iwkafp.com
Open in
urlscan Pro
185.56.234.205
Public Scan
Effective URL: https://iwkafp.com/porno-land?h=waWQiOjEwODA0MDQsInNpZCI6MTEzMjg2NSwid2lkIjozNjUzMDksInNyYyI6Mn0=eyJ&si1=&si2=
Submission: On October 20 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on September 22nd 2022. Valid for: 3 months.
This is the only time iwkafp.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 168.76.122.1 168.76.122.1 | 137951 (CLAYERLIM...) (CLAYERLIMITED-AS-AP Clayer Limited) | |
4 | 62.122.171.6 62.122.171.6 | 50245 (SERVEREL-AS) (SERVEREL-AS) | |
1 1 | 193.108.117.25 193.108.117.25 | 61003 (GLOBALTEL...) (GLOBALTELEHOST) | |
6 | 149.7.16.231 149.7.16.231 | 63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST) | |
1 2 | 185.56.234.205 185.56.234.205 | 39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS) | |
11 | 4 |
ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK)
academyoffinance.in | |
www.academyoffinance.in |
ASN50245 (SERVEREL-AS, NL)
PTR: 62.122.171.6.serverel.net
jaavnacsdw.com |
ASN61003 (GLOBALTELEHOST, DE)
PTR: 25-117-108-193.clients.gthost.com
news-pitere.com |
ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 231-16-7-149.clients.gthost.com
news-ligeno.cc |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
news-ligeno.cc
news-ligeno.cc |
184 KB |
4 |
jaavnacsdw.com
jaavnacsdw.com — Cisco Umbrella Rank: 60484 |
20 KB |
2 |
academyoffinance.in
2 redirects
academyoffinance.in www.academyoffinance.in |
399 B |
1 |
iwkafp.com
iwkafp.com |
224 KB |
1 |
qjbipy.com
1 redirects
qjbipy.com |
204 B |
1 |
news-pitere.com
1 redirects
news-pitere.com — Cisco Umbrella Rank: 760319 |
176 B |
11 | 6 |
Domain | Requested by | |
---|---|---|
6 | news-ligeno.cc |
jaavnacsdw.com
news-ligeno.cc |
4 | jaavnacsdw.com |
jaavnacsdw.com
|
1 | iwkafp.com |
news-ligeno.cc
|
1 | qjbipy.com | 1 redirects |
1 | news-pitere.com | 1 redirects |
1 | www.academyoffinance.in | 1 redirects |
1 | academyoffinance.in | 1 redirects |
11 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
jaavnacsdw.com ZeroSSL RSA Domain Secure Site CA |
2022-09-19 - 2022-12-18 |
3 months | crt.sh |
news-ligeno.cc ZeroSSL ECC Domain Secure Site CA |
2022-09-14 - 2022-12-13 |
3 months | crt.sh |
iwkafp.com R3 |
2022-09-22 - 2022-12-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://iwkafp.com/porno-land?h=waWQiOjEwODA0MDQsInNpZCI6MTEzMjg2NSwid2lkIjozNjUzMDksInNyYyI6Mn0=eyJ&si1=&si2=
Frame ID: 0DF15225F1EA8AB56F430980EAE2B05D
Requests: 26 HTTP requests in this frame
Screenshot
Page Title
FUCKING HOTPage URL History Show full URLs
-
http://academyoffinance.in/
HTTP 301
https://www.academyoffinance.in/ HTTP 302
https://jaavnacsdw.com/1928708/ Page URL
- https://jaavnacsdw.com/?r=dir&zoneid=1928708&pb=541c8c34cc4e4be4c93732939e60e55a1666251025&psp=o-Ri... Page URL
-
https://news-pitere.com/tds.php?sid=8053685&p1=1928708&p2=win10&p3=de&p4=chrome
HTTP 302
https://news-ligeno.cc/lands/63/?site=8053685&sub1=1928708&sub2=win10&sub3=de&sub4=chrome Page URL
-
https://qjbipy.com/gosl/InNpZCI6MTEzMjg2NSwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwODA0MDQs?si1=&si2=
HTTP 302
https://iwkafp.com/porno-land?h=waWQiOjEwODA0MDQsInNpZCI6MTEzMjg2NSwid2lkIjozNjUzMDksInNyYyI6Mn... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://academyoffinance.in/
HTTP 301
https://www.academyoffinance.in/ HTTP 302
https://jaavnacsdw.com/1928708/ Page URL
- https://jaavnacsdw.com/?r=dir&zoneid=1928708&pb=541c8c34cc4e4be4c93732939e60e55a1666251025&psp=o-Ri1LnvMT9VLiilWBsvvzRc5AnFzuwAbohlejwTQo8agZlCnTuA3KJVYUjpaC8QSpbxu-RYB2FdbOC7lQbuaY9epYXw8D39gBDB24bB9nziQe4eEHlO4vRlCkjDV03vHKa3Z6FPUk9RorBSIDj2HSOPXIg_9GkTgH4Gu51FJdcxYQGtGtlCAiGeZzcaidRIFfOWOGOI9vaR1pOtH3KiyGv2s0-x5RtDhtVr3uampXpCRntelIjKUN9N7wf0KI-1YUq6ZL-JEf3-h6NrWtDralU-KTlH2pFfYo41TRrqebMgPCQrLvE4pru8UjoQh-_UyWC5b1hKtCxjYY-w3HlUErdITOzBRqQss4XR13c4o2y5ca2f2i7v7gF0dgoHMk2bTbIiqrAEjY09bNsHbNTE7uovusa8CauWjvvHgCzrsQylJykcKYvZdOVrCsVi1oe1JQVB4UJVVyjVxQzVuX906ST_oDV3W7goM2LtdgALbI-v2OzSUpXPQA==&nojs=0&ix=0&abvar=0&t=0&x=1600&y=1200&wcks=1&wgl=1&cnvs=1&os=0&md=0&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&0&pload=1821&rlp=%5B0%2C19.699999809265137%2C55.09999990463257%2C29.199999809265137%2C1.5999999046325684%2C140.5%2C64.69999980926514%2C36.40000009536743%5D Page URL
-
https://news-pitere.com/tds.php?sid=8053685&p1=1928708&p2=win10&p3=de&p4=chrome
HTTP 302
https://news-ligeno.cc/lands/63/?site=8053685&sub1=1928708&sub2=win10&sub3=de&sub4=chrome Page URL
-
https://qjbipy.com/gosl/InNpZCI6MTEzMjg2NSwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwODA0MDQs?si1=&si2=
HTTP 302
https://iwkafp.com/porno-land?h=waWQiOjEwODA0MDQsInNpZCI6MTEzMjg2NSwid2lkIjozNjUzMDksInNyYyI6Mn0=eyJ&si1=&si2= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://academyoffinance.in/ HTTP 301
- https://www.academyoffinance.in/ HTTP 302
- https://jaavnacsdw.com/1928708/
- https://news-pitere.com/tds.php?sid=8053685&p1=1928708&p2=win10&p3=de&p4=chrome HTTP 302
- https://news-ligeno.cc/lands/63/?site=8053685&sub1=1928708&sub2=win10&sub3=de&sub4=chrome
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
jaavnacsdw.com/1928708/ Redirect Chain
|
1 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
submit.min.js
jaavnacsdw.com/ |
33 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
jaavnacsdw.com/ |
6 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
news-ligeno.cc/lands/63/ Redirect Chain
|
80 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
dupa.gif
jaavnacsdw.com/ |
43 B 620 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
revopush.js
news-ligeno.cc/ |
9 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
thumb-big.jpg
news-ligeno.cc/lands/63/images/ |
81 KB 81 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
male.jpg
news-ligeno.cc/lands/63/images/ |
728 B 904 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
246 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
237 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
370 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
news-ligeno.cc/lands/63/ |
72 KB 72 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
241 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
608 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
traffback.php
news-ligeno.cc/ |
98 B 248 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
porno-land
iwkafp.com/ Redirect Chain
|
333 KB 224 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
44 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
63 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
7 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
26 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
10 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| edPushSDK8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
jaavnacsdw.com/ | Name: UID Value: 22102000302e7b650bcf75453084b867b92c |
|
jaavnacsdw.com/ | Name: OACCAP Value: ACJysgAAAAAAAAAB |
|
jaavnacsdw.com/ | Name: OACBLOCK Value: ACJysgAAAABjT4RQ |
|
jaavnacsdw.com/ | Name: OXCCLK Value: ACJysgAAAAAAAAAB |
|
jaavnacsdw.com/ | Name: OXPCLK Value: AAISpAAAAAAAAAAB |
|
jaavnacsdw.com/ | Name: ppucnt Value: 1 |
|
news-ligeno.cc/ | Name: clickdata Value: ODA1MzY4NXw6fDYzfDp8MTkyODcwOHw6fHdpbjEwfDp8ZGV8OnxjaHJvbWU%3D |
|
.iwkafp.com/ | Name: truniq Value: 1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
academyoffinance.in
iwkafp.com
jaavnacsdw.com
news-ligeno.cc
news-pitere.com
qjbipy.com
www.academyoffinance.in
149.7.16.231
168.76.122.1
185.56.234.205
193.108.117.25
62.122.171.6
0d8b987e185901675c0dd5309bdd293f45896fb80b350127f83c194b19678190
22b07cc1e1fb18f16aed5c6d2e56c9afd35d2354eb67d9538eab58c456bb8138
32da65acc9ea9ff95f364751b4855731358710ebeb6b25d863a1c5d02dc73bd1
350f1f402cbef880c0609948ef9c67d90bf7ec4a9ad1e48cbbd81b43becdfafd
41baac47f79617e3d37f8e179234831d1e1839880ebf32d0269ed97c51ea43c6
435401792be1075de31b72ddad5b22c224028ce5b21228a8d7f680c90c918102
49ed9b1e7e3fe88fb51a8a4c1adc5d3c24cb11f7363bd02e294fb732758edb21
4df39e98ef3592d5dd464c4eb212e93c42361518e6c972bb28cf2276abc5751a
59abd8b0496296755dacd2fd82898dc9a64de9647dfa6945e7a3a2ea54361245
5d4408762f9d1774f06dabc68534482080329ec4d0b9a6c342a4435a7930dcd7
7482cf4d44518772564144cead954c6bce6aeb83c6339205100bc718145228c6
8fe7a1ca687ce722902004dae991d26544e415043eac429d4cc153611712df16
9233233438671b5836951cd8d3d8cef0dff3a26fd6693ea22ec92cb67c5c32de
98b17a3320045334d9beae6f37fdb4c8c99a767994de0ba0cf6e18f8c45bd849
b3285373fd1b4e1803b124b3cf79c033d378e835cc724f022eb2d03d9bb4baf9
b43ef171c22c73c4c2644ee0b8094997496c3b7e7886deb93380ac5fa975a8fd
bfa510c4b10dcd3c82b78bebe5a955e3b9a04565a46a3d5df27024af2e547668
d1f05390d5ab63f6a145f96a7b49548c5ed6af173a733c80c2e9cb0ab06c5aa7
deaddba93625d2c7610076927fcd37afadad9324ca3210a2bb12784d313dd788
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7547c638fcf80efaf78ad599a3c81598071b8bab934f288d8792968f39f7838
eba5a4fb4c0b4ef59630f0916c43fee83ca7e6e31fd2fe544f9ece19f529d4b8
ed80d71214113ea3a748b6babf98c3ce7f688f6876f0ab81c0616c8ae8fc65da