ns-safe.cr.cafs.technology Open in urlscan Pro
103.150.197.191 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ns-safe.cr.cafs.technology/
Effective URL:
https://ns-safe.cr.cafs.technology/install.html
Submission: On November 01 via automatic, source certstream-suspicious (November 1st 2023, 2:33:21 am UTC) — Scanned from DE

Summary HTTP 4 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 4 HTTP transactions. The main IP is 103.150.197.191, located in Bandung, Indonesia and belongs to IDNIC-BIZNETGIO-AS-ID PT Biznet Gio Nusantara, ID. The main domain is ns-safe.cr.cafs.technology.
TLS certificate: Issued by R3 on November 1st 2023. Valid for: 3 months.

This is the only time ns-safe.cr.cafs.technology was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 5	103.150.197.191 103.150.197.191		133800 (IDNIC-BIZ...) (IDNIC-BIZNETGIO-AS-ID PT Biznet Gio Nusantara)
4	2

5 103.150.197.191 (Bandung, Indonesia) 1 redirects

ASN133800 (IDNIC-BIZNETGIO-AS-ID PT Biznet Gio Nusantara, ID)
PTR: ip-191-197.150.103.wjv-1.biznetg.io

ns-safe.cr.cafs.technology	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	cafs.technology 1 redirects ns-safe.cr.cafs.technology	799 KB
4	1

	Domain	Requested by
5	ns-safe.cr.cafs.technology	1 redirects ns-safe.cr.cafs.technology
4	1

This site contains links to these domains. Also see Links.

Domain
github.com
link.adtidy.org

Subject Issuer	Validity	Valid
ns-safe.cr.cafs.technology R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ns-safe.cr.cafs.technology/install.html
Frame ID: 817EB674A1EA3DBCD3C8BB017FD5DCE3
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Setup AdGuard Home

Page URL History Show full URLs

https://ns-safe.cr.cafs.technology/ HTTP 302
https://ns-safe.cr.cafs.technology/install.html Page URL

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

799 kB
Transfer

3147 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/AdguardTeam/AdGuardHome
Title: Homepage

Search URL Search Domain Scan URL

URL: https://link.adtidy.org/forward.html?action=privacy&from=ui&app=home
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://github.com/AdguardTeam/AdGuardHome/issues/new/choose
Title: Report an issue

Search URL Search Domain Scan URL

URL: https://link.adtidy.org/forward.html?action=home&from=ui&app=home
Title: AdGuard

