nauzer-892verm035-ccou03nta.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nauzer-892verm035-ccou03nta.com/ereh/html.htm
Effective URL:
https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/
Submission: On March 30 via manual (March 30th 2023, 11:35:41 am UTC) from US — Scanned from NL

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 20 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is nauzer-892verm035-ccou03nta.com.
TLS certificate: Issued by R3 on March 24th 2023. Valid for: 3 months.

This is the only time nauzer-892verm035-ccou03nta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:310... 2606:4700:3108::ac42:2905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	62.210.131.75 62.210.131.75	12876 (Online SAS) (Online SAS)
20	3

12 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

nauzer-892verm035-ccou03nta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2905 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cli.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.210.131.75 (France)

ASN12876 (Online SAS, FR)
PTR: lievre.ubiqwi.com

none.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	nauzer-892verm035-ccou03nta.com nauzer-892verm035-ccou03nta.com	3 KB
1	none.com none.com — Cisco Umbrella Rank: 730705
1	cli.co 1 redirects cli.co	199 B
20	3

	Domain	Requested by
12	nauzer-892verm035-ccou03nta.com	nauzer-892verm035-ccou03nta.com
1	none.com	nauzer-892verm035-ccou03nta.com
1	cli.co	1 redirects
20	3

This site contains no links.

Subject Issuer	Validity	Valid
*.nauzer-892verm035-ccou03nta.com R3	`2023-03-24` - `2023-06-22`	3 months	crt.sh
none.com R3	`2023-03-16` - `2023-06-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/
Frame ID: C208755F6BEAF315D24F35A2E09F7478
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Navy Federal Credit Union - We serve where you serveNavy Federal Credit Union - We serve where you serve

Page URL History Show full URLs

https://nauzer-892verm035-ccou03nta.com/ereh/html.htm Page URL
https://cli.co/1WyPEPH HTTP 302
https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

