baywednesday.com Open in urlscan Pro
190.2.139.23 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://baywednesday.com/
Effective URL:
https://baywednesday.com/
Submission Tags: tranco_l324
Submission: On April 01 via api (April 1st 2024, 5:56:22 am UTC) from DE — Scanned from NL

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 5 countries across 7 domains to perform 16 HTTP transactions. The main IP is 190.2.139.23, located in Naaldwijk, Netherlands and belongs to WORLDSTREAM, NL. The main domain is baywednesday.com.
TLS certificate: Issued by R3 on March 2nd 2024. Valid for: 3 months.

This is the only time baywednesday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	190.2.139.23 190.2.139.23	49981 (WORLDSTREAM) (WORLDSTREAM)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	5.101.153.184 5.101.153.184	198610 (BEGET-AS) (BEGET-AS)
1 1	136.243.171.225 136.243.171.225	24940 (HETZNER-AS) (HETZNER-AS)
1	148.251.232.222 148.251.232.222	24940 (HETZNER-AS) (HETZNER-AS)
1	135.125.210.77 135.125.210.77	16276 (OVH) (OVH)
1	37.187.217.72 37.187.217.72	16276 (OVH) (OVH)
3	62.112.9.54 62.112.9.54	49981 (WORLDSTREAM) (WORLDSTREAM)
16	7

8 190.2.139.23 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: server73-vm12.openfrost.com

baywednesday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.shopivo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.101.153.184 (St Petersburg, Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.dirac11.beget.com

wbcon.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.171.225 (Eitensheim, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: edge.presslabs.net

cdn.searchenginejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.232.222 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: edge.presslabs.net

www.searchenginejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.210.77 (France)

ASN16276 (OVH, FR)
PTR: fo7.doweb.site

doweb.srl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.187.217.72 (France)

ASN16276 (OVH, FR)
PTR: host01.iontics.com

www.iontics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 62.112.9.54 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: server42-vm05.openfrost.com

semalt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	baywednesday.com baywednesday.com	130 KB
3	semalt.com semalt.com	35 KB
2	searchenginejournal.com 1 redirects cdn.searchenginejournal.com www.searchenginejournal.com — Cisco Umbrella Rank: 198326	189 KB
1	iontics.com www.iontics.com	60 KB
1	doweb.srl doweb.srl	182 KB
1	wbcon.ru wbcon.ru	363 KB
1	shopivo.com www.shopivo.com	44 KB
16	7

	Domain	Requested by
8	baywednesday.com	baywednesday.com
3	semalt.com	baywednesday.com semalt.com
1	www.iontics.com	baywednesday.com
1	doweb.srl	baywednesday.com
1	www.searchenginejournal.com	baywednesday.com
1	cdn.searchenginejournal.com	1 redirects
1	wbcon.ru	baywednesday.com
1	www.shopivo.com	baywednesday.com
16	8

This site contains links to these domains. Also see Links.

Domain
demo.semalt.com

Subject Issuer	Validity	Valid
baywednesday.com R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
shopivo.com GTS CA 1P5	`2024-03-06` - `2024-06-04`	3 months	crt.sh
wbcon.ru R3	`2024-03-13` - `2024-06-11`	3 months	crt.sh
doweb.srl R3	`2024-03-28` - `2024-06-26`	3 months	crt.sh
iontics.com R3	`2024-03-24` - `2024-06-22`	3 months	crt.sh
semalt.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://baywednesday.com/
Frame ID: ABF4675E8E88EC31EF8D7E1A4F8635E7
Requests: 15 HTTP requests in this frame

Frame: https://semalt.com/popups/popup_wow.php?lang=en
Frame ID: 280D092E5DD18946BD83889283678952
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Prepare A Website For Black Friday Using Semalt Services!

