r20.internal.onnephroflow.com Open in urlscan Pro
108.143.75.128 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://r20.internal.onnephroflow.com/
Submission: On May 14 via automatic, source certstream-suspicious (May 14th 2024, 8:18:21 am UTC) — Scanned from NL

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 18 HTTP transactions. The main IP is 108.143.75.128, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is r20.internal.onnephroflow.com.
TLS certificate: Issued by R3 on May 14th 2024. Valid for: 3 months.

This is the only time r20.internal.onnephroflow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	108.143.75.128 108.143.75.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	51.137.0.49 51.137.0.49	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
18	2

17 108.143.75.128 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r20.internal.onnephroflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.137.0.49 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

telemetry.nephroflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	onnephroflow.com r20.internal.onnephroflow.com	3 MB
1	nephroflow.com telemetry.nephroflow.com	296 B
18	2

	Domain	Requested by
17	r20.internal.onnephroflow.com	r20.internal.onnephroflow.com
1	telemetry.nephroflow.com	r20.internal.onnephroflow.com
18	2

This site contains no links.

Subject Issuer	Validity	Valid
r20.internal.onnephroflow.com R3	`2024-05-14` - `2024-08-12`	3 months	crt.sh
telemetry.nephroflow.com R3	`2024-04-12` - `2024-07-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://r20.internal.onnephroflow.com/
Frame ID: ADA32B8496967AFC9AFF2B110BF4FC15
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NephroFlow

Page Statistics

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

2951 kB
Transfer

2946 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
r20.internal.onnephroflow.com/ 1 KB
1 KB 127ms
26ms Document
text/html 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://r20.internal.onnephroflow.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd6914a48924cdc770c8965c6ba9634fc1b91f91fdb48273ea84f8d7e78ce27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-store, max-age=0
content-length: 1062
content-type: text/html
date: Tue, 14 May 2024 08:18:14 GMT
etag: "663b38bc-426"
last-modified: Wed, 08 May 2024 08:33:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 inter-var.woff2
r20.internal.onnephroflow.com/fonts/ 337 KB
338 KB 168ms
167ms Font
font/woff2 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://r20.internal.onnephroflow.com/fonts/inter-var.woff2

Requested by

Host: r20.internal.onnephroflow.com
URL: https://r20.internal.onnephroflow.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://r20.internal.onnephroflow.com/
Origin: https://r20.internal.onnephroflow.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 08 May 2024 08:33:00 GMT
accept-ranges: bytes
etag: "663b38bc-545f4"
content-length: 345588
content-type: font/woff2

GET
H2 200 inter-var-italic.woff2
r20.internal.onnephroflow.com/fonts/ 372 KB
373 KB 168ms
167ms Font
font/woff2 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://r20.internal.onnephroflow.com/fonts/inter-var-italic.woff2

Requested by

Host: r20.internal.onnephroflow.com
URL: https://r20.internal.onnephroflow.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0470791f15efd2987bdb50b24027c3f584a2cf9b7b63fbf86012c5f2e9abcc05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://r20.internal.onnephroflow.com/
Origin: https://r20.internal.onnephroflow.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 08 May 2024 08:33:00 GMT
accept-ranges: bytes
etag: "663b38bc-5cfe8"
content-length: 380904
content-type: font/woff2

GET
H2 200 app-icons.woff2
r20.internal.onnephroflow.com/fonts/ 2 KB
2 KB 166ms
165ms Font
font/woff2 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://r20.internal.onnephroflow.com/fonts/app-icons.woff2

Requested by

Host: r20.internal.onnephroflow.com
URL: https://r20.internal.onnephroflow.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7c10c54c42664ab6a1e260ba583025764fed6ce9785ce80e6a7861d14ce2c873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://r20.internal.onnephroflow.com/
Origin: https://r20.internal.onnephroflow.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 08 May 2024 08:33:00 GMT
accept-ranges: bytes
etag: "663b38bc-6cc"
content-length: 1740
content-type: font/woff2

GET
H2 200 material-icons.woff2
r20.internal.onnephroflow.com/fonts/ 126 KB
126 KB 168ms
167ms Font
font/woff2 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://r20.internal.onnephroflow.com/fonts/material-icons.woff2

Requested by

Host: r20.internal.onnephroflow.com
URL: https://r20.internal.onnephroflow.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://r20.internal.onnephroflow.com/
Origin: https://r20.internal.onnephroflow.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 08 May 2024 08:33:00 GMT
accept-ranges: bytes
etag: "663b38bc-1f668"
content-length: 128616
content-type: font/woff2

GET
H2 200 index-DIm8qRD7.js Show response
r20.internal.onnephroflow.com/assets/ 1 MB
1 MB 168ms
168ms Script
application/javascript 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://r20.internal.onnephroflow.com/assets/index-DIm8qRD7.js

Requested by

Host: r20.internal.onnephroflow.com
URL: https://r20.internal.onnephroflow.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

