treasurydragons.org Open in urlscan Pro
104.17.129.171 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://treasurydragons.org/15JE-8I8AH-B8561D9594055A80233ZYVC6B573B24EB5D427/cr.aspx
Submission: On January 04 via manual (January 4th 2024, 11:54:03 am UTC) from NL — Scanned from NL

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 104.17.129.171, located in and belongs to CLOUDFLARENET, US. The main domain is treasurydragons.org.
TLS certificate: Issued by GTS CA 1P5 on November 17th 2023. Valid for: 3 months.

This is the only time treasurydragons.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	104.17.129.171 104.17.129.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:ddae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2

5 104.17.129.171 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

treasurydragons.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:ddae (United States)

ASN13335 (CLOUDFLARENET, US)

i.emlfiles4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	treasurydragons.org 1 redirects treasurydragons.org	10 KB
4	emlfiles4.com i.emlfiles4.com — Cisco Umbrella Rank: 35005	334 KB
8	2

	Domain	Requested by
5	treasurydragons.org	1 redirects treasurydragons.org
4	i.emlfiles4.com	treasurydragons.org
8	2

This site contains no links.

Subject Issuer	Validity	Valid
treasurydragons.org GTS CA 1P5	`2023-11-17` - `2024-02-15`	3 months	crt.sh
i.emlfiles4.com GTS CA 1P5	`2023-11-17` - `2024-02-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://treasurydragons.org/15JE-8I8AH-B8561D9594055A80233ZYVC6B573B24EB5D427/cr.aspx
Frame ID: DA211AB261C42696DB2F7B7D30B58840
Requests: 6 HTTP requests in this frame

Frame: https://treasurydragons.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
Frame ID: DFFAE1F9A23019B6CDB8F5797929DCCA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Arnoud, Join our first treasury Masterclass in Cash Forecasting

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Page Statistics

8
Requests

88 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

343 kB
Transfer

368 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://treasurydragons.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://treasurydragons.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

8 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request cr.aspx Show response
treasurydragons.org/15JE-8I8AH-B8561D9594055A80233ZYVC6B573B24EB5D427/ 28 KB
6 KB 178ms
91ms Document
text/html 104.17.129.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://treasurydragons.org/15JE-8I8AH-B8561D9594055A80233ZYVC6B573B24EB5D427/cr.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.129.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cb6f9fe4f74d52da3fe49f077b9454ba50cdf9ae1c40701e493812cbc6320bd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 840348be8adc66d9-AMS
content-encoding: gzip
content-type: text/html
date: Thu, 04 Jan 2024 11:53:58 GMT
server: cloudflare

GET
H2 200 13873956_dragonsconnect1.png
i.emlfiles4.com/cmpimg/4/3/8/3/5/files/ 300 KB
301 KB 116ms
42ms Image
image/webp 2606:4700::6812:ddae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.emlfiles4.com/cmpimg/4/3/8/3/5/files/13873956_dragonsconnect1.png
Requested by: Host: treasurydragons.org
URL: https://treasurydragons.org/15JE-8I8AH-B8561D9594055A80233ZYVC6B573B24EB5D427/cr.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ddae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74a789382c2a1b544ae2e6f0524943f58f247d1c2f3bade017652e1027411759

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://treasurydragons.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 11:53:58 GMT
x-amz-version-id: h1M3pD9Ulrq0pSS_kpPU4xtEsabYj2Pu
cf-cache-status: HIT
x-amz-request-id: MJJQ5BXP6CN5FWBE
age: 2216
cf-polished: origFmt=png, origSize=513453
content-disposition: inline; filename="13873956_dragonsconnect1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 307344
x-amz-id-2: kAl8YaLQZDSPgLILREC7Xyj7xPm3vVEXChxKnDdY54cS5R+Hd+fIINSzk5Z2roIFJMTI1hITNbI=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 03 Jan 2024 15:32:44 GMT
server: cloudflare
etag: "1160a00a8dba2ff713d8e4fc13bc4c27"
vary: Accept
content-type: image/webp
accept-ranges: bytes
cf-ray: 840348bf992a6565-AMS

GET
H2 200 9101438_mikesig.png
i.emlfiles4.com/cmpimg/4/3/8/3/5/files/ 23 KB
23 KB 111ms
38ms Image
image/png 2606:4700::6812:ddae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.emlfiles4.com/cmpimg/4/3/8/3/5/files/9101438_mikesig.png
Requested by: Host: treasurydragons.org
URL: https://treasurydragons.org/15JE-8I8AH-B8561D9594055A80233ZYVC6B573B24EB5D427/cr.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ddae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbf04590def7581e082925f66924eaeb5000bab692a7ae94b8ca96f7ddc3ba7b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://treasurydragons.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 11:53:58 GMT
content-encoding
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: AGXFGYAQH1FN5Z7J
age: 3040
alt-svc: h3=":443"; ma=86400
content-length: 23051
x-amz-id-2: EmKXTV7DU5BUyf+KjRXNAU/2jz3PvWGTVtGBBmDkRvlU5XT/xhUMqNCkzlEkN8r/T5zS3uaHZKQ=
last-modified: Thu, 07 Sep 2017 08:47:27 GMT
server: cloudflare
etag: "d982b8aeff553cf990a2ae529ee2830b"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 840348bf99266565-AMS