Page URL History Show full URLs

http://baywednesday.com/ HTTP 307
https://baywednesday.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

94 %
HTTPS

13 %
IPv6

7
Domains

8
Subdomains

7
IPs

5
Countries

1002 kB
Transfer

1071 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://demo.semalt.com/
Title: a proper SEO tool

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://baywednesday.com/ HTTP 307
https://baywednesday.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://cdn.searchenginejournal.com/wp-content/uploads/2022/10/meta-tags-635690cc75e13-sej.png HTTP 301
https://www.searchenginejournal.com/wp-content/uploads/2022/10/meta-tags-635690cc75e13-sej.png

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
baywednesday.com/
Redirect Chain

http://baywednesday.com/
https://baywednesday.com/

13 KB
6 KB

186ms
28ms

Document
text/html

190.2.139.23
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://baywednesday.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: server73-vm12.openfrost.com
Software: nginx/1.24.0 / PHP/7.2.34
Resource Hash: 6af79b17d6a1249b19d73a0d296ded3980306d83cea43dc73330cabd7edd59ed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 01 Apr 2024 05:56:18 GMT
Server: nginx/1.24.0
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
X-Powered-By: PHP/7.2.34

Redirect headers

Location: https://baywednesday.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 Black-Friday-Sales-Plan-Header.png
www.shopivo.com/blog/wp-content/uploads/2019/11/ 43 KB
44 KB 120ms
47ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shopivo.com/blog/wp-content/uploads/2019/11/Black-Friday-Sales-Plan-Header.png
Requested by: Host: baywednesday.com
URL: https://baywednesday.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9aac613182d0ededbb2e521f0fc71cdbb5da06a0f6c60486a2caa94ca7707de9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baywednesday.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 05:56:18 GMT
cf-cache-status: BYPASS
last-modified: Mon, 04 Nov 2019 19:13:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ad11-5968a1b13a9c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5%2B7T%2FYEVRdXLO0bzuLg7OwLvMytq%2BY6DIi8lIMRiR1E8REtHqvRyjocYbIdIlRShu0aSry76HUIJ3n6ywTEl2EuhLzvd3rtF%2FMisVKLv99okLppiTDZalL1EnYzpmTdZ%2BDUGQlvsasX3VKT7VBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 86d655ce48339fb1-AMS
alt-svc: h3=":443"; ma=86400
content-length: 44305

GET
H2 200 nf5w09-1-seo.jpg
wbcon.ru/wp-content/uploads/2022/04/ 363 KB
363 KB 331ms
61ms Image
image/jpeg 5.101.153.184
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wbcon.ru/wp-content/uploads/2022/04/nf5w09-1-seo.jpg
Requested by: Host: baywednesday.com
URL: https://baywednesday.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.101.153.184 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.dirac11.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 55c1940f2b1e568ab3bb31ba02bb489803bbd8dfc29533e679235d0386e83d7d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baywednesday.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 05:56:18 GMT
last-modified: Fri, 08 Apr 2022 09:11:19 GMT
server: nginx-reuseport/1.21.1
etag: "624ffc37-5aa72"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 371314
expires: Wed, 01 May 2024 05:56:18 GMT

GET
H2

200

meta-tags-635690cc75e13-sej.png
www.searchenginejournal.com/wp-content/uploads/2022/10/
Redirect Chain

https://cdn.searchenginejournal.com/wp-content/uploads/2022/10/meta-tags-635690cc75e13-sej.png
https://www.searchenginejournal.com/wp-content/uploads/2022/10/meta-tags-635690cc75e13-sej.png

191 KB
188 KB

132ms
28ms

Image
image/png

148.251.232.222
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.searchenginejournal.com/wp-content/uploads/2022/10/meta-tags-635690cc75e13-sej.png
Requested by: Host: baywednesday.com
URL: https://baywednesday.com/
Protocol: H2
Server: 148.251.232.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: edge.presslabs.net
Software: nginx /
Resource Hash: 42951c3b859af3ead9435dddb41a6484dd33c43314b080f460ab01d5edb32c43

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://baywednesday.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Apr 2024 05:56:18 GMT
content-encoding: gzip
last-modified: Mon, 24 Oct 2022 13:20:11 GMT
server: nginx
etag: W/"6356910b-2faf2"
x-presslabs-cache: HIT
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age = 315360000
x-request-id: 219b1115770b9a2fc605b71f24847925
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

date: Mon, 01 Apr 2024 05:56:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: HEAD,GET,POST,OPTIONS
content-type: text/html
location: https://www.searchenginejournal.com/wp-content/uploads/2022/10/meta-tags-635690cc75e13-sej.png
access-control-expose-headers: Content-Length,Content-Range,X-WP-Total,X-WP-TotalPages,Link
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-WP-Nonce
content-length: 162
x-request-id: 8cc833af8433a04ebfd618a897b14279

GET
H2 200 page-speed-google.png
doweb.srl/download/decv/2352/ 182 KB
182 KB 137ms
49ms Image
image/png 135.125.210.77
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://doweb.srl/download/decv/2352/page-speed-google.png?20200928163141

Requested by

Host: baywednesday.com
URL: https://baywednesday.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

135.125.210.77 , France, ASN16276 (OVH, FR),

Reverse DNS

fo7.doweb.site

Software

Resource Hash

13c7f4d71c3d1d5a77b51b666762cb617aa236044d3e1d538f67d2eeb5677437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baywednesday.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload
date: Mon, 01 Apr 2024 05:56:18 GMT
x-content-type-options: nosniff
etag: "20200928163141"
content-type: image/png
cache-control: private, max-age=5184000
mstoexecute: 0
content-length: 186384
expires: Fri, 31 May 2024 05:56:18 GMT

GET
H/1.1 200
OK %D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA_2_%D0%B8%D0%BA%D1%81-16360604970-16427116360-16706157680.png
baywednesday.com/webcontents/ 111 KB
112 KB 36ms
35ms Image
image/png 190.2.139.23
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baywednesday.com/webcontents/%D0%A1%D0%BD%D0%B8%D0%BC%D0%BE%D0%BA_2_%D0%B8%D0%BA%D1%81-16360604970-16427116360-16706157680.png
Requested by: Host: baywednesday.com
URL: https://baywednesday.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: server73-vm12.openfrost.com
Software: nginx/1.24.0 /
Resource Hash: 4f495537e1248c15de73959945ebcc25df5dc00d9bd95fdd485cd8cac9940865

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baywednesday.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 05:56:18 GMT
Last-Modified: Fri, 09 Dec 2022 19:56:08 GMT
Server: nginx/1.24.0
ETag: "639392d8-1bd4a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 113994

GET
H2 200 que-es-hosting.jpg
www.iontics.com/wp-content/uploads/2021/09/ 59 KB
60 KB 193ms
25ms Image
image/jpeg 37.187.217.72
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.iontics.com/wp-content/uploads/2021/09/que-es-hosting.jpg

Requested by

Host: baywednesday.com
URL: https://baywednesday.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.187.217.72 , France, ASN16276 (OVH, FR),

Reverse DNS

host01.iontics.com

Software

nginx / PleskLin

Resource Hash

18c9201faee57cad10c43c38b8e04b804336979505e08f1675f320fa671d52d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baywednesday.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 05:56:18 GMT
strict-transport-security: max-age=15768000; includeSubDomains
last-modified: Mon, 06 Sep 2021 09:58:03 GMT
server: nginx
etag: "6135e62b-ed17"
x-powered-by: PleskLin
content-type: image/jpeg
accept-ranges: bytes
content-length: 60695

GET
H/1.1 200
OK jquery2.js Show response
semalt.com/js/ 82 KB
34 KB 79ms
35ms Script
application/javascript 62.112.9.54
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://semalt.com/js/jquery2.js
Requested by: Host: baywednesday.com
URL: https://baywednesday.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.112.9.54 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: server42-vm05.openfrost.com
Software: nginx/1.20.2 /
Resource Hash: b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baywednesday.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 05:56:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Apr 2018 17:04:19 GMT
Server: nginx/1.20.2
ETag: W/"5accee93-1469c"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK jquery.cookie.js Show response
semalt.com/js/ 3 KB
2 KB 62ms
17ms Script
application/javascript 62.112.9.54
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://semalt.com/js/jquery.cookie.js
Requested by: Host: baywednesday.com
URL: https://baywednesday.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.112.9.54 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: server42-vm05.openfrost.com
Software: nginx/1.20.2 /
Resource Hash: c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baywednesday.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 05:56:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Apr 2018 17:04:19 GMT
Server: nginx/1.20.2
ETag: W/"5accee93-c31"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK counter.js Show response
baywednesday.com/actcntr/ 12 KB
5 KB 86ms
52ms Script
application/javascript 190.2.139.23
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://baywednesday.com/actcntr/counter.js
Requested by: Host: baywednesday.com
URL: https://baywednesday.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: server73-vm12.openfrost.com
Software: nginx/1.24.0 /
Resource Hash: 209d0649f3ce6499b0df8fe49650042b4e5cecdd7df313c1bb73460e5d330638

