urlscan.io logo urlscan.io
SecurityTrails logo

dfaerp.com Open in urlscan Pro
3.67.115.246  Public Scan

Go To Rescan Add Verdict Report
URL: https://dfaerp.com/
Submission: On October 23 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 3.67.115.246, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is dfaerp.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 23rd 2024. Valid for: a year.
This is the only time dfaerp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3.67.115.246 16509 (AMAZON-02)
1 12 172.64.148.248 13335 (CLOUDFLAR...)
7 52.58.54.219 16509 (AMAZON-02)
2 142.250.185.132 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
24 5
3    3.67.115.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-115-246.eu-central-1.compute.amazonaws.com
dfaerp.com
12    172.64.148.248 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
www.searates.com
office.searates.com
7    52.58.54.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-54-219.eu-central-1.compute.amazonaws.com
apps.searates.com
2    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
1    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
www.gstatic.com
Apex Domain
Subdomains		 Transfer
19 searates.com
www.searates.com — Cisco Umbrella Rank: 479908
apps.searates.com
office.searates.com
2 MB
3 dfaerp.com
dfaerp.com
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
998 B
1 gstatic.com
www.gstatic.com
217 KB
24 4
Domain Requested by
10 www.searates.com 1 redirects apps.searates.com
www.searates.com
7 apps.searates.com dfaerp.com
www.searates.com
apps.searates.com
3 dfaerp.com
2 www.google.com www.searates.com
www.gstatic.com
2 office.searates.com www.searates.com
1 www.gstatic.com www.google.com
24 6

This site contains no links.

Subject Issuer Validity Valid
dfaerp.com
Amazon RSA 2048 M03		 2024-10-23 -
2025-11-21		 a year crt.sh
*.searates.com
RapidSSL TLS RSA CA G1		 2024-08-06 -
2025-09-06		 a year crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://dfaerp.com/
Frame ID: B9EAC6F1A254851E375AB5CC256D88FC
Requests: 22 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNrPIUAAAAAEHPsc9B0fHGf2yTM5-m38E1h6yq&co=aHR0cHM6Ly9kZmFlcnAuY29tOjQ0Mw..&hl=de&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=237biw7b76e7
Frame ID: 301EC536CB474DAE5B7E251FE5C1491A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DFA ERP

Detected technologies

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

24
Requests

96 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

2
Countries

1864 kB
Transfer

2669 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.searates.com/platform/widget HTTP 302
  • https://apps.searates.com/apps/virtual-office/js/bundle.js.gz?260241

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dfaerp.com/ 		368 B
514 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dfaerp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.67.115.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-115-246.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f0db41652478766b2321be1f8da422084e6de11666ed1295a56c34d2a2cc6435

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
368
content-type
text/html
date
Wed, 23 Oct 2024 14:24:38 GMT
etag
"67189412-170"
last-modified
Wed, 23 Oct 2024 06:13:38 GMT
server
nginx
bundle.js.gz
apps.searates.com/apps/virtual-office/js/
Redirect Chain
  • https://www.searates.com/platform/widget
  • https://apps.searates.com/apps/virtual-office/js/bundle.js.gz?260241
288 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.searates.com/apps/virtual-office/js/bundle.js.gz?260241
Requested by
Host: dfaerp.com
URL: https://dfaerp.com/
Protocol
H2
Server
52.58.54.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-54-219.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7eefdf70d23d2dd492fa5b26d39afc66ff1c00784ca88038bfadf8b595ca65ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dfaerp.com/

Response headers

content-encoding
gzip
etag
"67126ad1-179e1"
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
content-length
96737
date
Wed, 23 Oct 2024 14:24:39 GMT
x-xss-protection
1; mode=block;
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 14:04:01 GMT
server
nginx

Redirect headers

cache-control
public, max-age=14400
location
https://apps.searates.com/apps/virtual-office/js/bundle.js.gz?260241
cf-cache-status
MISS
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
cf-ray
8d726453fbdc6a66-HAM
expires
Wed, 23 Oct 2024 18:24:39 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 14:24:39 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Token, Content-Type, Origin, Authorization, X-Requested-With, Accept, X-Auth-Token
784_chunk_adfc352463499a2fd8a4.js
apps.searates.com/apps/virtual-office/js/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.searates.com/apps/virtual-office/js/784_chunk_adfc352463499a2fd8a4.js
Requested by
Host: www.searates.com
URL: https://www.searates.com/platform/widget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.54.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-54-219.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
660fff996a0ec97c66d6028ce8e90a9782eeecefd6d2a91051e7489d69eb493d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dfaerp.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=10368000, public
etag
"670fdc5a-3582"
x-content-type-options
nosniff
expires
Thu, 20 Feb 2025 14:24:39 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
13698
date
Wed, 23 Oct 2024 14:24:39 GMT
x-xss-protection
1; mode=block;
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 15:31:38 GMT
server
nginx
206_chunk_e8f804628d67e4f30911.css
apps.searates.com/apps/virtual-office/css/ 		23 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps.searates.com/apps/virtual-office/css/206_chunk_e8f804628d67e4f30911.css
Requested by
Host: www.searates.com
URL: https://www.searates.com/platform/widget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.54.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-54-219.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
05921a64a16e3cd902dfbbc94c973b383d31b6d294bdc337b0ccacb4920b5337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dfaerp.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=10368000, public
etag
"67126ad1-5a9d"
x-content-type-options
nosniff
expires
Thu, 20 Feb 2025 14:24:39 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
23197
date
Wed, 23 Oct 2024 14:24:39 GMT
x-xss-protection
1; mode=block;
content-type
text/css
last-modified
Fri, 18 Oct 2024 14:04:01 GMT
server
nginx
206_chunk_8599e0c7279677d7428b.js
apps.searates.com/apps/virtual-office/js/ 		76 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.searates.com/apps/virtual-office/js/206_chunk_8599e0c7279677d7428b.js
Requested by
Host: www.searates.com
URL: https://www.searates.com/platform/widget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.54.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-54-219.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
646a6ff41226ac9a17504599a66988b5ce0b2f58a4c62600f9255311411a80f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dfaerp.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=10368000, public
etag
"67126ad1-1300c"
x-content-type-options
nosniff
expires
Thu, 20 Feb 2025 14:24:39 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
77836
date
Wed, 23 Oct 2024 14:24:39 GMT
x-xss-protection
1; mode=block;
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 14:04:01 GMT
server
nginx
remoteEntry.js
apps.searates.com/apps/address-book/js/ 		904 KB
905 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.searates.com/apps/address-book/js/remoteEntry.js?r=4489016
Requested by
Host: apps.searates.com
URL: https://apps.searates.com/apps/virtual-office/js/206_chunk_8599e0c7279677d7428b.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.54.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-54-219.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b27986165adb9f6b963efede798c2aee63db2d95b5848674fd7398bdba9a3fef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dfaerp.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=10368000, public
etag
"67126abc-e1eb6"
x-content-type-options
nosniff
expires
Thu, 20 Feb 2025 14:24:39 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
925366
date
Wed, 23 Oct 2024 14:24:39 GMT
x-xss-protection
1; mode=block;
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 14:03:40 GMT
server
nginx
graphql
office.searates.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://office.searates.com/graphql
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.248 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://dfaerp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
0
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
8d72645c6e12417a-HAM
content-type
text/html; charset=UTF-8
date
Wed, 23 Oct 2024 14:24:40 GMT
server
cloudflare
vary
Access-Control-Request-Method, Access-Control-Request-Headers
graphql
office.searates.com/ 		126 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://office.searates.com/graphql
Requested by
Host: www.searates.com
URL: https://www.searates.com/platform/widget
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.248 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1ac725d6f412c9d0757e68f0f901dd1fe97ada8d4f54b8b7bc255fcc14c2fee

