account.wafra.us - urlscan.io

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 5 HTTP transactions. The main IP is 198.54.120.153, located in United States and belongs to NAMECHEAP-NET, US. The main domain is account.wafra.us.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 9th 2022. Valid for: a year.

This is the only time account.wafra.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 6	198.54.120.153 198.54.120.153		22612 (NAMECHEAP...) (NAMECHEAP-NET)
5	2

6 198.54.120.153 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server319-4.web-hosting.com

account.wafra.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	wafra.us 1 redirects account.wafra.us	580 KB
5	1

	Domain	Requested by
6	account.wafra.us	1 redirects account.wafra.us
5	1

This site contains no links.

Subject Issuer	Validity	Valid
account.wafra.us Sectigo RSA Domain Validation Secure Server CA	`2022-03-09` - `2023-03-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://account.wafra.us/login
Frame ID: 1CF76574504A0C02163D48B37C8465F1
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login | Wafra

Page URL History Show full URLs

http://account.wafra.us/login HTTP 301
https://account.wafra.us/login Page URL

Page Statistics

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

580 kB
Transfer

1476 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://account.wafra.us/login HTTP 301
https://account.wafra.us/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response account.wafra.us/ Redirect Chain http://account.wafra.us/login https://account.wafra.us/login	64 KB 24 KB	678ms 521ms	Document text/html	198.54.120.153 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://account.wafra.us/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.120.153 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server319-4.web-hosting.com Software LiteSpeed / PHP/7.4.28 Resource Hash `da8a1fc131c310bba762a9d84270b3b1cae0b3e9eee5ffd822375c7afb4f4d2e` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language en-US,en;q=0.9 Response headers x-powered-by PHP/7.4.28 content-type text/html; charset=UTF-8 cache-control no-cache, private content-length 23799 content-encoding br vary Accept-Encoding,User-Agent date Mon, 14 Mar 2022 18:28:06 GMT server LiteSpeed x-turbo-charged-by LiteSpeed Redirect headers keep-alive timeout=5, max=100 content-type text/html content-length 707 date Mon, 14 Mar 2022 18:28:06 GMT server LiteSpeed location https://account.wafra.us/login x-turbo-charged-by LiteSpeed
GET H2	200	apps.css account.wafra.us/assets/css/	427 KB 67 KB	355ms 354ms	Stylesheet text/css	198.54.120.153 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://account.wafra.us/assets/css/apps.css?ver=1.1.0 Requested by Host: account.wafra.us URL: https://account.wafra.us/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.120.153 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server319-4.web-hosting.com Software LiteSpeed / Resource Hash `2ff8632265e555b2ccf366ce3b36bb76ae2ed1859fdbbb4d82452a087254eda8` Request headers Accept-Language en-US,en;q=0.9 Referer https://account.wafra.us/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 14 Mar 2022 18:28:06 GMT content-encoding br last-modified Sun, 27 Jun 2021 07:09:08 GMT server LiteSpeed vary Accept-Encoding,User-Agent content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 68340 expires Mon, 21 Mar 2022 18:28:06 GMT
GET H2	200	bundle.js Show response account.wafra.us/assets/js/	659 KB 191 KB	123ms 123ms	Script application/javascript	198.54.120.153 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://account.wafra.us/assets/js/bundle.js Requested by Host: account.wafra.us URL: https://account.wafra.us/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.120.153 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server319-4.web-hosting.com Software LiteSpeed / Resource Hash `b713051a1e7e68eb344c570bb7f6e4b45fa7b4397cc164dd34fbb31c04eadd7d` Request headers Accept-Language en-US,en;q=0.9 Referer https://account.wafra.us/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 14 Mar 2022 18:28:06 GMT content-encoding br last-modified Sun, 27 Jun 2021 07:03:38 GMT server LiteSpeed vary Accept-Encoding,User-Agent content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 195356 expires Mon, 21 Mar 2022 18:28:06 GMT
