iceblue2022.info Open in urlscan Pro
160.251.71.120 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://iceblue2022.info/payment/ttcopy.htm
Effective URL:
https://iceblue2022.info/payment/ttcopy.htm
Submission: On November 10 via manual (November 10th 2023, 10:20:44 pm UTC) from AE — Scanned from JP

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 12 HTTP transactions. The main IP is 160.251.71.120, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is iceblue2022.info.
TLS certificate: Issued by R3 on October 23rd 2023. Valid for: 3 months.

This is the only time iceblue2022.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	160.251.71.120 160.251.71.120	7506 (INTERQ GM...) (INTERQ GMO Internet)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:81f::200a	15169 (GOOGLE) (GOOGLE)
7	151.101.40.193 151.101.40.193	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3031::6815:4828	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	199.232.192.193 199.232.192.193	54113 (FASTLY) (FASTLY)
12	5

2 160.251.71.120 (Japan) 1 redirects

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: www314.conoha.ne.jp

iceblue2022.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81f::200a (Australia)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.40.193 (San Jose, United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:4828 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-googlapi-jquery.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.193 (United States) 1 redirects

ASN54113 (FASTLY, US)

imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	imgur.com 1 redirects i.imgur.com — Cisco Umbrella Rank: 7022 imgur.com — Cisco Umbrella Rank: 4921	96 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137	32 KB
2	iceblue2022.info 1 redirects iceblue2022.info	9 KB
1	cdn-googlapi-jquery.ga cdn-googlapi-jquery.ga	7 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364	31 KB
12	5

	Domain	Requested by
7	i.imgur.com	iceblue2022.info
2	maxcdn.bootstrapcdn.com	iceblue2022.info
2	iceblue2022.info	1 redirects
1	imgur.com	1 redirects
1	cdn-googlapi-jquery.ga	iceblue2022.info
1	ajax.googleapis.com	iceblue2022.info
12	6

This site contains no links.

Subject Issuer	Validity	Valid
iceblue2022.info R3	`2023-10-23` - `2024-01-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
cdn-googlapi-jquery.ga GTS CA 1P5	`2023-10-15` - `2024-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://iceblue2022.info/payment/ttcopy.htm
Frame ID: 6BC58657DB27F754C75ABF5A9A31796F
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Files Location - 2023

Page URL History Show full URLs

http://iceblue2022.info/payment/ttcopy.htm HTTP 301
https://iceblue2022.info/payment/ttcopy.htm Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

92 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

174 kB
Transfer

380 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://iceblue2022.info/payment/ttcopy.htm HTTP 301
https://iceblue2022.info/payment/ttcopy.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://imgur.com/xG7xu1t.png HTTP 301
https://i.imgur.com/xG7xu1t.png

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request ttcopy.htm Show response
iceblue2022.info/payment/
Redirect Chain

http://iceblue2022.info/payment/ttcopy.htm
https://iceblue2022.info/payment/ttcopy.htm

36 KB
9 KB

9ms
3ms

Document
text/html

160.251.71.120
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL

https://iceblue2022.info/payment/ttcopy.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

160.251.71.120 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),

Reverse DNS

www314.conoha.ne.jp

Software

nginx /

Resource Hash

7a7d11fc49e834155eebbbdfb19f71c8e753f4c02fe104a431bc1600e5b8d425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 10 Nov 2023 22:20:39 GMT
etag: W/"8efb-6099a7c247749"
last-modified: Wed, 08 Nov 2023 02:02:52 GMT
server: nginx
x-content-type-options: nosniff
x-nginx-cache: EXPIRED
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 10 Nov 2023 22:20:39 GMT
Location: https://iceblue2022.info/payment/ttcopy.htm
Server: nginx

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/ 119 KB
20 KB 24ms
13ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css

Requested by

Host: iceblue2022.info
URL: https://iceblue2022.info/payment/ttcopy.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iceblue2022.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:20:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 625, 617, 617
age: 29907296
cdn-cachedat: 2021-06-07 20:31:41
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e63811769e6c45673e652c4b2fa64432
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8241af1d4ddc80d5-NRT
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.3/ 88 KB
31 KB 47ms
2ms Script
text/javascript 2404:6800:4004:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

Requested by

Host: iceblue2022.info
URL: https://iceblue2022.info/payment/ttcopy.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81f::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://iceblue2022.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 10 Nov 2023 13:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31191
x-xss-protection: 0
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Nov 2024 13:38:02 GMT

GET
H2 200 ULsf85T.png
i.imgur.com/ 29 KB
29 KB 664ms
323ms Image
image/png 151.101.40.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ULsf85T.png

Requested by

Host: iceblue2022.info
URL: https://iceblue2022.info/payment/ttcopy.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.40.193 San Jose, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

fa3ea3c2b4c369c299be63a829f550de789e0073685517a050c8466e461acc4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iceblue2022.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:20:40 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2042478
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 29236
x-served-by: cache-iad-kcgs7200078-IAD, cache-sjc10076-SJC
last-modified: Sun, 12 Mar 2023 11:30:08 GMT
server: cat factory 1.0
x-timer: S1699654840.323859,VS0,VE2
etag: "b9335c0faeaa0b45579a88fd13b45360"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 8u_8NZk3G1ZyXOkJ_hzjbP7Z_EiOeRD6hyWDbIeFmTFccf_Ssp-3JA==
x-cache-hits: 77, 1

