urlscan.io logo urlscan.io
SecurityTrails logo

www.magellanprovider.com Open in urlscan Pro
2606:4700::6812:8f5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://magellanprovider.com/crisis
Effective URL: https://www.magellanprovider.com/crisis
Submission Tags: phishing
Submission: On September 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 2606:4700::6812:8f5, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.magellanprovider.com. The Cisco Umbrella rank of the primary domain is 599246.
TLS certificate: Issued by WE1 on August 26th 2024. Valid for: 3 months.
This is the only time www.magellanprovider.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 204.193.93.254 19721 (MHN)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.95.41 13335 (CLOUDFLAR...)
1 104.18.94.41 13335 (CLOUDFLAR...)
9 4
Apex Domain
Subdomains		 Transfer
6 magellanprovider.com
magellanprovider.com — Cisco Umbrella Rank: 555892
www.magellanprovider.com — Cisco Umbrella Rank: 599246
92 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3407
16 KB
9 2
Domain Requested by
5 www.magellanprovider.com www.magellanprovider.com
2 challenges.cloudflare.com www.magellanprovider.com
challenges.cloudflare.com
1 magellanprovider.com 1 redirects
9 3

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
www.magellanprovider.com
WE1		 2024-08-26 -
2024-11-24		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.magellanprovider.com/crisis
Frame ID: 1330438500B8028097165ED1D2460DA1
Requests: 6 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/aks38/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: 323D43E7E6F89DDCE8F441170F7A7F9C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nur einen Moment…

Page URL History Show full URLs

  1. http://magellanprovider.com/crisis HTTP 307
    https://magellanprovider.com/crisis HTTP 302
    https://www.magellanprovider.com/crisis Page URL

Page Statistics

9
Requests

78 %
HTTPS

25 %
IPv6

2
Domains

3
Subdomains

4
IPs

2
Countries

108 kB
Transfer

258 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://magellanprovider.com/crisis HTTP 307
    https://magellanprovider.com/crisis HTTP 302
    https://www.magellanprovider.com/crisis Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request crisis
www.magellanprovider.com/
Redirect Chain
  • http://magellanprovider.com/crisis
  • https://magellanprovider.com/crisis
  • https://www.magellanprovider.com/crisis
19 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.magellanprovider.com/crisis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f1f3545b84cc5b01245b50124a03877556af828da3a0575f55e5fdb56959c36
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
3fdeKBNPo/CqB9gxquoZGSyHpseH6U08mkIxnC8dEfTV7yuNGMcuMgF8T4Qlo/HF97VBop3AG0UiX4U5t+hnpwKU1AgsHD9vxxWxAwM/c30aL/O6AXOgPJ3tuUc8Kt9oh6yb91AbLuGp8C1AKtqJDQ==$0ZR2EuxQAt4QhApu9vm6BA==
cf-mitigated
challenge
cf-ray
8c4145706c89190f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 16 Sep 2024 13:40:57 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Connection
Keep-Alive
Content-Length
0
Location
https://www.magellanprovider.com/crisis
Server
BigIP
v1
www.magellanprovider.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		155 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.magellanprovider.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8c4145706c89190f
Requested by
Host: www.magellanprovider.com
URL: https://www.magellanprovider.com/crisis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ce5d98c153c3ad7463b94dcbcd794aa1e10b76bcd0287a6cc9699b718830b21
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.magellanprovider.com/crisis?__cf_chl_rt_tk=JU2WK2c9LQze758hTwWD7ZGECjK5TWKXd8oRyRDO8uA-1726494057-0.0.1.1-7082
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Mon, 16 Sep 2024 13:40:57 GMT
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains
server
cloudflare
cf-ray
8c414570cce9190f-FRA
content-type
application/javascript; charset=UTF-8
bdc48289-370d-4f58-924b-e621cd4a9929
https://www.magellanprovider.com/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/b/388c99dd0998/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/388c99dd0998/api.js?onload=tmrM1&render=explicit
Requested by
Host: www.magellanprovider.com
URL: https://www.magellanprovider.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8c4145706c89190f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eae5159c56bf66c17e0cb002b25fc2e343f3e009dc2a39a7e230f08b7b8c672

Request headers

Referer
Origin
https://www.magellanprovider.com
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Mon, 16 Sep 2024 13:40:57 GMT
content-encoding
br
last-modified
Wed, 11 Sep 2024 15:58:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy
cross-origin
cf-ray
8c4145715b28d35e-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
www.magellanprovider.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.magellanprovider.com/favicon.ico
Requested by
Host: www.magellanprovider.com
URL: https://www.magellanprovider.com/crisis
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e45bfe988215b66f8683d550de42125c8341fd69647477b59378a51f439a76d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.magellanprovider.com/crisis
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Mon, 16 Sep 2024 13:40:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-options
nosniff
cross-origin-embedder-policy
require-corp
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
cf-chl-out
Z8zmTvMaUuC8ir1XDfd/3jbfESYKu4PXLfW1/DsojH49FkIvw9jSAu6fYCG5yk+6KFfX+HWUQDrQUgmihYLF+OGGFBGa4+uImAkm2Vm2htca/AxMcNdhuKSjhp/k1QkcyzDHyGQgDkaFW0IyGRVWYg==$eeBPa8vwPXakZTNLwRVjPQ==
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
8c4145712d56190f-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
favicon.ico
www.magellanprovider.com/ 		17 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.magellanprovider.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fce2100e959bdd7c7b7b718e35e3e8f3d557cec14b0586301c029e5fdc2c214
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.magellanprovider.com/crisis
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Mon, 16 Sep 2024 13:40:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-options
nosniff
cross-origin-embedder-policy
require-corp
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
cf-chl-out
3VQiS/gmPEOGlyv8b0VBOAzmelobQTiGMgdzV/JE9CS4PcZOTc/jlwL642vuBcZfCIM9ShqMqK1B5wcBOyOsP1dvWZ8rsCRKN7jnJcXXeQM6mnnLxFK/3/dLcFCCdhQMD6w5Qp8GXEZPTzXF1aQwdQ==$zpXAHdqfJc8Fw5XsN+s83Q==
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
8c414571bdd2190f-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
63d090507a084fc
www.magellanprovider.com/cdn-cgi/challenge-platform/h/b/flow/ov1/935117843:1726492464:4raJ6GJ-UF1_Zz3qHp6CsDDxGGBY930Lm5-O1PMaB1w/8c4145706c89190f/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.magellanprovider.com/cdn-cgi/challenge-platform/h/b/flow/ov1/935117843:1726492464:4raJ6GJ-UF1_Zz3qHp6CsDDxGGBY930Lm5-O1PMaB1w/8c4145706c89190f/63d090507a084fc
Requested by
Host: www.magellanprovider.com
URL: https://www.magellanprovider.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8c4145706c89190f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:8f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b559758931d45edc43fc02c85725a25935a15955c20c898e071ac4daf84748
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.magellanprovider.com/crisis
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
CF-Challenge
63d090507a084fc
Content-type
application/x-www-form-urlencoded

Response headers

content-type
text/plain; charset=UTF-8
date
Mon, 16 Sep 2024 13:40:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
server
cloudflare
cf-ray
8c414571cdeb190f-FRA
cf-chl-gen
OxqacNCIgNLfDROVf1bHd73VnZWeo0aKlBippknrloImNQJpQUc5hksO5lt56k5oeC0QmiYGsQ==$EYqAVirXnC9i4iYJ
3165c0a2-b187-4c62-afc2-b4e1d130c84a
https://www.magellanprovider.com/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/aks38/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame 323D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/aks38/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/388c99dd0998/api.js?onload=tmrM1&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8c414572898718ed-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 16 Sep 2024 13:40:57 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.magellanprovider.com
URL
blob:https://www.magellanprovider.com/bdc48289-370d-4f58-924b-e621cd4a9929
Domain
www.magellanprovider.com
URL
blob:https://www.magellanprovider.com/3165c0a2-b187-4c62-afc2-b4e1d130c84a

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| WgoI3 function| aFPe5 function| fVlBp1 function| tmrM1 boolean| NfjDe3 function| WEkH5 function| JJRHZ6 function| ciUn6 object| twswo3 object| DaPX4 object| dNWjt8 number| XVGd6 object| angular object| turnstile boolean| yTUQp3 string| UOFVA0 boolean| XMQxS5

0 Cookies

3 Console Messages

Source Level URL
Text
network error URL: https://www.magellanprovider.com/crisis
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.magellanprovider.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.magellanprovider.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Frame-Options SAMEORIGIN