Request headers

authorization
Bearer null
Referer
https://dfaerp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cache-control
no-cache, private
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-ray
8d72645e4860417a-HAM
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 14:24:40 GMT
content-type
application/json
server
cloudflare
favicon.ico
dfaerp.com/ 		548 B
626 B 		Other
General
Check archive.org
Download Go to
Full URL
https://dfaerp.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.67.115.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-115-246.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dfaerp.com/

Response headers

content-length
548
date
Wed, 23 Oct 2024 14:24:40 GMT
content-type
text/html
server
nginx
423_chunk_11fdccbdb17446436759.css
apps.searates.com/apps/virtual-office/css/ 		208 B
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://apps.searates.com/apps/virtual-office/css/423_chunk_11fdccbdb17446436759.css
Requested by
Host: www.searates.com
URL: https://www.searates.com/platform/widget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.54.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-54-219.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
15be9fd438cdf3ec6ce516a0b35c6f18260c32b309259ffb153b8cb4fe600df9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dfaerp.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=10368000, public
etag
"670fdc5a-d0"
x-content-type-options
nosniff
expires
Thu, 20 Feb 2025 14:24:40 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
208
date
Wed, 23 Oct 2024 14:24:40 GMT
x-xss-protection
1; mode=block;
content-type
text/css
last-modified
Wed, 16 Oct 2024 15:31:38 GMT
server
nginx
423_chunk_6f8341bbde617b2b2ad2.js
apps.searates.com/apps/virtual-office/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apps.searates.com/apps/virtual-office/js/423_chunk_6f8341bbde617b2b2ad2.js
Requested by
Host: www.searates.com
URL: https://www.searates.com/platform/widget
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.54.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-54-219.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
803a2ae109cd6e717292b86acd71ba0323ca81991fb8d1e03612f41f4eb5101a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dfaerp.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=10368000, public
etag
"67126ad1-68a"
x-content-type-options
nosniff
expires
Thu, 20 Feb 2025 14:24:40 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1674
date
Wed, 23 Oct 2024 14:24:40 GMT
x-xss-protection
1; mode=block;
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 14:04:01 GMT
server
nginx
remoteEntry.js
www.searates.com/js/apps/auth/ 		252 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.searates.com/js/apps/auth/remoteEntry.js?r=9489090
Requested by
Host: apps.searates.com
URL: https://apps.searates.com/apps/virtual-office/js/206_chunk_8599e0c7279677d7428b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.248 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a62d81f6116a8f03405b803335f6b79a3806a7833ccbaf61c1ef5220cbbec57

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dfaerp.com/

Response headers

cache-control
public, max-age=10368000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67125d5a-3ef8a"
cf-ray
8d72645febd16a66-HAM
expires
Thu, 20 Feb 2025 14:24:40 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 14:24:40 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 13:06:34 GMT
vary
Accept-Encoding
server
cloudflare
581.bundle.css
www.searates.com/design/css/apps/auth/ 		55 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.searates.com/design/css/apps/auth/581.bundle.css
Requested by
Host: www.searates.com
URL: https://www.searates.com/js/apps/auth/remoteEntry.js?r=9489090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.248 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
964772e870e3fc36b76485c3a01d3354d9e296f4bdf268c561cab49eb85c6219

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dfaerp.com/

Response headers

cache-control
public, max-age=10368000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66ec3338-dd40"
age
1051335
cf-ray
8d7264615d7c6a66-HAM
expires
Thu, 20 Feb 2025 14:24:41 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 14:24:41 GMT
content-type
text/css
last-modified
Thu, 19 Sep 2024 14:20:40 GMT
vary
Accept-Encoding
server
cloudflare
581_chunk_35060ae057ed014e3d1b.js
www.searates.com/js/apps/auth/ 		155 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.searates.com/js/apps/auth/581_chunk_35060ae057ed014e3d1b.js
Requested by
Host: www.searates.com
URL: https://www.searates.com/js/apps/auth/remoteEntry.js?r=9489090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.248 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
750b928c9ba3a1ca07caed35ad84eeeb87c5acce64d0ffd48b0f7b1e8976c745

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dfaerp.com/

Response headers

cache-control
public, max-age=10368000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"670d7182-26dd7"
age
711713
cf-ray
8d7264615d7e6a66-HAM
expires
Thu, 20 Feb 2025 14:24:41 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 14:24:41 GMT
content-type
application/javascript
last-modified
Mon, 14 Oct 2024 19:31:14 GMT
vary
Accept-Encoding
server
cloudflare
searates-erp.svg
www.searates.com/design/images/menu/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.searates.com/design/images/menu/searates-erp.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.248 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
759c35012cb74a5b2d3dcff500cd8e72d59f86252afbb183d161cc0acca47674

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dfaerp.com/

Response headers

cache-control
public, max-age=10368000
content-encoding
gzip
cf-cache-status
HIT
etag
W/"67179024-e05"
cf-ray
8d726462df3c6a66-HAM
expires
Thu, 20 Feb 2025 14:24:41 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 14:24:41 GMT
content-type
image/svg+xml
last-modified
Tue, 22 Oct 2024 11:44:36 GMT
vary
Accept-Encoding
server
cloudflare
api.js
www.google.com/recaptcha/ 		1 KB
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LeNrPIUAAAAAEHPsc9B0fHGf2yTM5-m38E1h6yq
Requested by
Host: www.searates.com
URL: https://www.searates.com/js/apps/auth/remoteEntry.js?r=9489090
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
ESF /
Resource Hash
326bcd3fa5d81b753d721e8bb3df90aadb89bcf0059bd75d0bacbe44868cde7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dfaerp.com/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Wed, 23 Oct 2024 14:24:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Wed, 23 Oct 2024 14:24:41 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
searates-dp-word-light.png
dfaerp.com/design/images/apps/auth/logos/ 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dfaerp.com/design/images/apps/auth/logos/searates-dp-word-light.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.67.115.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-115-246.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://dfaerp.com/auth/sign-in

Response headers

content-length
548
date
Wed, 23 Oct 2024 14:24:41 GMT
content-type
text/html
server
nginx
sign-in-mask.png
www.searates.com/design/images/apps/auth/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.searates.com/design/images/apps/auth/sign-in-mask.png
Requested by
Host: www.searates.com
URL: https://www.searates.com/design/css/apps/auth/581.bundle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.248 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b191f6f77ce533b151c0142943855f4bcdc90dba60d31b1e41f762ca6404269d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.searates.com/design/css/apps/auth/581.bundle.css

Response headers

cf-bgj
imgq:85,h2pri
etag
"66fe421a-21dd"
age
199827
cf-cache-status
HIT
expires
Thu, 20 Feb 2025 14:24:41 GMT
cf-polished
origFmt=png, origSize=8669
alt-svc
h3=":443"; ma=86400
date
Wed, 23 Oct 2024 14:24:41 GMT
content-type
image/webp
content-disposition
inline; filename="sign-in-mask.webp"
vary
Accept
last-modified
Thu, 03 Oct 2024 07:04:58 GMT
cache-control
public, max-age=10368000
cf-ray
8d726462ff556a66-HAM
accept-ranges
bytes
access-control-allow-origin
*
content-length
3090
server
cloudflare
MontserratBold.woff2
www.searates.com/design/fonts/Montserrat/Montserrat-Bold/ 		87 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.searates.com/design/fonts/Montserrat/Montserrat-Bold/MontserratBold.woff2
Requested by
Host: www.searates.com
URL: https://www.searates.com/design/css/apps/auth/581.bundle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.248 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77ee236e53e9c9af0d697b87f587569274f496dffd136baa55e5e314bafc9166

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dfaerp.com
Referer
https://www.searates.com/design/css/apps/auth/581.bundle.css