70a1333a83f1df07a2f56cb57f7f3a7f80bfda534b64ec7c3562c01afb9d9e80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://r20.internal.onnephroflow.com/
Origin: https://r20.internal.onnephroflow.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript

GET
H2 200 index-C-yLKztU.css
r20.internal.onnephroflow.com/assets/ 204 KB
205 KB 37ms
36ms Stylesheet
text/css 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://r20.internal.onnephroflow.com/assets/index-C-yLKztU.css

Requested by

Host: r20.internal.onnephroflow.com
URL: https://r20.internal.onnephroflow.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7c0097dcc4c22377620c7efbc178f6d457b6db9370edebf676c462445f339586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://r20.internal.onnephroflow.com/
Origin: https://r20.internal.onnephroflow.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 08 May 2024 08:33:00 GMT
accept-ranges: bytes
etag: "663b38bc-330a9"
content-length: 209065
content-type: text/css

POST
H2 200 / Show response
telemetry.nephroflow.com/sentry/api/85117/envelope/ 2 B
296 B 328ms
44ms Fetch
application/json 51.137.0.49
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://telemetry.nephroflow.com/sentry/api/85117/envelope/?sentry_key=f8bff0cc7c874f3fbd39987959ae6759&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.113.0

Requested by

Host: r20.internal.onnephroflow.com
URL: https://r20.internal.onnephroflow.com/assets/index-DIm8qRD7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.137.0.49 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://r20.internal.onnephroflow.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 14 May 2024 08:18:17 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: origin, access-control-request-method, access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 route-D2HgEfgQ.js Show response
r20.internal.onnephroflow.com/assets/ 2 KB
3 KB 72ms
69ms Script
application/javascript 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://r20.internal.onnephroflow.com/assets/route-D2HgEfgQ.js

Requested by

Host: r20.internal.onnephroflow.com
URL: https://r20.internal.onnephroflow.com/assets/index-DIm8qRD7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c941a4df201f7671040c3e6a495b1e8ac052f06207a19064c56ea592ccd1df50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://r20.internal.onnephroflow.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript

GET
H2 200 useMutation-4mmJ4FG7.js Show response
r20.internal.onnephroflow.com/assets/ 3 KB
3 KB 77ms
75ms Script
application/javascript 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://r20.internal.onnephroflow.com/assets/useMutation-4mmJ4FG7.js

Requested by

Host: r20.internal.onnephroflow.com
URL: https://r20.internal.onnephroflow.com/assets/index-DIm8qRD7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30a8f4c7d9f145a793b80c1bc974e61d346575143c5180283178fba8197b2bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://r20.internal.onnephroflow.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript

GET
H2 200 responses-DAM1M5-r.js Show response
r20.internal.onnephroflow.com/assets/ 585 B
701 B 77ms
76ms Script
application/javascript 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://r20.internal.onnephroflow.com/assets/responses-DAM1M5-r.js

Requested by

Host: r20.internal.onnephroflow.com
URL: https://r20.internal.onnephroflow.com/assets/index-DIm8qRD7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e638b8f1e56f4adf1a9b0061697d3f5076c7db92ec28b5c22d2d67fdc40af951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://r20.internal.onnephroflow.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript

GET
H2 200 use-toast-oxHKs3rJ.js Show response
r20.internal.onnephroflow.com/assets/ 1 KB
1 KB 77ms
76ms Script
application/javascript 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://r20.internal.onnephroflow.com/assets/use-toast-oxHKs3rJ.js

Requested by

Host: r20.internal.onnephroflow.com
URL: https://r20.internal.onnephroflow.com/assets/index-DIm8qRD7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7b40ac7475c522e7896d94a95b479576c995d54a6fcf7105a7b5e7d8ba56bb97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://r20.internal.onnephroflow.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript

GET
H2 200 flash-kY36e40r.js Show response
r20.internal.onnephroflow.com/assets/ 1019 B
1 KB 148ms
148ms Script
application/javascript 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://r20.internal.onnephroflow.com/assets/flash-kY36e40r.js

Requested by

Host: r20.internal.onnephroflow.com
URL: https://r20.internal.onnephroflow.com/assets/index-DIm8qRD7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

719d51e2e6c5013e016d9ee999c0ab92adb00ddb1855172d2647df11b4efcd5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://r20.internal.onnephroflow.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript

GET
H2 200 translations-BFMMIPOg.js Show response
r20.internal.onnephroflow.com/assets/ 3 KB
3 KB 155ms
155ms Script
application/javascript 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://r20.internal.onnephroflow.com/assets/translations-BFMMIPOg.js

Requested by

Host: r20.internal.onnephroflow.com
URL: https://r20.internal.onnephroflow.com/assets/index-DIm8qRD7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ef757f813381893f57df7e365f44076fbfd84934ac55d8c2637137874d08fe4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin: https://r20.internal.onnephroflow.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript

