indsafesw.live
Open in
urlscan Pro
2a06:98c1:3121::3
Public Scan
Effective URL: https://indsafesw.live/cldflr/?a=136248&sm=46447
Submission Tags: @phish_report
Submission: On November 12 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by WE1 on November 4th 2024. Valid for: 3 months.
This is the only time indsafesw.live was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 2606:4700::68... 2606:4700::6811:8e74 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a04:4e42:200... 2a04:4e42:200::649 | 54113 (FASTLY) (FASTLY) | |
1 17 | 188.114.96.3 188.114.96.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
22 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
indsafesw.live
1 redirects
indsafesw.live |
496 KB |
2 |
groovesell.com
tracking.groovesell.com |
868 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 791 |
30 KB |
22 | 3 |
Domain | Requested by | |
---|---|---|
20 | indsafesw.live |
1 redirects
tracking.groovesell.com
indsafesw.live |
2 | tracking.groovesell.com | |
1 | code.jquery.com |
indsafesw.live
|
22 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
groovesell.com WE1 |
2024-09-14 - 2024-12-13 |
3 months | crt.sh |
indsafesw.live WE1 |
2024-11-04 - 2025-02-02 |
3 months | crt.sh |
*.jquery.com Sectigo ECC Domain Validation Secure Server CA |
2024-06-25 - 2025-06-25 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://indsafesw.live/cldflr/?a=136248&sm=46447
Frame ID: 031F044BB7841ED838310EE8848BC5F2
Requests: 20 HTTP requests in this frame
Frame:
https://indsafesw.live/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: EE6D622ED13D6612A641E7FEE5787258
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
DocumentPage URL History Show full URLs
- https://tracking.groovesell.com/t/eedfab0f042492b88076d1ca1ef32e44 Page URL
- https://indsafesw.live/cldflr/?a=136248&sm=46447 Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://tracking.groovesell.com/t/eedfab0f042492b88076d1ca1ef32e44 Page URL
- https://indsafesw.live/cldflr/?a=136248&sm=46447 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 18- https://indsafesw.live/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://indsafesw.live/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
eedfab0f042492b88076d1ca1ef32e44
tracking.groovesell.com/t/ |
447 B 722 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
tracking.groovesell.com/ |
0 146 B |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
indsafesw.live/cldflr/ |
12 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.7.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
indsafesw.live/cldflr/img/ |
680 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plastic.jpg
indsafesw.live/cldflr/img/ |
53 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
newgame.jpeg
indsafesw.live/cldflr/img/ |
38 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gamesnow.jpeg
indsafesw.live/cldflr/img/ |
39 KB 40 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
diabetes.jpg
indsafesw.live/cldflr/img/ |
36 KB 37 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
phone.jpg
indsafesw.live/cldflr/img/ |
16 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sale.jpeg
indsafesw.live/cldflr/img/ |
33 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
robot.jpeg
indsafesw.live/cldflr/img/ |
43 KB 44 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
scheme.jpg
indsafesw.live/cldflr/img/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
kid.jpg
indsafesw.live/cldflr/img/ |
32 KB 33 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rvac.jpg
indsafesw.live/cldflr/img/ |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
kidonline.jpg
indsafesw.live/cldflr/img/ |
31 KB 32 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
subscr.jpeg
indsafesw.live/cldflr/img/ |
81 KB 82 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rout.jpg
indsafesw.live/cldflr/img/ |
25 KB 25 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
short-logo.png
indsafesw.live/cldflr/img/ |
396 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
indsafesw.live/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame EE6D Redirect Chain
|
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
8e14df45ae7ce4d2
indsafesw.live/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame EE6D |
0 1 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
indsafesw.live/ |
564 B 772 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.groovesell.com/ | Name: gd_tracker Value: YToxOntpOjA7aToxNTA4Njt9 |
|
.groovesell.com/ | Name: gd_tracker_sessions Value: YToxOntpOjA7aTo4NTU4NDg1O30%3D |
|
.indsafesw.live/ | Name: cf_clearance Value: OjcTFXU.vy67BQP0.llfZGFJQNomoDs9.BO2g2AWn3M-1731397208-1.2.1.1-atl6h68a3G7AL_IHXcLb.kcoJ0QQDTtWKXCgrMraDuiz1_50QWDjnlXgMOwT05FNh6jqxcEdllg1KV2ZaE_RxrcZWJhJYxkji6c7sWl0yajnVdv5e4osMMliL0e8cbnNYb8x6A.c4Zi5KasAml66RnpW06Tk_Qkjn2Wa_hHHftGD2Wps7UVZRKSX.daOhYulkaBCCabtLL8uvhJGaj7us_QV2sxsckxkkykdIocsjWb4cMz0wj3ACBl0gvzja2rGRfIHDbYg_8hukVE.CCHy1qq1XRY5gi5YsTodcQFsIRiPVotgHzHbY16BXzLo0Cn.ftTi3.j1xFJafUSBZdrVsvaqEy5jW_w3qT6JJjINXaTwTlDZao8K72Me0kUm8QOd |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
code.jquery.com
indsafesw.live
tracking.groovesell.com
188.114.96.3
2606:4700::6811:8e74
2a04:4e42:200::649
2a06:98c1:3121::3
0743cf22e6ec3404bfe177f52cb04cef2a397e4bcd66ae20b0f0c52172543448
0addc2738651a441f62fc2582cbe445d0bf97dbe9f4df8d43658ba8e30e5429e
135e0aabe49297f106d25a3cca2a452715500a151d2f89ff370573f5b2eeb957
15250962dab9e37d6c082b31d01eb2ae43a6bf6a1f0f065d563ea96ef827f05f
163c7165466f999f4cf75497ba4e9d4960359b5517f76330d2081ddf2d6a4872
216334f6b082d2c21ac82015817cf5ad2dfc8072098b536ad078d63f19407c65
2696c442edb62a26c9832ee7e8e290dde14f6d0bea7184d0a36c7b4f74e92009
272ea7fb48abf2f4f85f090429b2fe55edc93fad82984719fa5e2b57ab0633e1
486cdbec2136bd38df877137d5e8bce365d016d9588ec066f98c906564aad088
62ebe63e61b480a1ee880a623c289942aa57da921164597e9d2855ada5527b4b
86bb082cab6486801e7685dded4a3d5c38f086618f843e55fabc09a510a215fb
8b27acddd1d8acf8d66a4f5b1f67e3cfa3c95a71d0d4d2aca1f47f33deabc6c8
96d29d67fec7637ff4e9dbbc56bcabd728cc31c7598797a9ad20ccb0d8a308b9
baa4e95656e12110869deaf75b7162b727a574cc20b11635ea6120c746b85000
bb2309e4dceec993ad7f59a1bbc8dd5825f7b0d272a7546cf2eecc3bdefc3403
c6055ae18d4dae2d2c5d5c9d888a4112477983f7374d3806fc7f6c7661ac1368
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed6f6f2144998175c846a99d2a0faab5bf7b6ace318f0fe2dc4bfeaf4700c1d8
ee984a63e2775b48cdc1cd9e90b50a806b3d14bd6422a31f678754c1d324408d
f36859e4a769ce65e2a1b288143eb9f7ee82f5257664c6f4a95a94c2247b74ce
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a