edfsa.at.ua Open in urlscan Pro
213.174.157.150  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request burton.html Show response edfsa.at.ua/	10 KB 4 KB	397ms 110ms	Document text/html	213.174.157.150 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://edfsa.at.ua/burton.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 213.174.157.150 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS s101.ucoz.net Software nginx/1.8.0 / Resource Hash f4d523f818ef20c01cebaa7de1a83785136c1f362c63eb13de69a9303ebb2df1 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Host edfsa.at.ua Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site none Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Response headers Server nginx/1.8.0 Date Wed, 30 Oct 2019 03:50:40 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=15 Expires Tue, 19 Nov 2019 03:50:40 GMT Cache-Control max-age=1728000 X-Frame-Options SAMEORIGIN Content-Encoding gzip
GET H/1.1	200 OK	stylesheet.css whmailtfa.halliburton.com/dana-na/auth/url_1/css/	5 KB 5 KB	569ms 131ms	Stylesheet text/css	134.132.52.203 Halliburton Company
General Check archive.org Show headers Download Go to Full URL https://whmailtfa.halliburton.com/dana-na/auth/url_1/css/stylesheet.css Requested by Host: edfsa.at.ua URL: https://edfsa.at.ua/burton.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 134.132.52.203 Houston, United States, ASN22717 (HALLIBURTON - Halliburton Company, US), Reverse DNS Software / Resource Hash 8e3a1e8bebd894fd38cd2b01c330f3aa985795039828fa656e9b019367436376 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://edfsa.at.ua/burton.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Last-Modified Tue, 09 Sep 2014 18:07:56 GMT X-Frame-Options SAMEORIGIN Content-Type text/css Cache-Control max-age=86400, must-revalidate Connection Keep-Alive Keep-Alive timeout=15 Content-Length 5327
GET H/1.1	200 OK	ds.js Show response whmailtfa.halliburton.com/dana-na/css/	26 KB 26 KB	575ms 133ms	Script application/x-javascript	134.132.52.203 Halliburton Company
General Check archive.org Show headers Download Go to Full URL https://whmailtfa.halliburton.com/dana-na/css/ds.js Requested by Host: edfsa.at.ua URL: https://edfsa.at.ua/burton.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 134.132.52.203 Houston, United States, ASN22717 (HALLIBURTON - Halliburton Company, US), Reverse DNS Software / Resource Hash cb5587b30147c15359c71ac4d42002a790744691f3428608e433783dc21ceaaa Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://edfsa.at.ua/burton.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Last-Modified Sat, 13 Apr 2019 12:28:01 GMT X-Frame-Options SAMEORIGIN Content-Type application/x-javascript Cache-Control max-age=86400, must-revalidate Connection Keep-Alive Keep-Alive timeout=15 Content-Length 26211
GET H/1.1	200 OK	login.js Show response whmailtfa.halliburton.com/dana-na/auth/url_1/js/	11 KB 12 KB	576ms 134ms	Script application/x-javascript	134.132.52.203 Halliburton Company
General Check archive.org Show headers Download Go to Full URL https://whmailtfa.halliburton.com/dana-na/auth/url_1/js/login.js Requested by Host: edfsa.at.ua URL: https://edfsa.at.ua/burton.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 134.132.52.203 Houston, United States, ASN22717 (HALLIBURTON - Halliburton Company, US), Reverse DNS Software / Resource Hash a651fcd5c2c50d0b6891b09f841af4d85ba930f1a22cf42925221471e9471adc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://edfsa.at.ua/burton.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Last-Modified Wed, 07 May 2014 13:50:38 GMT X-Frame-Options SAMEORIGIN Content-Type application/x-javascript Cache-Control max-age=86400, must-revalidate Connection Keep-Alive Keep-Alive timeout=15 Content-Length 11571
GET H/1.1	200 OK	jquery.min.js Show response whmailtfa.halliburton.com/dana-na/auth/url_1/js/	89 KB 89 KB	575ms 134ms	Script application/x-javascript	134.132.52.203 Halliburton Company
General Check archive.org Show headers Download Go to Full URL https://whmailtfa.halliburton.com/dana-na/auth/url_1/js/jquery.min.js Requested by Host: edfsa.at.ua URL: https://edfsa.at.ua/burton.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 134.132.52.203 Houston, United States, ASN22717 (HALLIBURTON - Halliburton Company, US), Reverse DNS Software / Resource Hash c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://edfsa.at.ua/burton.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Last-Modified Fri, 29 Aug 2014 18:31:12 GMT X-Frame-Options SAMEORIGIN Content-Type application/x-javascript Cache-Control max-age=86400, must-revalidate Connection Keep-Alive Keep-Alive timeout=15 Content-Length 91342
GET H/1.1	200 OK	halliburton_logo.gif whmailtfa.halliburton.com/dana-na/auth/url_1/images/	7 KB 7 KB	578ms 135ms	Image image/gif	134.132.52.203 Halliburton Company
General Check archive.org Show headers Download Go to Show image Full URL https://whmailtfa.halliburton.com/dana-na/auth/url_1/images/halliburton_logo.gif Requested by Host: edfsa.at.ua URL: https://edfsa.at.ua/burton.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 134.132.52.203 Houston, United States, ASN22717 (HALLIBURTON - Halliburton Company, US), Reverse DNS Software / Resource Hash f00767f600dbda0049eac06d66529a288deca13c1b52472810fdf446966295f1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://edfsa.at.ua/burton.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Last-Modified Wed, 07 May 2014 15:53:16 GMT X-Frame-Options SAMEORIGIN Content-Type image/gif Cache-Control max-age=86400, must-revalidate Connection Keep-Alive Keep-Alive timeout=15 Content-Length 7379
GET H/1.1	200 OK	banner.jpg whmailtfa.halliburton.com/dana-na/auth/url_1/images/	13 KB 14 KB	578ms 135ms	Image image/jpeg	134.132.52.203 Halliburton Company
General Check archive.org Show headers Download Go to Show image Full URL https://whmailtfa.halliburton.com/dana-na/auth/url_1/images/banner.jpg Requested by Host: edfsa.at.ua URL: https://edfsa.at.ua/burton.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 134.132.52.203 Houston, United States, ASN22717 (HALLIBURTON - Halliburton Company, US), Reverse DNS Software / Resource Hash 0eaaa136dc89665f72c42d9b3e66a426a3a2d364b631c0a52ff20da8a2976002 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://edfsa.at.ua/burton.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Last-Modified Mon, 14 Jul 2014 20:17:38 GMT X-Frame-Options SAMEORIGIN Content-Type image/jpeg Cache-Control max-age=86400, must-revalidate Connection Keep-Alive Keep-Alive timeout=15 Content-Length 13750
GET H/1.1	200 OK	space.gif whmailtfa.halliburton.com/dana-na/auth/url_1/images/	1 KB 1 KB	134ms 134ms	Image image/gif	134.132.52.203 Halliburton Company
General Check archive.org Show headers Download Go to Show image Full URL https://whmailtfa.halliburton.com/dana-na/auth/url_1/images/space.gif Requested by Host: edfsa.at.ua URL: https://edfsa.at.ua/burton.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 134.132.52.203 Houston, United States, ASN22717 (HALLIBURTON - Halliburton Company, US), Reverse DNS Software / Resource Hash 96dc81a46fe3725950c7d96aa7314ebc8ec2a681f9f1815419474e475db4da97 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://edfsa.at.ua/burton.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Last-Modified Wed, 13 Oct 2010 18:10:22 GMT X-Frame-Options SAMEORIGIN Content-Type image/gif Cache-Control max-age=86400, must-revalidate Connection Keep-Alive Keep-Alive timeout=15 Content-Length 1093
GET H2	200	footer-powered-by-000webhost-white2.png cdn.000webhost.com/000webhost/logo/	2 KB 2 KB	54ms 20ms	Image image/webp	2606:4700:10::6814:432e Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png Requested by Host: edfsa.at.ua URL: https://edfsa.at.ua/burton.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:432e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5 Security Headers Name Value Strict-Transport-Security max-age=2592000 X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Sec-Fetch-Mode no-cors Referer https://edfsa.at.ua/burton.html User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers date Wed, 30 Oct 2019 03:50:41 GMT x-content-type-options nosniff cf-cache-status HIT age 5961 cf-polished origFmt=png, origSize=2046 status 200 content-disposition inline; filename="footer-powered-by-000webhost-white2.webp" x-hostinger-datacenter srv vary Accept content-length 1696 x-xss-protection 1; mode=block last-modified Tue, 29 Oct 2019 14:07:25 GMT server cloudflare x-frame-options sameorigin etag "5db8479d-7fe" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=2592000 content-type image/webp expires Wed, 30 Oct 2019 07:50:41 GMT cache-control public, max-age=14400 x-hostinger-node nl-srv-cdn2 accept-ranges bytes cf-ray 52da6d2feb4ecbc0-VIE cf-bgj imgq:100
GET H/1.1	200 OK	btn-continue.gif whmailtfa.halliburton.com/dana-na/auth/url_1/images/	3 KB 3 KB	134ms 134ms	Image image/gif	134.132.52.203 Halliburton Company
General Check archive.org Show headers Download Go to Show image Full URL https://whmailtfa.halliburton.com/dana-na/auth/url_1/images/btn-continue.gif Requested by Host: edfsa.at.ua URL: https://edfsa.at.ua/burton.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 134.132.52.203 Houston, United States, ASN22717 (HALLIBURTON - Halliburton Company, US), Reverse DNS Software / Resource Hash d953ae72f13c194f1093defa230d28f5134da8375f675ae5747aa4ef53fa3cb6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options SAMEORIGIN Request headers Sec-Fetch-Mode no-cors Referer https://whmailtfa.halliburton.com/dana-na/auth/url_1/css/stylesheet.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000 Last-Modified Mon, 25 Aug 2014 20:06:06 GMT X-Frame-Options SAMEORIGIN Content-Type image/gif Cache-Control max-age=86400, must-revalidate Connection Keep-Alive Keep-Alive timeout=15 Content-Length 2799
GET H/1.1	404 Not Found	footer-devider.png whmailtfa.halliburton.com/dana-na/auth/url_1/css/images/	0 0	135ms 135ms	Image text/html	134.132.52.203 Halliburton Company
General Check archive.org Show headers Download Go to Show image Full URL https://whmailtfa.halliburton.com/dana-na/auth/url_1/css/images/footer-devider.png Requested by Host: edfsa.at.ua URL: https://edfsa.at.ua/burton.html Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_CBC Server 134.132.52.203 Houston, United States, ASN22717 (HALLIBURTON - Halliburton Company, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Sec-Fetch-Mode no-cors Referer https://whmailtfa.halliburton.com/dana-na/auth/url_1/css/stylesheet.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Response headers

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate boolean| isGecko boolean| isFirefox boolean| isNav boolean| isIE boolean| isMac boolean| isUx boolean| isChrome boolean| isSafari string| browserName number| gVersion function| GetCSS function| WriteCSS function| WriteThemeCSS function| WriteVanillaCSS function| GetVersion function| GetGeckoVersion function| HandleSeparator function| IsSeparator function| GetContainingElementByTagName function| SelectAll function| UnselectAll function| GetNumSelected function| GetNumSelectCheckboxes object| gOnloadHandlers object| gKeyDownHandlers object| gClickHandlers function| ClearOnloadHandlers function| AddOnloadHandler function| GDocumentOnKeyDown function| ClearKeyDownHandlers function| AddKeyDownHandler function| GDocumentOnClick function| CancelEvent function| ClearClickHandlers function| AddClickHandler function| StdKeyEvent function| StdMouseEvent function| Dbg function| DbgObject function| hasOptions function| selectUnselectMatchingOptions function| selectMatchingOptions function| selectOnlyMatchingOptions function| unSelectMatchingOptions function| sortSelect function| selectAllOptions function| moveSelectedOptions function| copySelectedOptions function| moveAllOptions function| copyAllOptions function| swapOptions function| moveOptionUp function| moveOptionDown function| removeSelectedOptions function| removeAllOptions function| addOption string| forgotPassurl string| disabledAccturl_c string| disabledAccturl_e string| lockedAccturl_c string| lockedAccturl_e string| expPassurl_c string| expPassurl_e string| formRedirurl string| dssoredirurl string| apppostauthurl string| selfregurl function| check function| register function| checkSubmit function| displayInvalidCredentials function| trim function| ValidateUser string| halidcookie boolean| RequestUrl undefined| IndexRh undefined| IndexRu undefined| IndexRq undefined| ServerName undefined| TargetURI undefined| TargetQs undefined| target undefined| FinalRedirectURL undefined| RefererUrl function| getCookie function| Delete_Cookie function| Delete_Cookie_Redirect function| Get_Cookie function| IATestResult function| $ function| jQuery function| hideJSWarn function| deletepreauth undefined| wordpressAdminBody object| notification object| hostingerLogo undefined| mainContent undefined| googleFont undefined| css undefined| style undefined| sheet undefined| button undefined| link undefined| mainContentHolder undefined| h1Tag undefined| h2Tag undefined| paragraph undefined| list undefined| org_html undefined| new_html undefined| saleImage

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.000webhost.com
edfsa.at.ua
whmailtfa.halliburton.com
134.132.52.203
213.174.157.150
2606:4700:10::6814:432e
0eaaa136dc89665f72c42d9b3e66a426a3a2d364b631c0a52ff20da8a2976002
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
8e3a1e8bebd894fd38cd2b01c330f3aa985795039828fa656e9b019367436376
96dc81a46fe3725950c7d96aa7314ebc8ec2a681f9f1815419474e475db4da97
a651fcd5c2c50d0b6891b09f841af4d85ba930f1a22cf42925221471e9471adc
c784376960f3163dc760bc019e72e5fed78203745a5510c69992a39d1d8fe776
cb5587b30147c15359c71ac4d42002a790744691f3428608e433783dc21ceaaa
d953ae72f13c194f1093defa230d28f5134da8375f675ae5747aa4ef53fa3cb6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f00767f600dbda0049eac06d66529a288deca13c1b52472810fdf446966295f1
f4d523f818ef20c01cebaa7de1a83785136c1f362c63eb13de69a9303ebb2df1