![](/screenshots/79b566f5-4ada-40da-9775-67ddc1e199b5.png)
edalat.erfat.site
Open in
urlscan Pro
2606:4700:3034::ac43:d827
Public Scan
Submission Tags: @phish_report
Submission: On March 26 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by E1 on March 18th 2024. Valid for: 3 months.
This is the only time edalat.erfat.site was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2606:4700:303... 2606:4700:3034::ac43:d827 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 6 | 172.67.216.39 172.67.216.39 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
erfat.site
1 redirects
edalat.erfat.site |
148 KB |
6 | 1 |
Domain | Requested by | |
---|---|---|
7 | edalat.erfat.site |
1 redirects
edalat.erfat.site
|
6 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
erfat.site E1 |
2024-03-18 - 2024-06-16 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://edalat.erfat.site/dashbord/Success.php
Frame ID: 09EB273F158515426B2E34A22E09E2B0
Requests: 4 HTTP requests in this frame
Frame:
https://edalat.erfat.site/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: F9EC12465A9785D3647ADB1B2C3FCE71
Requests: 2 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://edalat.erfat.site/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://edalat.erfat.site/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Success.php
edalat.erfat.site/dashbord/ |
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
madaret.gif
edalat.erfat.site/IMG/ |
60 KB 60 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Shabnam-FD.ttf
edalat.erfat.site/Fonts/ |
81 KB 81 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
edalat.erfat.site/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame F9EC Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
edalat.erfat.site/ |
548 B 561 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
86a8bf721d463527
edalat.erfat.site/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame F9EC |
0 592 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onpagereveal1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.erfat.site/ | Name: cf_clearance Value: HAiG2AmHoy9D3cK1pQY9.uAGHt4PQY3wVfg3HAjTJbA-1711472962-1.0.1.1-aKV3NAe3hI6_4Q3TEE_vSqhT9PEvLeDQePmsHHmN.3T_zc0UcW7xgjFmvSEmdYBM4XV7e5vmePt.DL9YKRW9Lw |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
edalat.erfat.site
172.67.216.39
2606:4700:3034::ac43:d827
0f215eb7be8f57d0cd76e07b428b4ab1d9932a92bf8dd09f12be8fabde49b9ff
318e4d8dc81ddc9f8055a0727f5e753dbe1cda6c44d702e27bf75081b40d69e0
8112ff51986ead9f2aa6d4b060d60f3eee8c82ad8544ef481c280661a2e82a7b
b7b0413e040008efb65a68084751de7bd81838f2efa6df0b5a7092074ad07994
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855