urlscan.io logo urlscan.io
SecurityTrails logo

grabify.link Open in urlscan Pro
104.27.41.48  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://leancoding.co/showthread.php?id=3A9DQN.link
Effective URL: https://grabify.link/showthread.php?id=3A9DQN.link
Submission: On June 08 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 7 HTTP transactions. The main IP is 104.27.41.48, located in United States and belongs to CLOUDFLARENET, US. The main domain is grabify.link.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 30th 2020. Valid for: 6 months.
This is the only time grabify.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.173.151.229 8075 (MICROSOFT...)
5 104.27.41.48 13335 (CLOUDFLAR...)
1 108.161.189.78 33438 (HIGHWINDS2)
1 68.183.42.23 14061 (DIGITALOC...)
7 3
Domain Requested by
5 grabify.link grabify.link
1 srv.buysellads.com m.servedby-buysellads.com
1 m.servedby-buysellads.com grabify.link
1 leancoding.co 1 redirects
7 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-30 -
2020-10-09		 6 months crt.sh
*.servedby-buysellads.com
Sectigo RSA Domain Validation Secure Server CA		 2019-01-18 -
2021-01-17		 2 years crt.sh
*.buysellads.com
COMODO RSA Domain Validation Secure Server CA		 2017-04-20 -
2020-06-12		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://grabify.link/showthread.php?id=3A9DQN.link
Frame ID: 2E7E9851B4E24D01CB932D68E1A288BE
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://leancoding.co/showthread.php?id=3A9DQN.link HTTP 302
    https://grabify.link/showthread.php?id=3A9DQN.link Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/polyfill\.min\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

41 kB
Transfer

162 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://leancoding.co/showthread.php?id=3A9DQN.link HTTP 302
    https://grabify.link/showthread.php?id=3A9DQN.link Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request showthread.php
grabify.link/
Redirect Chain
  • https://leancoding.co/showthread.php?id=3A9DQN.link
  • https://grabify.link/showthread.php?id=3A9DQN.link
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grabify.link/showthread.php?id=3A9DQN.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.41.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa8d5003daf91a8aa7c22dd79c4444e18aca431a8e8c7a69a995beb8a2edcfc5

Request headers

:method
GET
:authority
grabify.link
:scheme
https
:path
/showthread.php?id=3A9DQN.link
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 08 Jun 2020 17:36:42 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d8898fdfb839ac634637b92de3617d96e1591637800; expires=Wed, 08-Jul-20 17:36:40 GMT; path=/; domain=.grabify.link; HttpOnly; SameSite=Lax XSRF-TOKEN=eyJpdiI6InRSbkc2SHdNZWVic2tUQUhhXC9jK1h3PT0iLCJ2YWx1ZSI6InBCRVV3N1c2UGthY1wvWTJmTjZRZENEa2dxOUdPMFFxbThxKytNdTFMYXhaZHQ2dmFFcE10THk0TmR3UzhuUng0IiwibWFjIjoiYzAxMzZhMDhjODEzYTA3NWRiNmNhMDVlM2ZlODBlODVkMTNmZTdkNmNlYTg4MGE0MTI5ODkzMmE1MjJmMGUxZiJ9; expires=Mon, 08-Jun-2020 19:36:42 GMT; Max-Age=7200; path=/; secure; samesite=none g_session=eyJpdiI6ImxVZGd4NlBWVmZiZXpGZDY5cVhrd2c9PSIsInZhbHVlIjoiRkRGa0QrT2lcL21WRXBleE45eUdxbUh0T0oxQkpTNlM2MjIxYU1nWElMWEJmcm9LenFwMThVZFZXa1lsNjJBaDAiLCJtYWMiOiIwYmM5YzIzMjE3MmE3NzNiYWIwZTg1ODY0NWZkYTI5MDUwOWE5YWM0ZjZhNDdkZDJjNDMxZjU0MzIzY2NjZjAzIn0%3D; expires=Mon, 08-Jun-2020 19:36:42 GMT; Max-Age=7200; path=/; secure; httponly; samesite=none
cache-control
no-cache, private
x-ratelimit-limit
10
x-ratelimit-remaining
6
cf-cache-status
DYNAMIC
cf-request-id
03369a8f0000000b8818a8a200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5a04605e6ac10b88-AMS
content-encoding
br

Redirect headers

Content-Type
text/html; charset=UTF-8
Location
https://grabify.link/showthread.php?id=3A9DQN.link
Server
Apache
X-Powered-By
PHP/7.3.15
Status
301 Moved Permanently
Date
Mon, 08 Jun 2020 17:36:40 GMT
Content-Length
0
monetization.js
m.servedby-buysellads.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.servedby-buysellads.com/monetization.js
Requested by
Host: grabify.link
URL: https://grabify.link/showthread.php?id=3A9DQN.link
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.189.78 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
cc5fcb3434730060de1d637636edba6aa9212771a3800df65bcbd42a4f2edc08

