262254 (DANCOM LTD, BZ), Reverse DNS Software ngjit / Resource Hash Request headers Host wellink.top Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server ngjit Connection keep-alive Keep-Alive timeout=60 Set-Cookie __ddg_=C5CA261582DE6B5CAEBB07FDB3A9FE0926C5DF40; path=/; Expires=Wed, 01 Jan 2022 00:00:00 GMT cookieID=1703781; expires=Wed, 30-Oct-2019 19:01:53 GMT; Max-Age=2592000; path=/; domain=wellink.top Date Mon, 30 Sep 2019 19:01:53 GMT Content-Type text/html; charset=utf-8 Content-Encoding gzip Transfer-Encoding chunked Redirect headers Date Mon, 30 Sep 2019 19:01:34 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Location http://wellink.top/kks6 Content-Length 3 Connection close Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	jquery-2.1.3.min.js Show response code.jquery.com/	82 KB 29 KB	14ms 6ms	Script application/javascript	2001:4de0:ac18::1:a:3a Highwinds Network...
General Check archive.org Show headers Download Go to Full URL http://code.jquery.com/jquery-2.1.3.min.js Requested by Host: wellink.top URL: http://wellink.top/kks6 Protocol HTTP/1.1 Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS Software nginx / Resource Hash `8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3` Request headers Referer http://wellink.top/kks6 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 30 Sep 2019 19:01:59 GMT Content-Encoding gzip Last-Modified Thu, 18 Dec 2014 15:17:03 GMT Server nginx ETag W/"5492efef-14960" Vary Accept-Encoding X-HW 1569870119.dop003.fr8.t,1569870119.cds097.fr8.c Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=315360000, public Connection Keep-Alive Accept-Ranges bytes Content-Length 29507
GET		jquery.syotimer.js wellink.top/js/	0 0

GET		3933.jpg e-pay.marketing/i/product/393/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wellink.top
URL: http://wellink.top/js/jquery.syotimer.js

Domain: e-pay.marketing
URL: https://e-pay.marketing/i/product/393/3933.jpg

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
e-pay.marketing
l6a17.neoclassica.org
wellink.top
e-pay.marketing
wellink.top
190.115.19.218
2001:4de0:ac18::1:a:3a
84.201.145.19
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

wellink.top Open in urlscan Pro 190.115.19.218 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

4 Requests

0 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

29 kBTransfer

84 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

Indicators

wellink.top Open in urlscan Pro
190.115.19.218 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

0 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

29 kB
Transfer

84 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions