urlscan.io logo urlscan.io
SecurityTrails logo

2factivation.io Open in urlscan Pro
188.114.96.9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://meneoponzano.com/wp-content/uploads/2024/04/red.html
Effective URL: https://2factivation.io/fn/postfinance-ch
Submission: On April 22 via api from HU — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 188.114.96.9, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is 2factivation.io.
TLS certificate: Issued by E1 on April 15th 2024. Valid for: 3 months.
This is the only time 2factivation.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 82.98.171.83 42612 (DINAHOSTI...)
1 7 188.114.96.9 13335 (CLOUDFLAR...)
8 2
Apex Domain
Subdomains		 Transfer
7 2factivation.io
2factivation.io
15 KB
3 meneoponzano.com
meneoponzano.com
2 KB
8 2
Domain Requested by
7 2factivation.io 1 redirects meneoponzano.com
2factivation.io
3 meneoponzano.com 1 redirects
8 2

This site contains no links.

Subject Issuer Validity Valid
meneoponzano.com
R3		 2024-03-17 -
2024-06-15		 3 months crt.sh
2factivation.io
E1		 2024-04-15 -
2024-07-14		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://2factivation.io/fn/postfinance-ch
Frame ID: 405C7DF190CAB33E0D9D36F45D6F0EFE
Requests: 6 HTTP requests in this frame

Frame: https://2factivation.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Frame ID: F90D8484EF055437A80B332D9C342587
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://meneoponzano.com/wp-content/uploads/2024/04/red.html Page URL
  2. https://2factivation.io/fn/postfinance-ch Page URL
  3. https://2factivation.io/fn/postfinance-ch Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

8
Requests

75 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

17 kB
Transfer

17 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://meneoponzano.com/wp-content/uploads/2024/04/red.html Page URL
  2. https://2factivation.io/fn/postfinance-ch Page URL
  3. https://2factivation.io/fn/postfinance-ch Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://meneoponzano.com/favicon.ico HTTP 302
  • https://meneoponzano.com/wp-content/uploads/2022/12/cropped-LOGO-MENEO-Meneo-Ponzano-32x32.png
Request Chain 4
  • https://2factivation.io/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://2factivation.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
red.html
meneoponzano.com/wp-content/uploads/2024/04/ 		178 B
499 B 		Document
General
Check archive.org
Download Go to
Full URL
https://meneoponzano.com/wp-content/uploads/2024/04/red.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
82.98.171.83 Madrid, Spain, ASN42612 (DINAHOSTING-AS, ES),
Reverse DNS
hl1250.dinaserver.com
Software
HTTPd /
Resource Hash
01455755aef7af619c65ba6f982e1b9d1b93bd708e6aebac437d1e379f931411
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=3600, public
content-encoding
gzip
content-length
164
content-type
text/html
date
Mon, 22 Apr 2024 18:39:17 GMT
etag
"b2-616acf0347642-gzip"
expires
Mon, 22 Apr 2024 19:39:17 GMT
last-modified
Mon, 22 Apr 2024 10:31:20 GMT
pragma
public
referrer-policy
server
HTTPd
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
cropped-LOGO-MENEO-Meneo-Ponzano-32x32.png
meneoponzano.com/wp-content/uploads/2022/12/
Redirect Chain
  • https://meneoponzano.com/favicon.ico
  • https://meneoponzano.com/wp-content/uploads/2022/12/cropped-LOGO-MENEO-Meneo-Ponzano-32x32.png
885 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://meneoponzano.com/wp-content/uploads/2022/12/cropped-LOGO-MENEO-Meneo-Ponzano-32x32.png
Protocol
H2
Server
82.98.171.83 Madrid, Spain, ASN42612 (DINAHOSTING-AS, ES),
Reverse DNS
hl1250.dinaserver.com
Software
HTTPd /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://meneoponzano.com/wp-content/uploads/2024/04/red.html
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Mon, 22 Apr 2024 18:39:20 GMT
referrer-policy
last-modified
Thu, 29 Dec 2022 13:19:07 GMT
server
HTTPd
age
0
etag
"375-5f0f7546448c0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
885
x-xss-protection
1; mode=block
expires
Tue, 22 Apr 2025 18:39:20 GMT