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 08 Jun 2020 17:36:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Apr 2020 18:43:22 GMT
Server
NetDNA-cache/2.2
x-amz-request-id
697E520341FE3444
ETag
W/"2810cf92cd9eee12826688f59e132e86"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
x-amz-id-2
WYKObw8fi2wnJqkDk8zcbmmAXMoXyVg1V4dNgZ2Em3E3XaFcml9s7zitkmFtXBNFJqLpxrYK2Rw=
Expires
Tue, 09 Jun 2020 17:36:42 GMT
ads.js
grabify.link/js/ 		19 B
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://grabify.link/js/ads.js
Requested by
Host: grabify.link
URL: https://grabify.link/showthread.php?id=3A9DQN.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.41.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a0f6cf6b4648c192d81b5fc7b70cb2f6819ef4a799e421e8626cae9697aa85a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 17:36:42 GMT
cf-cache-status
HIT
age
6439
cf-polished
origSize=21
status
200
content-length
19
cf-request-id
03369a96eb00000b8818afb200000001
last-modified
Tue, 09 Oct 2018 21:19:34 GMT
server
cloudflare
etag
"59fbdec61560d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
cf-ray
5a04606b1cc60b88-AMS
cf-bgj
minify
jquery-2.5.1.min.js
grabify.link/js/ 		95 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grabify.link/js/jquery-2.5.1.min.js
Requested by
Host: grabify.link
URL: https://grabify.link/showthread.php?id=3A9DQN.link
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.41.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
350c06bff6bc5c2f39a87797385118f5a495d9c7f9de783430d36c8b6a435428

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 17:36:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 02 Jun 2020 02:57:16 GMT
server
cloudflare
etag
W/"08ec5858938d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cf-ray
5a04606b1cc80b88-AMS
cf-request-id
03369a96eb00000b8818afc200000001
CK7D5K7J.json
srv.buysellads.com/ads/ 		590 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CK7D5K7J.json?segment=placement:grabifylink
Requested by
Host: m.servedby-buysellads.com
URL: https://m.servedby-buysellads.com/monetization.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
68.183.42.23 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-ldn-8.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
b809b48e552df44e145f3141f90c47b0bc9f83ec554e8adeb69de19255933010

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 08 Jun 2020 17:36:42 GMT
Content-Encoding
gzip
Server
//srv.buysellads.com
Content-Length
443
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
jquery-2.5.2.min.js
grabify.link/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://grabify.link/js/jquery-2.5.2.min.js
Requested by
Host: grabify.link
URL: https://grabify.link/js/jquery-2.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.41.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f36e11572a9f020f9bbf03f395b66459a072fe305189688f4de5f52045b70d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Jun 2020 17:36:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 02 Jun 2020 02:57:17 GMT
server
cloudflare
age
6644
etag
W/"833863868938d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cf-ray
5a04607539720b88-AMS
cf-request-id
03369a9d3f00000b8818b58200000001
js
grabify.link/api/ 		16 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grabify.link/api/js
Requested by
Host: grabify.link
URL: https://grabify.link/js/jquery-2.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.27.41.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25b030b2192bba7f61f1707c44f5cb875a6cd5bfb4867e548757392c30d693b3

Request headers

Referer
X-CSRF-TOKEN
90G2NyQSkWuGL3xqZ6HP7wunE3pxJMIHD7HHE44v
User-Agents
OTBHMk55UVNrV3VHTDN4cVo2SFA3d3VuRTNweEpNSUhEN0hIRTQ0dg==
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 08 Jun 2020 17:36:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
5
content-type
application/json
status
200
cache-control
no-cache, private
x-ratelimit-limit
10
cf-ray
5a0460759a2a0b88-AMS
content-length
16
cf-request-id
03369a9d7a00000b8818b5d200000001

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate boolean| gs object| _bsa function| _bsa_go function| _bsa_serving_callback object| _bsa_queue string| ignoretargeting number| interval function| checkFlex function| getCookieValue boolean| canRunAds object| _0x17e9 function| _0x1e8a object| _0x5b749c object| _0x16073a function| _0x5f1f20 function| _0x200a99 function| _0x1d1e90 function| _0x1d53d0 object| _0x23269b function| _0x2d5c3b function| _0x4cfcfd object| _0x21ee function| _0x1f77 function| _0x539ce4 function| _0x1afda7 function| chrome76Detection function| isNewChrome object| batteryExternal

3 Cookies

Domain/Path Name / Value
grabify.link/ Name: XSRF-TOKEN
Value: eyJpdiI6InRSbkc2SHdNZWVic2tUQUhhXC9jK1h3PT0iLCJ2YWx1ZSI6InBCRVV3N1c2UGthY1wvWTJmTjZRZENEa2dxOUdPMFFxbThxKytNdTFMYXhaZHQ2dmFFcE10THk0TmR3UzhuUng0IiwibWFjIjoiYzAxMzZhMDhjODEzYTA3NWRiNmNhMDVlM2ZlODBlODVkMTNmZTdkNmNlYTg4MGE0MTI5ODkzMmE1MjJmMGUxZiJ9
grabify.link/ Name: g_session
Value: eyJpdiI6ImxVZGd4NlBWVmZiZXpGZDY5cVhrd2c9PSIsInZhbHVlIjoiRkRGa0QrT2lcL21WRXBleE45eUdxbUh0T0oxQkpTNlM2MjIxYU1nWElMWEJmcm9LenFwMThVZFZXa1lsNjJBaDAiLCJtYWMiOiIwYmM5YzIzMjE3MmE3NzNiYWIwZTg1ODY0NWZkYTI5MDUwOWE5YWM0ZjZhNDdkZDJjNDMxZjU0MzIzY2NjZjAzIn0%3D
.grabify.link/ Name: __cfduid
Value: d8898fdfb839ac634637b92de3617d96e1591637800