GET
H2 200 capabilities Show response
r20.internal.onnephroflow.com/api/ 519 B
908 B 152ms
151ms XHR
application/json 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://r20.internal.onnephroflow.com/api/capabilities

Requested by

Host: r20.internal.onnephroflow.com
URL: https://r20.internal.onnephroflow.com/assets/index-DIm8qRD7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0ed51d3987846a3f0751299d2d85e9ff0534901ac01e854a32ec97f271589d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-User-Timezone: Europe/Amsterdam
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://r20.internal.onnephroflow.com/
baggage: sentry-environment=production,sentry-release=20.0.0-rc.1,sentry-public_key=f8bff0cc7c874f3fbd39987959ae6759,sentry-trace_id=a025657b866547acb42d45910e47ef68,sentry-sampled=false
sentry-trace: a025657b866547acb42d45910e47ef68-b9b02cc9e3818347-0
sec-ch-ua-platform: "Win32"

Response headers

x-runtime: 0.044781
date: Tue, 14 May 2024 08:18:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
etag: W/"0ed51d3987846a3f0751299d2d85e9ff"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/json; charset=utf-8
cache-control: max-age=0, private, must-revalidate
content-length: 519
x-xss-protection: 0
x-request-id: 61f09437603fea0defee365bc2e4fe0c

GET
H2 200 favicon.ico
r20.internal.onnephroflow.com/ 4 KB
4 KB 150ms
150ms Other
image/x-icon 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://r20.internal.onnephroflow.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b40a9de248d5f1a83946cee720f9df3adff416badcf0a1a48b639e4fa315dca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://r20.internal.onnephroflow.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 08 May 2024 08:33:00 GMT
accept-ranges: bytes
etag: "663b38bc-10be"
content-length: 4286
content-type: image/x-icon

GET
H2 200 en-DmazlDx2.js Show response
r20.internal.onnephroflow.com/assets/ 587 KB
588 KB 30ms
29ms Script
application/javascript 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://r20.internal.onnephroflow.com/assets/en-DmazlDx2.js

Requested by

Host: r20.internal.onnephroflow.com
URL: https://r20.internal.onnephroflow.com/assets/index-DIm8qRD7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9d618a3c644fcbc2b4e13f8e499257e26d23b4f9c34f54c5233e62e8ef099f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://r20.internal.onnephroflow.com/assets/index-DIm8qRD7.js
Origin: https://r20.internal.onnephroflow.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript

GET
H2 200 favicon.ico
r20.internal.onnephroflow.com/ 4 KB
0 0ms
0ms Other
image/x-icon 108.143.75.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://r20.internal.onnephroflow.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 108.143.75.128 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b40a9de248d5f1a83946cee720f9df3adff416badcf0a1a48b639e4fa315dca8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://r20.internal.onnephroflow.com/login
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:18:17 GMT
last-modified: Wed, 08 May 2024 08:33:00 GMT
accept-ranges: bytes
etag: "663b38bc-10be"
content-length: 4286
content-type: image/x-icon

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

r20.internal.onnephroflow.com
telemetry.nephroflow.com
108.143.75.128
51.137.0.49
0470791f15efd2987bdb50b24027c3f584a2cf9b7b63fbf86012c5f2e9abcc05
0ed51d3987846a3f0751299d2d85e9ff0534901ac01e854a32ec97f271589d46
30a8f4c7d9f145a793b80c1bc974e61d346575143c5180283178fba8197b2bc8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a4dbc62fa335e411b94a532be091c58c0c0c4fa731339f11722577d3cf6443b
70a1333a83f1df07a2f56cb57f7f3a7f80bfda534b64ec7c3562c01afb9d9e80
719d51e2e6c5013e016d9ee999c0ab92adb00ddb1855172d2647df11b4efcd5a
7b40ac7475c522e7896d94a95b479576c995d54a6fcf7105a7b5e7d8ba56bb97
7c0097dcc4c22377620c7efbc178f6d457b6db9370edebf676c462445f339586
7c10c54c42664ab6a1e260ba583025764fed6ce9785ce80e6a7861d14ce2c873
8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0
9d618a3c644fcbc2b4e13f8e499257e26d23b4f9c34f54c5233e62e8ef099f2b
abd6914a48924cdc770c8965c6ba9634fc1b91f91fdb48273ea84f8d7e78ce27
b40a9de248d5f1a83946cee720f9df3adff416badcf0a1a48b639e4fa315dca8
c941a4df201f7671040c3e6a495b1e8ac052f06207a19064c56ea592ccd1df50
e638b8f1e56f4adf1a9b0061697d3f5076c7db92ec28b5c22d2d67fdc40af951
ef757f813381893f57df7e365f44076fbfd84934ac55d8c2637137874d08fe4f

r20.internal.onnephroflow.com Open in urlscan Pro 108.143.75.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

18 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

2951 kBTransfer

2946 kBSize

0 Cookies

0 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

r20.internal.onnephroflow.com Open in urlscan Pro
108.143.75.128 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

2951 kB
Transfer

2946 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions