ntsa.pesaflow.com Open in urlscan Pro
41.209.55.106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ntsa.pesaflow.com/
Effective URL:
https://ntsa.pesaflow.com/
Submission: On October 19 via api (October 19th 2023, 9:01:59 am UTC) from US — Scanned from DE

Summary HTTP 12 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 41.209.55.106, located in Kenya and belongs to KE-NET2000, ZA. The main domain is ntsa.pesaflow.com.
TLS certificate: Issued by R3 on August 28th 2023. Valid for: 3 months.

This is the only time ntsa.pesaflow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	41.209.55.106 41.209.55.106	9129 (KE-NET2000) (KE-NET2000)
1	2606:4700::68... 2606:4700::6812:809	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	3

8 41.209.55.106 (Kenya) 1 redirects

ASN9129 (KE-NET2000, ZA)

ntsa.pesaflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:809 (United States)

ASN13335 (CLOUDFLARENET, US)

code.highcharts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	pesaflow.com 1 redirects ntsa.pesaflow.com	9 MB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	59 KB
1	highcharts.com code.highcharts.com — Cisco Umbrella Rank: 14565	100 KB
12	3

	Domain	Requested by
8	ntsa.pesaflow.com	1 redirects ntsa.pesaflow.com
4	cdn.jsdelivr.net	ntsa.pesaflow.com
1	code.highcharts.com	ntsa.pesaflow.com
12	3

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
ntsa.pesaflow.com R3	`2023-08-28` - `2023-11-26`	3 months	crt.sh
highcharts.com Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ntsa.pesaflow.com/
Frame ID: C0A25DCD59C3AB5EFB5E1C798BEB98E9
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

· NTSA

Page URL History Show full URLs

http://ntsa.pesaflow.com/ HTTP 302
https://ntsa.pesaflow.com/ Page URL

Detected technologies

Highcharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

highcharts.*\.js

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 75%
Detected patterns

<[^>]+[^\w-]x-data[^\w-][^<]+

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

8973 kB
Transfer

9268 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/ntsa_kenya

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ntsamedia/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ntsa.pesaflow.com/ HTTP 302
https://ntsa.pesaflow.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ntsa.pesaflow.com/
Redirect Chain

http://ntsa.pesaflow.com/
https://ntsa.pesaflow.com/

8 KB
9 KB

654ms
221ms

Document
text/html

41.209.55.106
KE-NET2000

General

Check archive.org

Show headers Download Go to

Full URL

https://ntsa.pesaflow.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

41.209.55.106 , Kenya, ASN9129 (KE-NET2000, ZA),

Reverse DNS

Software

Cowboy /

Resource Hash

9858d1ac5fd76a5ca34d8aa272cf685e24dd5d454b84b0bff5bd32209a5569a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
content-length: 8265
content-type: text/html; charset=utf-8
date: Thu, 19 Oct 2023 09:01:47 GMT
referrer-policy: strict-origin-when-cross-origin
server: Cowboy
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: F492tdl-fsa9WvEAACqB

Redirect headers

cache-control: no-cache
content-length: 0
location: https://ntsa.pesaflow.com/

GET
H/1.1 200
OK main-e1a0e17b3483a6d4ed28d6f2355af155.css
ntsa.pesaflow.com/assets/ 727 KB
727 KB 220ms
219ms Stylesheet
text/css 41.209.55.106
KE-NET2000

General

Check archive.org

Show headers Download Go to

Full URL: https://ntsa.pesaflow.com/assets/main-e1a0e17b3483a6d4ed28d6f2355af155.css?vsn=d
Requested by: Host: ntsa.pesaflow.com
URL: https://ntsa.pesaflow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 41.209.55.106 , Kenya, ASN9129 (KE-NET2000, ZA),
Reverse DNS
Software: Cowboy /
Resource Hash: 3177c740d2fc171abd6aec566779e3b5c4a32d33b7f94a0771ebf17794db50d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ntsa.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:01:47 GMT
cache-control: public, max-age=31536000
server: Cowboy
accept-ranges: bytes
content-length: 743985
content-type: text/css

GET
H/1.1 200
OK app-4ff95b11c46a6a507c01e1ea4151e4d6.css
ntsa.pesaflow.com/assets/ 122 KB
123 KB 656ms
221ms Stylesheet
text/css 41.209.55.106
KE-NET2000

General

Check archive.org

Show headers Download Go to

Full URL: https://ntsa.pesaflow.com/assets/app-4ff95b11c46a6a507c01e1ea4151e4d6.css?vsn=d
Requested by: Host: ntsa.pesaflow.com
URL: https://ntsa.pesaflow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 41.209.55.106 , Kenya, ASN9129 (KE-NET2000, ZA),
Reverse DNS
Software: Cowboy /
Resource Hash: a4ad287c429a4d598834866f30d851e7629cc08b3d7cf91682c157e46d954035

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ntsa.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:01:48 GMT
cache-control: public, max-age=31536000
server: Cowboy
accept-ranges: bytes
content-length: 125436
content-type: text/css

GET
H/1.1 200
OK app-4622a7f91e9016d27827c9e374b6ed2f.js Show response
ntsa.pesaflow.com/assets/ 7 MB
7 MB 217ms
216ms Script
text/javascript 41.209.55.106
KE-NET2000

General

Check archive.org

Show headers Download Go to

Full URL: https://ntsa.pesaflow.com/assets/app-4622a7f91e9016d27827c9e374b6ed2f.js?vsn=d
Requested by: Host: ntsa.pesaflow.com
URL: https://ntsa.pesaflow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 41.209.55.106 , Kenya, ASN9129 (KE-NET2000, ZA),
Reverse DNS
Software: Cowboy /
Resource Hash: d687de445d05ec6572b8cb968a94b654262a4ef39b2b4e287d7df7a805e9f660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ntsa.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:01:48 GMT
cache-control: public, max-age=31536000
server: Cowboy
accept-ranges: bytes
content-length: 7761376
content-type: text/javascript

GET
H2 200 highcharts.js Show response
code.highcharts.com/ 281 KB
100 KB 101ms
36ms Script
text/javascript 2606:4700::6812:809
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.highcharts.com/highcharts.js
Requested by: Host: ntsa.pesaflow.com
URL: https://ntsa.pesaflow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:809 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bf12ca4143e044d50f874054d1a2fec814d5ea03d7a5caed83d3fe211c4902f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ntsa.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:01:48 GMT
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 7YZZYY9730BWH3KS
age: 867162
content-length: 102032
x-amz-id-2: 3ZmZu3vYOfrzYCNu91CIhiGmwS/aKl2qzdJQVk3rWVG/fNrDNijizX1oj6dMj2KTLvNlu64M9DQ=
last-modified: Mon, 05 Jun 2023 11:30:22 GMT
server: cloudflare
etag: "984fbd73fcdee426183f85ee117d4365"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8187d6a7e8ef1da2-FRA
expires: Sun, 19 Nov 2023 09:01:48 GMT

GET
H2 200 daterangepicker.css
cdn.jsdelivr.net/npm/daterangepicker/ 8 KB
2 KB 87ms
30ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.css

Requested by

Host: ntsa.pesaflow.com
URL: https://ntsa.pesaflow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ntsa.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:01:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 36239
x-jsd-version: 3.1.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230085-FRA, cache-jnb7026-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"1f85-jqRIojRLzDZKkujJKC/BWFh0US4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yfl1Cn80V0T%2BayFZ3dgISM4ggK%2B8yMHKNB87gCFk%2BdD77rNkJNC5%2FuMgqGX7b0tZd%2FnKnqkuUJHT3LO9Bypuk9RJdHjPcLgw1N0AFHWucwA8HBVR2J8QW%2FO48EbwtXldVUnEhdpq4hSJAnF0GbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8187d6a7dc0a91e9-FRA

