www.user.wafra.us
Open in
urlscan Pro
198.54.120.153
Public Scan
Effective URL: https://www.user.wafra.us/login
Submission: On March 07 via automatic, source certstream-suspicious — Scanned from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 7th 2020. Valid for: 2 years.
This is the only time www.user.wafra.us was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 6 | 198.54.120.153 198.54.120.153 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
5 | 2 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server319-4.web-hosting.com
www.user.wafra.us |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
wafra.us
1 redirects
www.user.wafra.us |
570 KB |
5 | 1 |
Domain | Requested by | |
---|---|---|
6 | www.user.wafra.us |
1 redirects
www.user.wafra.us
|
5 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.web-hosting.com Sectigo RSA Domain Validation Secure Server CA |
2020-05-07 - 2022-04-05 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.user.wafra.us/login
Frame ID: B7CD847B746A243D87959738E19FBEBE
Requests: 6 HTTP requests in this frame
Screenshot
Page Title
Login | GlobitexPage URL History Show full URLs
-
https://www.user.wafra.us/
HTTP 302
https://www.user.wafra.us/login Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.user.wafra.us/
HTTP 302
https://www.user.wafra.us/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
www.user.wafra.us/ Redirect Chain
|
47 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apps.css
www.user.wafra.us/assets/css/ |
428 KB 67 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
www.user.wafra.us/assets/js/ |
663 KB 194 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
www.user.wafra.us/assets/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
8 KB 0 |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Nioicon.ttf
www.user.wafra.us/assets/fonts/ |
294 KB 294 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored object| NioApp function| $ function| jQuery object| bootstrap object| accounting function| fx function| SimpleBar function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| toastr function| ClipboardJS function| Color function| Chart object| easytimer2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.user.wafra.us/ | Name: XSRF-TOKEN Value: eyJpdiI6IkZnNmo3Q2NiaHpDbHhXOTJkdUJVS2c9PSIsInZhbHVlIjoib2FEd0lzRHRhV0E5Mk1UQVFjR2FPbWNmUkZoSGpzZ1F3ejFlRElzcmFZR3NYMmJ5VlpZZVVtQTNpNWVqaCswRUIwTDdRcU5lbDNyVHphTUxJY2hEc1lQMnVuYlJmQlErVHdBaWZmcnZCbU10MjFzZHhYUTlMVXpPOFFBYkRZNW4iLCJtYWMiOiI4ZWI3NjcwZmNlMDVmOGU1YjU0NmZiNWI2YmM4NDFjODE5Mzc0NTM2OWRjNjhhNTY1OWQ0M2ZjYjU1NWIwMGI4IiwidGFnIjoiIn0%3D |
|
www.user.wafra.us/ | Name: glo_session Value: eyJpdiI6IkdIZTF2VnJpRjFoM0prNTlRWkxXQXc9PSIsInZhbHVlIjoiT2NDQnMvSVpjNVp4dXhSdG8wVm85KzJCYXR4SWw1QjRwLzBTbjVjV2plbDk5alBZWkhrTHUzK2QzTG5GVDJVdUgzRUowRHF3TWNKdXRlMHQ3ZzAvQkc2eUpzdkw1VncrSHVYL2sybDhDQ1lqbERZZzNPSG1vclVZVmVDcTJJMXciLCJtYWMiOiJlZGJjYmQ0NTBjNTIyZjY4NDgyMzI4NmE5NmNhZGNjNDBhOTRkNzk3MmQ2NGY3ZWQxYzY5NTMxODU4YmRlZmQzIiwidGFnIjoiIn0%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.user.wafra.us
198.54.120.153
1f8d316c7ec9d0c90823fb61187284e501a6828700a2d8827cdeb318192e478e
384ece7c565570f411f10bee1612303af685ca2a532db05ecb7dd93ae2884b58
47f74a62d0f893b5546ff85dedec220049f4ffaf7e699e6fb08b878c03d298f4
67ef5f4437cb94bd28452497caae23d329aaf93335ab13eb13cea0c9717ae698
e0ed068328d26d1c6579e2eef3690adbffb8879464e3234f2cdafc6053dc1a8b
e3dc9a348aa4c868d4d6a9e9b34fd5371006a088a5da3fb7a2444e6216d394a8