i.neu.lol - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3032::ac43:ca81, located in United States and belongs to CLOUDFLARENET, US. The main domain is i.neu.lol.
TLS certificate: Issued by E1 on January 15th 2023. Valid for: 3 months.

This is the only time i.neu.lol was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::6815:4851	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3032::ac43:ca81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2

1 2606:4700:3034::6815:4851 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hcaptcha.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::ac43:ca81 (United States)

ASN13335 (CLOUDFLARENET, US)

i.neu.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

a.funne.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	neu.lol i.neu.lol	4 KB
1	funne.network a.funne.network	571 B
1	hcaptcha.lol 1 redirects hcaptcha.lol	479 B
4	3

	Domain	Requested by
3	i.neu.lol	i.neu.lol
1	a.funne.network	i.neu.lol
1	hcaptcha.lol	1 redirects
4	3

This site contains links to these domains. Also see Links.

Domain
neu.lol

Subject Issuer	Validity	Valid
*.neu.lol E1	`2023-01-15` - `2023-04-15`	3 months	crt.sh
*.funne.network GTS CA 1P5	`2022-12-17` - `2023-03-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://i.neu.lol/?utm_source=hcaptcha.lol
Frame ID: 9AC78ED22C5588639EB5DA819F4065EF
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

An error occured

Page URL History Show full URLs

https://hcaptcha.lol/ HTTP 301
https://i.neu.lol/?utm_source=hcaptcha.lol Page URL

Page Statistics

4
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

5 kB
Transfer

7 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://neu.lol/?utm_source=viewer&utm_campaign=file.
Title: Neumatic File Host

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hcaptcha.lol/ HTTP 301
https://i.neu.lol/?utm_source=hcaptcha.lol Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

400

Primary Request / Show response
i.neu.lol/
Redirect Chain

https://hcaptcha.lol/
https://i.neu.lol/?utm_source=hcaptcha.lol

564 B
1016 B

285ms
222ms

Document
text/html

2606:4700:3032::ac43:ca81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.neu.lol/?utm_source=hcaptcha.lol
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:ca81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 746cebec26fcb3a9601a1c9bf9a217b0f692382c5031cbb3f17d1466e1260acc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: BYPASS
cf-ray: 793b1f383a4c91e7-FRA
content-type: text/html
date: Fri, 03 Feb 2023 12:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKu2m3Nd6fixq%2FnvIro5IxYI9VUDxYeIp7VrRfcIy7B0WyMlnNjTpQvuDt10j0NR3%2F54v0mpX%2FtrgMOVMkBKSRgjIbFBoLxb3b5poFEVxvgNGzWj8oRF5Vy8TKtjopAWrxAc5sb%2B5KQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 793b1f3798ed9244-FRA
date: Fri, 03 Feb 2023 12:20:40 GMT
expires: Fri, 03 Feb 2023 13:20:40 GMT
location: https://i.neu.lol/?utm_source=hcaptcha.lol
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7pMGxqC3d7ZEtn6L1k0%2FJuOOhRfS0vQrtVbd83FfVJ3sQNQGo0G5Xe%2BMdf1NOdflS7vbjutfDrDlyn4lAXfNFky4XyNYHXG3DirNs5paZJJcc0Vu%2B4ZI2F7179bnh2q8CVhp%2FPSKMc9Ud3g%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 images.e386205f.css
i.neu.lol/raw/ 5 KB
3 KB 225ms
224ms Stylesheet
text/css 2606:4700:3032::ac43:ca81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i.neu.lol/raw/images.e386205f.css

Requested by

Host: i.neu.lol
URL: https://i.neu.lol/?utm_source=hcaptcha.lol

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:ca81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f06a0b2b7c9e48b1017f6a710a35e254eed9f3954b50e7fc9be042dd3418eeea

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' a.funne.network;style-src 'self' 'unsafe-inline';img-src uc.neu.lol;media-src uc.neu.lol;connect-src *;font-src 'self' fonts.gstatic.com cdn.jsdelivr.net;frame-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.neu.lol/?utm_source=hcaptcha.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:20:40 GMT
content-security-policy: default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' a.funne.network;style-src 'self' 'unsafe-inline';img-src uc.neu.lol;media-src uc.neu.lol;connect-src *;font-src 'self' fonts.gstatic.com cdn.jsdelivr.net;frame-src 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 03 Feb 2023 12:20:40 GMT
server: cloudflare
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVhg%2BuyppG1f3sHyghVR%2BuB9F85Q4JVRLhX4cNPLhvAmuUNWpi4Jjvl7IkguslPFP7cnCTAg7e5Hsc2CJlSFHuqL2K%2BAGgKniq6sjbtQmobHpFR%2FCi7459wDAsdVA7qxuTiTl1bmNck%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
permissions-policy: camera=(), microphone=(), geolocation=(), interest-cohort=()
cf-ray: 793b1f39bbe191e7-FRA

GET
H2 200 images.ed6a2134.js Show response
i.neu.lol/raw/ 1 KB
1012 B 229ms
228ms Script
application/javascript 2606:4700:3032::ac43:ca81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://i.neu.lol/raw/images.ed6a2134.js

Requested by

Host: i.neu.lol
URL: https://i.neu.lol/?utm_source=hcaptcha.lol

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:ca81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

321e01d61d204e267056c372ca2fe3b99b9bd233f0c202da47d5f72d8d8c7f25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' a.funne.network;style-src 'self' 'unsafe-inline';img-src uc.neu.lol;media-src uc.neu.lol;connect-src *;font-src 'self' fonts.gstatic.com cdn.jsdelivr.net;frame-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.neu.lol/?utm_source=hcaptcha.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 12:20:40 GMT
content-security-policy: default-src 'self';script-src 'self' 'unsafe-eval' 'unsafe-inline' a.funne.network;style-src 'self' 'unsafe-inline';img-src uc.neu.lol;media-src uc.neu.lol;connect-src *;font-src 'self' fonts.gstatic.com cdn.jsdelivr.net;frame-src 'none'
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-dns-prefetch-control: on
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 03 Feb 2023 12:20:40 GMT
server: cloudflare
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qtocgl%2Bh%2FaS7XypllfcXTLdY3coxy1tz6iM%2FWDWqaL9djXD3uXf4f7GCNeyCaYqAeR%2FavUqmcpeakwc16J7oI4car7w6H3zFZQ9067y2CwI3YXY1UIvaKTNjk5ov4gZ0yYVUGP%2BdDqs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=604800
permissions-policy: camera=(), microphone=(), geolocation=(), interest-cohort=()
cf-ray: 793b1f39bbe291e7-FRA

POST
H2 202 event Show response
a.funne.network/api/ 2 B
571 B 1036ms
806ms XHR
text/plain 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.funne.network/api/event
Requested by: Host: i.neu.lol
URL: https://i.neu.lol/raw/images.ed6a2134.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://i.neu.lol/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 03 Feb 2023 12:20:41 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWKBaz12Lupaez99PfrUWTqUNn2ouY6diqviRAKv%2BcPByeJfNJ69dd1SamZSdea6IpJRHBEvVTvleu3LlP10Fu1qToXt7guPxCfQT81IRsqSrEzmsaxvAhAdqNKL0d%2FPyPGA0nyEXTHOpwvdPRs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 793b1f3c9c4f6925-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
x-request-id: F0BP1e5D3Pl6w8wAADUB

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| plausible

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i.neu.lol/?utm_source=hcaptcha.lol Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.funne.network
hcaptcha.lol
i.neu.lol
2606:4700:3032::ac43:ca81
2606:4700:3034::6815:4851
2a06:98c1:3121::c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
321e01d61d204e267056c372ca2fe3b99b9bd233f0c202da47d5f72d8d8c7f25
746cebec26fcb3a9601a1c9bf9a217b0f692382c5031cbb3f17d1466e1260acc
f06a0b2b7c9e48b1017f6a710a35e254eed9f3954b50e7fc9be042dd3418eeea

i.neu.lol Open in urlscan Pro 2606:4700:3032::ac43:ca81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

2 IPs

1 Countries

5 kBTransfer

7 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

i.neu.lol Open in urlscan Pro
2606:4700:3032::ac43:ca81 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

5 kB
Transfer

7 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions