nebulashaven.com Open in urlscan Pro
172.67.218.217 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nebulashaven.com/xhLFgKyX
Submission: On September 27 via api (September 27th 2024, 9:26:41 pm UTC) from TR — Scanned from CA

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 17 HTTP transactions. The main IP is 172.67.218.217, located in United States and belongs to CLOUDFLARENET, US. The main domain is nebulashaven.com.
TLS certificate: Issued by WE1 on September 5th 2024. Valid for: 3 months.

This is the only time nebulashaven.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	172.67.218.217 172.67.218.217	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:402... 2607:f8b0:4023:1415::5f	15169 (GOOGLE) (GOOGLE)
2	142.251.166.94 142.251.166.94	15169 (GOOGLE) (GOOGLE)
17	3

14 172.67.218.217 (United States)

ASN13335 (CLOUDFLARENET, US)

nebulashaven.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4023:1415::5f (Columbus, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.166.94 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: gl-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	nebulashaven.com nebulashaven.com	220 KB
2	gstatic.com fonts.gstatic.com	64 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	866 B
17	3

	Domain	Requested by
14	nebulashaven.com	nebulashaven.com
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	nebulashaven.com
17	3

This site contains links to these domains. Also see Links.

Domain
wa.me

Subject Issuer	Validity	Valid
nebulashaven.com WE1	`2024-09-05` - `2024-12-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nebulashaven.com/xhLFgKyX
Frame ID: 575CCE8A4930B2C0908F15A3CBD1ED5B
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Profiteer | İşletmeniz için Premier Mobil Uygulama Geliştirme Hizmetleri

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

17
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

285 kB
Transfer

342 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.me/+905323308257
Title: Whatsapp

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request xhLFgKyX Show response
nebulashaven.com/ 51 KB
11 KB 714ms
610ms Document
text/html 172.67.218.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nebulashaven.com/xhLFgKyX?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.218.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 75155547655865eea5eecafbb85ab44aaf19fe53efe3f6154e1221a062f09fd1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8c9e92a65b22ac57-YYZ
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 27 Sep 2024 21:26:35 GMT
expires: Fri, 27 Sep 2024 21:26:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sKtYKM048SR1FAmdfeexWECjeqGRxiA7vHHDBDdOpZ%2BDOhNVcFlSZs6%2FR28V8HHwDdkls3IETp%2FbQznFe4NSHY6RBwHyJcna3j%2Fzp3buwYuNG7qsM%2BuEStvgF9z53FIzEw3h"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H3 200 speculation
nebulashaven.com/cdn-cgi/ 128 B
536 B 32ms
32ms Other
application/speculationrules+json 172.67.218.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nebulashaven.com/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.218.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nebulashaven.com
Referer: https://nebulashaven.com/xhLFgKyX?

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ctIgM1ZgvbkrUT2gDYucwYD7MVq7BTNKfHNiZEYNNwerIg0ynzLEwTMCsy56WAWmfhWPnpUOa8P%2FJ2iXAfSa6exuqncb%2BUvSgWsCjcPnHjqgHg2AKvGN7uvQJH4TvrDmvMUk"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c9e92aa2f40ac57-YYZ
access-control-allow-origin: https://nebulashaven.com
content-length: 128
date: Fri, 27 Sep 2024 21:26:35 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
866 B 138ms
54ms Stylesheet
text/css 2607:f8b0:4023:1415::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@300..900&display=swap

Requested by

Host: nebulashaven.com
URL: https://nebulashaven.com/xhLFgKyX?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1415::5f Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7083c1335ca8657f01441763679fe7661e0a7c089e5d6abaa2c52a200b8d0aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nebulashaven.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 27 Sep 2024 21:26:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 21:26:35 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 27 Sep 2024 21:26:35 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 brandLogo.svg
nebulashaven.com/lander/whitepagetr_20/ 723 B
840 B 31ms
31ms Image
image/svg+xml 172.67.218.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nebulashaven.com/lander/whitepagetr_20/brandLogo.svg
Requested by: Host: nebulashaven.com
URL: https://nebulashaven.com/xhLFgKyX?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.218.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da9b77e64e3042b0267be8c578c8555bbc6665580c2b3b5e29ba93de876c53e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nebulashaven.com/xhLFgKyX?

Response headers

cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"66a26e50-2d3"
age: 8820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cwx5wHjkneLz%2FlxCN9H4byCEYZR5Sm60vivR6LSbW9q5F0nlG3%2Bza0lKfyAR0pMbXr2BLabZQj5X3nhPMIBqZk0OwiznU0o04PbrOkeMyGAvaGGK6Bw0Rr6NEkBCOHlq8vwW"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c9e92aa2f42ac57-YYZ
expires: Mon, 07 Oct 2024 18:59:35 GMT
access-control-allow-origin: *
date: Fri, 27 Sep 2024 21:26:35 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Jul 2024 15:25:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 0-vector-AsZK.svg
nebulashaven.com/lander/whitepagetr_20/bg/ 30 KB
10 KB 34ms
34ms Image
image/svg+xml 172.67.218.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nebulashaven.com/lander/whitepagetr_20/bg/0-vector-AsZK.svg
Requested by: Host: nebulashaven.com
URL: https://nebulashaven.com/xhLFgKyX?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.218.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81fdb7b7bfb891c4ab3ffd510cd603ae5e5084227bcd3e4a091f1de164bfd696

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nebulashaven.com/xhLFgKyX?

Response headers

cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"66a26e50-785e"
age: 8820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ArTaYjUhsxFCRh%2FA9gJaRTORhSGxUHndBWh71GVF7lHoAgErxfwo6bz4ksYg%2BidJyH8JQ9rH%2BliyqHkoYt5ezlvFD3ZYXQ34q9b%2FzmujaZqQTZL3EQYOBida6SQm%2FhhHimk"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c9e92aa2f43ac57-YYZ
expires: Mon, 07 Oct 2024 18:59:35 GMT
access-control-allow-origin: *
date: Fri, 27 Sep 2024 21:26:35 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Jul 2024 15:25:04 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 pic_66a1077eaabe9_3379623.jpg
nebulashaven.com/lander/whitepagetr_20/ 30 KB
31 KB 37ms
36ms Image
image/jpeg 172.67.218.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nebulashaven.com/lander/whitepagetr_20/pic_66a1077eaabe9_3379623.jpg
Requested by: Host: nebulashaven.com
URL: https://nebulashaven.com/xhLFgKyX?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.218.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd80f6af7ed9403d02eb8c38f912a2f69b1bcc3d3f348b54aa25229ebf591f05

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nebulashaven.com/xhLFgKyX?

Response headers

cf-cache-status: HIT
etag: "66a26e50-794b"
age: 8820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ibbb2FEwLiRwbzNhW2O7jEBXhtX1FIefMgKJ7iWv6FxqOTeWNWVJigJtzqMXAP8dXs50VMB8GbZZGUiHb1Geg7wRhOWd7psEsccBqaVbfRoHgc4c2kY%2BMIVmN3HBufk4YlMv"}],"group":"cf-nel","max_age":604800}
expires: Mon, 07 Oct 2024 18:59:35 GMT
date: Fri, 27 Sep 2024 21:26:35 GMT
content-type: image/jpeg
last-modified: Thu, 25 Jul 2024 15:25:04 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c9e92aa5f65ac57-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31051
server: cloudflare

GET
H3 200 0_part.png
nebulashaven.com/lander/whitepagetr_20/images/ 10 KB
11 KB 34ms
33ms Image
image/png 172.67.218.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nebulashaven.com/lander/whitepagetr_20/images/0_part.png
Requested by: Host: nebulashaven.com
URL: https://nebulashaven.com/xhLFgKyX?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.218.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7ebfa21569ce5bae7e24f8351e01c5aa1f017aa5c5842027c89f4700303fe0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nebulashaven.com/xhLFgKyX?

Response headers

cf-cache-status: HIT
etag: "66a26e50-2915"
age: 8820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KFE4tXkfcRtAz2Mmn%2FS1nCMV8xgMbcxqSEMDrjbB3qGrrXIkfl27RV7MM3ZWcac4zIjzNZeXxYpERk7c67%2F9LDXEryMMsbRT9zpy5LLtfnDEzze69ZJHP%2Fl%2Bg2n7WiM9gYJq"}],"group":"cf-nel","max_age":604800}
expires: Mon, 07 Oct 2024 18:59:35 GMT
date: Fri, 27 Sep 2024 21:26:35 GMT
content-type: image/png
last-modified: Thu, 25 Jul 2024 15:25:04 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c9e92aa5f66ac57-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10517
server: cloudflare

GET
H3 200 1_part.png
nebulashaven.com/lander/whitepagetr_20/images/ 3 KB
3 KB 79ms
78ms Image
image/png 172.67.218.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nebulashaven.com/lander/whitepagetr_20/images/1_part.png
Requested by: Host: nebulashaven.com
URL: https://nebulashaven.com/xhLFgKyX?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.218.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0970b6f05cba612ff3c230637d67bb38cee837c58544baa0467fc8c9e4ed09a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nebulashaven.com/xhLFgKyX?