GET H2	200	app.js Show response account.wafra.us/assets/js/	10 KB 3 KB	199ms 199ms	Script application/javascript	198.54.120.153 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://account.wafra.us/assets/js/app.js Requested by Host: account.wafra.us URL: https://account.wafra.us/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.120.153 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server319-4.web-hosting.com Software LiteSpeed / Resource Hash `4df29d63047d0296a56cc6895bff1f190edd3c1fd4990e4affad33acedfbcc8f` Request headers Accept-Language en-US,en;q=0.9 Referer https://account.wafra.us/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 14 Mar 2022 18:28:06 GMT content-encoding br last-modified Sun, 27 Jun 2021 07:03:24 GMT server LiteSpeed vary Accept-Encoding,User-Agent content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 2842 expires Mon, 21 Mar 2022 18:28:06 GMT
GET DATA	200 OK	truncated /	2 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `1314e00cecc119c7262b3f0a97c9bc173661caea8e6a5127074d6ed19df27cbb` Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	20 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `3208f06646e2be11e6745814fc4bf5e0f81d681f8acac485dd08ca074c734125` Request headers Accept-Language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/jpeg
GET H2	200	Nioicon.ttf account.wafra.us/assets/fonts/	294 KB 294 KB	80ms 80ms	Font font/ttf	198.54.120.153 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://account.wafra.us/assets/fonts/Nioicon.ttf?djcpub Requested by Host: account.wafra.us URL: https://account.wafra.us/assets/css/apps.css?ver=1.1.0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.120.153 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server319-4.web-hosting.com Software LiteSpeed / Resource Hash `e3dc9a348aa4c868d4d6a9e9b34fd5371006a088a5da3fb7a2444e6216d394a8` Request headers Referer https://account.wafra.us/assets/css/apps.css?ver=1.1.0 Origin https://account.wafra.us Accept-Language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 14 Mar 2022 18:28:07 GMT last-modified Wed, 23 Jun 2021 07:09:10 GMT server LiteSpeed vary User-Agent content-type font/ttf cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 300812 expires Mon, 21 Mar 2022 18:28:07 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			account.wafra.us/	1970-01-20 01:34:49	Name: XSRF-TOKEN Value: eyJpdiI6InZTRDJWQlVHVUlmT1l4azhnWG13amc9PSIsInZhbHVlIjoiQmE3bzVhelJ2Y1pqNE16QUpZMzRCTituanlTazRQSTlKVzkvWXJkWTA1TVRjajZpNHdaTUxjV2ROYUpsOVYvZjhrcmhpV0xDdHkyVUc0Sm5zSStSQjUrVnVVMnJZSlA3Zi9oOTlUbVgrTDVOUzdVM0Z0amlKUXFaa1IyR2Z0MlgiLCJtYWMiOiI3YmVhODE0MGZhOWM3N2VhZjEyOTAyMzc1ZWQ3YmRlMjI0N2U3NTVhNzk4ODlhNDViYTkyMTBjNTZlOGE0MmM5In0%3D
			account.wafra.us/	1970-01-20 01:34:49	Name: investorm_session Value: eyJpdiI6IlZwbWJKZks2QUpEYlIwUFIwNmJTQXc9PSIsInZhbHVlIjoiWDR6ZEZ0Vm5FMlpVcEpidjhsYnk0MXh0QlV3anVlanRmQi9kKzZKbE9SRFlaVEtmdFk5Mm1zVUp0WU1kbU1ZcUsrbTc0NkV3cUFIMkVHN25kZXA0UFlLaUZlVU9ORVJpcnF0QTZuK3F4TEVDb0R6dU1WT3FqRDN2bWdWbmluczQiLCJtYWMiOiIzNDc1ODc3YjY3ZTIwMThhMWI1MTZhMmQwYzk0ZDU2NzdkZTUyYzc4NWM2ZWM4OGY5YTQxOGJjMDEzNmFjNmZiIn0%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.wafra.us
198.54.120.153
1314e00cecc119c7262b3f0a97c9bc173661caea8e6a5127074d6ed19df27cbb
2ff8632265e555b2ccf366ce3b36bb76ae2ed1859fdbbb4d82452a087254eda8
3208f06646e2be11e6745814fc4bf5e0f81d681f8acac485dd08ca074c734125
4df29d63047d0296a56cc6895bff1f190edd3c1fd4990e4affad33acedfbcc8f
b713051a1e7e68eb344c570bb7f6e4b45fa7b4397cc164dd34fbb31c04eadd7d
da8a1fc131c310bba762a9d84270b3b1cae0b3e9eee5ffd822375c7afb4f4d2e
e3dc9a348aa4c868d4d6a9e9b34fd5371006a088a5da3fb7a2444e6216d394a8

account.wafra.us Open in urlscan Pro 198.54.120.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

5 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

580 kBTransfer

1476 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

2 Cookies

Indicators

account.wafra.us Open in urlscan Pro
198.54.120.153 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

580 kB
Transfer

1476 kB
Size

2
Cookies

5 HTTP transactions
2 data transactions