urlscan.io logo urlscan.io
SecurityTrails logo

drive.vestige.fun Open in urlscan Pro
172.67.151.85  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://drive.vestige.fun/
Effective URL: https://drive.vestige.fun/
Submission: On May 25 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 8 HTTP transactions. The main IP is 172.67.151.85, located in United States and belongs to CLOUDFLARENET, US. The main domain is drive.vestige.fun.
TLS certificate: Issued by GTS CA 1P5 on April 16th 2024. Valid for: 3 months.
This is the only time drive.vestige.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 172.67.151.85 13335 (CLOUDFLAR...)
1 172.67.163.116 13335 (CLOUDFLAR...)
8 2
Apex Domain
Subdomains		 Transfer
8 vestige.fun
drive.vestige.fun
395 KB
1 gethack.fun
www.gethack.fun
62 KB
8 2
Domain Requested by
8 drive.vestige.fun 1 redirects drive.vestige.fun
1 www.gethack.fun
8 2

This site contains no links.

Subject Issuer Validity Valid
vestige.fun
GTS CA 1P5		 2024-04-16 -
2024-07-15		 3 months crt.sh
gethack.fun
GTS CA 1P5		 2024-04-27 -
2024-07-26		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://drive.vestige.fun/
Frame ID: D104DFDCA075281B89B66209880A0A8A
Requests: 6 HTTP requests in this frame

Frame: https://drive.vestige.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Frame ID: 79B876F4CD7FA5C108DE1498D7F52FD0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Vestige Reborn

Page URL History Show full URLs

  1. http://drive.vestige.fun/ HTTP 307
    https://drive.vestige.fun/ Page URL

Page Statistics

8
Requests

88 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

457 kB
Transfer

1517 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://drive.vestige.fun/ HTTP 307
    https://drive.vestige.fun/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://drive.vestige.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://drive.vestige.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
drive.vestige.fun/
Redirect Chain
  • http://drive.vestige.fun/
  • https://drive.vestige.fun/
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://drive.vestige.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f4e20a35adc3272254d256dff7fa3a7b82ac79b5c401cf018aeb67572c044c5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8894b02918973605-FRA
content-encoding
br
content-type
text/html
date
Sat, 25 May 2024 10:02:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2Fs3RbW5UcMFEB7jALOMq8VOvwgg3V40%2BYs9LwbkxwepKeD%2BCzYJwpe37fegHLrsuKlWCogAOiwXeUtP7rnY9aT1MPebRn7w9DieXur8PVC0hOwtwfRXMCCpLi8gLSzLCJnu6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://drive.vestige.fun/
Non-Authoritative-Reason
HttpsUpgrades
6.d9dc5367.chunk.css
drive.vestige.fun/static/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://drive.vestige.fun/static/css/6.d9dc5367.chunk.css
Requested by
Host: drive.vestige.fun
URL: https://drive.vestige.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd48e612b1cd8c6c54a3a50503a472df0e12da4b3b9dd9e613a7a6bcb279217b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://drive.vestige.fun/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 10:02:09 GMT
content-encoding
gzip
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
alt-svc
h3=":443"; ma=86400
content-length
987
last-modified
Sat, 25 May 2024 10:02:09 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6KBvRQwA%2FbCzrh4h9NBI8Ej8nZ8Ka3IGJ42Dr87yysclEpdrBSHQEvRo%2FGZ7wMkW0ZHMv6P1tILn8868Z1yx7YL5qxWcP3mzmcashrv9nrczl3E892PTBnJebZSNPQztyw1pRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8894b02c4d0e3605-FRA
expires
Sat, 25 May 2024 10:02:14 GMT
6.65a5ffb7.chunk.js
drive.vestige.fun/static/js/ 		1023 KB
299 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://drive.vestige.fun/static/js/6.65a5ffb7.chunk.js
Requested by
Host: drive.vestige.fun
URL: https://drive.vestige.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a6b0b32283b99544c994964320f2c7e9ed6125297d11facca496af1c49c65a8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://drive.vestige.fun/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 10:02:09 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 25 May 2024 10:02:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B5RL2Eum5DS3V2ZthesfkBg96pdDmMP3wc%2FhDXk8V8IsoWxeHQJ4H5T59XAaNG%2BTpklJULEQc7e9J%2FUHrjyiHgDvtQXizw9%2BqSeQ%2FxMrqxyqOKVqywdg%2Fqo0WF4EoEVlS01%2BzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8894b02c4d113605-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 25 May 2024 10:02:14 GMT
main.22520c9b.chunk.js
drive.vestige.fun/static/js/ 		374 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://drive.vestige.fun/static/js/main.22520c9b.chunk.js
Requested by
Host: drive.vestige.fun
URL: https://drive.vestige.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c3bdac765dd251979aa785c81825a91fdc70855cd9fdb5a8b4b219d764b781