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ns-safe.cr.cafs.technology/ HTTP 302
https://ns-safe.cr.cafs.technology/install.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request install.html Show response ns-safe.cr.cafs.technology/ Redirect Chain https://ns-safe.cr.cafs.technology/ https://ns-safe.cr.cafs.technology/install.html	865 B 955 B	177ms 177ms	Document text/html	103.150.197.191 IDNIC-BIZNETGIO-A...
General Check archive.org Show headers Download Go to Full URL https://ns-safe.cr.cafs.technology/install.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.150.197.191 Bandung, Indonesia, ASN133800 (IDNIC-BIZNETGIO-AS-ID PT Biznet Gio Nusantara, ID), Reverse DNS ip-191-197.150.103.wjv-1.biznetg.io Software nginx / Resource Hash `ea69e4943013bd4851fc83f5335c59d00861da8510723344d99fbc9518ac860f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 865 content-type text/html; charset=utf-8 date Wed, 01 Nov 2023 02:33:13 GMT server nginx Redirect headers content-length 36 content-type text/html; charset=utf-8 date Wed, 01 Nov 2023 02:33:12 GMT location /install.html server nginx
GET H2	200	install.c6c85272422dd3c3b02f.css ns-safe.cr.cafs.technology/	318 KB 50 KB	368ms 366ms	Stylesheet text/css	103.150.197.191 IDNIC-BIZNETGIO-A...
General Check archive.org Show headers Download Go to Full URL https://ns-safe.cr.cafs.technology/install.c6c85272422dd3c3b02f.css Requested by Host: ns-safe.cr.cafs.technology URL: https://ns-safe.cr.cafs.technology/install.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.150.197.191 Bandung, Indonesia, ASN133800 (IDNIC-BIZNETGIO-AS-ID PT Biznet Gio Nusantara, ID), Reverse DNS ip-191-197.150.103.wjv-1.biznetg.io Software nginx / Resource Hash `77f1be9aed50357a038895db091aa858324f4eac1c2c60c35d06ba1a6327d518` Request headers accept-language de-DE,de;q=0.9 Referer https://ns-safe.cr.cafs.technology/install.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Wed, 01 Nov 2023 02:33:13 GMT content-encoding gzip server nginx accept-ranges bytes vary Accept-Encoding content-type text/css; charset=utf-8
GET H2	200	install.c6c85272422dd3c3b02f.js Show response ns-safe.cr.cafs.technology/	3 MB 747 KB	194ms 193ms	Script text/javascript	103.150.197.191 IDNIC-BIZNETGIO-A...
General Check archive.org Show headers Download Go to Full URL https://ns-safe.cr.cafs.technology/install.c6c85272422dd3c3b02f.js Requested by Host: ns-safe.cr.cafs.technology URL: https://ns-safe.cr.cafs.technology/install.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.150.197.191 Bandung, Indonesia, ASN133800 (IDNIC-BIZNETGIO-AS-ID PT Biznet Gio Nusantara, ID), Reverse DNS ip-191-197.150.103.wjv-1.biznetg.io Software nginx / Resource Hash `45df0c5643a6da8b60a25e4f68d8f418cc2f53f5bd80f4d357d9ccb86688ead8` Request headers accept-language de-DE,de;q=0.9 Referer https://ns-safe.cr.cafs.technology/install.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Wed, 01 Nov 2023 02:33:13 GMT content-encoding gzip server nginx accept-ranges bytes vary Accept-Encoding content-type text/javascript; charset=utf-8
GET H2	200	get_addresses Show response ns-safe.cr.cafs.technology/control/install/	576 B 650 B	176ms 176ms	XHR text/plain	103.150.197.191 IDNIC-BIZNETGIO-A...
General Check archive.org Show headers Download Go to Full URL https://ns-safe.cr.cafs.technology/control/install/get_addresses Requested by Host: ns-safe.cr.cafs.technology URL: https://ns-safe.cr.cafs.technology/install.c6c85272422dd3c3b02f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 103.150.197.191 Bandung, Indonesia, ASN133800 (IDNIC-BIZNETGIO-AS-ID PT Biznet Gio Nusantara, ID), Reverse DNS ip-191-197.150.103.wjv-1.biznetg.io Software nginx / Resource Hash `dfbf3b19caf25effb2a862166d100763130c5e54bd57929e6c8c6bdc4b91a56c` Request headers Accept application/json, text/plain, / Referer https://ns-safe.cr.cafs.technology/install.html accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Wed, 01 Nov 2023 02:33:14 GMT server nginx content-length 576 content-type text/plain; charset=utf-8
GET DATA	200 OK	truncated /	551 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `b86d5809a74542797a4d261e1940f75a49c885cdb8420e8275a13415db43630c` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	4 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `659678534fd79617a2277bbac61d5b1ec9b9b57d192904336b035fa7a8dde2ea` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	371 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `cc96d5de503bd93041a9541a0b4e3f12d64acd26e639c3c98c5297b2309bbaf5` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	276 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `a768124790813f672a264f91b412ad8d9d190d32a361f3b965adacdd66f9c9a7` Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers Content-Type image/svg+xml

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| regeneratorRuntime

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ns-safe.cr.cafs.technology
103.150.197.191
45df0c5643a6da8b60a25e4f68d8f418cc2f53f5bd80f4d357d9ccb86688ead8
659678534fd79617a2277bbac61d5b1ec9b9b57d192904336b035fa7a8dde2ea
77f1be9aed50357a038895db091aa858324f4eac1c2c60c35d06ba1a6327d518
a768124790813f672a264f91b412ad8d9d190d32a361f3b965adacdd66f9c9a7
b86d5809a74542797a4d261e1940f75a49c885cdb8420e8275a13415db43630c
cc96d5de503bd93041a9541a0b4e3f12d64acd26e639c3c98c5297b2309bbaf5
dfbf3b19caf25effb2a862166d100763130c5e54bd57929e6c8c6bdc4b91a56c
ea69e4943013bd4851fc83f5335c59d00861da8510723344d99fbc9518ac860f

ns-safe.cr.cafs.technology Open in urlscan Pro 103.150.197.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

799 kBTransfer

3147 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

Indicators

ns-safe.cr.cafs.technology Open in urlscan Pro
103.150.197.191 Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

799 kB
Transfer

3147 kB
Size

0
Cookies

4 HTTP transactions
4 data transactions