Response headers

cache-control
public, max-age=10368000
cf-cache-status
HIT
etag
"67179024-15a44"
cf-ray
8d7264633b32ca58-HAM
expires
Thu, 20 Feb 2025 14:24:41 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
88644
date
Wed, 23 Oct 2024 14:24:41 GMT
content-type
font/woff2
last-modified
Tue, 22 Oct 2024 11:44:36 GMT
vary
Accept-Encoding
server
cloudflare
MontserratRegular.woff2
www.searates.com/design/fonts/Montserrat/Montserrat-Regular/ 		86 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.searates.com/design/fonts/Montserrat/Montserrat-Regular/MontserratRegular.woff2
Requested by
Host: www.searates.com
URL: https://www.searates.com/design/css/apps/auth/581.bundle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.248 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e64fadce8079910240fad6c2addf34dda634811d06bb5cf76f9244eedefa31f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dfaerp.com
Referer
https://www.searates.com/design/css/apps/auth/581.bundle.css

Response headers

cache-control
public, max-age=10368000
cf-cache-status
HIT
etag
"67179024-15914"
cf-ray
8d7264633b39ca58-HAM
expires
Thu, 20 Feb 2025 14:24:41 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
88340
date
Wed, 23 Oct 2024 14:24:41 GMT
content-type
font/woff2
last-modified
Tue, 22 Oct 2024 11:44:36 GMT
vary
Accept-Encoding
server
cloudflare
MontserratMedium.woff2
www.searates.com/design/fonts/Montserrat/Montserrat-Medium/ 		86 KB
87 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.searates.com/design/fonts/Montserrat/Montserrat-Medium/MontserratMedium.woff2
Requested by
Host: www.searates.com
URL: https://www.searates.com/design/css/apps/auth/581.bundle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.248 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f16c2b4bb34cb46ff9ad729c1f186c07550f1ffee63d6c634f639abe4f97d3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dfaerp.com
Referer
https://www.searates.com/design/css/apps/auth/581.bundle.css

Response headers

cache-control
public, max-age=10368000
cf-cache-status
HIT
etag
"67179024-159d4"
cf-ray
8d7264633b3eca58-HAM
expires
Thu, 20 Feb 2025 14:24:41 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
88532
date
Wed, 23 Oct 2024 14:24:41 GMT
content-type
font/woff2
last-modified
Tue, 22 Oct 2024 11:44:36 GMT
vary
Accept-Encoding
server
cloudflare
MontserratSemiBold.woff2
www.searates.com/design/fonts/Montserrat/Montserrat-SemiBold/ 		86 KB
86 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.searates.com/design/fonts/Montserrat/Montserrat-SemiBold/MontserratSemiBold.woff2
Requested by
Host: www.searates.com
URL: https://www.searates.com/design/css/apps/auth/581.bundle.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.248 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb54d0bbf18fe158145427b50cb53b06005448bc581e631f4a5f4038cd21c94c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dfaerp.com
Referer
https://www.searates.com/design/css/apps/auth/581.bundle.css

Response headers

cache-control
public, max-age=10368000
cf-cache-status
HIT
etag
"67179024-1572c"
cf-ray
8d7264633b4aca58-HAM
expires
Thu, 20 Feb 2025 14:24:41 GMT
accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
87852
date
Wed, 23 Oct 2024 14:24:41 GMT
content-type
font/woff2
last-modified
Tue, 22 Oct 2024 11:44:36 GMT
vary
Accept-Encoding
server
cloudflare
recaptcha__de.js
www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/ 		546 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeNrPIUAAAAAEHPsc9B0fHGf2yTM5-m38E1h6yq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
9361aaa99bd2f940d92294185a2f3d081c1bda58c28f031e7e6c6367f99c23af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://dfaerp.com
Referer
https://dfaerp.com/

