nrezf.0ff365files.com
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Effective URL: https://nrezf.0ff365files.com/Mhans.gennen@currenta.de
Submission: On May 08 via manual from NL — Scanned from NL
Summary
TLS certificate: Issued by GTS CA 1P5 on May 2nd 2023. Valid for: 3 months.
This is the only time nrezf.0ff365files.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 44.193.55.9 44.193.55.9 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 162.241.69.179 162.241.69.179 | 19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING) | |
7 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 2606:4700::68... 2606:4700::6812:6b9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 4 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-55-9.compute-1.amazonaws.com
api.getjusto.com |
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: a.cruisevirusreviews.com
hydropod.sa.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6491 |
133 KB |
7 |
0ff365files.com
nrezf.0ff365files.com |
261 KB |
1 |
sa.com
hydropod.sa.com |
272 B |
1 |
getjusto.com
1 redirects
api.getjusto.com — Cisco Umbrella Rank: 830910 |
557 B |
21 | 4 |
Domain | Requested by | |
---|---|---|
7 | challenges.cloudflare.com |
nrezf.0ff365files.com
challenges.cloudflare.com hydropod.sa.com |
7 | nrezf.0ff365files.com |
nrezf.0ff365files.com
|
1 | hydropod.sa.com | |
1 | api.getjusto.com | 1 redirects |
21 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cpcontacts.hydropod.sa.com R3 |
2023-05-03 - 2023-08-01 |
3 months | crt.sh |
0ff365files.com GTS CA 1P5 |
2023-05-02 - 2023-07-31 |
3 months | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2022-09-18 - 2023-09-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://nrezf.0ff365files.com/Mhans.gennen@currenta.de
Frame ID: B44F66E893E39BFFA07BE5367A04277D
Requests: 11 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1gzco/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 18E1F4C93DAB8DB3AEF91175C03A030F
Requests: 10 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://api.getjusto.com/redirect?to=https%3A%2F%2Fhydropod.sa.com%2Fnew%2Fauth%2Fsdbptq%2F%2F%2F%2FaGFucy5nZW5uZW5AY3VycmVudGEuZGU= HTTP 302
- https://hydropod.sa.com/new/auth/sdbptq////aGFucy5nZW5uZW5AY3VycmVudGEuZGU=
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
aGFucy5nZW5uZW5AY3VycmVudGEuZGU=
hydropod.sa.com/new/auth/sdbptq//// Redirect Chain
|
0 272 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
Mhans.gennen@currenta.de
nrezf.0ff365files.com/ |
8 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ |
147 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
nrezf.0ff365files.com/cdn-cgi/images/trace/managed/js/ |
42 B 243 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/g/b5e45436/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
0ee451e55cdbe9f
nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1694446268:1683561995:yLGDER5XHy-Ol4Cox7W4Bl2QEDvZ4h2BBAWKKV1f33U/7c4345d54932b7a0/ |
258 KB 195 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vlfyb1CxbzHWlJV
nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/img/7c4345d54932b7a0/1683565372394/ |
61 B 465 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
540eb8fa-8c6b-4c90-95db-6c085aca07dc
https://nrezf.0ff365files.com/ |
539 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
ede7b585-9687-488c-92e4-72316f58fd7e
https://nrezf.0ff365files.com/ |
656 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
q9L9Gr5q8qe8oqu
nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/pat/7c4345d54932b7a0/1683565372395/0f05e245811397591f58f8b9b4f496e3c70dc2ef5495fbe1088f4d08137fd58a/ |
1 B 938 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
0ee451e55cdbe9f
nrezf.0ff365files.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1694446268:1683561995:yLGDER5XHy-Ol4Cox7W4Bl2QEDvZ4h2BBAWKKV1f33U/7c4345d54932b7a0/ |
7 KB 6 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/1gzco/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 18E1 |
22 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 18E1 |
149 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
ec2d5a1940df71a
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2023176989:1683562100:keEwAUMWMv_jQIakFSALcKuri22yerB4dYcd8Axqz98/7c4345f258090e78/ Frame 18E1 |
107 KB 59 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
3dd2d753-189d-49ee-9e33-c6425344f4ac
https://challenges.cloudflare.com/ Frame 18E1 |
3 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
3dd2d753-189d-49ee-9e33-c6425344f4ac
https://challenges.cloudflare.com/ Frame 18E1 |
3 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
3dd2d753-189d-49ee-9e33-c6425344f4ac
https://challenges.cloudflare.com/ Frame 18E1 |
3 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
d6ff1fd3-b38c-4fd2-a333-c9552b3374c4
https://challenges.cloudflare.com/ Frame 18E1 |
656 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
glqWgyTkMX5f0wA
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7c4345f258090e78/1683565376889/4738801f7174a1d27f645ecb078dfca2e7f16e8253c2f337b424633d9ccc7482/ Frame 18E1 |
1 B 648 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1p2THDEPWnBvYq5
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7c4345f258090e78/1683565376890/ Frame 18E1 |
61 B 166 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
ec2d5a1940df71a
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2023176989:1683562100:keEwAUMWMv_jQIakFSALcKuri22yerB4dYcd8Axqz98/7c4345f258090e78/ Frame 18E1 |
10 KB 8 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| _cf_chl_opt function| sendRequest function| SHA256 function| _cf_chl_turnstile_l function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded undefined| _cf_gcr0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.getjusto.com
challenges.cloudflare.com
hydropod.sa.com
nrezf.0ff365files.com
162.241.69.179
2606:4700::6812:6b9
2a06:98c1:3120::3
44.193.55.9
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8
14d803b92e43a95d61d0df8e2655ae0966f2ae871788990d84ecdf46e9da5602
22be7e6614afe546947c9799e0f6afcf93de18c32eb21f07ef69b4bcef3c7ca5
28f7411a6bc287c8de9ad17be114680c042150df4a944d8756f31c284462c07f
359f93416e76855dcae8673c8ce500b1a056c765275b4d4fc469bb00bd260d23
48b3fc62ba65f597a3fd4dcbdf233a69c49f5d370a0d2ed0a8306a925a75b343
517538ecd8b8b95bc57f3125d84ed37f36e1285c64930a3f8bf7da09c2c33dcd
5205e201bbd649a3a4af0ecb9b1e8a80f73aa8ea4aee1740302b1b8f7435b27f
6b972f71449a47f4ec7dd0a3a155f52aa4cc2a6432ec2b23fd729282ed23685d
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
6f77215388f8b6a75673ff8b0b29255d447c36a9f7a33c5e49a160c60476fd16
8f21ca931d1d42723c72512dc3665f02594b0c8a882ec8efe259231b8eaa0289
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c
e5d778860b6145f34100b9fb53cf67f55ac1f845367ad72cf14cdda90b0291aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa6df173ec1cedf50bd50f7c862ffb900604f1dc34d8d8c5ba0e6d7202f3395b