urlscan.io logo urlscan.io
SecurityTrails logo

edalat.erfat.site Open in urlscan Pro
2606:4700:3034::ac43:d827  Public Scan

Go To Rescan Add Verdict Report
URL: https://edalat.erfat.site/dashbord/Success.php
Submission Tags: @phish_report
Submission: On March 26 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3034::ac43:d827, located in United States and belongs to CLOUDFLARENET, US. The main domain is edalat.erfat.site.
TLS certificate: Issued by E1 on March 18th 2024. Valid for: 3 months.
This is the only time edalat.erfat.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 6 172.67.216.39 13335 (CLOUDFLAR...)
6 2
Apex Domain
Subdomains		 Transfer
7 erfat.site
edalat.erfat.site
148 KB
6 1
Domain Requested by
7 edalat.erfat.site 1 redirects edalat.erfat.site
6 1

This site contains no links.

Subject Issuer Validity Valid
erfat.site
E1		 2024-03-18 -
2024-06-16		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://edalat.erfat.site/dashbord/Success.php
Frame ID: 09EB273F158515426B2E34A22E09E2B0
Requests: 4 HTTP requests in this frame

Frame: https://edalat.erfat.site/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: F9EC12465A9785D3647ADB1B2C3FCE71
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

6
Requests

83 %
HTTPS

50 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

148 kB
Transfer

150 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://edalat.erfat.site/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://edalat.erfat.site/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Success.php
edalat.erfat.site/dashbord/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://edalat.erfat.site/dashbord/Success.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:d827 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f215eb7be8f57d0cd76e07b428b4ab1d9932a92bf8dd09f12be8fabde49b9ff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
fi-FI,fi;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86a8bf721d463527-WAW
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 26 Mar 2024 17:09:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vsOJ2HbCO0btxVOdxOfSoSAyDKBqWfesPYKyJthbXPXEXgSc7DWpmPbaf5IExzNEZUtBoIivj896%2FIZTA2JaKWt7WtC%2Fsa3bqmzZFqtR%2FZqIFVeQ2ADvnfHk%2F7ImbL3%2BmS8HcBvSvQcYDg%2BJaeUdsw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
madaret.gif
edalat.erfat.site/IMG/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edalat.erfat.site/IMG/madaret.gif
Requested by
Host: edalat.erfat.site
URL: https://edalat.erfat.site/dashbord/Success.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.216.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8112ff51986ead9f2aa6d4b060d60f3eee8c82ad8544ef481c280661a2e82a7b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://edalat.erfat.site/dashbord/Success.php
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:09:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7004
alt-svc
h3=":443"; ma=86400
content-length
61136
last-modified
Wed, 23 Aug 2023 13:57:23 GMT
server
cloudflare
etag
"64e61043-eed0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZW2rXP9s0QsETedwwXqE%2FqlAPoI12WHbrxKM2z5WWLwN1vr3Swn1m1tTLKLp5VDHVLxQ%2FK807Z251rl02ldma3OfdkjLxrjkPGavmsgFw616Ha5io%2FHxM5h2gtkqtrkrw00Y6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
86a8bf7cbc745b97-VIE
expires
Thu, 25 Apr 2024 15:12:38 GMT
Shabnam-FD.ttf
edalat.erfat.site/Fonts/ 		81 KB
81 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://edalat.erfat.site/Fonts/Shabnam-FD.ttf
Requested by
Host: edalat.erfat.site
URL: https://edalat.erfat.site/dashbord/Success.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.216.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
318e4d8dc81ddc9f8055a0727f5e753dbe1cda6c44d702e27bf75081b40d69e0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://edalat.erfat.site/dashbord/Success.php
Origin
https://edalat.erfat.site
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:09:22 GMT
cf-cache-status
HIT
last-modified
Wed, 23 Aug 2023 13:57:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
7004
etag
"64e61043-14368"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ntuiGbTqe5dyG6yKonGVBipnpOAvGYTxz1a9IJmQ0XlzGbqk1wM2%2BFYN6jZIqvSppuA7ePptAnH5pHzQEiRLtUvvFcRWnvcUs7RBpAaX6luJPMSeJaB5ntaoTxawKZoEOZaE4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86a8bf7cdcb25b97-VIE
alt-svc
h3=":443"; ma=86400
content-length
82792
main.js
edalat.erfat.site/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame F9EC
Redirect Chain
  • https://edalat.erfat.site/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://edalat.erfat.site/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edalat.erfat.site/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Protocol
H3
Server
172.67.216.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7b0413e040008efb65a68084751de7bd81838f2efa6df0b5a7092074ad07994
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Tue, 26 Mar 2024 17:09:22 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0eRvFO7zEWeI3FPOisKK0DZH0tnD%2Fq9hbG%2Fi2fFGdK0CfzvobUpvalXkyW20jXsMsiX6wofw9l1eeSH%2BjFyaAaVRfPW7XS2kr7pOKNk0ZFeX0ZfZr4T%2BXcD1lPrjpRkijOgPDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
86a8bf7e88c65b97-VIE
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 26 Mar 2024 17:09:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YLv9gbVRfXTenTawt%2BQ5Q7WUq7bgWGDHBuTiEDhP%2B0feCWB%2FQi7yLi0dyb5L30r%2FKjmwizqW7fwSDIQy0%2BBvDI2u3PulDQOeup4lgcJkwFUinSIbJiFnRD3yv%2FKfGO4WT5ZWgw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
86a8bf7cdccc5b97-VIE
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
edalat.erfat.site/ 		548 B
561 B 		Other
General
Check archive.org
Download Go to
Full URL
https://edalat.erfat.site/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.216.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://edalat.erfat.site/dashbord/Success.php
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 17:09:22 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dVcQJmY%2F1wOt3FheCAiIdZFV0zu7M6VsM1fhokDRjkZBfAOcyjMiB0p5z4wtGj2tr77d%2Bw2zGpOeL7e9Iu%2FdBlqSk2%2B1NMejyI9u9n5I6KsMaq7vL8SNrZ3nTvf37AztLIYdLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
86a8bf7e88cd5b97-VIE
alt-svc
h3=":443"; ma=86400
86a8bf721d463527
edalat.erfat.site/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame F9EC 		0
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edalat.erfat.site/cdn-cgi/challenge-platform/h/g/jsd/r/86a8bf721d463527
Requested by
Host: edalat.erfat.site
URL: https://edalat.erfat.site/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.216.39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
fi-FI,fi;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 26 Mar 2024 17:09:22 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OrSN%2FcwVTd5LpVg0Bc28y%2BLbpd5iJ4EXI5Tn1gWc9OWuKu%2Fn4%2Fl8kyVle9T34EAL5f6NYi5g2cpkF99uE20W2zVu%2BO%2FwM9mwPrRheo17DtCh5XG6QTzrzByjqeUZWq4U1aNMxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
86a8bf7f4ab35b97-VIE
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onpagereveal

1 Cookies

Domain/Path Name / Value
.erfat.site/ Name: cf_clearance
Value: HAiG2AmHoy9D3cK1pQY9.uAGHt4PQY3wVfg3HAjTJbA-1711472962-1.0.1.1-aKV3NAe3hI6_4Q3TEE_vSqhT9PEvLeDQePmsHHmN.3T_zc0UcW7xgjFmvSEmdYBM4XV7e5vmePt.DL9YKRW9Lw

1 Console Messages

Source Level URL
Text
network error URL: https://edalat.erfat.site/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()