Response headers

content-encoding
gzip
age
8734
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 11:59:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 23 Oct 2024 11:59:07 GMT
last-modified
Mon, 14 Oct 2024 18:32:27 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
221971
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/api2/ Frame 301E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNrPIUAAAAAEHPsc9B0fHGf2yTM5-m38E1h6yq&co=aHR0cHM6Ly9kZmFlcnAuY29tOjQ0Mw..&hl=de&v=lqsTZ5beIbCkK4uGEGv9JmUR&size=invisible&cb=237biw7b76e7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/lqsTZ5beIbCkK4uGEGv9JmUR/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-SO9G3y8-xVIaktoakknTsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dfaerp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-SO9G3y8-xVIaktoakknTsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Oct 2024 14:24:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| webpackChunkoutput_virtual_office object| __TSR_ROUTER_CONTEXT__ function| check_online object| auth_system object| webpackChunkauth_system object| dataLayer function| onRecaptchaLoadCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_405227

2 Cookies

Domain/Path Name / Value
.searates.com/ Name: PHPSESSID
Value: bl6gvormuc6sllocgtcpav95i7
.searates.com/ Name: __cf_bm
Value: xKWQF6_cFTrtEivgURq6Gktz1DSZ0p0O4xCYbY3JIJA-1729693479-1.0.1.1-lesxK9FCsZdRGjbxKrtmxWBj7lj2XEjK4eWc7AtccPYN8Oakx1zlJDY.9241_GSRkLLYGf8TomZNIiqxmPwOvA

3 Console Messages

Source Level URL
Text
network error URL: https://dfaerp.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://dfaerp.com/design/images/apps/auth/logos/searates-dp-word-light.png
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://dfaerp.com/auth/sign-in
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apps.searates.com
dfaerp.com
office.searates.com
www.google.com
www.gstatic.com
www.searates.com
142.250.181.227
142.250.185.132
172.64.148.248
3.67.115.246
52.58.54.219
05921a64a16e3cd902dfbbc94c973b383d31b6d294bdc337b0ccacb4920b5337
15be9fd438cdf3ec6ce516a0b35c6f18260c32b309259ffb153b8cb4fe600df9
1f16c2b4bb34cb46ff9ad729c1f186c07550f1ffee63d6c634f639abe4f97d3f
326bcd3fa5d81b753d721e8bb3df90aadb89bcf0059bd75d0bacbe44868cde7b
646a6ff41226ac9a17504599a66988b5ce0b2f58a4c62600f9255311411a80f8
660fff996a0ec97c66d6028ce8e90a9782eeecefd6d2a91051e7489d69eb493d
6a62d81f6116a8f03405b803335f6b79a3806a7833ccbaf61c1ef5220cbbec57
750b928c9ba3a1ca07caed35ad84eeeb87c5acce64d0ffd48b0f7b1e8976c745
759c35012cb74a5b2d3dcff500cd8e72d59f86252afbb183d161cc0acca47674
77ee236e53e9c9af0d697b87f587569274f496dffd136baa55e5e314bafc9166
7eefdf70d23d2dd492fa5b26d39afc66ff1c00784ca88038bfadf8b595ca65ca
803a2ae109cd6e717292b86acd71ba0323ca81991fb8d1e03612f41f4eb5101a
9361aaa99bd2f940d92294185a2f3d081c1bda58c28f031e7e6c6367f99c23af
964772e870e3fc36b76485c3a01d3354d9e296f4bdf268c561cab49eb85c6219
b191f6f77ce533b151c0142943855f4bcdc90dba60d31b1e41f762ca6404269d
b27986165adb9f6b963efede798c2aee63db2d95b5848674fd7398bdba9a3fef
cb54d0bbf18fe158145427b50cb53b06005448bc581e631f4a5f4038cd21c94c
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e64fadce8079910240fad6c2addf34dda634811d06bb5cf76f9244eedefa31f8
f0db41652478766b2321be1f8da422084e6de11666ed1295a56c34d2a2cc6435
f1ac725d6f412c9d0757e68f0f901dd1fe97ada8d4f54b8b7bc255fcc14c2fee