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baywednesday.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 05:56:18 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 984
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Tue, 27 Feb 2024 08:02:54 GMT
Server: nginx/1.24.0
ETag: W/"65dd972e-2f4f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1oVp3QRVxVwLriYlQbH%2FgrQV79Hqv6Z4caafIvbMfKo9CCMFfGXZ2jjZ0bbIdCU9qtdZfoAYvf5xxKYZ13E9uhSwU77rNxbVUUA5wD3fSMHe%2BJsTPC%2FJX0uzdqEhi%2Bdw9g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=14400
CF-RAY: 86d655ce4840668d-AMS

POST
H/1.1 200
OK add-hit Show response
baywednesday.com/actcntr/api/ 144 B
772 B 352ms
50ms XHR
application/json 190.2.139.23
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://baywednesday.com/actcntr/api/add-hit
Requested by: Host: baywednesday.com
URL: https://baywednesday.com/actcntr/counter.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: server73-vm12.openfrost.com
Software: nginx/1.24.0 /
Resource Hash: c324284dcb9d16dc948f52152f938aaa7cabc907b0ca02f2c1236ac973a327b1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://baywednesday.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 01 Apr 2024 05:56:18 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: nginx/1.24.0
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=juMF1RTzLOdiGVUxypy8Ny8fS1INxZ9T%2FJoCVFD1Xl2YhAwEobyz6%2Bu3nU8XU2zNLxhv%2BKA72l6fAFGNTAPyMYr7ric0wmbQhK4%2BXR5L92Q5shS3cVzJ5wXOFiPGzYed6g%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
CF-RAY: 86d655d07d4d7740-AMS
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK send-heartbeat
baywednesday.com/actcntr/api/ 53 B
701 B 364ms
63ms Ping
application/json 190.2.139.23
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://baywednesday.com/actcntr/api/send-heartbeat
Requested by: Host: baywednesday.com
URL: https://baywednesday.com/actcntr/counter.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: server73-vm12.openfrost.com
Software: nginx/1.24.0 /
Resource Hash: 7417902908089e6a599a52bf80153b1d4ab2db4781d75bb3577866618b0d0321

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://baywednesday.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 01 Apr 2024 05:56:19 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: nginx/1.24.0
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v4l7y1mpFdAfE9bpbdJm%2FdOcC5SOya43II6ZxPnRPsVWjAwIYD4AGDsuP0IRsh2V5Tx4VNMHjNSjwDpEEl6XtYhFKQS7by8lpPIImxdBS6GIevz3CmL0NFG4W2sVfBCgaw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
CF-RAY: 86d655d2adc3b7d6-AMS
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK popup_wow.php
semalt.com/popups/ Frame 280D 0
0 68ms
36ms Document
text/html 62.112.9.54
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://semalt.com/popups/popup_wow.php?lang=en
Requested by: Host: semalt.com
URL: https://semalt.com/js/jquery2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.112.9.54 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: server42-vm05.openfrost.com
Software: nginx/1.20.2 / PHP/7.2.34
Resource Hash

Request headers

Referer: https://baywednesday.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 01 Apr 2024 05:56:18 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
X-Powered-By: PHP/7.2.34
p3p: CP=semalt

GET
H/1.1 200
OK favicon.ico
baywednesday.com/ 11 KB
4 KB 343ms
42ms Other
application/javascript 190.2.139.23
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://baywednesday.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: server73-vm12.openfrost.com
Software: nginx/1.24.0 / PHP/7.2.34
Resource Hash: 17eeb9f14ff750f1f96a2f7e25165c4e6be9ed7c43422736169d070f5cde9fce

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://baywednesday.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Apr 2024 05:56:19 GMT
Content-Encoding: gzip
Server: nginx/1.24.0
X-Powered-By: PHP/7.2.34
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

POST
H/1.1 200
OK send-heartbeat
baywednesday.com/actcntr/api/ 53 B
715 B 353ms
52ms Ping
application/json 190.2.139.23
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://baywednesday.com/actcntr/api/send-heartbeat
Requested by: Host: baywednesday.com
URL: https://baywednesday.com/actcntr/counter.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: server73-vm12.openfrost.com
Software: nginx/1.24.0 /
Resource Hash: 7417902908089e6a599a52bf80153b1d4ab2db4781d75bb3577866618b0d0321