65 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

3 kB
Transfer

4 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nauzer-892verm035-ccou03nta.com/ereh/html.htm Page URL
https://cli.co/1WyPEPH HTTP 302
https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	html.htm Show response nauzer-892verm035-ccou03nta.com/ereh/	0 544 B	1716ms 1533ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nauzer-892verm035-ccou03nta.com/ereh/html.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7b000cce3cd40e33-AMS content-encoding br content-type text/html; charset=UTF-8 date Thu, 30 Mar 2023 11:35:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} refresh 0 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNf0s%2ByX%2FVBg9eEK7OiQJ5BPP5A7XlI9NdJQwuYqzvUdK4oZqaN4ospBCuyaAsA8oe4VKZ0zvvOUBD%2B3n8U%2FUe%2FWntasRwlwwQTFXkU8oZhxSipjiBX3IJqgrL18DrD72%2BUtxDH2%2FdYmhGO8S%2B2T%2F0y%2F%2B72h%2F2ivfqHAjQm9"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	html.htm Show response nauzer-892verm035-ccou03nta.com/ereh/	66 B 447 B	719ms 719ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nauzer-892verm035-ccou03nta.com/ereh/html.htm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `748cf7aece8f05cf858e78064d471c53a52cec7a22eecb132e675029fb444463` Request headers Referer https://nauzer-892verm035-ccou03nta.com/ereh/html.htm Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7b000cd7e9d70e33-AMS content-encoding br content-type text/html; charset=UTF-8 date Thu, 30 Mar 2023 11:35:37 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0AeVkWy1aTxII%2FMkc37aVLfwhEc6u5HiXdvDzuqLQJUROFPGtiomkJsIWbhXbt%2BAIPDSAknJsK5Lj8dVsKlIemZJRLqzPGkdWiRLsPUAY3l6kol0mx5p9mfUjA0GVJuCNWHeA5JTMJ4ItRKHidyIFb%2FOr9qeeHpX%2B14uQFC"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H3	200	Primary Request / Show response nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ Redirect Chain https://cli.co/1WyPEPH https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/	4 KB 2 KB	852ms 851ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6877ea5eaa42d66d9bcc88ee4fef0b878587b7740af5d74d1228006e51ff6b9b` Request headers Referer https://nauzer-892verm035-ccou03nta.com/ereh/html.htm Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 7b000cde89ac0e31-AMS content-encoding br content-type text/html; charset=UTF-8 date Thu, 30 Mar 2023 11:35:38 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRPH%2FVKvRjt1XyokrPMiqMe6PXYEKKIrez6Oyg03Hhnp%2BnOpPWUC%2B6IKlbLG1I5%2Bzypq2m%2BqS1lg7%2FzgSp8oCcut7aAiFXF3kySaYTUo73YNgUMchBpQxp4ihm77Ut3S2C14nZUNWFm3BQ8nHGMJlY022kwtvxJEEjcauG7t"}],"group":"cf-nel","max_age":604800} server cloudflare Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7b000cdcec75b760-AMS content-length 0 date Thu, 30 Mar 2023 11:35:37 GMT location https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ server cloudflare
GET H3	404	bat.js nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/imgs/	0 0	115ms 115ms	Script text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/imgs/bat.js Requested by Host: nauzer-892verm035-ccou03nta.com URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 11:35:38 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=keY0v8zArntl7yA84zpt95A0Sxt9X69ydutI49xJKidyoc1VuXqQVP5%2B7xPGJFiP6YVQ5zBWNyho3nr3AFVBlK8UHGyeYhyEJTfCs0D%2FJTKlepufOf4%2FN4CQ9CS5C6XNybTjemr4RHzVHD%2FmUlHuq09d4EtTkz5XYcmqx3SF"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7b000ce3d8c50e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	s39876891442473.js nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/imgs/	0 0	1223ms 1221ms	Script text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/imgs/s39876891442473.js Requested by Host: nauzer-892verm035-ccou03nta.com URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 11:35:40 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85H9U2Md3OSEUmKu0W%2FRPjRtuhyd66SB6pIvhy%2BwFgFwuqdwQg7a2uW8ey2tPsdveW21lBCo1MSL%2BsFF8A5vkbhL5wwrO7lNQWqInhDWrTiEbLo5itR2R%2BDg8IF3JtPa%2FePQMEyXDcsA74fqT2SMZhxXPPjkUA%2F2gStvNGrO"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7b000ce3e8ca0e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	styles.css nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/	0 0	113ms 112ms	Stylesheet text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/styles.css Requested by Host: nauzer-892verm035-ccou03nta.com URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 11:35:38 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RjAl3zjAuJwQLVKEea2OCNXNszEZFjyHSxaTakkl%2BWqugGNo0KTNmoaL3CkWyREL5NO5asr1P8s836LKR9YsJgrd2KfddTbkgdIHFqGAGEHhO6kryqXnQaKTviGPesXwB4u7buHVXTEQbQJxnkyEqbWfnfWeDZnIRUKe1rY0"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7b000ce3e8cc0e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	css.css nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/	0 0	112ms 110ms	Stylesheet text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/css.css Requested by Host: nauzer-892verm035-ccou03nta.com URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 11:35:38 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oBMjhsRqztCGKNad3SHVKILYsyVtunk3ifwh1z36KrbnwriZZqDeb53axrsGZs8nVHj%2BTaJyToPM9Uui1of2nVuVGgjHH%2BzyWnYyyP7GeBxHs91wwMKo%2BYqO7GLV50xbHLU5mqOLn25i6h1A2A0ynNI6ZjukoXOXqRPZv4Me"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7b000ce3e8cd0e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	facebox.css nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/	0 0	110ms 108ms	Stylesheet text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/facebox.css Requested by Host: nauzer-892verm035-ccou03nta.com URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 11:35:38 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPaV3yZy%2Bjsq3OPncurrkWzPRuneK5wQREwwxRQ6eprINu3ihlNmRfUq0lXsNI%2BMtGvMqPmAkYnIhYPio6WrF3wsAGfRO2nzHdk7d%2BV752z%2FNZRzOGxo0TXhjzCbgMgCLO3aGtGGLJEZQAdHTPji04z5%2FmP9JIoettZITWdp"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7b000ce3e8cf0e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	jquery-1.js nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/	0 0	211ms 209ms	Script text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/jquery-1.js Requested by Host: nauzer-892verm035-ccou03nta.com URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 11:35:39 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8jBlY0U%2BBB492pnrim8px9lS9S5f8U1uwYEDkIxbTy86nZG9ss7FCjEx2EmsmUJYgafaSTeI9bWl6FWrzCMKLR7RDzezO9gwNegkwhf8QtmZU3XRwODOzVQP8gp5mVktQYAfLbvqaW6rEWh45p7rbBhzAWRrsbooeNVnaQD"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7b000ce3e8d00e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	jquery.js nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/	0 0	113ms 112ms	Script text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/jquery.js Requested by Host: nauzer-892verm035-ccou03nta.com URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 11:35:38 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJdlfkVvQWkN%2FXz0e7dDmNoY0uakjIhuTEs1bWScIkTjWrk%2B6jlw6K4cgmekvpZj%2Blq8UC13IKGCpqUNLtVryfd13gO60%2Bq4fMKusTyV6LkYtCvKWO6JePPZ3VgHLRXntaGMKtt8YvtBBILcGG%2Bmtf69BhlqiaIskuIuOAHV"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7b000ce3e8d10e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	facebox.js nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/	0 0	111ms 109ms	Script text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/facebox.js Requested by Host: nauzer-892verm035-ccou03nta.com URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 11:35:38 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WEb9EN%2F0OowtvMJbuiU45l9XjFdG2nc6UIDMfarixW%2BbX26Gi7g7SEOo0ozgIgEYBrfqKPLxOpWauw4domOuBRa6Z1TxtXDE30bkphBSl99P%2BY4680ZSL9Wiz8zwf6lV9ym2%2B8nhDWTxFEm1xDFp3Pl7f7S00Fbz8DrnarlS"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7b000ce3e8d20e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	404	aggregator.css nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/imgs/	0 0	1218ms 1217ms	Stylesheet text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/imgs/aggregator.css Requested by Host: nauzer-892verm035-ccou03nta.com URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Thu, 30 Mar 2023 11:35:40 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8xdcQaU%2BnVy%2BYAKR6x8V9DdyY5b4FpOpg73y5URmyrdvPW3mypy7lIp74a6dd%2F%2B7RSwAix3YupqBU1W4gdBY7cJCwWmuJB4Ope2G7dKXQY0rwFKV9brND3DIfs9vKxxYyka9Qxods5v1gfT8xRovckkRQk5fxj2KR1dAzNg"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7b000ce3e8d30e31-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET		header.PNG nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/images/	0 0