Redirect headers

date
Mon, 22 Apr 2024 18:39:20 GMT
content-encoding
gzip
referrer-policy
server
HTTPd
age
0
x-redirect-by
WordPress
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://meneoponzano.com/wp-content/uploads/2022/12/cropped-LOGO-MENEO-Meneo-Ponzano-32x32.png
cache-control
max-age=3600
x-xss-protection
1; mode=block
expires
Mon, 22 Apr 2024 19:39:17 GMT
postfinance-ch
2factivation.io/fn/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2factivation.io/fn/postfinance-ch
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ea12d7faf90110ecafec4a43af69867484304067e683b202c98477d2b7f30af
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://meneoponzano.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8787bc6b4ef98f2f-FRA
content-type
text/html; charset=utf-8
date
Mon, 22 Apr 2024 18:39:21 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IESNf%2Fe0EiGpG7wm6Sj7Xn1yF0Rlm5cjl9lSgRAB1lFnDBCxYUq4tgTvPyu8M%2BDrVPvOsS%2FotN%2BFOyzaISO2ruL3PCStwqUoI54XqhUn%2FFS7N0TwQ3fKrzlNBfBf2GvNJl0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
postfinance-ch
2factivation.io/fn/ 		0
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://2factivation.io/fn/postfinance-ch
Requested by
Host: meneoponzano.com
URL: https://meneoponzano.com/wp-content/uploads/2024/04/red.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Expire
Accept-Language
de-CH,de;q=0.9;q=0.9
Lk1brINu1-XLhVCDbtlGaZkbbC8
41282445
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://2factivation.io/fn/postfinance-ch
qnY-P7shrBuEZUTzr88R5qcekM
XY4Xiii0mz9oBhIkmngvI9yr4AY
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp

Response headers

pragma
no-cache
date
Mon, 22 Apr 2024 18:39:21 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TeOtbiZt7OBM1fMJkkrs88RrQjFUKsFAsvoZTc5kCTsU7SuyrVAL5vsBIWV86t9ZG9txmQ%2F4H6ZzoKjvQsM9tJVO7vJynspwX5%2FjAVDDe%2BQjwPFXOhR%2BdKTvU9B2S3Ntc4w%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8787bc6dfcce8f2f-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
2factivation.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/ Frame F90D
Redirect Chain
  • https://2factivation.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://2factivation.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2factivation.io/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
Protocol
H3
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01bdd5990d60ca71aed13baf8c148b6c40c9d415070ca73b028e9843b68dbe7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Mon, 22 Apr 2024 18:39:21 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTkJqM4yk5K7uguhfMijZFamcs1BrASSQZ%2FM3LFYSVxo0LBRMXBeHROIOWgKOet%2FEEfhpJoalxNSP%2BT5kbxoQwNfvdu8cJHMgjKoNmnlMuyHmDiiJOuN1bGHLbiemDtMOow%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8787bc6e2d378f2f-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 22 Apr 2024 18:39:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v4iqeO8Z80RP7ut%2Fasneu2DzlDbNszbmtd6ZPjRTLE5im6envT2e8jiV8QkZruQenu8zElcEa%2BC54jVtw33Ck3bNg1MseXAnoXEyi48BQnfDDMpOlGC8ZniQ0i8EyQy7uzs%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/471dc2adc340/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
8787bc6dfcd48f2f-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
2factivation.io/ 		315 B
736 B 		Other
General
Check archive.org
Download Go to
Full URL
https://2factivation.io/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://2factivation.io/fn/postfinance-ch
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

pragma
public
date
Mon, 22 Apr 2024 18:39:21 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
18603
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Srf9dUhqB1jLApFA%2FagWPCxnChOtetvAxWALKCUS9xK%2Fkd9Uv4Eo%2BO35%2Fl4gvzwzC3LG%2BFJKG6mpndHg9Ds7Je1B86AsDqDiHsnsuC3uwtn2gOII2PNKDzSjZExj6aF14%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray
8787bc6dfcda8f2f-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
8787bc6b4ef98f2f
2factivation.io/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F90D 		0
582 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://2factivation.io/cdn-cgi/challenge-platform/h/b/jsd/r/8787bc6b4ef98f2f
Requested by
Host: 2factivation.io
URL: https://2factivation.io/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-CH,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json

Response headers

date
Mon, 22 Apr 2024 18:39:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5t66sDbVAY7YhL7peS1hOoSfu2HBXqal3dMFz4oOwx%2FVVEpm0vUeinL0KvoWdsLCOyBnxOvtQ3WibwKPHu5%2B2oF20wCMLgnW4Avc%2Bf%2FkozVIt6epPxGEiI0rvkIS%2FUyUeV8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8787bc6ece518f2f-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
Primary Request postfinance-ch
2factivation.io/fn/ 		146 B
491 B 		Document
General
Check archive.org
Download Go to
Full URL
https://2factivation.io/fn/postfinance-ch
Requested by
Host: meneoponzano.com
URL: https://meneoponzano.com/wp-content/uploads/2024/04/red.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.9 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32f2fa940d4b4fe19aca1e53a24e5aac29c57b7c5ee78588325b87f1b649c864
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://2factivation.io/fn/postfinance-ch
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8787bc6f3f318f2f-FRA
content-encoding
br
content-type
text/html
date
Mon, 22 Apr 2024 18:39:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lkl2Cs1HZqs3rusbq%2BOIhrLK8sNBpTQqL1oCms7b9KAIMvnaBCmKgTdX%2B%2BhkvmcMuqfJEKEJU1%2BH6hJlsD5XSUTXspH2atOVD6%2BF1oDMa6nBEybZhkRydAhAqwhEzskP1Ko%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Domain/Path Name / Value
2factivation.io/ Name: zSto-xXwzZ9V-fl_OK6u-x1Of6w
Value: sa9DrN7YTUtLL-wX35MXZmXUly8
2factivation.io/ Name: tYWYqj_4hD7MsAYqyzRYBbcA9gw
Value: 1713811153
2factivation.io/ Name: k19o1EuDxpsEbK3L-tELQUlt5kY
Value: 1713897553
2factivation.io/ Name: gwPM-1WislqRsUhENmUfL8Txojg
Value: 6W5eHYMeFaOg68Dyhc_mn1su42Y
2factivation.io/ Name: uyCrtk7btzIYGz-SqN8qeHF17Zc
Value: EKWBJq7y1O5LDGzDhhvdExT2PVo
.2factivation.io/ Name: cf_clearance
Value: D5oDRdYipeGMNR5yG41Ejg22asCw0Bt8tvskkUtNzA0-1713811161-1.0.1.1-l.ioTdPBGy4A8K0Hd5Fhz8zumE_tQYQ1LqNKfkR3ur6MTwF0hbwdCHKj5IesIvDOD3Ks3yanvTBwQsjhpY5h8Q
2factivation.io/ Name: q1xvEZQ0kD5X_KtTvaVVWceF4Io
Value: UBQib7tB-GJoXm0XI4GcHHuUQbs
2factivation.io/ Name: ZFc3UENtxl4eIDFUdeY2AFTsNnM
Value: 1713811160
2factivation.io/ Name: CClTMI0uwktRXmJw_jjckjid4Tc
Value: 1713897560
2factivation.io/ Name: 2X-8zxusexoS6QuUVtSOeGfqSg4
Value: xunhsL-jsxlpnMoGHOByOP6tU-s
2factivation.io/ Name: Gy7Av0oT8wfStduO6U6qeS7eA34
Value: cy0aHbNKitp8Z3L1MWIs8ExAmmc

4 Console Messages

Source Level URL
Text
rendering error
Message:
Failed to set referrer policy: The value '' is not one of 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
network error URL: https://2factivation.io/fn/postfinance-ch
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://2factivation.io/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://2factivation.io/fn/postfinance-ch
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block