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://baywednesday.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 01 Apr 2024 05:56:21 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: nginx/1.24.0
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TuwP%2FtbUMXVT5xIf42ZSBbkr%2Bt%2F0bAT%2FzKTjoTkdnA%2BvEyAu0m4ks43CT9%2BQL6uVXN%2BJK599KhjFJzbtruxLvGifpcMxTknBErIqblqF0d17%2FummwjETSDxg0fHIsPCNPw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
CF-RAY: 86d655df2ec366e8-AMS
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK send-heartbeat
baywednesday.com/actcntr/api/ 53 B
707 B 49ms
49ms Ping
application/json 190.2.139.23
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://baywednesday.com/actcntr/api/send-heartbeat
Requested by: Host: baywednesday.com
URL: https://baywednesday.com/actcntr/counter.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.139.23 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: server73-vm12.openfrost.com
Software: nginx/1.24.0 /
Resource Hash: 1bbb5c9ee8de4272b8414dde02c87c269b573eaf3a5dbdfdd8485dd00a37e7d1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://baywednesday.com/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 01 Apr 2024 05:56:22 GMT
Content-Encoding: br
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: nginx/1.24.0
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QFgMPHJFFxu7s5VbcwBxQEAm1bJQMe2pQ%2FiNgepl7%2BO82A9At%2FAhaGHJ2kVP40TE8utj4B2OynKbClgNnn8oifgPUdnctitdwuzYkrt7zOFjnIS3XXLt0sDcajtg2Ak%2FZw%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
CF-RAY: 86d655e9c80b9fae-AMS
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			baywednesday.com/	1970-01-21 04:18:06	Name: si_usr_id Value: 4rOi6PkG_kry6Z
			baywednesday.com/	1970-01-20 19:32:31	Name: si_ses_id Value: 4rOi6PkG_kry6Z

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://baywednesday.com/ Message: Mixed Content: The page at 'https://baywednesday.com/' was loaded over HTTPS, but requested an insecure element 'http://doweb.srl/download/decv/2352/page-speed-google.png?20200928163141'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://baywednesday.com/(Line 60) Message: Mixed Content: The page at 'https://baywednesday.com/' was loaded over HTTPS, but requested an insecure element 'http://doweb.srl/download/decv/2352/page-speed-google.png?20200928163141'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

baywednesday.com
cdn.searchenginejournal.com
doweb.srl
semalt.com
wbcon.ru
www.iontics.com
www.searchenginejournal.com
www.shopivo.com
135.125.210.77
136.243.171.225
148.251.232.222
190.2.139.23
2a06:98c1:3120::3
37.187.217.72
5.101.153.184
62.112.9.54
13c7f4d71c3d1d5a77b51b666762cb617aa236044d3e1d538f67d2eeb5677437
17eeb9f14ff750f1f96a2f7e25165c4e6be9ed7c43422736169d070f5cde9fce
18c9201faee57cad10c43c38b8e04b804336979505e08f1675f320fa671d52d1
1bbb5c9ee8de4272b8414dde02c87c269b573eaf3a5dbdfdd8485dd00a37e7d1
209d0649f3ce6499b0df8fe49650042b4e5cecdd7df313c1bb73460e5d330638
42951c3b859af3ead9435dddb41a6484dd33c43314b080f460ab01d5edb32c43
4f495537e1248c15de73959945ebcc25df5dc00d9bd95fdd485cd8cac9940865
55c1940f2b1e568ab3bb31ba02bb489803bbd8dfc29533e679235d0386e83d7d
6af79b17d6a1249b19d73a0d296ded3980306d83cea43dc73330cabd7edd59ed
7417902908089e6a599a52bf80153b1d4ab2db4781d75bb3577866618b0d0321
9aac613182d0ededbb2e521f0fc71cdbb5da06a0f6c60486a2caa94ca7707de9
b13cb5989e08fcb02314209d101e1102f3d299109bdc253b62aa1da21c9e38ba
c324284dcb9d16dc948f52152f938aaa7cabc907b0ca02f2c1236ac973a327b1
c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96

baywednesday.com Open in urlscan Pro 190.2.139.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

13 %IPv6

7 Domains

8 Subdomains

7 IPs

5 Countries

1002 kBTransfer

1071 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

baywednesday.com Open in urlscan Pro
190.2.139.23 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

13 %
IPv6

7
Domains

8
Subdomains

7
IPs

5
Countries

1002 kB
Transfer

1071 kB
Size

2
Cookies

16 HTTP transactions
0 data transactions