urlscan.io logo urlscan.io
SecurityTrails logo

bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link Open in urlscan Pro
2606:4700::6812:1634  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://c470e483-1a02-4f5a-9f22-218cbd11d8d9.mailbutler.link/p2/ba3ecfa6-c3c3-4d2c-bb8d-5cf1f70a4483/493d3774-f1dd-4a02-a923-a2767c184627
Effective URL: https://bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link/P99.shtml
Submission: On December 01 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 4 domains to perform 2 HTTP transactions. The main IP is 2606:4700::6812:1634, located in United States and belongs to CLOUDFLARENET, US. The main domain is bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 18th 2022. Valid for: a year.
This is the only time bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.32.27.100 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2
Apex Domain
Subdomains		 Transfer
2 w3s.link
w3s.link — Cisco Umbrella Rank: 244867
bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link
37 KB
1 agle1.cc
list-manage.agle1.cc
242 B
1 mailbutler.link
c470e483-1a02-4f5a-9f22-218cbd11d8d9.mailbutler.link
699 B
0 googleapis.com Failed
ajax.googleapis.com Failed
2 4
Domain Requested by
1 bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link
1 w3s.link 1 redirects
1 list-manage.agle1.cc 1 redirects
1 c470e483-1a02-4f5a-9f22-218cbd11d8d9.mailbutler.link 1 redirects
0 ajax.googleapis.com Failed bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link
2 5

This site contains no links.

Subject Issuer Validity Valid
w3s.link
Cloudflare Inc ECC CA-3		 2022-07-18 -
2023-07-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link/P99.shtml
Frame ID: 75D8B2760208A7EED37DEFD7CA3485B8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://c470e483-1a02-4f5a-9f22-218cbd11d8d9.mailbutler.link/p2/ba3ecfa6-c3c3-4d2c-bb8d-5cf1f70a4483/493d3774-f1dd-4a02-a923-a2767c184627 HTTP 302
    https://list-manage.agle1.cc/click?u=https://w3s.link/ipfs/bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvr... HTTP 302
    https://w3s.link/ipfs/bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa/P99.shtml HTTP 301
    https://bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link/P99.shtml Page URL

Page Statistics

2
Requests

50 %
HTTPS

67 %
IPv6

4
Domains

5
Subdomains

2
IPs

2
Countries

36 kB
Transfer

83 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://c470e483-1a02-4f5a-9f22-218cbd11d8d9.mailbutler.link/p2/ba3ecfa6-c3c3-4d2c-bb8d-5cf1f70a4483/493d3774-f1dd-4a02-a923-a2767c184627 HTTP 302
    https://list-manage.agle1.cc/click?u=https://w3s.link/ipfs/bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa/P99.shtml HTTP 302
    https://w3s.link/ipfs/bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa/P99.shtml HTTP 301
    https://bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link/P99.shtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request P99.shtml
bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link/
Redirect Chain
  • https://c470e483-1a02-4f5a-9f22-218cbd11d8d9.mailbutler.link/p2/ba3ecfa6-c3c3-4d2c-bb8d-5cf1f70a4483/493d3774-f1dd-4a02-a923-a2767c184627
  • https://list-manage.agle1.cc/click?u=https://w3s.link/ipfs/bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa/P99.shtml
  • https://w3s.link/ipfs/bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa/P99.shtml
  • https://bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link/P99.shtml
83 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link/P99.shtml
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f27e76a91e035299de50ef1d7c1622a15c09acc23b65fbd8600be14352f1a85e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.githubusercontent.com; form-action 'self' ; navigate-to 'self'; connect-src 'self' blob: data:

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
public, max-age=29030400, immutable
cf-ray
772add2cddbedd54-LHR
content-encoding
gzip
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.githubusercontent.com; form-action 'self' ; navigate-to 'self'; connect-src 'self' blob: data:
content-type
text/html
date
Thu, 01 Dec 2022 09:40:54 GMT
etag
W/"bafkreihspz3kshqdkkm54uhpdv6bmivblqe2zqr3mx55qyal4fbvf4nily"
server
cloudflare
server-timing
request;dur=82
vary
Accept-Encoding
x-dotstorage-anchor
7ca1cd3d65d624ecf23d0e262df28ffcaff75754a59c29594149872f7bdf6a9b
x-dotstorage-resolution-id
https://freeway.dag.haus
x-dotstorage-resolution-layer
dotstorage-race
x-freeway-version
1.5.3

Redirect headers

access-control-allow-origin
*
access-control-expose-headers
Link
cf-ray
772add2c7d31dd54-LHR
content-length
0
date
Thu, 01 Dec 2022 09:40:53 GMT
location
https://bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link/P99.shtml
server
cloudflare
server-timing
request;dur=0
vary
Accept-Encoding
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ajax.googleapis.com
URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| NN function| n function| g function| J function| NT function| p function| N function| Ng function| NX function| L function| T function| NJ function| X function| myFunction object| div object| locate string| text function| delineate string| message function| clickIE function| clickNS function| disableCtrlKeyCombination

1 Cookies

Domain/Path Name / Value
list-manage.agle1.cc/ Name: JSESSIONID
Value: aq9j32gdykSeWWs7eRSW9Q

3 Console Messages

Source Level URL
Text
javascript warning URL: https://bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link/P99.shtml(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security error URL: https://bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link/P99.shtml(Line 1)
Message:
Refused to load the script 'https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.githubusercontent.com". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.
javascript warning URL: https://bafybeigykddmqaqcnzf7pxs3fqkajszljcotrjt4a2cvryq7rnc2lh7goa.ipfs.w3s.link/P99.shtml(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://*.githubusercontent.com; form-action 'self' ; navigate-to 'self'; connect-src 'self' blob: data: