comms.evlink9.net - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 2606:4700::6812:735, located in United States and belongs to CLOUDFLARENET, US. The main domain is comms.evlink9.net.
TLS certificate: Issued by GTS CA 1P5 on February 28th 2023. Valid for: 3 months.

This is the only time comms.evlink9.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700::68... 2606:4700::6812:735	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223f:3800:d:a0b1:e40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2

1 2606:4700::6812:735 (United States)

ASN13335 (CLOUDFLARENET, US)

comms.evlink9.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:3800:d:a0b1:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d1vqahcsakjpkp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	cloudfront.net d1vqahcsakjpkp.cloudfront.net	209 KB
1	evlink9.net comms.evlink9.net	8 KB
3	2

	Domain	Requested by
2	d1vqahcsakjpkp.cloudfront.net	comms.evlink9.net
1	comms.evlink9.net
3	2

This site contains links to these domains. Also see Links.

Domain
finwelleads.co.za
webinarkit.net
forms.gle
www.finwellegal.co.za

Subject Issuer	Validity	Valid
*.evlink9.net GTS CA 1P5	`2023-02-28` - `2023-05-29`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://comms.evlink9.net/public/messages/view-online/SuBj0m2tVwV3qrLf/AAy9c7bUUPO6aZDq/585c628477248b9a
Frame ID: 54D268CA162C96D913A70BD5F538532F
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

3
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

217 kB
Transfer

259 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://finwelleads.co.za/Default.aspx
Title: FIX YOUR SALARY SHORTCOMINGS HERE

Search URL Search Domain Scan URL

URL: https://webinarkit.net/webinar/registration/60a54f806e168d001793ff7c
Title: FREE WEBINAR - Sales, Cancellations and Refunds

Search URL Search Domain Scan URL

URL: https://forms.gle/KhVEi8YJdvHXGC6v6
Title: CLIENT SATISFACTION SURVEY

Search URL Search Domain Scan URL

URL: https://www.finwellegal.co.za/rewards/
Title: GET R20,000 DISCOUNT COUPONS

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 585c628477248b9a Show response comms.evlink9.net/public/messages/view-online/SuBj0m2tVwV3qrLf/AAy9c7bUUPO6aZDq/	51 KB 8 KB	640ms 616ms	Document text/html	2606:4700::6812:735 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://comms.evlink9.net/public/messages/view-online/SuBj0m2tVwV3qrLf/AAy9c7bUUPO6aZDq/585c628477248b9a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:735 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0b11e37dc66260b82211071a7a42afda264fa05ea1847c7723ec98f18eabf8a6` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7afec172fd8b9220-FRA content-encoding gzip content-type text/html; charset=UTF-8 date Thu, 30 Mar 2023 07:49:23 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server cloudflare
GET H2	200	NEW_FINWELL_Logo__180x53.jpg d1vqahcsakjpkp.cloudfront.net/users/assets/1804/images/__thumbs/NEW_FINWELL_Logo.jpg/	6 KB 7 KB	64ms 9ms	Image image/jpeg	2600:9000:223f:3800:d:a0b1:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1vqahcsakjpkp.cloudfront.net/users/assets/1804/images/__thumbs/NEW_FINWELL_Logo.jpg/NEW_FINWELL_Logo__180x53.jpg?v=1615477916482 Requested by Host: comms.evlink9.net URL: https://comms.evlink9.net/public/messages/view-online/SuBj0m2tVwV3qrLf/AAy9c7bUUPO6aZDq/585c628477248b9a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3800:d:a0b1:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash `0a84780fd9ac2f246fe0afaafed6afcf0a107f95a9ffad9fa94e6c55c4d721cc` Request headers accept-language de-DE,de;q=0.9 Referer https://comms.evlink9.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Sat, 25 Mar 2023 10:20:37 GMT via 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA56-P5 age 422927 cf-polished origSize=6674, status=vary_header_present x-cache Hit from cloudfront content-disposition inline; filename="NEW_FINWELL_Logo__180x53.jpg" content-length 6420 x-request-id U0RhFxL_GY8fGvCHCJpi- cf-bgj imgq:100,h2pri last-modified Sat, 25 Mar 2023 08:01:54 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7ad66c1e7eff9a0f-FRA x-amz-cf-id x8Uphx8Dnc_Fa16zPgjCA6EI9bqAQTluSgt40zsg6gSe35-zosuoqw== expires Sun, 24 Mar 2024 10:20:37 GMT
GET H2	200	no-money-young-family-in-financial-trouble-frustra-1280.jpg d1vqahcsakjpkp.cloudfront.net/users/assets/1804/images/	201 KB 202 KB	65ms 11ms	Image image/jpeg	2600:9000:223f:3800:d:a0b1:e40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1vqahcsakjpkp.cloudfront.net/users/assets/1804/images/no-money-young-family-in-financial-trouble-frustra-1280.jpg?v=1647067337793 Requested by Host: comms.evlink9.net URL: https://comms.evlink9.net/public/messages/view-online/SuBj0m2tVwV3qrLf/AAy9c7bUUPO6aZDq/585c628477248b9a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3800:d:a0b1:e40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software cloudflare / Resource Hash `f40356663e8e4f33fb86abbfc8e3fee40e0d47d5fe482debba04a6a06063d7ea` Request headers accept-language de-DE,de;q=0.9 Referer https://comms.evlink9.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 27 Mar 2023 14:20:47 GMT via 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop FRA56-P5 age 235717 cf-polished origSize=209542, status=vary_header_present x-cache Hit from cloudfront content-disposition inline; filename="no-money-young-family-in-financial-trouble-frustra-1280.jpg" content-length 206241 x-request-id GpF0c_EqE89kPJrpYSbbY cf-bgj imgq:100,h2pri last-modified Sun, 26 Mar 2023 16:43:18 GMT server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 7ae846ab5ea02be2-FRA x-amz-cf-id C4D1TENILsogt7qgSHz8G2UpzrHwv6Dvf3i5tw6xWemcaNfwnbiobw== expires Tue, 26 Mar 2024 14:20:47 GMT

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			comms.evlink9.net/	1969-12-31 23:59:59	Name: EVSESSIONID Value: u95sn6e8ua36l5mqe7htto8aj7
			.evlink9.net/	1970-01-20 10:42:44	Name: __cf_bm Value: L6z8mojclyCvC72gY35FV1GIySMcTPyMcuAEjVq3bS8-1680162563-0-Aco6r3qd58r0gKdzPSrHqjYeLQ+NyOaCQLDW9GWj8tTcasfwHtiVwMeZN03Nu2jwQRE9Rp+i+1f7xcsxyO2g3sQ=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

comms.evlink9.net
d1vqahcsakjpkp.cloudfront.net
2600:9000:223f:3800:d:a0b1:e40:93a1
2606:4700::6812:735
0a84780fd9ac2f246fe0afaafed6afcf0a107f95a9ffad9fa94e6c55c4d721cc
0b11e37dc66260b82211071a7a42afda264fa05ea1847c7723ec98f18eabf8a6
f40356663e8e4f33fb86abbfc8e3fee40e0d47d5fe482debba04a6a06063d7ea

comms.evlink9.net Open in urlscan Pro 2606:4700::6812:735 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

3 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

217 kBTransfer

259 kBSize

2 Cookies

4 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

2 Cookies

Indicators

comms.evlink9.net Open in urlscan Pro
2606:4700::6812:735 Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

217 kB
Transfer

259 kB
Size

2
Cookies

3 HTTP transactions
0 data transactions