urlscan.io logo urlscan.io
SecurityTrails logo

firewall.nguyenletriloc.pro Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://firewall.nguyenletriloc.pro/
Submission: On November 16 via manual from VN — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 5 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is firewall.nguyenletriloc.pro.
TLS certificate: Issued by WE1 on October 11th 2024. Valid for: 3 months.
This is the only time firewall.nguyenletriloc.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 188.114.96.3 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
5 2
Apex Domain
Subdomains		 Transfer
5 nguyenletriloc.pro
firewall.nguyenletriloc.pro
9 KB
1 gitlab.com
about.gitlab.com — Cisco Umbrella Rank: 125704
4 KB
5 2
Domain Requested by
5 firewall.nguyenletriloc.pro 1 redirects firewall.nguyenletriloc.pro
1 about.gitlab.com
5 2

This site contains no links.

Subject Issuer Validity Valid
nguyenletriloc.pro
WE1		 2024-10-11 -
2025-01-09		 3 months crt.sh
about.gitlab.com
WE1		 2024-10-06 -
2025-01-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://firewall.nguyenletriloc.pro/
Frame ID: FD4C46DA8AB89DA1971479189D22D84E
Requests: 3 HTTP requests in this frame

Frame: https://firewall.nguyenletriloc.pro/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: AFAEB192E7E67C0CE5A796DAA1C6BBB0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tajima C2/API

Page URL History Show full URLs

  1. https://firewall.nguyenletriloc.pro/ Page URL
  2. https://firewall.nguyenletriloc.pro/ Page URL

Page Statistics

5
Requests

80 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

13 kB
Transfer

15 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://firewall.nguyenletriloc.pro/ Page URL
  2. https://firewall.nguyenletriloc.pro/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://firewall.nguyenletriloc.pro/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://firewall.nguyenletriloc.pro/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
firewall.nguyenletriloc.pro/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://firewall.nguyenletriloc.pro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e3760bc4e4d9ff0-AMS
content-encoding
zstd
content-type
text/html
date
Sat, 16 Nov 2024 12:10:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ox8bNYNKFVA8t3HB2EGWe1U6geOOPI%2FARvq%2BOKGTdpPfox%2FNMnd1xStI4ySIfA1a%2Bb77Gu%2FBmBwFkOzyniIQ0IyteeNTXr30WraoaGygjmzW1R8bPKto3LoCcdUmvWwj46t2MjGrsKAVbdVCBWw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=28704&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4167&recv_bytes=4495&delivery_rate=624&cwnd=12000&unsent_bytes=0&cid=2f42d2b89e214718&ts=739&x=1" cfExtPri cfHdrFlush;dur=0
tm-firewall
2.0
Primary Request /
firewall.nguyenletriloc.pro/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://firewall.nguyenletriloc.pro/
Requested by
Host: firewall.nguyenletriloc.pro
URL: https://firewall.nguyenletriloc.pro/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91346895277e5c6dd31ffac93b9aae9d5960785510e68c2affd4bfe46d8c6b50

Request headers

Referer
https://firewall.nguyenletriloc.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e3760c18cc09ff0-AMS
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Sat, 16 Nov 2024 12:10:27 GMT
last-modified
Sat, 16 Nov 2024 11:54:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BmBqWkmHu8RLWu3KimUsa8gI7WX3nAj%2BLR%2FM4BZjvOLB6alSSHIuEnLmLyql0gTzM%2F9XBgDWg3NCbNIdjY4TErlNsSKKIOuVe1YAe4hFctcIoYgz0a7U3Or5ZHpWez%2Fot3FMioZLPe2Zo694kPw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=28869&sent=16&recv=13&lost=0&retrans=0&sent_bytes=6091&recv_bytes=5054&delivery_rate=115013&cwnd=12000&unsent_bytes=0&cid=2f42d2b89e214718&ts=1256&x=1" cfExtPri cfHdrFlush;dur=0
tm-firewall
2.0
main.js
firewall.nguyenletriloc.pro/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame AFAE
Redirect Chain
  • https://firewall.nguyenletriloc.pro/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://firewall.nguyenletriloc.pro/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://firewall.nguyenletriloc.pro/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0e9204fd4629fe55873312e59dc08147c2bd6d9faddab5de1d6004904f5ab80
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T3YQly7TgyU4ym6YzFJ2JcOAkZHZ9cmJz7jx4jMjtRR51FIIoLXllKrbD3NfUsyQ3fF9V%2F8ldYQvu7BstlgUTOcDQxqUhTZGEFtnLjbvDpQALhb0mbY%2BLGP4WY%2B5Vi1%2BSNkjxyqBqcCozqXMtHo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e3760c4e85a9ff0-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28299&sent=21&recv=16&lost=0&retrans=0&sent_bytes=8351&recv_bytes=5800&delivery_rate=20243&cwnd=12000&unsent_bytes=0&cid=2f42d2b89e214718&ts=1461&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 12:10:27 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8KGczhS1X4G7%2BPoN1gxxoLgEAwPEG8QoB09hu%2B%2FtTW67XR4JNBEwpf4%2Bxgl4CCBDzitdCb2HVJpwaGLXlQ%2BEfY88RIY9asIRiybTZibBZ8AojQQUHtt4CLxfDUQDvSrzjQbGngUj0R7SC0gBa4I%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3760c4b80e9ff0-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=27876&sent=19&recv=15&lost=0&retrans=0&sent_bytes=7610&recv_bytes=5439&delivery_rate=4051&cwnd=12000&unsent_bytes=0&cid=2f42d2b89e214718&ts=1424&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 16 Nov 2024 12:10:27 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
gitlab-icon-1-color-black-rgb.png
about.gitlab.com/images/press/logo/png/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://about.gitlab.com/images/press/logo/png/gitlab-icon-1-color-black-rgb.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2b86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00c2cea087d474b4c2bcd60c2bddcf0a9ccb5a24a8deba65cbf7bb4f730786e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://firewall.nguyenletriloc.pro/

Response headers

x-goog-metageneration
1
x-goog-meta-goog-reserved-file-mtime
1651009050
x-goog-hash
crc32c=TsJ2VA==, md5=BtSryXNhbKVyuCrEx6IHiw==
cf-cache-status
REVALIDATED
etag
"06d4abc973616ca572b82ac4c7a2078b"
x-goog-stored-content-encoding
identity
expires
Sat, 16 Nov 2024 16:10:28 GMT
x-goog-stored-content-length
3659
date
Sat, 16 Nov 2024 12:10:28 GMT
content-type
image/png
last-modified
Tue, 26 Apr 2022 21:38:45 GMT
vary
Accept-Encoding, Origin
x-guploader-uploadid
ABPtcPrH1nWl9WX-sdlSe_nvpaclJnIaCy228BOOWcngQ3ZRFxdrqbpfid9MSU2N0epSeQ71J88
cache-control
public, max-age=14400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8e3760c5e9d61c82-AMS
accept-ranges
bytes
x-goog-generation
1651009125784316
content-length
3659
server
cloudflare
8e3760c18cc09ff0
firewall.nguyenletriloc.pro/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame AFAE 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://firewall.nguyenletriloc.pro/cdn-cgi/challenge-platform/h/b/jsd/r/8e3760c18cc09ff0
Requested by
Host: firewall.nguyenletriloc.pro
URL: https://firewall.nguyenletriloc.pro/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n1qpNA5A9Dg5Gcr%2FDMr93rVBgu5T2ynmoFkCwU%2BqiaBJ48wGEkzUCiodyHCzqVsKDZ%2FBJL8JoUptu6IC2QrcQ44YEj1OO1rSk3RhbacDkbzL30LrVWPotr3cU8p6oc1Pjww8uXDUjpi81i3xEYE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3760c72a729ff0-AMS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=29657&sent=32&recv=33&lost=0&retrans=0&sent_bytes=13165&recv_bytes=23097&delivery_rate=135951&cwnd=12000&unsent_bytes=0&cid=2f42d2b89e214718&ts=1869&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Sat, 16 Nov 2024 12:10:28 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

2 Cookies

Domain/Path Name / Value
firewall.nguyenletriloc.pro/ Name: _2__TM-FIREWALL_v
Value: 139e86fb4dd4d340c05bc5c858e99e243ff25539ed40a7c3e6a35332547b4a31
.nguyenletriloc.pro/ Name: cf_clearance
Value: x111dZwFL5hguKfKM5pnUQyqfPs1pDdQDhksO1wb5rg-1731759028-1.2.1.1-OcITH6AgA2lKk18Pq5ImrwhRxTk0eG1JPa48D.g3vscMsPMqeTolbKhRUmqhQfHnE4XylXaNAkquhQF0SNA5KCbTnmI6bmKwW5HdbuckbxI8YMaThJjHQG9YMnVNEx_Q2u4u1zESP7fLGyxjBacLvfokmXKjyd7rrqpMENsjWvdzAlLKcIpfq6YQ7I0aHvewkqS.MKYsANzYNdbtXEjRvWrvL4q6TgfsFokS_0J8ccDcAPXYrLX46IKSaeQIuyvtARh7Zb.Nn1e88XrgIFuE6Opq9aeFlbC.7F1j0W4P2BI8WylI75qem.QP.il20M4XWWXGwkSUPJD9RyZtiw8zzUhdrsId4GcbpI3YLUK..p66llzSzDtNrfllpurB0ACJ