urlscan.io logo urlscan.io
SecurityTrails logo

citrix-vdi-ext.ff0000.pro Open in urlscan Pro
159.60.132.248  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://citrix-vdi-ext.ff0000.pro/
Effective URL: https://citrix-vdi-ext.ff0000.pro/my.logout.php3?errorcode=20
Submission Tags: @phishunt_io
Submission: On September 12 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 159.60.132.248, located in United States and belongs to F5, FR. The main domain is citrix-vdi-ext.ff0000.pro.
TLS certificate: Issued by R3 on September 12th 2023. Valid for: 3 months.
This is the only time citrix-vdi-ext.ff0000.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 8 159.60.132.248 35280 (F5)
6 1
Apex Domain
Subdomains		 Transfer
8 ff0000.pro
citrix-vdi-ext.ff0000.pro
104 KB
6 1
Domain Requested by
8 citrix-vdi-ext.ff0000.pro 2 redirects citrix-vdi-ext.ff0000.pro
6 1

This site contains links to these domains. Also see Links.

Domain
cenovus.service-now.com
Subject Issuer Validity Valid
citrix-vdi-ext.ff0000.pro
R3		 2023-09-12 -
2023-12-11		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://citrix-vdi-ext.ff0000.pro/my.logout.php3?errorcode=20
Frame ID: 6663DB4CDFEE81A8ECAAE97C2FD5D9E5
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BIG-IP logout page

Page URL History Show full URLs

  1. https://citrix-vdi-ext.ff0000.pro/ HTTP 302
    https://citrix-vdi-ext.ff0000.pro/my.policy HTTP 302
    https://citrix-vdi-ext.ff0000.pro/my.logout.php3?errorcode=20 Page URL

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

103 kB
Transfer

102 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://citrix-vdi-ext.ff0000.pro/ HTTP 302
    https://citrix-vdi-ext.ff0000.pro/my.policy HTTP 302
    https://citrix-vdi-ext.ff0000.pro/my.logout.php3?errorcode=20 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request my.logout.php3
citrix-vdi-ext.ff0000.pro/
Redirect Chain
  • https://citrix-vdi-ext.ff0000.pro/
  • https://citrix-vdi-ext.ff0000.pro/my.policy
  • https://citrix-vdi-ext.ff0000.pro/my.logout.php3?errorcode=20
5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://citrix-vdi-ext.ff0000.pro/my.logout.php3?errorcode=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.60.132.248 , United States, ASN35280 (F5, FR),
Reverse DNS
Software
volt-adc /
Resource Hash
f6dac7019ae940965eb33d1e2711640c56b998898d44adfca51ad35b2b61461b
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
22729
cache-control
no-cache, must-revalidate
content-length
5415
content-type
text/html; charset=utf-8
date
Tue, 12 Sep 2023 22:35:04 GMT
pragma
no-cache
server
volt-adc
x-envoy-upstream-service-time
606
x-frame-options
DENY
x-volterra-location
fr4-fra

Redirect headers

cache-control
no-cache, no-store
content-length
0
date
Tue, 12 Sep 2023 22:35:03 GMT
location
/my.logout.php3?errorcode=20
server
volt-adc
x-envoy-upstream-service-time
402
x-volterra-location
fr4-fra
apm.css
citrix-vdi-ext.ff0000.pro/public/include/css/ 		38 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://citrix-vdi-ext.ff0000.pro/public/include/css/apm.css
Requested by
Host: citrix-vdi-ext.ff0000.pro
URL: https://citrix-vdi-ext.ff0000.pro/my.logout.php3?errorcode=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.60.132.248 , United States, ASN35280 (F5, FR),
Reverse DNS
Software
volt-adc /
Resource Hash
571b5a9d47b219ed0a9036f9b536529a7e4ededbfc274c0cf0fe57d099180fda
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citrix-vdi-ext.ff0000.pro/my.logout.php3?errorcode=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 22:35:04 GMT
cache-control
max-age=3600
x-envoy-upstream-service-time
403
x-volterra-location
fr4-fra
server
volt-adc
x-frame-options
DENY
content-type
text/css; charset=utf-8
common.js
citrix-vdi-ext.ff0000.pro/public/include/js/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citrix-vdi-ext.ff0000.pro/public/include/js/common.js
Requested by
Host: citrix-vdi-ext.ff0000.pro
URL: https://citrix-vdi-ext.ff0000.pro/my.logout.php3?errorcode=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.60.132.248 , United States, ASN35280 (F5, FR),
Reverse DNS
Software
volt-adc /
Resource Hash
017924b088cc2541d7b7504de100a770aeb9aa1d5a70a06b39450683dc4357d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citrix-vdi-ext.ff0000.pro/my.logout.php3?errorcode=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 22:35:04 GMT
last-modified
Tue, 29 Dec 2020 07:48:04 GMT
x-volterra-location
fr4-fra
server
volt-adc
age
0
etag
"3514-5b7959c4f3500"
content-type
application/javascript
x-envoy-upstream-service-time
154
accept-ranges
bytes
content-length
13588
u_plugin.js
citrix-vdi-ext.ff0000.pro/public/include/js/ 		41 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://citrix-vdi-ext.ff0000.pro/public/include/js/u_plugin.js
Requested by
Host: citrix-vdi-ext.ff0000.pro
URL: https://citrix-vdi-ext.ff0000.pro/my.logout.php3?errorcode=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.60.132.248 , United States, ASN35280 (F5, FR),
Reverse DNS
Software
volt-adc /
Resource Hash
827e5746a19ee37010e7e9d0536e38466b37e75c41e883f803107d0d184b1401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citrix-vdi-ext.ff0000.pro/my.logout.php3?errorcode=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 22:35:04 GMT
last-modified
Sat, 18 Oct 2014 00:01:17 GMT
x-volterra-location
fr4-fra
server
volt-adc
age
3207
etag
"a2eb-505a72e3d4d40"
content-type
application/javascript
x-envoy-upstream-service-time
401
accept-ranges
bytes
content-length
41707
logo_image_en.jpg
citrix-vdi-ext.ff0000.pro/public/images/customization/Common/click-prd.ap_general_ui/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citrix-vdi-ext.ff0000.pro/public/images/customization/Common/click-prd.ap_general_ui/logo_image_en.jpg
Requested by
Host: citrix-vdi-ext.ff0000.pro
URL: https://citrix-vdi-ext.ff0000.pro/my.logout.php3?errorcode=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.60.132.248 , United States, ASN35280 (F5, FR),
Reverse DNS
Software
volt-adc /
Resource Hash
ed289d2e1a12c2cd0d38fef3818c482f251456eefee49adb65e0c941b12a290a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citrix-vdi-ext.ff0000.pro/my.logout.php3?errorcode=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 22:35:05 GMT
last-modified
Tue, 10 May 2022 03:08:55 GMT
x-volterra-location
fr4-fra
server
volt-adc
age
26131
etag
"1238-5de9fa51f1fc0"
content-type
image/jpeg
x-envoy-upstream-service-time
612
accept-ranges
bytes
content-length
4664
tr.gif
citrix-vdi-ext.ff0000.pro/public/images/my/ 		43 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://citrix-vdi-ext.ff0000.pro/public/images/my/tr.gif
Requested by
Host: citrix-vdi-ext.ff0000.pro
URL: https://citrix-vdi-ext.ff0000.pro/my.logout.php3?errorcode=20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.60.132.248 , United States, ASN35280 (F5, FR),
Reverse DNS
Software
volt-adc /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://citrix-vdi-ext.ff0000.pro/my.logout.php3?errorcode=20
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 22:35:05 GMT
last-modified
Sat, 10 Mar 2007 05:11:20 GMT
x-volterra-location
fr4-fra
server
volt-adc
age
3136
etag
"2b-42b4b92116e00"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=3600, must-revalidate
x-envoy-upstream-service-time
97
accept-ranges
bytes
content-length
43

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| g_logindent function| addToLog function| addToLogEnter function| addToLogExit function| stringToHex function| Base64encode function| Base64decode function| ltrim function| getExternalBaseURL function| getExternalBaseHost function| getExternalBasePort function| escapeRegex object| ar4cmatch function| get_cookie function| set_cookie function| delete_cookie function| bind function| arrayContains function| isArray function| forEach function| parseJSON function| getXmlDoc object| timeouts number| gatewayClock number| idleTimeout number| guardTime number| sessionStart number| maxTimeout number| maxGuard function| tryGetTimesFromCookie function| pad function| startCountDown function| getHTTPRequestObject function| objectToParams function| stripBrackets function| getCustomProtocolLink function| UPlugin function| UPluginInstaller function| UPluginHost function| InsertActivexControl function| OnLoad function| setViewport function| onorientationchange object| tin

2 Cookies

Domain/Path Name / Value
citrix-vdi-ext.ff0000.pro/ Name: LastMRH_Session
Value: 618254e7
citrix-vdi-ext.ff0000.pro/ Name: TS01dc4fc6
Value: 01cd2badf1b20c338fd5f8d937a64b451b585f50250c504ad833c6af68885ac2cf76bc97d5baed5047b0a365edb7768dd63eb93da3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY