www.darinwick.com Open in urlscan Pro
208.94.118.191 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://darinwick.com/
Effective URL:
https://www.darinwick.com/
Submission Tags: phish.gg anti.fish automated Search All
Submission: On August 26 via api (August 26th 2023, 3:02:37 pm UTC) from DE — Scanned from DE

Summary HTTP 8 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 208.94.118.191, located in Phoenix, United States and belongs to GRIDFURY-AS, US. The main domain is www.darinwick.com.
TLS certificate: Issued by R3 on June 27th 2023. Valid for: 3 months.

This is the only time www.darinwick.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.94.116.204 208.94.116.204	40630 (GRIDFURY-AS) (GRIDFURY-AS)
1 8	208.94.118.191 208.94.118.191	40630 (GRIDFURY-AS) (GRIDFURY-AS)
1	2606:4700:10:... 2606:4700:10::6816:a79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2

1 208.94.116.204 (Phoenix, United States) 1 redirects

ASN40630 (GRIDFURY-AS, US)
PTR: add-www.nearlyfreespeech.net

darinwick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 208.94.118.191 (Phoenix, United States) 1 redirects

ASN40630 (GRIDFURY-AS, US)
PTR: ip-208-94-118-191.sites.nearlyfreespeech.net

www.darinwick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:a79 (United States)

ASN13335 (CLOUDFLARENET, US)

licensebuttons.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	darinwick.com 2 redirects darinwick.com www.darinwick.com	273 KB
1	licensebuttons.net licensebuttons.net — Cisco Umbrella Rank: 27397	776 B
8	2

	Domain	Requested by
8	www.darinwick.com	1 redirects www.darinwick.com
1	licensebuttons.net	www.darinwick.com
1	darinwick.com	1 redirects
8	3

This site contains links to these domains. Also see Links.

Domain
octodon.social
getpelican.com
homebrewserver.club
creativecommons.org
kg6gfq.gitlab.io

Subject Issuer	Validity	Valid
www.darinwick.com R3	`2023-06-27` - `2023-09-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.darinwick.com/
Frame ID: 4F3BE540FE20CD247660F72695DC63C1
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DarinWick.comrssemail

Page URL History Show full URLs

http://darinwick.com/ HTTP 301
http://www.darinwick.com/ HTTP 301
https://www.darinwick.com/ Page URL

Detected technologies

Pelican (Static Site Generator) Expand

Overall confidence: 100%
Detected patterns

Page Statistics

8
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

273 kB
Transfer

283 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://octodon.social/@kg6gfq
Title: Darin on Mastodon

Search URL Search Domain Scan URL

URL: http://getpelican.com/
Title: Pelican

Search URL Search Domain Scan URL

URL: https://homebrewserver.club/low-tech-website-howto.html
Title: Solar Website

Search URL Search Domain Scan URL

URL: http://creativecommons.org/licenses/by-nc-sa/3.0/

Search URL Search Domain Scan URL

URL: https://kg6gfq.gitlab.io/
Title: rss

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://darinwick.com/ HTTP 301
http://www.darinwick.com/ HTTP 301
https://www.darinwick.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.darinwick.com/
Redirect Chain

http://darinwick.com/
http://www.darinwick.com/
https://www.darinwick.com/

8 KB
3 KB

496ms
165ms

Document
text/html

208.94.118.191
GRIDFURY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darinwick.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.94.118.191 Phoenix, United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS: ip-208-94-118-191.sites.nearlyfreespeech.net
Software: Apache /
Resource Hash: 7ebf017550a5404817767fa81d416c739afac7a4d0a52c7440414a3be87f982a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
content-encoding: gzip
content-length: 2590
content-type: text/html; charset=UTF-8
date: Sat, 26 Aug 2023 15:02:31 GMT
etag: "1fd0-5f1e5c479614b"
last-modified: Tue, 10 Jan 2023 09:47:09 GMT
server: Apache
vary: Accept-Encoding
via: e3s
x-clacks-overhead: GNU Terry Pratchett

Redirect headers

Connection: Keep-Alive
Content-Length: 234
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 26 Aug 2023 15:02:30 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.darinwick.com/
Server: Apache

GET
H2 200 style.min.css
www.darinwick.com/theme/css/ 11 KB
3 KB 167ms
166ms Stylesheet
text/css 208.94.118.191
GRIDFURY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darinwick.com/theme/css/style.min.css?ac9d6de9
Requested by: Host: www.darinwick.com
URL: https://www.darinwick.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.94.118.191 Phoenix, United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS: ip-208-94-118-191.sites.nearlyfreespeech.net
Software: Apache /
Resource Hash: cfe97acfd7e7d299fa070a0394494b94c06597c796da4a248f3625bfcf906114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darinwick.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 15:02:31 GMT
via: e3s
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 10 Jan 2023 09:47:28 GMT
server: Apache
content-encoding: gzip
etag: "2a3c-5f1e5c59a03eb"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2850

GET
H2 200 80x15.png
licensebuttons.net/l/by-nc-sa/3.0/ 467 B
776 B 129ms
44ms Image
image/png 2606:4700:10::6816:a79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://licensebuttons.net/l/by-nc-sa/3.0/80x15.png

Requested by

Host: www.darinwick.com
URL: https://www.darinwick.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:a79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81545ad1bb23254ae910fa04aa4f4d505af8c4b771369ec7392945eafd1b746f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darinwick.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 15:02:31 GMT
strict-transport-security: max-age=15768000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 495
cf-polished: origSize=697
content-length: 467
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Thu, 30 Apr 2020 21:59:13 GMT
server: cloudflare
etag: "5eab4a31-2b9"
x-frame-options: deny
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 7fccf4cffa0e68eb-FRA

GET
H2 200 side-by-side.png
www.darinwick.com/dithers/tire-shoes/ 50 KB
51 KB 167ms
165ms Image
image/png 208.94.118.191
GRIDFURY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.darinwick.com/dithers/tire-shoes/side-by-side.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.94.118.191 Phoenix, United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS: ip-208-94-118-191.sites.nearlyfreespeech.net
Software: Apache /
Resource Hash: b8c7e032b4ff18bb9da5212353914aae4e1d539608b4ffdd778dfe4c57cb30f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darinwick.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 15:02:31 GMT
via: e3s
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 10 Jan 2023 09:46:43 GMT
server: Apache
etag: "c98f-5f1e5c2e4984b"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 51599

GET
H2 200 test-bamboo-joint.png
www.darinwick.com/dithers/casein-glue/ 44 KB
44 KB 491ms
489ms Image
image/png 208.94.118.191
GRIDFURY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.darinwick.com/dithers/casein-glue/test-bamboo-joint.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.94.118.191 Phoenix, United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS: ip-208-94-118-191.sites.nearlyfreespeech.net
Software: Apache /
Resource Hash: b179704902b019d9f5bdeb4a8471ba51d2533d0b593f0bcf228e05d5b7447866

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darinwick.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 15:02:31 GMT
via: e3s
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 10 Jan 2023 09:46:45 GMT
server: Apache
etag: "afb5-5f1e5c30ddacb"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 44981

GET
H2 200 bolted-trike-and-whike-loaded.png
www.darinwick.com/dithers/whike/ 90 KB
91 KB 490ms
488ms Image
image/png 208.94.118.191
GRIDFURY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.darinwick.com/dithers/whike/bolted-trike-and-whike-loaded.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.94.118.191 Phoenix, United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS: ip-208-94-118-191.sites.nearlyfreespeech.net
Software: Apache /
Resource Hash: a9fc543b2e22ee46b0f565dba21c642be33cfeace52018ccc75074a8b17592ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darinwick.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 15:02:31 GMT
via: e3s
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 10 Jan 2023 09:46:43 GMT
server: Apache
etag: "16915-5f1e5c2ebdbab"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 92437

GET
H2 200 front-left.png
www.darinwick.com/dithers/bolted-aluminum-utility-trike/ 48 KB
48 KB 702ms
701ms Image
image/png 208.94.118.191
GRIDFURY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.darinwick.com/dithers/bolted-aluminum-utility-trike/front-left.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.94.118.191 Phoenix, United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS: ip-208-94-118-191.sites.nearlyfreespeech.net
Software: Apache /
Resource Hash: 28e22b0a8a9205dbaff62949e4b49143fd9ecea64ee87fd469c7f38e414153b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darinwick.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 15:02:31 GMT
via: e3s
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 10 Jan 2023 09:46:46 GMT
server: Apache
etag: "be68-5f1e5c31dd88b"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 48744

GET
H2 200 00%20red%20thread.png
www.darinwick.com/dithers/turkish-spindle/ 32 KB
32 KB 815ms
814ms Image
image/png 208.94.118.191
GRIDFURY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.darinwick.com/dithers/turkish-spindle/00%20red%20thread.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 208.94.118.191 Phoenix, United States, ASN40630 (GRIDFURY-AS, US),
Reverse DNS: ip-208-94-118-191.sites.nearlyfreespeech.net
Software: Apache /
Resource Hash: 13923e94937e0fb3347a7817935e9def2a7551a4307c1df0ab0add9b3d145b13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darinwick.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 15:02:31 GMT
via: e3s
x-clacks-overhead: GNU Terry Pratchett
last-modified: Tue, 10 Jan 2023 09:46:43 GMT
server: Apache
etag: "806d-5f1e5c2eff28b"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 32877

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

darinwick.com
licensebuttons.net
www.darinwick.com
208.94.116.204
208.94.118.191
2606:4700:10::6816:a79
13923e94937e0fb3347a7817935e9def2a7551a4307c1df0ab0add9b3d145b13
28e22b0a8a9205dbaff62949e4b49143fd9ecea64ee87fd469c7f38e414153b4
7ebf017550a5404817767fa81d416c739afac7a4d0a52c7440414a3be87f982a
81545ad1bb23254ae910fa04aa4f4d505af8c4b771369ec7392945eafd1b746f
a9fc543b2e22ee46b0f565dba21c642be33cfeace52018ccc75074a8b17592ab
b179704902b019d9f5bdeb4a8471ba51d2533d0b593f0bcf228e05d5b7447866
b8c7e032b4ff18bb9da5212353914aae4e1d539608b4ffdd778dfe4c57cb30f6
cfe97acfd7e7d299fa070a0394494b94c06597c796da4a248f3625bfcf906114

www.darinwick.com Open in urlscan Pro 208.94.118.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

8 Requests

100 %HTTPS

33 %IPv6

2 Domains

3 Subdomains

2 IPs

1 Countries

273 kBTransfer

283 kBSize

0 Cookies

5 Outgoing links

Page URL History

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

0 Cookies

Indicators

www.darinwick.com Open in urlscan Pro
208.94.118.191 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

273 kB
Transfer

283 kB
Size

0
Cookies

8 HTTP transactions
0 data transactions