urlscan.io logo urlscan.io
SecurityTrails logo

sfobg.qrd.by Open in urlscan Pro
2606:4700:3037::6815:5373  Public Scan

Go To Rescan Add Verdict Report
URL: https://sfobg.qrd.by/izdfcp
Submission: On April 16 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3037::6815:5373, located in United States and belongs to CLOUDFLARENET, US. The main domain is sfobg.qrd.by.
TLS certificate: Issued by GTS CA 1P5 on March 24th 2024. Valid for: 3 months.
This is the only time sfobg.qrd.by was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 172.67.175.141 13335 (CLOUDFLAR...)
4 4
Apex Domain
Subdomains		 Transfer
3 qrd.by
sfobg.qrd.by
12 KB
2 webapp-portal.com
cdn.webapp-portal.com
static.webapp-portal.com
244 KB
4 2
Domain Requested by
3 sfobg.qrd.by 1 redirects
1 static.webapp-portal.com sfobg.qrd.by
1 cdn.webapp-portal.com sfobg.qrd.by
4 3

This site contains no links.

Subject Issuer Validity Valid
qrd.by
GTS CA 1P5		 2024-03-24 -
2024-06-22		 3 months crt.sh
cdn.webapp-portal.com
R3		 2024-04-08 -
2024-07-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://sfobg.qrd.by/izdfcp
Frame ID: 77FE6F69E2E282557480E3F040306B08
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SF Airport Marriott Waterfront

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

4
Requests

75 %
HTTPS

75 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

255 kB
Transfer

329 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://sfobg.qrd.by/l/media?f=ac872cacefd8a60537de5a64570b35a9&fullsize=1 HTTP 301
  • https://static.webapp-portal.com/resources/sfobg/lp/88040/111-orig.jpg

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request izdfcp
sfobg.qrd.by/ 		31 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sfobg.qrd.by/izdfcp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5373 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b88a2414c8ecd7657fc4c9a4364e062ea90d2600ff4ca7cac4de9cb9e51093e8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8757c7cdfe69638b-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 16 Apr 2024 22:58:30 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hImqtPAO6k6p8Vz%2FyZXK47OHti1ZSZ8crKpXBBi6arnxFX4%2FE19S9BaokqQM%2BAb949qWeQS2Ilq7f0nxKQ%2BTG7CvGbSgDSSfGFQ09q9TqQTsjgsNEVSyTxIqzTI5QlUPp%2B66DOLToAw8%2B%2B8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
jquery.js
cdn.webapp-portal.com/js/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.webapp-portal.com/js/jquery.js
Requested by
Host: sfobg.qrd.by
URL: https://sfobg.qrd.by/izdfcp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://sfobg.qrd.by/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 22:58:31 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubdomains; preload
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
1081
cdn-cachedat
04/14/2024 16:17:15
cdn-pullzone
122469
alt-svc
h3=":443"
last-modified
Sun, 14 Apr 2024 06:43:23 GMT
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"15d9d-61608d249bc8c-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wDJ0PZ1w1SUKRwHyH%2FadVf1xJJLIIstyNQQRzF%2BBKT0t3oUUwz0tAIViVXxHGmp6U18XGzbiYQvfnxIfqvLHo8W%2B3AL4SJhMUBk%2BsIL5NEKbeDqjiJuqurcZvOscCSE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cdn-cache
HIT
cdn-uid
56ba9d96-123f-45d9-a4c0-0a4ea03f781a
cache-control
public, max-age=216000
cdn-requestid
23c24c798d5139544c7d43031e48aa40
cf-ray
8744b282fc8d9e8d-CDG
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True
111-orig.jpg
static.webapp-portal.com/resources/sfobg/lp/88040/
Redirect Chain
  • https://sfobg.qrd.by/l/media?f=ac872cacefd8a60537de5a64570b35a9&fullsize=1
  • https://static.webapp-portal.com/resources/sfobg/lp/88040/111-orig.jpg
211 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.webapp-portal.com/resources/sfobg/lp/88040/111-orig.jpg
Requested by
Host: sfobg.qrd.by
URL: https://sfobg.qrd.by/izdfcp
Protocol
H2
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
995f8aa9bffb14068b57d90634ca71f84f0335180146b62c27410926b8774ef9

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://sfobg.qrd.by/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Apr 2024 22:58:31 GMT
cdn-edgestorageid
1080
cdn-cachedat
03/21/2024 06:53:34
cdn-pullzone
2059040
content-length
215986
last-modified
Wed, 27 Jul 2022 00:10:11 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
"34bb2-5e4be3d8c2fa9"
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
56ba9d96-123f-45d9-a4c0-0a4ea03f781a
cache-control
public, max-age=2592000
cdn-requestid
66c1f84eb5c0d66bb4133f1a39c6fc85
accept-ranges
bytes
cdn-requestcountrycode
GB
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

pragma
no-cache
date
Tue, 16 Apr 2024 22:58:30 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJtxVmDco7Y%2FuXBSGBdt446uEsLYsQpR0DvZnlJluD0qAmB3GZtDITcn5z5RKcF1d0NjGdZLaQa%2BAnluu6uwv7mRTaVtqlC3Yabqb24nVLsQj2lSkbfst%2FhFCtswdvRDfoWKaFjvY7pnuP0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
https://static.webapp-portal.com/resources/sfobg/lp/88040/111-orig.jpg
cache-control
no-store, no-cache, must-revalidate
cf-ray
8757c7cedf2d638b-LHR
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
favicon.ico
sfobg.qrd.by/ 		107 B
647 B 		Other
General
Check archive.org
Download Go to
Full URL
https://sfobg.qrd.by/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.175.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4ea80f30905c6f8901d028f4c628c450a77dbe33b71e064c9f4dbffcbf826ab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://sfobg.qrd.by/izdfcp
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 16 Apr 2024 22:58:31 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 16 Apr 2024 20:51:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6b-6163ce5531d38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mF7NiMeDZ%2FeMkk0RFdR0LR%2BHgs3gwdRvcep5PGzcK4SrN0k3ZnK8NCVflxPyGFiV51l0WgRuJRB7kjNQg4SyUqPatXuYOtFPFHK%2FUpGqgIZhOB8hiACojvrxUi%2FEFk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
cf-ray
8757c7d26c417324-LHR
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQBrowser function| UAParser function| getParameterJS

1 Cookies

Domain/Path Name / Value
sfobg.qrd.by/ Name: PHPSESSID
Value: 9vsbdb8j5rtl475lugfqkpijil

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload