balaoanlaunion.gov.ph Open in urlscan Pro
77.104.170.201 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://balaoanlaunion.gov.ph/lulzday.htm
Submission: On October 25 via manual (October 25th 2019, 2:18:30 am UTC) from PH

Summary HTTP 7 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 5 domains to perform 7 HTTP transactions. The main IP is 77.104.170.201, located in Bulgaria and belongs to SOFTLAYER - SoftLayer Technologies Inc., US. The main domain is balaoanlaunion.gov.ph.

This is the only time balaoanlaunion.gov.ph was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	77.104.170.201 77.104.170.201	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.77.68.183 52.77.68.183	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	6

3 77.104.170.201 (Bulgaria) 1 redirects

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: c38300.sgvps.net

balaoanlaunion.gov.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.balaoanlaunion.gov.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

media.giphy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.77.68.183 (Singapore, Singapore)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-77-68-183.ap-southeast-1.compute.amazonaws.com

globe.moreforme.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	balaoanlaunion.gov.ph 1 redirects balaoanlaunion.gov.ph www.balaoanlaunion.gov.ph	9 KB
2	fontawesome.com use.fontawesome.com	84 KB
1	moreforme.net globe.moreforme.net
1	youtube.com www.youtube.com
1	giphy.com media.giphy.com	390 KB
7	5

	Domain	Requested by
2	use.fontawesome.com	balaoanlaunion.gov.ph
2	balaoanlaunion.gov.ph	1 redirects
1	globe.moreforme.net	balaoanlaunion.gov.ph
1	www.youtube.com	balaoanlaunion.gov.ph
1	media.giphy.com	balaoanlaunion.gov.ph
1	www.balaoanlaunion.gov.ph	balaoanlaunion.gov.ph
7	6

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2018-09-17` - `2019-11-21`	a year	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-07-30` - `2020-07-25`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-10-10` - `2020-01-02`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://balaoanlaunion.gov.ph/lulzday.htm
Frame ID: 13AFDCAFAB5B139643A5B5D0B1A38A26
Requests: 6 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EeazIuAuP0o?rel=0&autoplay=1&loop=1
Frame ID: E59B94FB9AB956562F4676E67179AA58
Requests: 1 HTTP requests in this frame

Frame: http://globe.moreforme.net/l8/EngageService?v=1
Frame ID: 9D4BB0CDC958C653D267720BBCC04FF7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Page Statistics

7
Requests

57 %
HTTPS

20 %
IPv6

5
Domains

6
Subdomains

6
IPs

4
Countries

484 kB
Transfer

527 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://twitter.com/PinoyLulzsec__
Title: @PinoyLulzsec__

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://balaoanlaunion.gov.ph/google_analytics_auto.js HTTP 301
http://www.balaoanlaunion.gov.ph/google_analytics_auto.js

7 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request lulzday.htm Show response
balaoanlaunion.gov.ph/ 12 KB
8 KB 508ms
173ms Document
text/html 77.104.170.201
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: http://balaoanlaunion.gov.ph/lulzday.htm
Protocol: HTTP/1.1
Server: 77.104.170.201 , Bulgaria, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: c38300.sgvps.net
Software: nginx /
Resource Hash: b6985879fa1452b16d8e8098cbf888dff3d207cb63ced58218406ab6929d23ed

Request headers

Host: balaoanlaunion.gov.ph
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server: nginx
Date: Fri, 25 Oct 2019 02:18:12 GMT
Content-Type: text/html
Content-Length: 8211
Connection: keep-alive
Last-Modified: Mon, 01 Apr 2019 03:10:20 GMT
ETag: "3095-5856f5c5a1dc9-gzip"
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Proxy-Cache: MISS
alt-svc: quic=":443"; ma=86400; v="43,39"
Accept-Ranges: bytes

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.2/css/ 53 KB
13 KB 20ms
6ms Stylesheet
text/css 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by: Host: balaoanlaunion.gov.ph
URL: http://balaoanlaunion.gov.ph/lulzday.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Sec-Fetch-Mode: cors
Referer: http://balaoanlaunion.gov.ph/lulzday.htm
Origin: http://balaoanlaunion.gov.ph
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 25 Oct 2019 02:18:12 GMT
content-encoding: gzip
last-modified: Tue, 12 Feb 2019 16:48:32 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H/1.1

404
Not Found

google_analytics_auto.js
www.balaoanlaunion.gov.ph/
Redirect Chain

http://balaoanlaunion.gov.ph/google_analytics_auto.js
http://www.balaoanlaunion.gov.ph/google_analytics_auto.js

0
0

1231ms
494ms

Script
text/html

77.104.170.201
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.balaoanlaunion.gov.ph/google_analytics_auto.js
Requested by: Host: balaoanlaunion.gov.ph
URL: http://balaoanlaunion.gov.ph/lulzday.htm
Protocol: HTTP/1.1
Server: 77.104.170.201 , Bulgaria, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: c38300.sgvps.net
Software: nginx /
Resource Hash

Request headers

Referer: http://balaoanlaunion.gov.ph/lulzday.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Oct 2019 02:18:14 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Link: <http://www.balaoanlaunion.gov.ph/wp-json/>; rel="https://api.w.org/"
Content-Length: 5079
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Oct 2019 02:18:12 GMT
Server: nginx
X-Redirect-By: WordPress
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Location: http://www.balaoanlaunion.gov.ph/google_analytics_auto.js
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
alt-svc: quic=":443"; ma=86400; v="43,39"
Content-Length: 0
X-Proxy-Cache: MISS

GET
H2 200 giphy.gif
media.giphy.com/media/RejOCrFivvl3K69pfs/ 389 KB
390 KB 275ms
260ms Image
image/gif 151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.giphy.com/media/RejOCrFivvl3K69pfs/giphy.gif
Requested by: Host: balaoanlaunion.gov.ph
URL: http://balaoanlaunion.gov.ph/lulzday.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: f9ede8185564cc2ed37f3eeb0b03fe70eb64e7cf4d7ec03d0b798c0cc3829b57

Request headers

Sec-Fetch-Mode: no-cors
Referer: http://balaoanlaunion.gov.ph/lulzday.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 25 Oct 2019 02:18:12 GMT
via: 1.1 varnish, 1.1 varnish
last-modified: Sun, 31 Mar 2019 12:01:59 GMT
age: 0
etag: "241f53a3bdcd5d6f0e850e82bbb56dd0"
x-served-by: cache-bwi5142-BWI, cache-hhn4063-HHN
status: 200
x-cache: MISS, MISS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-timer: S1571969892.470011,VS0,VE253
content-length: 398547
x-cache-hits: 0, 0

GET
H2 200 EeazIuAuP0o
www.youtube.com/embed/ Frame E59B 0
0 158ms
130ms Document
text/html 2a00:1450:4001:81c::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/EeazIuAuP0o?rel=0&autoplay=1&loop=1

Requested by

Host: balaoanlaunion.gov.ph
URL: http://balaoanlaunion.gov.ph/lulzday.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/EeazIuAuP0o?rel=0&autoplay=1&loop=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: http://balaoanlaunion.gov.ph/lulzday.htm
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: http://balaoanlaunion.gov.ph/lulzday.htm

Response headers

status: 200
x-content-type-options: nosniff
cache-control: no-cache
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
expires: Tue, 27 Apr 1971 19:44:06 GMT
content-encoding: br
date: Fri, 25 Oct 2019 02:18:14 GMT
server: YouTube Frontend Proxy
x-xss-protection: 0
set-cookie: VISITOR_INFO1_LIVE=51coN7UorCY; path=/; domain=.youtube.com; expires=Wed, 22-Apr-2020 02:18:14 GMT; httponly YSC=ZHx5VDJXSjE; path=/; domain=.youtube.com; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Wed, 24-Jun-2020 14:11:14 GMT VISITOR_INFO1_LIVE=51coN7UorCY; path=/; domain=.youtube.com; expires=Wed, 22-Apr-2020 02:18:14 GMT; httponly GPS=1; path=/; domain=.youtube.com; expires=Fri, 25-Oct-2019 02:48:14 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f70be2216e56cdaf9f0434db61484f918ea32f7c052ed500ddb64c29b813b0b5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://balaoanlaunion.gov.ph/lulzday.htm
Origin: http://balaoanlaunion.gov.ph

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.7.2/webfonts/ 70 KB
71 KB 9ms
6ms Font
font/woff2 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.2/webfonts/fa-brands-400.woff2
Requested by: Host: balaoanlaunion.gov.ph
URL: http://balaoanlaunion.gov.ph/lulzday.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e

Request headers

Sec-Fetch-Mode: cors
Referer: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Origin: http://balaoanlaunion.gov.ph
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 25 Oct 2019 02:18:14 GMT
last-modified: Tue, 12 Feb 2019 16:49:13 GMT
server: NetDNA-cache/2.2
status: 200
etag: "4b115e1153a9ea339d6a0bb284cc8ed3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 72112

GET
H/1.1 200
OK EngageService
globe.moreforme.net/l8/ Frame 9D4B 0
0 429ms
190ms Document
text/plain 52.77.68.183
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://globe.moreforme.net/l8/EngageService?v=1
Requested by: Host: balaoanlaunion.gov.ph
URL: http://balaoanlaunion.gov.ph/lulzday.htm
Protocol: HTTP/1.1
Server: 52.77.68.183 Singapore, Singapore, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-77-68-183.ap-southeast-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Host: globe.moreforme.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://balaoanlaunion.gov.ph/lulzday.htm
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://balaoanlaunion.gov.ph/lulzday.htm

Response headers

Date: Fri, 25 Oct 2019 02:18:15 GMT
Content-Length: 0
Connection: keep-alive
Server: Apache-Coyote/1.1

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-19 10:30:07	Name: PREF Value: f1=50000000
.youtube.com/	1970-01-19 08:58:41	Name: VISITOR_INFO1_LIVE Value: 51coN7UorCY
.youtube.com/	1970-01-19 04:39:31	Name: GPS Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ZHx5VDJXSjE
balaoanlaunion.gov.ph/	1969-12-31 23:59:59	Name: PHPSESSID Value: afaf7d270abe446a6df735e7a3f3a628

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

balaoanlaunion.gov.ph
globe.moreforme.net
media.giphy.com
use.fontawesome.com
www.balaoanlaunion.gov.ph
www.youtube.com
151.101.114.2
23.111.9.35
2a00:1450:4001:81c::200e
52.77.68.183
77.104.170.201
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
b6985879fa1452b16d8e8098cbf888dff3d207cb63ced58218406ab6929d23ed
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e
f70be2216e56cdaf9f0434db61484f918ea32f7c052ed500ddb64c29b813b0b5
f9ede8185564cc2ed37f3eeb0b03fe70eb64e7cf4d7ec03d0b798c0cc3829b57

balaoanlaunion.gov.ph Open in urlscan Pro 77.104.170.201 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

7 Requests

57 %HTTPS

20 %IPv6

5 Domains

6 Subdomains

6 IPs

4 Countries

484 kBTransfer

527 kBSize

5 Cookies

1 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

5 Cookies

Indicators

balaoanlaunion.gov.ph Open in urlscan Pro
77.104.170.201 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

57 %
HTTPS

20 %
IPv6

5
Domains

6
Subdomains

6
IPs

4
Countries

484 kB
Transfer

527 kB
Size

5
Cookies

7 HTTP transactions
1 data transactions