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/jquery/latest/ 85 KB
31 KB 92ms
34ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery/latest/jquery.min.js

Requested by

Host: ntsa.pesaflow.com
URL: https://ntsa.pesaflow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ntsa.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:01:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20651259
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230138-FRA, cache-yyz4570-YYZ
server: cloudflare
etag: W/"15283-EFUBjCirQQh++czv5BFgaJPavqI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iU211qCgjZ8KrLohQ6Avroe5kNLx%2BkErM2KK%2BBun3KUMA6Mtv74FOseu4yqr7vpPKeKmMyItwYJZIVOgA3XLustPtG6uCnhbXqdZypiwrKliIG4jogsbJIwee0zaLQIzWTApj1Fr3ziteTLGqdk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8187d6a7dc1091e9-FRA

GET
H2 200 moment.min.js Show response
cdn.jsdelivr.net/momentjs/latest/ 50 KB
18 KB 89ms
32ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/momentjs/latest/moment.min.js

Requested by

Host: ntsa.pesaflow.com
URL: https://ntsa.pesaflow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ntsa.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:01:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20651284
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230055-FRA, cache-jnb7022-JNB
server: cloudflare
etag: W/"c909-Mv32cwvjRTjgk3jsbMVSKdmnAVE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjm47e5tj8nGlxphDKSmA8SwJ9JJi5VNbiHh3%2BJTqbZOQ5hPWO2ObMCB6uXyrGTZjxb2HLeiqHcvU6PgEee7dk93QkqksPDeVLJjsl8%2FeUQP1z6tq3ilErxrZ4%2FeZuJRn20AleecAe4jJMYG13Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 8187d6a7dc0f91e9-FRA

GET
H2 200 daterangepicker.min.js Show response
cdn.jsdelivr.net/npm/daterangepicker/ 32 KB
8 KB 90ms
33ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js

Requested by

Host: ntsa.pesaflow.com
URL: https://ntsa.pesaflow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98578d9e429bafe2edbd9d00271e88a85fa457ead4c106485d157fd955b5f2de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ntsa.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:01:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 34789
x-jsd-version: 3.1.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230138-FRA, cache-jnb7024-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"7f60-yn4DlHkED3KaP/biww3JCbN4kvM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEi7oG8y9CKW7VzZgAdswOFJohV1Wpu03GuTsoSkajRgCj4vOiHITKnVRVgGWUTyIGcpbF9D6XlPoDwlrb8RPD3NZK5mI2%2BTAnND0wYFRVJZwn7xEyx%2FSPyoZ0LgSHsTEdxC4XtImboEmjMA1uY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8187d6a7dc0d91e9-FRA

GET
H/1.1 200
OK ntsa-logo-7932722a5dc6762fea15f911fa936335.svg
ntsa.pesaflow.com/images/ 23 KB
24 KB 655ms
221ms Image
image/svg+xml 41.209.55.106
KE-NET2000

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntsa.pesaflow.com/images/ntsa-logo-7932722a5dc6762fea15f911fa936335.svg?vsn=d
Requested by: Host: ntsa.pesaflow.com
URL: https://ntsa.pesaflow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 41.209.55.106 , Kenya, ASN9129 (KE-NET2000, ZA),
Reverse DNS
Software: Cowboy /
Resource Hash: f9efaff7f74df860f8d3e043db46fbb7f1beb8f66fba98df53ab88ab169f6e4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ntsa.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:01:48 GMT
cache-control: public, max-age=31536000
server: Cowboy
accept-ranges: bytes
content-length: 23928
content-type: image/svg+xml

GET
H/1.1 200
OK content-img-5-dfeceedb842effd24214b701652f5046.png
ntsa.pesaflow.com/images/ 351 KB
351 KB 654ms
218ms Image
image/png 41.209.55.106
KE-NET2000