GET		headlnk.PNG nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/images/	0 0

GET		loginbd.PNG nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/images/	0 0

GET		ads.PNG nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/images/	0 0

GET		help.PNG nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/images/	0 0

GET		footer.png nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/images/	0 0

GET		signinbt.PNG nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/images/	0 0

GET H2	200	/ none.com/	0 0	123ms 25ms	Image text/html	62.210.131.75 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://none.com/ Requested by Host: nauzer-892verm035-ccou03nta.com URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 62.210.131.75 , France, ASN12876 (Online SAS, FR), Reverse DNS lievre.ubiqwi.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language nl-NL,nl;q=0.9 Referer https://nauzer-892verm035-ccou03nta.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nauzer-892verm035-ccou03nta.com
URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/images/header.PNG

Domain: nauzer-892verm035-ccou03nta.com
URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/images/headlnk.PNG

Domain: nauzer-892verm035-ccou03nta.com
URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/images/loginbd.PNG

Domain: nauzer-892verm035-ccou03nta.com
URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/images/ads.PNG

Domain: nauzer-892verm035-ccou03nta.com
URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/images/help.PNG

Domain: nauzer-892verm035-ccou03nta.com
URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/images/footer.png

Domain: nauzer-892verm035-ccou03nta.com
URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/images/signinbt.PNG

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| unhideBody

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			nauzer-892verm035-ccou03nta.com/	1970-01-20 10:42:59	Name: chk Value: test
			nauzer-892verm035-ccou03nta.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 8eeaa204c7f0105871d910ae8362a8ef

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/ Message: Mixed Content: The page at 'https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/' was loaded over HTTPS, but requested an insecure element 'http://none.com/'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/facebox.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/facebox.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/css.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/styles.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/jquery.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/imgs/bat.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/img/jquery-1.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/imgs/aggregator.css Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/(Line 102) Message: Mixed Content: The page at 'https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/' was loaded over HTTPS, but requested an insecure element 'http://none.com/'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://nauzer-892verm035-ccou03nta.com/ereh/secure/federal.orgNFOAA_Authlogin.jsp/imgs/s39876891442473.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cli.co
nauzer-892verm035-ccou03nta.com
none.com
nauzer-892verm035-ccou03nta.com
2606:4700:3108::ac42:2905
2a06:98c1:3120::3
62.210.131.75
6877ea5eaa42d66d9bcc88ee4fef0b878587b7740af5d74d1228006e51ff6b9b
748cf7aece8f05cf858e78064d471c53a52cec7a22eecb132e675029fb444463
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

nauzer-892verm035-ccou03nta.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

65 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

3 kBTransfer

4 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

2 Cookies

11 Console Messages

Indicators

nauzer-892verm035-ccou03nta.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

65 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

3 kB
Transfer

4 kB
Size

2
Cookies

20 HTTP transactions
0 data transactions