Response headers

cf-cache-status: HIT
etag: "66a26e50-af8"
age: 8820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H4xUHiTFVMX6ckPYAU23c%2F2rEDGQ%2FqAaiszcRX8sZXFYn74TcnDWEYjM6aGMaHFAWCUhv%2Bpbi11DQPHHQTmlAqtOo8S3XC0IDwzkYwz9%2BjA%2F3gbyAviF5cVv4odTYLFQwwEd"}],"group":"cf-nel","max_age":604800}
expires: Mon, 07 Oct 2024 18:59:35 GMT
date: Fri, 27 Sep 2024 21:26:35 GMT
content-type: image/png
last-modified: Thu, 25 Jul 2024 15:25:04 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c9e92aa5f68ac57-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2808
server: cloudflare

GET
H3 200 2_part.png
nebulashaven.com/lander/whitepagetr_20/images/ 14 KB
15 KB 71ms
70ms Image
image/png 172.67.218.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nebulashaven.com/lander/whitepagetr_20/images/2_part.png
Requested by: Host: nebulashaven.com
URL: https://nebulashaven.com/xhLFgKyX?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.218.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f0e90c41af5ce6ac8f72f2faac08441b1174c0899b9dafd68fec5ff49432904

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nebulashaven.com/xhLFgKyX?

Response headers

cf-cache-status: HIT
etag: "66a26e50-386f"
age: 8819
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=msVCjFN8dm5CubufK8oFnsW%2FDwJxNVtW8uX%2FvfInOtFcUISiTLlg4%2BlZz2mI1%2FW1IpnX%2FlddKjDbhhQpMlQ6tOhkHIkjoGvGyE54P%2B9HUy49%2FM9Sef5HuMrcCaiaBSBGzIm%2B"}],"group":"cf-nel","max_age":604800}
expires: Mon, 07 Oct 2024 18:59:36 GMT
date: Fri, 27 Sep 2024 21:26:35 GMT
content-type: image/png
last-modified: Thu, 25 Jul 2024 15:25:04 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c9e92aa6f7aac57-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14447
server: cloudflare

GET
H3 200 3_part.png
nebulashaven.com/lander/whitepagetr_20/images/ 4 KB
4 KB 88ms
87ms Image
image/png 172.67.218.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nebulashaven.com/lander/whitepagetr_20/images/3_part.png
Requested by: Host: nebulashaven.com
URL: https://nebulashaven.com/xhLFgKyX?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.218.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 363b31f8d2421c0e70b1981946034d6b838edae69b4c9309930ff9053fcd4a6a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nebulashaven.com/xhLFgKyX?

Response headers

cf-cache-status: HIT
etag: "66a26e50-f35"
age: 8819
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mOExsDCdl5cndrOC5kJjBH0BPxzjxXJI%2FfALo0aRx7rE4NREiGA9s1RAvsw1r%2Ba2jlvKyRbUCx5ZwywaDfyfVpzhGJ1JZuMreh8FPYqImW3oFstASPtTJdKUYoIDIxJgKG8"}],"group":"cf-nel","max_age":604800}
expires: Mon, 07 Oct 2024 18:59:36 GMT
date: Fri, 27 Sep 2024 21:26:35 GMT
content-type: image/png
last-modified: Thu, 25 Jul 2024 15:25:04 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c9e92aa6f80ac57-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3893
server: cloudflare

GET
H3 200 4_part.png
nebulashaven.com/lander/whitepagetr_20/images/ 10 KB
11 KB 44ms
44ms Image
image/png 172.67.218.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nebulashaven.com/lander/whitepagetr_20/images/4_part.png
Requested by: Host: nebulashaven.com
URL: https://nebulashaven.com/xhLFgKyX?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.218.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e52bf2ba79f6d880926adc7643a85a8fe2cd93ddda41a8a5ada587e55f622a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nebulashaven.com/xhLFgKyX?

Response headers

cf-cache-status: HIT
etag: "66a26e50-28e0"
age: 8818
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ViPgl%2FXqya2BEW8ESXBiw9z%2B5HpqvCpe2UsNiWs68KJnYHrqtZosfqQvSoagxhkfEjb30%2BT53DZRPop%2FwVCSOP17n3pS0iob2ixF94kg9OEDD12aBGfEH6%2FFhc7ru9MfX1We"}],"group":"cf-nel","max_age":604800}
expires: Mon, 07 Oct 2024 18:59:37 GMT
date: Fri, 27 Sep 2024 21:26:35 GMT
content-type: image/png
last-modified: Thu, 25 Jul 2024 15:25:04 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c9e92aabfc5ac57-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10464
server: cloudflare

GET
H3 200 5_part.png
nebulashaven.com/lander/whitepagetr_20/images/ 758 B
1 KB 34ms
34ms Image
image/png 172.67.218.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nebulashaven.com/lander/whitepagetr_20/images/5_part.png
Requested by: Host: nebulashaven.com
URL: https://nebulashaven.com/xhLFgKyX?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.218.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a103871459736c2268de974e97b71227b6c06872241ada028796409397201596

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nebulashaven.com/xhLFgKyX?

Response headers

cf-cache-status: HIT
etag: "66a26e50-2f6"
age: 8818
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=61LkvZ2rAZ%2Bxb0qZENZpQ4HqE72foi3CIMF2h3F%2F8yJM2zAQmggKBAQtniSn4ozXJ2M2PT9zSjg8lgZcsqk3dlpXvp%2F7K%2BNXGt7X2YLUqkMVSCYhDVnE%2BhcuGrVlKsKFsxTU"}],"group":"cf-nel","max_age":604800}
expires: Mon, 07 Oct 2024 18:59:37 GMT
date: Fri, 27 Sep 2024 21:26:35 GMT
content-type: image/png
last-modified: Thu, 25 Jul 2024 15:25:04 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c9e92aacfe3ac57-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 758
server: cloudflare

GET
H3 200 email-decode.min.js Show response
nebulashaven.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 71ms
71ms Script
application/javascript 172.67.218.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://nebulashaven.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: nebulashaven.com
URL: https://nebulashaven.com/xhLFgKyX?

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.218.217 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nebulashaven.com/xhLFgKyX?

Response headers

x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"66f525c6-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rg0GRt46al9FILSrURc1GEgqN%2BAgcUga%2BxaKxrTO9esoEE9CHoo%2FxyxsZZg2t9jlyWpDjG0dXS2T3dLB7KpjtvktCIEt3%2FbV2171hRNEh9yCOv40PF%2FuOWbN9mVfVRBGp4Vt"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8c9e92aa6f79ac57-YYZ
expires: Sun, 29 Sep 2024 21:26:35 GMT
date: Fri, 27 Sep 2024 21:26:35 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 09:13:42 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 200 0-transparent-background-nG63.jpg
nebulashaven.com/lander/whitepagetr_20/bg/ 121 KB
121 KB 33ms
33ms Image
image/jpeg 172.67.218.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nebulashaven.com/lander/whitepagetr_20/bg/0-transparent-background-nG63.jpg
Requested by: Host: nebulashaven.com
URL: https://nebulashaven.com/xhLFgKyX?
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.218.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8df2021fbb9112de38bcfc0d11734f3d53242ec28f96d833ee3f817172d27675

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nebulashaven.com/xhLFgKyX?

Response headers

cf-cache-status: HIT
etag: "66a26e50-1e273"
age: 8820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KMK0kEPK6%2BAxHEFFgdNQ7KNVKG%2FZAIBRb%2BoMjjq6UHUwxyhibSkJq8Dc5GL7N1ZHtM7FDpRT80%2BYJNhtdT2V%2B0a9LCwbrbyoCn5tescYPrGC53f5pw0jNuc3T9v7x0htB1fq"}],"group":"cf-nel","max_age":604800}
expires: Mon, 07 Oct 2024 18:59:36 GMT
date: Fri, 27 Sep 2024 21:26:36 GMT
content-type: image/jpeg
last-modified: Thu, 25 Jul 2024 15:25:04 GMT
vary: Accept-Encoding
cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8c9e92ab1834ac57-YYZ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 123507
server: cloudflare

GET
H3 200 j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2
fonts.gstatic.com/s/frankruhllibre/v21/ 43 KB
43 KB 79ms
38ms Font
font/woff2 142.251.166.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v21/j8_w6_fAw7jrcalD7oKYNX0QfAnPW7Dl4Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@300..900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.166.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gl-in-f94.1e100.net