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntsa.pesaflow.com/images/content-img-5-dfeceedb842effd24214b701652f5046.png?vsn=d
Requested by: Host: ntsa.pesaflow.com
URL: https://ntsa.pesaflow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 41.209.55.106 , Kenya, ASN9129 (KE-NET2000, ZA),
Reverse DNS
Software: Cowboy /
Resource Hash: 8e456a2f1d3da16194d8a3a738f845634c8be9fa51bf3e74534fe0a14b92760a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ntsa.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:01:48 GMT
cache-control: public, max-age=31536000
server: Cowboy
accept-ranges: bytes
content-length: 359316
content-type: image/png

GET
H/1.1 200
OK content-img-3-f7c44a36db73736bc8890ba154608de0.svg
ntsa.pesaflow.com/images/ 1 KB
1 KB 216ms
216ms Image
image/svg+xml 41.209.55.106
KE-NET2000

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntsa.pesaflow.com/images/content-img-3-f7c44a36db73736bc8890ba154608de0.svg?vsn=d
Requested by: Host: ntsa.pesaflow.com
URL: https://ntsa.pesaflow.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 41.209.55.106 , Kenya, ASN9129 (KE-NET2000, ZA),
Reverse DNS
Software: Cowboy /
Resource Hash: 7eb776662ebee2acb3493343abeb0a25a72e560cd1b1dc6729e3470bb47e3007

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ntsa.pesaflow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 09:01:48 GMT
cache-control: public, max-age=31536000
server: Cowboy
accept-ranges: bytes
content-length: 1283
content-type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ntsa.pesaflow.com/	1969-12-31 23:59:59	Name: _automzero_key Value: SFMyNTY.g3QAAAABbQAAAAtfY3NyZl90b2tlbm0AAAAYZUlTdndxMVhzMGtMLS1rWC1TNnJRbWhF.v5l8D5WEXuFMsx_bH0LKwE4_fd3xJQTiSFyQk3qacgo
			.highcharts.com/	1969-12-31 23:59:59	Name: _cfuvid Value: hHAUpx19MuaaUlQq3yswxKZXbpLq08y5_nDNKxGW9Oc-1697706108158-0-604800000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.highcharts.com
ntsa.pesaflow.com
2606:4700::6810:5514
2606:4700::6812:809
41.209.55.106
0bf12ca4143e044d50f874054d1a2fec814d5ea03d7a5caed83d3fe211c4902f
3177c740d2fc171abd6aec566779e3b5c4a32d33b7f94a0771ebf17794db50d0
7eb776662ebee2acb3493343abeb0a25a72e560cd1b1dc6729e3470bb47e3007
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8e456a2f1d3da16194d8a3a738f845634c8be9fa51bf3e74534fe0a14b92760a
94fdb66ec8fe748981a4f2090fdf4a2a0a3dbe5ace2e65c4ce46e95d692bdac7
98578d9e429bafe2edbd9d00271e88a85fa457ead4c106485d157fd955b5f2de
9858d1ac5fd76a5ca34d8aa272cf685e24dd5d454b84b0bff5bd32209a5569a2
a4ad287c429a4d598834866f30d851e7629cc08b3d7cf91682c157e46d954035
d618d4869738e0dc22360f0ec0cbb6433257843f24723fac240dda0906685238
d687de445d05ec6572b8cb968a94b654262a4ef39b2b4e287d7df7a805e9f660
f9efaff7f74df860f8d3e043db46fbb7f1beb8f66fba98df53ab88ab169f6e4b

ntsa.pesaflow.com Open in urlscan Pro 41.209.55.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

8973 kBTransfer

9268 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

2 Cookies

Security Headers

Indicators

ntsa.pesaflow.com Open in urlscan Pro
41.209.55.106 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

8973 kB
Transfer

9268 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions