ensana-cloudflare.two.do
Open in
urlscan Pro
2a06:98c1:3121::3
Public Scan
Submission: On July 01 via automatic, source certstream-suspicious — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on May 6th 2023. Valid for: 3 months.
This is the only time ensana-cloudflare.two.do was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 81.95.110.230 81.95.110.230 | 25234 (GLOBE-AS ...) (GLOBE-AS www.active24.cz) | |
1 | 2606:4700::68... 2606:4700::6810:3865 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 3 |
ASN25234 (GLOBE-AS www.active24.cz, CZ)
PTR: gds57g.active24.cz
www.zoomletter.com | |
2022.zoomvoucher.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
zoomletter.com
www.zoomletter.com |
52 KB |
4 |
two.do
ensana-cloudflare.two.do |
11 KB |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1174 |
7 KB |
1 |
zoomvoucher.com
2022.zoomvoucher.com |
2 KB |
11 | 4 |
Domain | Requested by | |
---|---|---|
5 | www.zoomletter.com |
ensana-cloudflare.two.do
www.zoomletter.com |
4 | ensana-cloudflare.two.do |
ensana-cloudflare.two.do
|
1 | static.cloudflareinsights.com |
ensana-cloudflare.two.do
|
1 | 2022.zoomvoucher.com |
ensana-cloudflare.two.do
|
11 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
two.do GTS CA 1P5 |
2023-05-06 - 2023-08-04 |
3 months | crt.sh |
www.zoomletter.com R3 |
2023-05-16 - 2023-08-14 |
3 months | crt.sh |
beta.zoomvoucher.com R3 |
2023-06-21 - 2023-09-19 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-10 - 2024-04-09 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://ensana-cloudflare.two.do/
Frame ID: 637D7A81DBE0016C5A5750D0F2010CB9
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
Ensana Health Spa Hotels & Resorts, Europe’s leading health hotelsDetected technologies
Cloudflare Browser Insights (Analytics) ExpandDetected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
ensana-cloudflare.two.do/ |
9 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clientscripts.php
www.zoomletter.com/klienti/www-ensanahotels-com/ |
271 B 477 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vouchersshop.js
2022.zoomvoucher.com/klienti/ensana/js/ |
4 KB 2 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.js
www.zoomletter.com/klienti/www-ensanahotels-com/loyalty2/ |
2 KB 804 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.f014404006b2bed9.js
ensana-cloudflare.two.do/ |
363 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.30b71860c4f13e6f.js
ensana-cloudflare.two.do/ |
300 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.a8b8739b3f49203f.css
ensana-cloudflare.two.do/ |
30 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popupdesigner.js
www.zoomletter.com/plugins/popupdesigner/ |
42 KB 8 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.10.2.min.js
www.zoomletter.com/lib/jquery/ |
91 KB 32 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fpmodule.js
www.zoomletter.com/service/fingerprint/ |
33 KB 10 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
41 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend object| script string| ConID boolean| loaded function| processVoucherMessage function| callParameters function| removeURLParameter function| sendCookies function| processLoyaltyMessage object| popupdesignerGlobalData object| popupdesignerGlobalData_last boolean| documentLoadedPD string| scriptLocationPD undefined| fancyboxDef object| scripts number| scriptsSizePD number| scriptsLoadedPD string| s function| middleLoadPD function| afterLoadPD function| popupdesignerShowLoggedPopup function| popupdesignerShowLoggedNotPopup function| popupdesignerCloseIframe function| popupdesigner_isIE function| showPopup function| showMobilePopup function| parseQuery function| loadScriptPD function| getObjectSize function| setCookie function| deleteCookie function| getCookie function| checkAndRunAfterOpenEvent function| checkAndRunAfterCloseEvent function| addPopupAnimation function| launchPopupAnimation function| Fingerprint2 function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2022.zoomvoucher.com
ensana-cloudflare.two.do
static.cloudflareinsights.com
www.zoomletter.com
2606:4700::6810:3865
2a06:98c1:3121::3
81.95.110.230
0a383e23b7dfe21b778e7da36cfc1d65d5de6a544f6f463df96f603067732c40
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
12f0e7d8a182cee63e8f102c5a3a47ebba756b3149d88f1bc17db8a404fff270
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
351e94d221c81c39c1e4ec50946c70b4fdc842a465aac98c6cce929bc562d0c4
9f9007031cbdca4c0d46af85031186efdb490d6babeddc52199034aa72955e95
eab8608af634003a66c7ba7ad9d83824fec48dbac37e137d9044f03c0a633c7e
ec8e46aa443345ca1f739e6948cabfb2c3a2e94d3ec32947b07aa2f829be1208
f5a5b20e032a963c20a899636668ee8c498df58e9cc66aa9957f185098a8da32