comms.evlink9.net - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 2606:4700::6812:635, located in United States and belongs to CLOUDFLARENET, US. The main domain is comms.evlink9.net.
TLS certificate: Issued by GTS CA 1P5 on June 26th 2023. Valid for: 3 months.

This is the only time comms.evlink9.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700::68... 2606:4700::6812:635	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223f:7600:d:a0b1:e40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2

1 2606:4700::6812:635 (United States)

ASN13335 (CLOUDFLARENET, US)

comms.evlink9.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:7600:d:a0b1:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d1vqahcsakjpkp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	cloudfront.net d1vqahcsakjpkp.cloudfront.net	65 KB
1	evlink9.net comms.evlink9.net	8 KB
3	2

	Domain	Requested by
2	d1vqahcsakjpkp.cloudfront.net	comms.evlink9.net
1	comms.evlink9.net
3	2

This site contains links to these domains. Also see Links.

Domain
finwelleads.co.za
llpgpro.com

Subject Issuer	Validity	Valid
*.evlink9.net GTS CA 1P5	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://comms.evlink9.net/public/messages/view-online/iFvMfsx03Mh1NFDG/1i9xBSoPn7uDYCcK/77ec60b1ad310419
Frame ID: 7EBDE58DA694CBBB2D915C5150CD6A46
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

3
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

72 kB
Transfer

114 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://finwelleads.co.za/Default.aspx

Search URL Search Domain Scan URL

URL: https://llpgpro.com/shvbgydk/
Title: Activate R20,000 Rewards

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 77ec60b1ad310419 Show response comms.evlink9.net/public/messages/view-online/iFvMfsx03Mh1NFDG/1i9xBSoPn7uDYCcK/	50 KB 8 KB	660ms 605ms	Document text/html	2606:4700::6812:635 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://comms.evlink9.net/public/messages/view-online/iFvMfsx03Mh1NFDG/1i9xBSoPn7uDYCcK/77ec60b1ad310419 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:635 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5af4c7b994535f4f5d61a4e4045f942fe8a7be771c6da8b5c0ab09fea457c01c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7e895ae86f092c21-FRA content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 18 Jul 2023 08:29:07 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server cloudflare
GET H2	200	logo.png d1vqahcsakjpkp.cloudfront.net/users/assets/1804/images/	7 KB 8 KB	79ms 20ms	Image image/png	2600:9000:223f:7600:d:a0b1:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1vqahcsakjpkp.cloudfront.net/users/assets/1804/images/logo.png?v=1597832747014 Requested by Host: comms.evlink9.net URL: https://comms.evlink9.net/public/messages/view-online/iFvMfsx03Mh1NFDG/1i9xBSoPn7uDYCcK/77ec60b1ad310419 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:7600:d:a0b1:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash `569a4abb6680413bb1df8b80827825e09a8aaf8572ec9c0faaffb4e474fa5fa5` Request headers accept-language de-DE,de;q=0.9 Referer https://comms.evlink9.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Sun, 16 Jul 2023 07:54:49 GMT via 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA56-P5 age 379096 cf-polished origSize=7748, status=vary_header_present x-cache Hit from cloudfront content-disposition inline; filename="logo.png" content-length 7532 x-request-id GVssGjGGrtH_hBsl_1kAi cf-bgj imgq:100,h2pri last-modified Thu, 13 Jul 2023 23:10:52 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7e78adec28a618c5-FRA x-amz-cf-id y4gD2doDQopadbbnj2M97qZf37Yz97rYUB9bzVu9MW5jJRJrVMivYw== expires Mon, 15 Jul 2024 07:54:49 GMT
GET H2	200	LoanCalculator.JPG d1vqahcsakjpkp.cloudfront.net/users/assets/1804/images/	56 KB 57 KB	82ms 23ms	Image image/jpeg	2600:9000:223f:7600:d:a0b1:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1vqahcsakjpkp.cloudfront.net/users/assets/1804/images/LoanCalculator.JPG?v=1648123701057 Requested by Host: comms.evlink9.net URL: https://comms.evlink9.net/public/messages/view-online/iFvMfsx03Mh1NFDG/1i9xBSoPn7uDYCcK/77ec60b1ad310419 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:7600:d:a0b1:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash `27039247f4d54758ee30228949b1ca3d7c4404616fab4b3e87b896b79f22ad43` Request headers accept-language de-DE,de;q=0.9 Referer https://comms.evlink9.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36 Response headers date Fri, 14 Jul 2023 10:24:10 GMT via 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA56-P5 age 338698 cf-polished origSize=60941, status=vary_header_present x-cache Hit from cloudfront content-disposition inline; filename="LoanCalculator.jpg" content-length 57618 x-request-id KA9tIVpfgJnPohgzMPK8W cf-bgj imgq:100,h2pri last-modified Fri, 14 Jul 2023 10:02:33 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7e690dee3ed1bc04-FRA x-amz-cf-id qSiOPparNfUfc24I_SUf133qTtSBZIHPyrZ7ipHB9SBYVHnEWl35Vg== expires Sat, 13 Jul 2024 10:24:10 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			comms.evlink9.net/	1969-12-31 23:59:59	Name: EVSESSIONID Value: fcv9jp6ma7bb7scvaqpuav2aju
			.evlink9.net/	1970-01-20 13:21:10	Name: __cf_bm Value: _uXGvjJj1nym2hHVExJPiZJsX4ttAUfYB2nceVwaZPg-1689668947-0-ARzZYS+Acqymj2AcoXzJxw+/B5iQCQcECq5CB+4ov+aQgja7ctmqtS1gIDFXF/Q+YGrAuQuit66I3n6HB+89+t4=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

comms.evlink9.net
d1vqahcsakjpkp.cloudfront.net
2600:9000:223f:7600:d:a0b1:e40:93a1
2606:4700::6812:635
27039247f4d54758ee30228949b1ca3d7c4404616fab4b3e87b896b79f22ad43
569a4abb6680413bb1df8b80827825e09a8aaf8572ec9c0faaffb4e474fa5fa5
5af4c7b994535f4f5d61a4e4045f942fe8a7be771c6da8b5c0ab09fea457c01c

comms.evlink9.net Open in urlscan Pro 2606:4700::6812:635 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

3 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

72 kBTransfer

114 kBSize

2 Cookies

2 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

2 Cookies

Indicators

comms.evlink9.net Open in urlscan Pro
2606:4700::6812:635 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

72 kB
Transfer

114 kB
Size

2
Cookies

3 HTTP transactions
0 data transactions