p5qyc-gaaaa-aaaai-qa6yq-cai.raw.icp0.io
Open in
urlscan Pro
2a00:fb01:400:200:5000:5aff:fef2:9428
Public Scan
URL:
https://p5qyc-gaaaa-aaaai-qa6yq-cai.raw.icp0.io/
Submission: On April 14 via api from US — Scanned from DE
Submission: On April 14 via api from US — Scanned from DE
Summary
This website contacted 3 IPs
in 2 countries
across 2 domains to perform 3 HTTP transactions.
The main IP is 2a00:fb01:400:200:5000:5aff:fef2:9428, located in
Switzerland and
belongs to EVERYWARE-NET, CH.
The main domain is p5qyc-gaaaa-aaaai-qa6yq-cai.raw.icp0.io.
TLS certificate: Issued by R3 on February 16th 2023. Valid for: 3 months.
This is the only time p5qyc-gaaaa-aaaai-qa6yq-cai.raw.icp0.io was scanned on urlscan.io!
TLS certificate: Issued by R3 on February 16th 2023. Valid for: 3 months.
This is the only time p5qyc-gaaaa-aaaai-qa6yq-cai.raw.icp0.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 | 2a00:fb01:400... 2a00:fb01:400:200:5000:5aff:fef2:9428 | 24951 (EVERYWARE...) (EVERYWARE-NET) | |
| 1 | 54.158.136.106 54.158.136.106 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 3 | 3 |
2
2a00:fb01:400:200:5000:5aff:fef2:9428
(Switzerland)
ASN24951 (EVERYWARE-NET, CH)
ASN24951 (EVERYWARE-NET, CH)
| p5qyc-gaaaa-aaaai-qa6yq-cai.raw.icp0.io |
1
54.158.136.106
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-136-106.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-136-106.compute-1.amazonaws.com
| htiqhnpqmhvpnv0hlp1spoe4i.litix.io |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 2 |
icp0.io
p5qyc-gaaaa-aaaai-qa6yq-cai.raw.icp0.io |
306 KB |
| 1 |
litix.io
htiqhnpqmhvpnv0hlp1spoe4i.litix.io |
|
| 3 | 2 |
| Domain | Requested by | |
|---|---|---|
| 2 | p5qyc-gaaaa-aaaai-qa6yq-cai.raw.icp0.io |
p5qyc-gaaaa-aaaai-qa6yq-cai.raw.icp0.io
|
| 1 | htiqhnpqmhvpnv0hlp1spoe4i.litix.io |
p5qyc-gaaaa-aaaai-qa6yq-cai.raw.icp0.io
|
| 3 | 2 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| boundary.dfinity.network R3 |
2023-02-16 - 2023-05-17 |
3 months | crt.sh |
| *.litix.io Amazon RSA 2048 M02 |
2023-02-28 - 2023-09-21 |
7 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://p5qyc-gaaaa-aaaai-qa6yq-cai.raw.icp0.io/
Frame ID: C489CB5A34127A386AD1CF208B718957
Requests: 4 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
3 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
p5qyc-gaaaa-aaaai-qa6yq-cai.raw.icp0.io/ |
352 B 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
index.js
p5qyc-gaaaa-aaaai-qa6yq-cai.raw.icp0.io/ |
1 MB 303 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
7 KB 7 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
/
htiqhnpqmhvpnv0hlp1spoe4i.litix.io/ |
0 0 |
Fetch
|
||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| PI_EXPOSED_CANISTERS object| vttjs function| WebVTT1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| p5qyc-gaaaa-aaaai-qa6yq-cai.raw.icp0.io/ | Name: muxData Value: mux_viewer_id=d5683412-42ec-4941-80f4-3e282c4ec1d1&msn=0.720922172060561&sid=6742e3c4-ed8e-4bdb-883d-b4cb51d4803f&sst=1681465639747&sex=1681467139747 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
htiqhnpqmhvpnv0hlp1spoe4i.litix.io
p5qyc-gaaaa-aaaai-qa6yq-cai.raw.icp0.io
2a00:fb01:400:200:5000:5aff:fef2:9428
54.158.136.106
116c479accc71e3bc3a3742ed6a3e5588da0a29de585393dc5f107beab24f586
2f9d3514bd5710ac863e59626a308a8a78d93d03ff637b5c76273e42c0f8ed42
6f81136a1ff69ecb2ee4e6d9af5801b77eb8d1b2af4e293e50fb6a2f6f516303