urlscan.io logo urlscan.io
SecurityTrails logo

one-cip.atypon.com Open in urlscan Pro
104.18.38.16  Public Scan

Go To Rescan Add Verdict Report
URL: http://one-cip.atypon.com/
Submission Tags: @phish_report
Submission: On February 12 via api from FI — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 104.18.38.16, located in and belongs to CLOUDFLARENET, US. The main domain is one-cip.atypon.com.
This is the only time one-cip.atypon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 104.18.38.16 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
9 4
Apex Domain
Subdomains		 Transfer
6 atypon.com
one-cip.atypon.com
12 KB
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 3721
28 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 782
7 KB
9 3
Domain Requested by
6 one-cip.atypon.com 1 redirects one-cip.atypon.com
static.cloudflareinsights.com
3 static.addtoany.com one-cip.atypon.com
static.addtoany.com
1 static.cloudflareinsights.com one-cip.atypon.com
9 3

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
static.addtoany.com
E1		 2023-12-27 -
2024-03-26		 3 months crt.sh

This page contains 3 frames:

Primary Page: http://one-cip.atypon.com/
Frame ID: 32D923EFDE95BB75C0B76E3211B58E84
Requests: 7 HTTP requests in this frame

Frame: http://one-cip.atypon.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: 0921E1FD9CF1BB11274F713CE7608A6D
Requests: 2 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.25.html
Frame ID: EE1ED6ADAE46E30CF6276C2E1933723F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

9
Requests

44 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

47 kB
Transfer

116 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://one-cip.atypon.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • http://one-cip.atypon.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
one-cip.atypon.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://one-cip.atypon.com/
Protocol
HTTP/1.1
Server
104.18.38.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032e8f81a359814de422e00a39bf70a15f12c70403c356d7c60237e501e49d72
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
8546fbc5182050c8-AKL
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Mon, 12 Feb 2024 18:44:32 GMT
Server
cloudflare
Strict-Transport-Security
max-age=0; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding, User-Agent
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
alt-svc
h3=":443"; ma=86400
24U-yBwkLFPMmugX_7EnNdjlpvY.js
one-cip.atypon.com/cdn-cgi/apps/head/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://one-cip.atypon.com/cdn-cgi/apps/head/24U-yBwkLFPMmugX_7EnNdjlpvY.js
Requested by
Host: one-cip.atypon.com
URL: http://one-cip.atypon.com/
Protocol
HTTP/1.1
Server
104.18.38.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73ef9c65fa9d5a0b18e4a363af64d7cdd13abe1751c0ac3e4508d2f8fa0ed409

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one-cip.atypon.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 12 Feb 2024 18:44:32 GMT
Content-Encoding
gzip
x-amz-version-id
bClLktSwrf6DwOC0_e7Uop54Vjjnp3ba
CF-Cache-Status
MISS
x-amz-request-id
B7T2RN1RNS6010B8
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
4397
x-amz-id-2
ncQlpcE/pLtjWIQsROgtIf7A40ie6NxaUh6iUUcbXZYTdmsOlx27xzrxEmmwwRCh3PWMiN/EXUk=
Last-Modified
Tue, 20 Dec 2022 20:58:44 GMT
Server
cloudflare
ETag
"5a625d1b9fcd0645a338f12cf6457480"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
CF-RAY
8546fbc6aa1b50c8-AKL
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: one-cip.atypon.com
URL: http://one-cip.atypon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
http://one-cip.atypon.com/
Origin
http://one-cip.atypon.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 12 Feb 2024 18:44:32 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8546fbc72c49725f-AKL
page.js
static.addtoany.com/menu/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: one-cip.atypon.com
URL: http://one-cip.atypon.com/cdn-cgi/apps/head/24U-yBwkLFPMmugX_7EnNdjlpvY.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a3d8c061a2a585985a71d5b1a45c424c5bc79b310c86b4731b5bececf5ea5df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one-cip.atypon.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 12 Feb 2024 18:44:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
20375
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"257f9651f9cfd949f6dde30f51352116"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iscq37PT5XUUGECEa524s1Agv9PwJYrVle2fv6VjO9zQIkX0a4LFgdBEogRTF1i0f7WFdpec4tMre6MQg%2F5gFymm%2FP%2FfoHchvXp8UlYwE80ZslS8YNdFauuQrJsfQBM0ywK2Z%2BXAgl0%2FhVGPEdV%2BGbUQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, stale-while-revalidate=30, public
cf-ray
8546fbc9bd9850ad-AKL
truncated
/ 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a2f1be5d4188bbfa7b9659ac3768e73cdd0a3a00c546f924e4c9c930050c6ec

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one-cip.atypon.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Content-Type
text/css;charset=utf-8
main.js
one-cip.atypon.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame 0921
Redirect Chain
  • http://one-cip.atypon.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • http://one-cip.atypon.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://one-cip.atypon.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Requested by
Host: one-cip.atypon.com
URL: http://one-cip.atypon.com/
Protocol
HTTP/1.1
Server
104.18.38.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6821398ddb0985e0027d11e051d9629805cac06e7bc7d7f6bc04ce09d56678
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

Date
Mon, 12 Feb 2024 18:44:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
Content-Type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
Connection
keep-alive
CF-RAY
8546fbc99d9650c8-AKL
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Mon, 12 Feb 2024 18:44:32 GMT
content-encoding
gzip
Server
cloudflare
Transfer-Encoding
chunked
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
cache-control
max-age=300, public
Connection
keep-alive
CF-RAY
8546fbc95d2750c8-AKL
alt-svc
h3=":443"; ma=86400
8546fbc5182050c8
one-cip.atypon.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 0921 		0
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://one-cip.atypon.com/cdn-cgi/challenge-platform/h/b/jsd/r/8546fbc5182050c8
Requested by
Host: one-cip.atypon.com
URL: http://one-cip.atypon.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
HTTP/1.1
Server
104.18.38.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

Date
Mon, 12 Feb 2024 18:44:33 GMT
Content-Encoding
gzip
Server
cloudflare
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Connection
keep-alive
CF-RAY
8546fbca6e5c50c8-AKL
alt-svc
h3=":443"; ma=86400
sm.25.html
static.addtoany.com/menu/ Frame EE1E 		716 B
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.25.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
274d4116239b63097bb7c16e56e27cbb5a77be20392fb8e2317c0a0235185cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://one-cip.atypon.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-origin
*
age
10111
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
8546fbca6e7850ad-AKL
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 12 Feb 2024 18:44:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Sl8kc9fKPozGu3S0Fc%2BoUbzT%2BaaagHbtE5nbe4SdTZfF0nhY1FEfmbBRkmHkRvVpg%2FZvxThtmFVXLmRAQ0CMMVwt7ZAWJVDbtrO9OkdiPkcdJNn704qgdvyOOGr2PdALZa9pPwx"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
core.Ep5bSEmr.js
static.addtoany.com/menu/modules/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/modules/core.Ep5bSEmr.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
219b652de3176257072749c876811cc963494f5fbdee3f92eb38e7392f724ce0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://one-cip.atypon.com/
Origin
http://one-cip.atypon.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 12 Feb 2024 18:44:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"a995aaed2cd978eb5749462d1dc3635e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2wD%2FRuDF0ttiZ4ocMOQInwB%2FJ4EaS7BVgB1BAddc1K68HiHMox%2BWHTCqUK8aEi4pJc2YpaQJg0c0%2FdeOoFI6G8f6Y9jmIpfAPW7bi%2BHqdRykiPMXk%2FN%2FbfQHkKa98xcDWVQq5cH9ax%2BXegYvHK%2BUhtX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
cf-ray
8546fbcade391c4c-AKL
rum
one-cip.atypon.com/cdn-cgi/ 		0
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://one-cip.atypon.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
HTTP/1.1
Server
104.18.38.16 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://one-cip.atypon.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1
content-type
application/json

Response headers

Date
Mon, 12 Feb 2024 18:44:33 GMT
X-Content-Type-Options
nosniff
Server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
http://one-cip.atypon.com
X-Frame-Options
DENY
access-control-allow-credentials
true
Connection
keep-alive
CF-RAY
8546fbcbc83450c8-AKL

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| CloudflareApps object| a2a_config object| __cfBeacon object| a2a function| a2a_init

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: http://one-cip.atypon.com/
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block