comms.evlink9.net - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 2606:4700::6812:187f, located in United States and belongs to CLOUDFLARENET, US. The main domain is comms.evlink9.net.
TLS certificate: Issued by GTS CA 1P5 on February 17th 2024. Valid for: 3 months.

This is the only time comms.evlink9.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700::68... 2606:4700::6812:187f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223f:8600:d:a0b1:e40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2

1 2606:4700::6812:187f (United States)

ASN13335 (CLOUDFLARENET, US)

comms.evlink9.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:8600:d:a0b1:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d1vqahcsakjpkp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	cloudfront.net d1vqahcsakjpkp.cloudfront.net	64 KB
1	evlink9.net comms.evlink9.net	8 KB
3	2

	Domain	Requested by
2	d1vqahcsakjpkp.cloudfront.net	comms.evlink9.net
1	comms.evlink9.net
3	2

This site contains links to these domains. Also see Links.

Domain
finwelleads.co.za
saconsumer.co.za

Subject Issuer	Validity	Valid
*.evlink9.net GTS CA 1P5	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://comms.evlink9.net/public/messages/view-online/Se7Zufl99tVU62n3/4IUCDT9Zj92jdH1I/d9458efa00c95afd
Frame ID: 90ADCFDC6DB17388C37465B065C4D678
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

3
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

72 kB
Transfer

114 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://finwelleads.co.za/Default.aspx

Search URL Search Domain Scan URL

URL: https://saconsumer.co.za/
Title: Get SA Consumer News

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request d9458efa00c95afd Show response
comms.evlink9.net/public/messages/view-online/Se7Zufl99tVU62n3/4IUCDT9Zj92jdH1I/ 51 KB
8 KB 681ms
637ms Document
text/html 2606:4700::6812:187f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://comms.evlink9.net/public/messages/view-online/Se7Zufl99tVU62n3/4IUCDT9Zj92jdH1I/d9458efa00c95afd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:187f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b81669c048041c89dd9d086ecc6f958176191b56aeb2fa9600c7c8e8a2dcf7b7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8600d6bb9ff44d4a-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 06 Mar 2024 08:05:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare

GET
H2 200 logo.png
d1vqahcsakjpkp.cloudfront.net/users/assets/1804/images/ 7 KB
7 KB 52ms
8ms Image
image/png 2600:9000:223f:8600:d:a0b1:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1vqahcsakjpkp.cloudfront.net/users/assets/1804/images/logo.png?v=1597832747014

Requested by

Host: comms.evlink9.net
URL: https://comms.evlink9.net/public/messages/view-online/Se7Zufl99tVU62n3/4IUCDT9Zj92jdH1I/d9458efa00c95afd

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:8600:d:a0b1:e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9c4c29393c6b3874634b604cb11d73108b1bf8fdd14bdea4d12b4b38419fc0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comms.evlink9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 13:13:37 GMT
strict-transport-security: max-age=2592000
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-P5
age: 67890
cf-polished: origSize=7748, status=vary_header_present
x-cache: Hit from cloudfront
content-disposition: inline; filename="logo.png"
content-length: 6755
x-request-id: 2wkW875ASQpT5BvJvKeWE
cf-bgj: imgq:100,h2pri
last-modified: Mon, 04 Mar 2024 06:03:32 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 85fa5d42d82b380f-FRA
x-amz-cf-id: 4KApS5kySIb3kT7Um0KJpIZ0UT5r3_hfWUCO6QOngwZ-OeLw96MqWA==
expires: Wed, 05 Mar 2025 13:13:37 GMT

GET
H2 200 LoanCalculator.JPG
d1vqahcsakjpkp.cloudfront.net/users/assets/1804/images/ 56 KB
57 KB 52ms
9ms Image
image/jpeg 2600:9000:223f:8600:d:a0b1:e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1vqahcsakjpkp.cloudfront.net/users/assets/1804/images/LoanCalculator.JPG?v=1648123701057

Requested by

Host: comms.evlink9.net
URL: https://comms.evlink9.net/public/messages/view-online/Se7Zufl99tVU62n3/4IUCDT9Zj92jdH1I/d9458efa00c95afd

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:8600:d:a0b1:e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27039247f4d54758ee30228949b1ca3d7c4404616fab4b3e87b896b79f22ad43

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://comms.evlink9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
date: Sat, 02 Mar 2024 09:21:00 GMT
via: 1.1 7be6cb2d0156b563b6b1c8f2595ddd52.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA56-P5
age: 341047
cf-polished: origSize=60941, status=vary_header_present
x-cache: Hit from cloudfront
content-disposition: inline; filename="LoanCalculator.jpg"
content-length: 57618
x-request-id: 57rukBxKbWDT8-QUuaDcM
cf-bgj: imgq:100,h2pri
last-modified: Sat, 24 Feb 2024 07:46:12 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 85b719267bb19b2b-FRA
x-amz-cf-id: ljnLH74Io_2JuRWvPIAUt9eXz1PuUDBuKlUqdMT-6dg7xqP7R0IkXQ==
expires: Sun, 02 Mar 2025 09:21:00 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			comms.evlink9.net/	1969-12-31 23:59:59	Name: EVSESSIONID Value: c498f26gj5r5v2bgihh522d29u
			.evlink9.net/	1970-01-20 18:55:14	Name: __cf_bm Value: c9pN.1GpegzDIAOT5yvc9k6KXsico63KoLj9ysbOufs-1709712307-1.0.1.1-X7b.xVYTsn1snJplPsPJpYfvHPdxaq6ydcWY95Ey_vJF607ElHgcWLEoyWLs0IN7kgxwMT_xzhxeDPb6zG6KLg

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

comms.evlink9.net
d1vqahcsakjpkp.cloudfront.net
2600:9000:223f:8600:d:a0b1:e40:93a1
2606:4700::6812:187f
27039247f4d54758ee30228949b1ca3d7c4404616fab4b3e87b896b79f22ad43
b81669c048041c89dd9d086ecc6f958176191b56aeb2fa9600c7c8e8a2dcf7b7
c9c4c29393c6b3874634b604cb11d73108b1bf8fdd14bdea4d12b4b38419fc0d

comms.evlink9.net Open in urlscan Pro 2606:4700::6812:187f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

3 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

72 kBTransfer

114 kBSize

2 Cookies

2 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

comms.evlink9.net Open in urlscan Pro
2606:4700::6812:187f Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

72 kB
Transfer

114 kB
Size

2
Cookies

3 HTTP transactions
0 data transactions