urlscan.io logo urlscan.io
SecurityTrails logo

37fd75879.36hours.fun Open in urlscan Pro
2a06:98c1:3120::9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://d-shortlink.com/nzbvn
Effective URL: https://37fd75879.36hours.fun/fd75879f06a
Submission: On February 04 via manual from TH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 3 HTTP transactions. The main IP is 2a06:98c1:3120::9, located in United States and belongs to CLOUDFLARENET, US. The main domain is 37fd75879.36hours.fun.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 2nd 2023. Valid for: a year.
This is the only time 37fd75879.36hours.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.254.184.244 46606 (UNIFIEDLA...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2404:8000:81:... 17451 (BIZNET-AS...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
3 3
Apex Domain
Subdomains		 Transfer
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 673
24 KB
1 fbcdn.net
scontent.fcgk6-2.fna.fbcdn.net — Cisco Umbrella Rank: 116250
100 KB
1 36hours.fun
37fd75879.36hours.fun
1 KB
1 d-shortlink.com
d-shortlink.com
499 B
3 4
Domain Requested by
1 code.jquery.com 37fd75879.36hours.fun
1 scontent.fcgk6-2.fna.fbcdn.net 37fd75879.36hours.fun
1 37fd75879.36hours.fun
1 d-shortlink.com 1 redirects
3 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-02 -
2024-02-01		 a year crt.sh
*.fcgk6-2.fna.fbcdn.net
DigiCert SHA2 High Assurance Server CA		 2022-12-25 -
2023-03-25		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://37fd75879.36hours.fun/fd75879f06a
Frame ID: B461862BF1CC040BAC77B3199885CE67
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

𝐊𝐡𝐚𝐨𝐬𝐨𝐝 -ข่าวสด • "ว่าอิไม่จอดซื้อแล้ว อดไม่ได้!

Page URL History Show full URLs

  1. http://d-shortlink.com/nzbvn HTTP 301
    https://37fd75879.36hours.fun/fd75879f06a Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

3
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

125 kB
Transfer

172 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://d-shortlink.com/nzbvn HTTP 301
    https://37fd75879.36hours.fun/fd75879f06a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fd75879f06a
37fd75879.36hours.fun/
Redirect Chain
  • http://d-shortlink.com/nzbvn
  • https://37fd75879.36hours.fun/fd75879f06a
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://37fd75879.36hours.fun/fd75879f06a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f86067db020dbc2fe734bf932bf1c01eb18273a2322e4bb36108b31f6eba0bdd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79415b855931928d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 04 Feb 2023 06:30:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zKcdtNBgHRJRcZL7bSeAV7GVRjBSHge4FcH76%2FF75M1bv4HYkbnIKq8OKYq8nfU3xLIWpOWuBgQM%2BeDhMxdfl6iImmDVQGKlWskP9eL5JJ6hlpXdJ0p06a%2B7wh7o7g4E1oFGMXB49ODdnlhKf1GHXAeYS4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Feb 2023 06:30:19 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.21.6
X-Server-Cache
false
location
https://37fd75879.36hours.fun/fd75879f06a
327435042_5927998770619082_6086258109996836298_n.jpg
scontent.fcgk6-2.fna.fbcdn.net/v/t39.30808-6/ 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.fcgk6-2.fna.fbcdn.net/v/t39.30808-6/327435042_5927998770619082_6086258109996836298_n.jpg?stp=dst-jpg_p526x296&_nc_cat=1&ccb=1-7&_nc_sid=8bfeb9&_nc_ohc=mfrdrII15-YAX8ph5bl&_nc_ht=scontent.fcgk6-2.fna&oh=00_AfCW0oFDc7mSFRRHqcV9quS9ExS8UbMK5R3SNTozJqYeFA&oe=63E21A96
Requested by
Host: 37fd75879.36hours.fun
URL: https://37fd75879.36hours.fun/fd75879f06a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:8000:81:d:face:b00c:0:a7 , Indonesia, ASN17451 (BIZNET-AS-AP BIZNET NETWORKS, ID),
Reverse DNS
Software
/
Resource Hash
b20a456ce964ccd6f8dfd9157b4c92425ab789bd36fa7bc88b2ad5efa6d637d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://37fd75879.36hours.fun/
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

x-haystack-needlechecksum
1227743481
date
Sat, 04 Feb 2023 06:30:25 GMT
x-storage-error-category
dfs:none;hs_p:200:HS_ESUCCESS
last-modified
Wed, 01 Feb 2023 14:26:55 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=616941959
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2262063997
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
priority
u=3,i
content-length
101553
jquery-3.4.1.slim.min.js
code.jquery.com/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.slim.min.js
Requested by
Host: 37fd75879.36hours.fun
URL: https://37fd75879.36hours.fun/fd75879f06a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
a5ab2a00a0439854f8787a0dda775dea5377ef4905886505c938941d6854ee4f

Request headers

Referer
https://37fd75879.36hours.fun/
Origin
https://37fd75879.36hours.fun
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date
Sat, 04 Feb 2023 06:30:25 GMT
content-encoding
gzip
x-sp-metadata
HS256.CJGT+J4GEp8BCiQwZjM5NWFmMi1hYTQ3LTQ1MzQtYmI5MS1mNDkwZGU5NTc1ZjAQ+OiCoKvU+wIaBgiB9/eeBiIkMjAwMTphYzg6MjA6M2EwMDoxMDExOjkzMTY6YTkxMzo4YWEyKOiUAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkOGM0ZjFlZjUtNDkzMS00MWRkLWExNDctZGI1NTQ5MTNjMDViGIi+ASIYCAISFGNkczMyNi5mcjguaHdjZG4ubmV0.kVng7d+JO36LYAuywGaIal1YkLfFUUPmfN10oFnPKZM=
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-1157d"
vary
Accept-Encoding
x-hw
1675492225.dop158.fr8.t,1675492225.cds237.fr8.hn,1675492225.cds326.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
24328

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery

2 Cookies

Domain/Path Name / Value
d-shortlink.com/ Name: PHPSESSID
Value: 46cb9c7a639468962c27a2458aab2d97
d-shortlink.com/ Name: short_10116
Value: 1