Software

sffe /

Resource Hash

523e12ec4882988ae8c43f71e35ea24fccd8560997c349a0a24c27c6682573fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nebulashaven.com
Referer: https://fonts.googleapis.com/

Response headers

age: 181185
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 19:06:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 19:06:51 GMT
last-modified: Thu, 11 Apr 2024 18:31:48 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44372
x-xss-protection: 0
server: sffe

GET
H3 200 j8_w6_fAw7jrcalD7oKYNX0QfAnPW77l4ajn.woff2
fonts.gstatic.com/s/frankruhllibre/v21/ 20 KB
20 KB 95ms
55ms Font
font/woff2 142.251.166.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/frankruhllibre/v21/j8_w6_fAw7jrcalD7oKYNX0QfAnPW77l4ajn.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@300..900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.166.94 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

gl-in-f94.1e100.net

Software

sffe /

Resource Hash

0c4f8a7f535a693d2500bc630bca5049843b541c84ee54840c01b616dc10f4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://nebulashaven.com
Referer: https://fonts.googleapis.com/

Response headers

age: 176064
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 20:32:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 20:32:12 GMT
last-modified: Thu, 11 Apr 2024 18:31:48 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20860
x-xss-protection: 0
server: sffe

GET
H3 200 brandLogo.svg
nebulashaven.com/lander/whitepagetr_20/ 723 B
0 0ms
0ms Other
image/svg+xml 172.67.218.217
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nebulashaven.com/lander/whitepagetr_20/brandLogo.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.218.217 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da9b77e64e3042b0267be8c578c8555bbc6665580c2b3b5e29ba93de876c53e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://nebulashaven.com/xhLFgKyX?

Response headers

cache-control: max-age=864000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"66a26e50-2d3"
age: 8820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cwx5wHjkneLz%2FlxCN9H4byCEYZR5Sm60vivR6LSbW9q5F0nlG3%2Bza0lKfyAR0pMbXr2BLabZQj5X3nhPMIBqZk0OwiznU0o04PbrOkeMyGAvaGGK6Bw0Rr6NEkBCOHlq8vwW"}],"group":"cf-nel","max_age":604800}
cf-ray: 8c9e92aa2f42ac57-YYZ
expires: Mon, 07 Oct 2024 18:59:35 GMT
access-control-allow-origin: *
date: Fri, 27 Sep 2024 21:26:35 GMT
content-type: image/svg+xml
last-modified: Thu, 25 Jul 2024 15:25:04 GMT
vary: Accept-Encoding
server: cloudflare

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
nebulashaven.com
142.251.166.94
172.67.218.217
2607:f8b0:4023:1415::5f
0970b6f05cba612ff3c230637d67bb38cee837c58544baa0467fc8c9e4ed09a2
0c4f8a7f535a693d2500bc630bca5049843b541c84ee54840c01b616dc10f4e1
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
363b31f8d2421c0e70b1981946034d6b838edae69b4c9309930ff9053fcd4a6a
523e12ec4882988ae8c43f71e35ea24fccd8560997c349a0a24c27c6682573fb
5e52bf2ba79f6d880926adc7643a85a8fe2cd93ddda41a8a5ada587e55f622a0
5f0e90c41af5ce6ac8f72f2faac08441b1174c0899b9dafd68fec5ff49432904
75155547655865eea5eecafbb85ab44aaf19fe53efe3f6154e1221a062f09fd1
81fdb7b7bfb891c4ab3ffd510cd603ae5e5084227bcd3e4a091f1de164bfd696
8df2021fbb9112de38bcfc0d11734f3d53242ec28f96d833ee3f817172d27675
a103871459736c2268de974e97b71227b6c06872241ada028796409397201596
b7083c1335ca8657f01441763679fe7661e0a7c089e5d6abaa2c52a200b8d0aa
b7ebfa21569ce5bae7e24f8351e01c5aa1f017aa5c5842027c89f4700303fe0e
cd80f6af7ed9403d02eb8c38f912a2f69b1bcc3d3f348b54aa25229ebf591f05
da9b77e64e3042b0267be8c578c8555bbc6665580c2b3b5e29ba93de876c53e2

nebulashaven.com Open in urlscan Pro 172.67.218.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

285 kBTransfer

342 kBSize

0 Cookies

1 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

0 Cookies

Indicators

nebulashaven.com Open in urlscan Pro
172.67.218.217 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

285 kB
Transfer

342 kB
Size

0
Cookies

17 HTTP transactions
0 data transactions