![](/screenshots/40edb83a-44ca-4bb0-9444-cbf482cccaba.png)
nc-helpdesk.syncromsp.com
Open in
urlscan Pro
2606:4700::6812:118d
Public Scan
Effective URL: https://nc-helpdesk.syncromsp.com/users/sign_in
Submission Tags: threatview.io malwar3ninja rule: suspicious named domain automated-submission Search All
Submission: On April 20 via api from US — Scanned from FR
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 16th 2023. Valid for: a year.
This is the only time nc-helpdesk.syncromsp.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 217.70.184.55 217.70.184.55 | 29169 (GANDI-AS ...) (GANDI-AS Domain name registrar - www.gandi.net) | |
1 6 | 2606:4700::68... 2606:4700::6812:118d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:4f49 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 104.17.2.184 104.17.2.184 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
10 | 4 |
ASN29169 (GANDI-AS Domain name registrar - www.gandi.net, FR)
PTR: webredir.gandi.net
nc-helpdesk.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
syncromsp.com
1 redirects
nc-helpdesk.syncromsp.com |
389 KB |
2 |
cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4647 |
14 KB |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 817 |
7 KB |
1 |
nc-helpdesk.com
1 redirects
nc-helpdesk.com |
99 B |
10 | 4 |
Domain | Requested by | |
---|---|---|
6 | nc-helpdesk.syncromsp.com |
1 redirects
nc-helpdesk.syncromsp.com
static.cloudflareinsights.com |
2 | challenges.cloudflare.com |
nc-helpdesk.syncromsp.com
challenges.cloudflare.com |
1 | static.cloudflareinsights.com |
nc-helpdesk.syncromsp.com
|
1 | nc-helpdesk.com | 1 redirects |
10 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
syncromsp.com Cloudflare Inc ECC CA-3 |
2023-08-16 - 2024-08-15 |
a year | crt.sh |
cloudflareinsights.com GTS CA 1P5 |
2024-03-10 - 2024-06-08 |
3 months | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2023-08-18 - 2024-08-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://nc-helpdesk.syncromsp.com/users/sign_in
Frame ID: 7C3FE16889EAA2106DF35191D7725050
Requests: 12 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/e2bc4/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 26117185602838C07403C9A49A22B170
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/40edb83a-44ca-4bb0-9444-cbf482cccaba.png)
Page Title
SyncroMSP | The Modern Managed Services Provider PlatformPage URL History Show full URLs
-
http://nc-helpdesk.com/
HTTP 307
https://nc-helpdesk.com/ HTTP 301
https://nc-helpdesk.syncromsp.com/ HTTP 302
https://nc-helpdesk.syncromsp.com/users/sign_in Page URL
Detected technologies
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://nc-helpdesk.com/
HTTP 307
https://nc-helpdesk.com/ HTTP 301
https://nc-helpdesk.syncromsp.com/ HTTP 302
https://nc-helpdesk.syncromsp.com/users/sign_in Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
sign_in
nc-helpdesk.syncromsp.com/users/ Redirect Chain
|
361 KB 266 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
nc-helpdesk.syncromsp.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ |
385 KB 110 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
39 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v55bfa2fee65d44688e90c00735ed189a1713218998793
static.cloudflareinsights.com/beacon.min.js/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
api.js
challenges.cloudflare.com/turnstile/v0/b/471dc2adc340/ |
41 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
e8f5cae4-782f-4fb1-a151-9a145852516a
https://nc-helpdesk.syncromsp.com/ |
13 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
rum
nc-helpdesk.syncromsp.com/cdn-cgi/ |
0 172 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
nc-helpdesk.syncromsp.com/ |
0 128 B |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
dd83abb4b91700b
nc-helpdesk.syncromsp.com/cdn-cgi/challenge-platform/h/b/flow/ov1/412537749:1713582561:ab4HPbcXV0V2NHZYhsANdKF8gJOE9_ARhYgsGA5BQBA/877214dee9182a3f/ |
16 KB 12 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/e2bc4/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 2611 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
38533fc8-5637-412d-b61a-f0c19e08fa1f
https://nc-helpdesk.syncromsp.com/ |
80 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
19 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| _cf_chl_opt function| QKzi4 function| pHffp5 object| wsehH7 object| JUFg1 function| HmFmEq1 function| MBHE7 function| AohC9 function| ZbqNq8 boolean| MEJVQF9 function| zxRZye7 object| qjGMMj8 number| kQmFO6 object| angular object| __cfBeacon object| turnstile boolean| OdIaJ1 string| Ytrw73 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.syncromsp.com/ | Name: _syncro_session Value: ba2949a57f9baaafea13f59fb8e6097e |
|
nc-helpdesk.syncromsp.com/ | Name: __cflb Value: 0H28uvJc2ZJ6pH1zSDtLYAQGhPEg4Cf7dDSjvorG6JG |
|
nc-helpdesk.syncromsp.com/ | Name: cf_chl_3 Value: dd83abb4b91700b |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
challenges.cloudflare.com
nc-helpdesk.com
nc-helpdesk.syncromsp.com
static.cloudflareinsights.com
104.17.2.184
217.70.184.55
2606:4700::6810:4f49
2606:4700::6812:118d
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
1d5d7571ddb9876d6bdb02c3291e62d788f660b71e6eb9d9032234a691db4680
2582c726b38a52649644dbcacbc12752ed2c8ea59be768e12398bcb70ff1451d
4552665a5be36bb632f004cff25857d711381815c2261003cd69c113b9401e62
616a8b6c4cc8e901ad7248cdbe5f6e2b5b9446a61e90473cbbe58e05a5771e7e
6e27fd97a271f677857d618bdedcf98e00e05fcf11a4a6365a523c3f22931191
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
8ea8842d1368f1e5a205fa602632bd97a5f4e3e5605399b7920dc4d266c367b4
926dc3302f99ec05e4206e965ddeb7250f5910a8c38e82c7beafb724bbaaf37b
a4d75b26813ab170d27ca2e7c56fef9108496175312419da9dcf15c36ac40b0d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855