GET
H2 200 Zjn9soJ.png
i.imgur.com/ 2 KB
2 KB 506ms
166ms Image
image/png 151.101.40.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Zjn9soJ.png

Requested by

Host: iceblue2022.info
URL: https://iceblue2022.info/payment/ttcopy.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.40.193 San Jose, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

6d38d0cae692499be2484b56002ee7c260422c4c48f19711742ddde02da72d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iceblue2022.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:20:40 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 3323438
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 2072
x-served-by: cache-iad-kjyo7100045-IAD, cache-sjc10076-SJC
last-modified: Sun, 12 Mar 2023 11:24:57 GMT
server: cat factory 1.0
x-timer: S1699654840.323555,VS0,VE2
etag: "fa2aca0c88cc9465c1a65e17160cf5c5"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -6s-oWVmPsOkaYZCvsvmOYQuXskjJizgT7vsg3JRIkLJB4YZJrTpxQ==
x-cache-hits: 1012, 1

GET
H2 200 favicon.png
cdn-googlapi-jquery.ga/img/ 6 KB
7 KB 474ms
450ms Image
image/png 2606:4700:3031::6815:4828
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn-googlapi-jquery.ga/img/favicon.png

Requested by

Host: iceblue2022.info
URL: https://iceblue2022.info/payment/ttcopy.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:4828 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1155fdc56cb3a7894aa5d2a6d79ade979db8d67fd17668b1314496e808a4c65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iceblue2022.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:20:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6250
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 11 Sep 2022 12:49:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TurV6alWdAbhl9t5l5%2F2PLBHmZY92fSGQBTHPMi3vCdvyQCbMMgwKxt5vjYhERyug5%2Btsv0Q%2BpDyi2rmA%2FvjMxBk5LgRqNKXgooChx28IVUKFuFPekSkrbkH01FROw%2Fr7njKT%2BFVB1i0ivYKqC9gzWiQ1J4L"}],"group":"cf-nel","max_age":604800}
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 8241af1d5ca23bf9-NRT
expires: Fri, 17 Nov 2023 22:20:40 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
12 KB 21ms
12ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: iceblue2022.info
URL: https://iceblue2022.info/payment/ttcopy.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://iceblue2022.info/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 10 Nov 2023 22:20:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1109
age: 236039
cdn-cachedat: 06/19/2023 21:04:58
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2f34b630ffe30ba2ff2b91e3f3c322a1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: b0083256c6213ee443874b27645a3b98
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8241af1d4dde80d5-NRT
cdn-requestpullsuccess: True

GET
H2 200 qXjvBuJ.png
i.imgur.com/ 1 KB
2 KB 477ms
164ms Image
image/png 151.101.40.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/qXjvBuJ.png

Requested by

Host: iceblue2022.info
URL: https://iceblue2022.info/payment/ttcopy.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.40.193 San Jose, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

d2645eaab1cebd2b1ee1fb167f93a163d50a68b212ba079c5ec1baed2815df94

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iceblue2022.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:20:40 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: YTO50-P2
age: 3303769
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 1386
x-served-by: cache-iad-kiad7000041-IAD, cache-sjc10076-SJC
last-modified: Sun, 12 Mar 2023 11:10:01 GMT
server: cat factory 1.0
x-timer: S1699654840.323526,VS0,VE1
etag: "90484f656dc44c3525dbb7f9df5cbd28"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 8xi_jER31AZYTq1QcaK9IVDG2DZ-Ch7l08PpIpeIqf96Fa7rU2uqlw==
x-cache-hits: 1110, 1

GET
H2

200

xG7xu1t.png
i.imgur.com/
Redirect Chain

https://imgur.com/xG7xu1t.png
https://i.imgur.com/xG7xu1t.png

30 KB
31 KB

167ms
166ms

Image
image/png

151.101.40.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/xG7xu1t.png

Requested by

Host: iceblue2022.info
URL: https://iceblue2022.info/payment/ttcopy.htm

Protocol

Server

151.101.40.193 San Jose, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

b0f7d59113460dc78e55b04e8f67541ab6bffd646f788e213e71e9c0b00684dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iceblue2022.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:20:40 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: PHL50-C1
age: 248745
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 30849
x-served-by: cache-iad-kcgs7200157-IAD, cache-sjc10076-SJC
last-modified: Wed, 08 Nov 2023 01:14:40 GMT
server: cat factory 1.0
x-timer: S1699654841.544782,VS0,VE3
etag: "4f3ec9e13d9c93800cec9a64d08afaae"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 9uMYAkPvlYvfWcNg7jM0WVye5T86ToX0PNRn2RCdo7FegG4Q01X6vw==
x-cache-hits: 11, 1

Redirect headers

x-cache-hits: 0
date: Fri, 10 Nov 2023 22:20:40 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
x-timer: S1699654840.377159,VS0,VE0
x-frame-options: DENY
x-cache: HIT
location: https://i.imgur.com/xG7xu1t.png
access-control-allow-origin: https://imgur.com
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-sjc10024-SJC

GET
H2 200 b7b7fz9.png
i.imgur.com/ 2 KB
3 KB 678ms
366ms Image
image/png 151.101.40.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/b7b7fz9.png

Requested by

Host: iceblue2022.info
URL: https://iceblue2022.info/payment/ttcopy.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.40.193 San Jose, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8065126cff824dc427e5ca1b0c55bf6a2aa706c85bb38ba88e4268bc0d1b541d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iceblue2022.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:20:40 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 1953963
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 2349
x-served-by: cache-iad-kiad7000143-IAD, cache-sjc10076-SJC
last-modified: Sun, 12 Mar 2023 11:16:20 GMT
server: cat factory 1.0
x-timer: S1699654840.323907,VS0,VE4
etag: "52d0bb204780668e031c6f45fbaaec35"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Hm9wz_IJdsS3uYfWtYhfVT1AgoUCBoleuR4MQ7ZeqQu0g7mWRpTzgg==
x-cache-hits: 49, 1

GET
H2 200 s3ZIXan.png
i.imgur.com/ 532 B
779 B 477ms
165ms Image
image/png 151.101.40.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/s3ZIXan.png

Requested by

Host: iceblue2022.info
URL: https://iceblue2022.info/payment/ttcopy.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.40.193 San Jose, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

3c93da63a549e13f8a4c2707be1f5baa5eb0932aba0bdd60a8a0a57520b28c71

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iceblue2022.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:20:40 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 886666
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, MISS, HIT
content-length: 532
x-served-by: cache-iad-kiad7000139-IAD, cache-sjc10076-SJC
last-modified: Sun, 12 Mar 2023 11:19:26 GMT
server: cat factory 1.0
x-timer: S1699654840.323910,VS0,VE1
etag: "ffeea2da217ad021ee9c0b986839bbf9"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: MR4GbfMwt8lWZsTlyi2Ee5Kwk-9D61LivViNTbM_8b4GEne5fnIkDA==
x-cache-hits: 0, 1

GET
H2 200 ojeGOvm.png
i.imgur.com/ 29 KB
29 KB 483ms
171ms Image
image/png 151.101.40.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ojeGOvm.png

Requested by

Host: iceblue2022.info
URL: https://iceblue2022.info/payment/ttcopy.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.40.193 San Jose, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

fa3ea3c2b4c369c299be63a829f550de789e0073685517a050c8466e461acc4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://iceblue2022.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Fri, 10 Nov 2023 22:20:40 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 2575576
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 29236
x-served-by: cache-iad-kcgs7200059-IAD, cache-sjc10076-SJC
last-modified: Sun, 12 Mar 2023 11:21:45 GMT
server: cat factory 1.0
x-timer: S1699654840.323868,VS0,VE1
etag: "b9335c0faeaa0b45579a88fd13b45360"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: cQ6qX-JwuHAczKlun3CABEneXU3WTwzzE72lt1ocuECBF4OylOJ1Eg==
x-cache-hits: 152, 1

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://iceblue2022.info/payment/ttcopy.htm(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://iceblue2022.info/payment/ttcopy.htm(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://iceblue2022.info/payment/ttcopy.htm(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn-googlapi-jquery.ga
i.imgur.com
iceblue2022.info
imgur.com
maxcdn.bootstrapcdn.com
151.101.40.193
160.251.71.120
199.232.192.193
2404:6800:4004:81f::200a
2606:4700:3031::6815:4828
2606:4700::6812:bcf
3c93da63a549e13f8a4c2707be1f5baa5eb0932aba0bdd60a8a0a57520b28c71
6d38d0cae692499be2484b56002ee7c260422c4c48f19711742ddde02da72d81
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
7a7d11fc49e834155eebbbdfb19f71c8e753f4c02fe104a431bc1600e5b8d425
8065126cff824dc427e5ca1b0c55bf6a2aa706c85bb38ba88e4268bc0d1b541d
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
b0f7d59113460dc78e55b04e8f67541ab6bffd646f788e213e71e9c0b00684dd
d2645eaab1cebd2b1ee1fb167f93a163d50a68b212ba079c5ec1baed2815df94
f1155fdc56cb3a7894aa5d2a6d79ade979db8d67fd17668b1314496e808a4c65
fa3ea3c2b4c369c299be63a829f550de789e0073685517a050c8466e461acc4e

iceblue2022.info Open in urlscan Pro 160.251.71.120 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

50 %IPv6

5 Domains

6 Subdomains

5 IPs

3 Countries

174 kBTransfer

380 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

3 Console Messages

Security Headers

Indicators

iceblue2022.info Open in urlscan Pro
160.251.71.120 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

50 %
IPv6

5
Domains

6
Subdomains

5
IPs

3
Countries

174 kB
Transfer

380 kB
Size

0
Cookies

12 HTTP transactions
0 data transactions