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://drive.vestige.fun/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 10:02:09 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Sat, 25 May 2024 10:02:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zXXgPQ3uRyQOYiMWbaOyvebMC260MY0GTJvJXhQLl6PgvFouZXxFbZjqdpJje8J47Ca%2FPgrikE8HMu7R0os7I42MQ8CxqJS9pEiTlep1DKb0Jn1F5JG%2BLkdyVpj1s75n3PRL5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8894b02c4d123605-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 25 May 2024 10:02:14 GMT
config
drive.vestige.fun/api/v3/site/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://drive.vestige.fun/api/v3/site/config
Requested by
Host: drive.vestige.fun
URL: https://drive.vestige.fun/static/js/6.65a5ffb7.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e62a9545ce2d6551f2815558ca9c2ecf3000cbbeb9a93ffc336eedbcb91008f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://drive.vestige.fun/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 10:02:10 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QDe7pt1SDRTpqm3cCa2AyeHZABbwjPSMQQwV6oC9jmOw25CDl9pJ24GYpJMIAZVgB9WdgaL9jyVZNW0ZmUoaMG0qv3nPqzRSNiFSjdwE7Nb0NlushdaK1bF34NnQ7ZPBUxoq0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-cache
cf-ray
8894b0338e6a3605-FRA
alt-svc
h3=":443"; ma=86400
main.js
drive.vestige.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/ Frame 79B8
Redirect Chain
  • https://drive.vestige.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://drive.vestige.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://drive.vestige.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Protocol
H3
Server
172.67.151.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07581c3d90ccc96479f6eb58be2f591b9dfebd45b9d0ab0e6c92afc71e9f447a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sat, 25 May 2024 10:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TU82Bj9fPNWFv8u4drQdubPBxlztRISi1gY%2FCtbIfR0AQXDC6D8kkcfTiQnrmnzMyVBoQ9MCCkEqPC2ESnCS0CPqm2aVz3GZmzMz1G4QFBIHr9eCsTs3L4ac3hiBrUR2bB8fRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8894b0343f523605-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sat, 25 May 2024 10:02:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xykrvglx3LonQFyZqsl5yt8d2YpoDxxQLKLozfjkYh%2F22qOK%2FyottBqsK3QCHcRt%2FlhUEB4OCXc9ZsJQ8Phnflr%2B5DcOYlxlvYLmyqdSy3s0N%2FQwyfJo24xT3Uxa1QHBsRaGig%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
cache-control
max-age=300, public
cf-ray
8894b0341f0a3605-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
www.gethack.fun/ 		100 KB
62 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gethack.fun/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.116 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2843e98a52f6c38b68bc23ee0a972d7d384b9d0b4b6e3d8da816b4444323b62b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://drive.vestige.fun/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 10:02:10 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 29 Feb 2024 21:34:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
156
etag
W/"65e0f86f-19151"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6giryVipJNU2L0VL2ddwKiv27mUs7liSApXFbazh2ckLQQythKyvKt12Fsa28YRvOIbz24kgIJNI8XCo40TKL1v4cKUO8Yj4Y4E%2BcmjDm8ZmyMe%2FdrTNw1Ok3CdZuHvgc8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
8894b0349dca9a05-FRA
alt-svc
h3=":443"; ma=86400
8894b02918973605
drive.vestige.fun/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 79B8 		0
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://drive.vestige.fun/cdn-cgi/challenge-platform/h/b/jsd/r/8894b02918973605
Requested by
Host: drive.vestige.fun
URL: https://drive.vestige.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.151.85 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 25 May 2024 10:02:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZnI1pBaIAc4%2Fsecc7dj8%2B%2FNocLThH%2Bp8XV9FqrF5wUWB3dXnJShsKUmLRX%2BbmrTyzvuFlNZnZoxJmUVRE%2BDJ2%2BPJU9g9rx3w4UABat9JIagd7ojphhfg5gKMeCA9oC9uWD0xqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8894b034c8083605-FRA
alt-svc
h3=":443"; ma=86400
content-length
0

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| subTitle object| webpackJsonpcloudreve-frontend number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| ZIP

2 Cookies

Domain/Path Name / Value
drive.vestige.fun/ Name: cloudreve-session
Value: MTcxNjYzMTI3NHxOd3dBTkVwT1JWbEVOelpLVERWVVJUSkxNMWRMVEVWS1UwOUVRMUpJVGxwVFdsVmFWa1JJV1ZOVVVVRTFORVV6V0UxRVMwUlBVRUU9fHdrlWhAlQwpFZo0Kp8a2a9ygajrn2hYsfJ20A8iHguS
.vestige.fun/ Name: cf_clearance
Value: DFjCNsguEFwWES_SNGiN7o1lTFUrdO51q9M7d38jvI4-1716631330-1.0.1.1-3yPO1kUa1ClUr29Hc93HhoLh7FqwJluPHQ52VH.Fw3xnDLJQG7JjeC7Lml90e93UQLp0XJPDZJFHjZcvl8XmPQ

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://drive.vestige.fun/login
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o