remittance-xls.helghtstitle.com Open in urlscan Pro
209.38.196.166 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://remittance-xls.helghtstitle.com/auth
Effective URL:
http://remittance-xls.helghtstitle.com/verify
Submission: On July 18 via manual (July 18th 2023, 4:58:40 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 209.38.196.166, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is remittance-xls.helghtstitle.com.

This is the only time remittance-xls.helghtstitle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	209.38.196.166 209.38.196.166	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 7	2606:4700::68... 2606:4700::6811:2b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	3

3 209.38.196.166 (Frankfurt am Main, Germany) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

remittance-xls.helghtstitle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:2b8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 5263	254 KB
3	helghtstitle.com 2 redirects remittance-xls.helghtstitle.com	1 KB
11	2

	Domain	Requested by
7	challenges.cloudflare.com	1 redirects remittance-xls.helghtstitle.com challenges.cloudflare.com
3	remittance-xls.helghtstitle.com	2 redirects
11	2

This site contains no links.

Subject Issuer	Validity	Valid
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://remittance-xls.helghtstitle.com/verify
Frame ID: 1A85B3DA60BD80808F2716C699FCF802
Requests: 2 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/101yb/0x4AAAAAAAE5jui_rrfF0eXn/auto/normal
Frame ID: 50266516FAD23901459F5641609D879A
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cloudflare

Page URL History Show full URLs

http://remittance-xls.helghtstitle.com/auth HTTP 302
https://remittance-xls.helghtstitle.com/auth HTTP 302
http://remittance-xls.helghtstitle.com/verify Page URL

Page Statistics

11
Requests

45 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

255 kB
Transfer

453 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://remittance-xls.helghtstitle.com/auth HTTP 302
https://remittance-xls.helghtstitle.com/auth HTTP 302
http://remittance-xls.helghtstitle.com/verify Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/556d0c9f/api.js

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request verify Show response
remittance-xls.helghtstitle.com/
Redirect Chain

http://remittance-xls.helghtstitle.com/auth
https://remittance-xls.helghtstitle.com/auth
http://remittance-xls.helghtstitle.com/verify

818 B
935 B

12ms
11ms

Document
text/html

209.38.196.166
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://remittance-xls.helghtstitle.com/verify
Protocol: HTTP/1.1
Server: 209.38.196.166 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: ced36f274bddc5466b5228d132dd3f46a74b9efee533d316f12618c117f3a90f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 818
Content-Type: text/html; charset=utf-8
Date: Tue, 18 Jul 2023 16:58:36 GMT

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html
Date: Tue, 18 Jul 2023 16:58:36 GMT
Keep-Alive: timeout=5, max=100
Location: http://remittance-xls.helghtstitle.com/verify
Server: Apache/2.4.52 (Ubuntu)

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/556d0c9f/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js
https://challenges.cloudflare.com/turnstile/v0/b/556d0c9f/api.js

19 KB
7 KB

33ms
32ms

Script
application/javascript

2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/556d0c9f/api.js
Requested by: Host: remittance-xls.helghtstitle.com
URL: http://remittance-xls.helghtstitle.com/verify
Protocol: H2
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3d5cd569dcc9f9c25e22a1094371fec043d8c4382e46ca3851dcc448c6d1fc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://remittance-xls.helghtstitle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:58:36 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7e8c4538dfc7bb37-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 18 Jul 2023 16:58:36 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/b/556d0c9f/api.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7e8c4538bf96bb37-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/101yb/0x4AAAAAAAE5jui_rrfF0eXn/auto/ Frame 5026 24 KB
8 KB 21ms
21ms Document
text/html 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/101yb/0x4AAAAAAAE5jui_rrfF0eXn/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28815d8333061d990780e189f01b535e451c857abdcec6f192522b0861983ab1

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: http://remittance-xls.helghtstitle.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7e8c45393f91364a-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 16:58:36 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 5026 171 KB
59 KB 17ms
16ms Script
application/javascript 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e8c45393f91364a
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/101yb/0x4AAAAAAAE5jui_rrfF0eXn/auto/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ef2230ada5a426d305b266c7ae79b9139a0557ca8d306253edcc3216a515575

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/101yb/0x4AAAAAAAE5jui_rrfF0eXn/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:58:36 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7e8c45397800364a-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
BLOB 200
OK 1a9ec66f-0166-4829-a2e6-4bf4da00c195
https://challenges.cloudflare.com/ Frame 5026 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/1a9ec66f-0166-4829-a2e6-4bf4da00c195
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/101yb/0x4AAAAAAAE5jui_rrfF0eXn/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

POST
H3 200 3bd78368ec43287 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1418294370:1689697709:V-2XFW-Jso-PNaDGy3_qdd6KfDgSCLct9VVWStdQ82g/7e8c45393f91364a/ Frame 5026 237 KB
179 KB 144ms
144ms XHR
text/plain 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1418294370:1689697709:V-2XFW-Jso-PNaDGy3_qdd6KfDgSCLct9VVWStdQ82g/7e8c45393f91364a/3bd78368ec43287
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e8c45393f91364a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74ca48a95e3ed968cda44d82252b05bffe1cbab9e269561aedde282464886853

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/101yb/0x4AAAAAAAE5jui_rrfF0eXn/auto/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: 3bd78368ec43287
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: s7/FH1jy5GiNKGMYeJXMNsYPTGPW+MzBynqALb4E4UBRd5MWK/VCoKV4XTPP8hCPrENyXdG59OTuUS3ojPHuMzw6cmVzObWjawJLSt9lLobVJcpQGGNrMGa45s6alq6RGvdhwmScfAdBkRXG3esGuhLHpgdtnRg7TsLxWMBzeRUT1jbggGgHQJZUj+eM48srEm+QkAj3XezzVInxxGUcuZDqan11g2n+UMrbxdIJ7BY9Fim2JwYkX2owUpIphyYgr0sb5YtGT3c0tVpDWYk2OcHJYPnzWXJK+jM5aMKlGyTW54YuLW6d0afqaoyQY77FwcVp8Y/T2x2HfSIpeOp/q6H9qQAIbxno141WchtjhjMB/XKVCLI1/ij3a3oNVEoBfjzK3DJTMfH3e4GD1cKDW6o+wJUKPDPWnY+IqoLIeiAP1ALNY0buJgOZmHKOeVpkADkFKsKvevlBzlIe+kfr+s9SAk9CQdVGWgcMO8+fEgmh4MXemxh6bKQ/mOJpv6p/fTNhfNrAECWYT2PzXmjDBJKIR356yeGpC9VWwj2D96zb1TEZ0GcezBPHXx+ys02lu2Z8KaqgFf3feEMvBwDwo92rdiPdipHA+FUyJiFkB4mVvb1iIPObJ1SDEe/gAg94ixpT2ZSEQnOl1zYvAkw9Qw==$tmvJSqc/2DhTkpyJ5Ag6kQ==
date: Tue, 18 Jul 2023 16:58:36 GMT
content-encoding: br
server: cloudflare
cf-ray: 7e8c453a7953364a-FRA
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
BLOB 200
OK a009a0f5-a274-4d18-a6cf-fe0f0ebe4cf7
https://challenges.cloudflare.com/ Frame 5026 220 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/a009a0f5-a274-4d18-a6cf-fe0f0ebe4cf7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6b64601f895bed389aa525bed33990514b3ea089b51569aaf245f9479caeac8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/101yb/0x4AAAAAAAE5jui_rrfF0eXn/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 220
Content-Type: application/javascript

GET
BLOB 200
OK ff247602-00fa-4bf2-a047-fc2c0cb93511
https://challenges.cloudflare.com/ Frame 5026 656 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/ff247602-00fa-4bf2-a047-fc2c0cb93511
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/101yb/0x4AAAAAAAE5jui_rrfF0eXn/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 656
Content-Type: text/javascript

GET
H3 200 _fCBp7VHZL1I7zM
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/7e8c45393f91364a/1689699516568/ Frame 5026 61 B
148 B 15ms
14ms Image
image/png 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/7e8c45393f91364a/1689699516568/_fCBp7VHZL1I7zM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cae17ebe8e5a79a97d273ac0db56b966d8dad77ccb7cc77ccf76e5c6de5c440e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/101yb/0x4AAAAAAAE5jui_rrfF0eXn/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:58:37 GMT
server: cloudflare
cf-ray: 7e8c45407942364a-FRA
alt-svc: h3=":443"; ma=86400
content-type: image/png

GET
BLOB 200
OK 2be59af9-f9df-41d5-a141-4562fb036c73
https://challenges.cloudflare.com/ Frame 5026 99 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/2be59af9-f9df-41d5-a141-4562fb036c73
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/101yb/0x4AAAAAAAE5jui_rrfF0eXn/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 99
Content-Type: text/javascript

POST
H3 200 3bd78368ec43287 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1418294370:1689697709:V-2XFW-Jso-PNaDGy3_qdd6KfDgSCLct9VVWStdQ82g/7e8c45393f91364a/ Frame 5026 800 B
2 KB 45ms
43ms XHR
text/html 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1418294370:1689697709:V-2XFW-Jso-PNaDGy3_qdd6KfDgSCLct9VVWStdQ82g/7e8c45393f91364a/3bd78368ec43287
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e8c45393f91364a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb34a9ce79e43fa190f4aea6cfb0c490d5295364eee6765fb37e9c40e57aae8

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/101yb/0x4AAAAAAAE5jui_rrfF0eXn/auto/normal
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: 3bd78368ec43287
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: t0m1ho6ejRzOFVu80JZ9t0ZB9LVd6pWlEOcrP89g7ooU+vGK9S2SysRfvQHu+mfANONsF4wug2mZAAi4KNMWMFIP24lQk81LFzgWMEm36xQ=$RsMV8TtU/KO33DW5Nx9LVQ==
cf-chl-out-s: JnaaqxBfD5p5xUtjLG/XVIF91MfI2DpCQlkvkpysNrGKqMmO/R8NBRk94rYCUt7v3AX2LLTTwKtCVh/8HLrvWKv5NithciIVrtryBxcYECsATayGVQrO47Z62BksqW+OVsyz8cIKJpqjhTLmlmOivuiXjTB8AXBAtwp5xlNn3J+Sv9T0s1d+SRASo3ws/HI5c89ZWlPsWVW1c98Pa6G8tR8GVESug0e15zWylbSUF+jEmmsTsiaAMi8sMbs+2Iu+TYCHdux+bUtgMbhRu5SqyCgFdbe2p3kVaqkaCM4xbqhke77zXimzT0LddKh23FjwHozMu6vSESE+BfwDmce3SKXhr1FrHvWeFO3Hb5qs9yEhWvblGcNhSNWFtErAbtrIP8A3k8YsT2UV+1isZ2SVp46YWSTiUisdmHEQ5+vSoOncF24CWW1d8jrnSSQKZlF73ApDA5O67S1+fpxE75BUvrNsQqL3xtXjgOGSZ8JrNyDEekfyo9mLBWeoU1OfoXbqXLxXyoEchEnwHTa2sHgLVlQS0OZzq/8+StmUw9bsMl3FNE6D0mRhVxl6Zxm6LEMvZmrGZiIPqwAGuVZyqQLExzrZXEcqAE9AbToTkadpf3gjmHsj0eP8Eao1uGTI48ySNHHqDmgJOk9CTXzwqIxealIKstrB+w6sXGB+y/wZfPgqVYADdKQsk3mDRQlS/p1fVs2uLHKkr4O6Kl0ZaSz0Cd0Ss975yzbmscDrWJp1m09UTbOKN0CLep00/6KJNCS8mZV9CcJTIzHgzp2v8rrpDFywQdLDSI7zH7fnY7+0fK8R0TeKbSp0LePMamHR61ZBZKnIb7e9cRVjtoqz4tniixh3O6drMkB+TdMzMvRJ/XxLSo4I3PKIJagNbWk+9Kd0X3v/JgQrXFnjVf2fSMx2NpekhEvy3Ksymsb88avh6sIGZCUyFhGsKt8pnLJqYhWg++URqGK04pXQSFyQ8TIcPE8YiImY4ng2NeH5YrnodwU=$M4LOOZtYD7ip3DdBX81Yyg==
date: Tue, 18 Jul 2023 16:58:38 GMT
content-encoding: br
server: cloudflare
content-type: text/html; charset=UTF-8
cf-ray: 7e8c4543cda8364a-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.helghtstitle.com/	1970-01-20 13:21:43	Name: vuXu Value: fab28f34c365db58928385c00e3a736bf90c895d5a0656917b417574510c1d92

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
remittance-xls.helghtstitle.com
209.38.196.166
2606:4700::6811:2b8
28815d8333061d990780e189f01b535e451c857abdcec6f192522b0861983ab1
5ef2230ada5a426d305b266c7ae79b9139a0557ca8d306253edcc3216a515575
74ca48a95e3ed968cda44d82252b05bffe1cbab9e269561aedde282464886853
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194
a3d5cd569dcc9f9c25e22a1094371fec043d8c4382e46ca3851dcc448c6d1fc1
cae17ebe8e5a79a97d273ac0db56b966d8dad77ccb7cc77ccf76e5c6de5c440e
ced36f274bddc5466b5228d132dd3f46a74b9efee533d316f12618c117f3a90f
d6b64601f895bed389aa525bed33990514b3ea089b51569aaf245f9479caeac8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c
ecb34a9ce79e43fa190f4aea6cfb0c490d5295364eee6765fb37e9c40e57aae8

remittance-xls.helghtstitle.com Open in urlscan Pro 209.38.196.166 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

11 Requests

45 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

255 kBTransfer

453 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

remittance-xls.helghtstitle.com Open in urlscan Pro
209.38.196.166 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

45 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

255 kB
Transfer

453 kB
Size

1
Cookies

11 HTTP transactions
0 data transactions