jodata.site - urlscan.io

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3030::681f:53ed, located in United States and belongs to CLOUDFLARENET, US. The main domain is jodata.site.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 21st 2019. Valid for: a year.

This is the only time jodata.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3030::681f:53ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.225.208.133 185.225.208.133	13213 (UK2NET-AS) (UK2NET-AS)
1 2	67.202.94.86 67.202.94.86	32748 (STEADFAST) (STEADFAST)
4	3

1 2606:4700:3030::681f:53ed (United States)

ASN13335 (CLOUDFLARENET, US)

jodata.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.225.208.133 (Germany)

ASN13213 (UK2NET-AS, GB)

widgets.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.202.94.86 (Chicago, United States) 1 redirects

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	amung.us 1 redirects widgets.amung.us whos.amung.us	5 KB
1	jodata.site jodata.site	704 B
4	2

	Domain	Requested by
2	whos.amung.us	1 redirects widgets.amung.us
2	widgets.amung.us	jodata.site
1	jodata.site
4	3

This site contains links to these domains. Also see Links.

Domain
whos.amung.us

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-21` - `2020-10-09`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://jodata.site/
Frame ID: C9D9D7045ABC49C22D8D9B566CBB7C59
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

4
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

6 kB
Transfer

14 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://whos.amung.us/pro/stats/wah3/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://whos.amung.us/pjswidget/?k=wah3&i=23859482&l=t&t=&r=&s=&p=&o=ox&b=ch&e=&u=t&d=f&a=t&ssl=1&f=t&z=23140&w=ping HTTP 303
https://widgets.amung.us/_blank.gif

4 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response jodata.site/	585 B 704 B	49ms 16ms	Document text/html	2606:4700:3030::681f:53ed CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jodata.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::681f:53ed , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `174b90b0b9cba641fe6494185d9d229334cad7129e6cdb82828a4df3856e3960` Request headers :method GET :authority jodata.site :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Tue, 30 Jun 2020 12:35:29 GMT content-type text/html set-cookie __cfduid=d3a1be2cceb518501ec89d914da3684fa1593520529; expires=Thu, 30-Jul-20 12:35:29 GMT; path=/; domain=.jodata.site; HttpOnly; SameSite=Lax last-modified Thu, 26 Dec 2019 04:12:41 GMT vary Accept-Encoding expires Thu, 30 Jul 2020 07:21:17 GMT cache-control max-age=2678400 access-control-allow-origin * cf-cache-status HIT age 18852 cf-request-id 03a6d2b9450000dfc71b888200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5ab7ed6ed950dfc7-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	a_pro.js Show response widgets.amung.us/	13 KB 4 KB	24ms 7ms	Script application/x-javascript	185.225.208.133 UK2NET-AS
General Check archive.org Show headers Download Go to Full URL https://widgets.amung.us/a_pro.js Requested by Host: jodata.site URL: https://jodata.site/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB), Reverse DNS Software / Resource Hash `d54fecff702ea69734e304ee84e85cc5b7d2593c39289b7af9f699add6e410f2` Request headers Referer https://jodata.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 30 Jun 2020 12:35:29 GMT content-encoding gzip last-modified Sun, 14 Jun 2020 19:57:35 GMT etag W/"5ee6812f-32ba" status 200 content-type application/x-javascript access-control-allow-origin * cache-control max-age=86400, private expires Wed, 01 Jul 2020 12:35:29 GMT
GET H2	200	/ Show response whos.amung.us/psrvwidget/	242 B 290 B	345ms 113ms	Script text/javascript	67.202.94.86 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://whos.amung.us/psrvwidget/?k=wah3&i=23859482&z=18982195 Requested by Host: widgets.amung.us URL: https://widgets.amung.us/a_pro.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.202.94.86 Chicago, United States, ASN32748 (STEADFAST, US), Reverse DNS amung.us Software / Resource Hash `840ebcf5d5fddba8bac0a9343b9b6642d91854edbf47ddbc85f7d37af2a9c30e` Request headers Referer https://jodata.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Tue, 30 Jun 2020 12:35:30 GMT content-encoding gzip content-type text/javascript;charset=UTF-8
GET H2	200	_blank.gif widgets.amung.us/ Redirect Chain https://whos.amung.us/pjswidget/?k=wah3&i=23859482&l=t&t=&r=&s=&p=&o=ox&b=ch&e=&u=t&d=f&a=t&ssl=1&f=t&z=23140&w=ping https://widgets.amung.us/_blank.gif	43 B 215 B	7ms 6ms	Image image/gif	185.225.208.133 UK2NET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.amung.us/_blank.gif Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.225.208.133 , Germany, ASN13213 (UK2NET-AS, GB), Reverse DNS Software / Resource Hash `cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda` Request headers Referer https://jodata.site/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 30 Jun 2020 12:35:30 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT status 200 content-type image/gif access-control-allow-origin * cache-control max-age=86400, private content-length 43 expires Wed, 01 Jul 2020 12:35:30 GMT Redirect headers status 303 date Tue, 30 Jun 2020 12:35:30 GMT location https://widgets.amung.us/_blank.gif content-type text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.jodata.site/	1970-01-19 11:21:52	Name: __cfduid Value: d3a1be2cceb518501ec89d914da3684fa1593520529

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

jodata.site
whos.amung.us
widgets.amung.us
185.225.208.133
2606:4700:3030::681f:53ed
67.202.94.86
174b90b0b9cba641fe6494185d9d229334cad7129e6cdb82828a4df3856e3960
840ebcf5d5fddba8bac0a9343b9b6642d91854edbf47ddbc85f7d37af2a9c30e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d54fecff702ea69734e304ee84e85cc5b7d2593c39289b7af9f699add6e410f2

jodata.site Open in urlscan Pro 2606:4700:3030::681f:53ed Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

4 Requests

100 %HTTPS

33 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

6 kBTransfer

14 kBSize

1 Cookies

1 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

1 Cookies

Indicators

jodata.site Open in urlscan Pro
2606:4700:3030::681f:53ed Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

6 kB
Transfer

14 kB
Size

1
Cookies

4 HTTP transactions
0 data transactions