GET
H2 200 s.gif
i.emlfiles4.com/cmpimg/t/ 43 B
287 B 112ms
39ms Image
image/gif 2606:4700::6812:ddae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.emlfiles4.com/cmpimg/t/s.gif
Requested by: Host: treasurydragons.org
URL: https://treasurydragons.org/15JE-8I8AH-B8561D9594055A80233ZYVC6B573B24EB5D427/cr.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ddae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://treasurydragons.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 11:53:58 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: E4P82SCMT8ARQ1DR
age: 2385
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-id-2: cCEwFb510sJQyfCM4tUTvW5VAxx2drJVXSObRi87aKcEvLXdrsq/2hSrxRVpz1sfWR/57SGuOvk=
cf-bgj: imgq:85,h2pri
last-modified: Mon, 27 Oct 2014 09:21:49 GMT
server: cloudflare
etag: "325472601571f31e1bf00674c368d335"
vary: Accept-Encoding
content-type: image/gif
accept-ranges: bytes
cf-ray: 840348bf99286565-AMS

GET
H2 200 13874059_agicaporig.png
i.emlfiles4.com/cmpimg/4/3/8/3/5/files/ 9 KB
10 KB 141ms
68ms Image
image/webp 2606:4700::6812:ddae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.emlfiles4.com/cmpimg/4/3/8/3/5/files/13874059_agicaporig.png
Requested by: Host: treasurydragons.org
URL: https://treasurydragons.org/15JE-8I8AH-B8561D9594055A80233ZYVC6B573B24EB5D427/cr.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:ddae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5da9c6231e8ebbb67c4006339546da1bbd8f88420836b18f2f173feae0e826a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://treasurydragons.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 11:53:58 GMT
x-amz-version-id: rTIEuH6AGlSqK3R9r00u4c0MiWc_KMdW
cf-cache-status: HIT
x-amz-request-id: XKY02PBP4E2PAQBW
age: 2070
cf-polished: origFmt=png, origSize=13204
content-disposition: inline; filename="13874059_agicaporig.webp"
alt-svc: h3=":443"; ma=86400
content-length: 9716
x-amz-id-2: cvunWaSV5fI35Dn57MWIdQ0wTWHk73ktdO3/R00NR6e82aL8U27jZ0hXFBM/SQ1tm6IBk5gdbt0=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 03 Jan 2024 15:45:10 GMT
server: cloudflare
etag: "40c34d34c1d3359542b1ec27dff9e095"
vary: Accept
content-type: image/webp
accept-ranges: bytes
cf-ray: 840348bf99236565-AMS

GET
H2 200 o.gif
treasurydragons.org/15JE-8I8AH-233ZYV/ 43 B
170 B 71ms
71ms Image
image/gif 104.17.129.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://treasurydragons.org/15JE-8I8AH-233ZYV/o.gif
Requested by: Host: treasurydragons.org
URL: https://treasurydragons.org/15JE-8I8AH-B8561D9594055A80233ZYVC6B573B24EB5D427/cr.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.129.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://treasurydragons.org/15JE-8I8AH-B8561D9594055A80233ZYVC6B573B24EB5D427/cr.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 11:53:58 GMT
cf-cache-status: MISS
last-modified: Thu, 04 Jan 2024 11:53:58 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/gif
cache-control: private, max-age=0
accept-ranges: bytes
cf-ray: 840348bf2ba066d9-AMS
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2

200

main.js Show response
treasurydragons.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/ Frame DFFA
Redirect Chain

https://treasurydragons.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://treasurydragons.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

7 KB
4 KB

35ms
35ms

Script
application/javascript

104.17.129.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://treasurydragons.org/cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js

Requested by

Host: treasurydragons.org
URL: https://treasurydragons.org/15JE-8I8AH-B8561D9594055A80233ZYVC6B573B24EB5D427/cr.aspx

Protocol

Server

104.17.129.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5aecb0af4c43e2f56096c580d717962152643a8daf001479bed36e1953c70af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 11:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 840348bf7c1266d9-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 04 Jan 2024 11:53:58 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74bd6362/main.js
cache-control: max-age=300, public
cf-ray: 840348bf4bce66d9-AMS
alt-svc: h3=":443"; ma=86400

POST
H3 200 840348be8adc66d9 Show response
treasurydragons.org/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame DFFA 0
330 B 57ms
57ms XHR
text/plain 104.17.129.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://treasurydragons.org/cdn-cgi/challenge-platform/h/g/jsd/r/840348be8adc66d9
Requested by: Host: treasurydragons.org
URL: https://treasurydragons.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.17.129.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Jan 2024 11:53:59 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 840348c03d500e88-AMS
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.treasurydragons.org/	1970-01-20 17:26:11	Name: __cf_bm Value: eOzTRzl9DjmoIM9b1zV5ZhZEyDMZiZzvhnEHKs8Cpvk-1704369238-1-AfaGRBjL3Mwej7DTnI95lJizEi+lLTdcHGFA0pSUC0/nmHyWoPNIVKIsYvAMdrb8V4836Z85QxpbaBvMV4dxcww=
treasurydragons.org/	1970-01-20 17:27:32	Name: __cflb Value: 0H28vbka3Tp63XFuYsqHHrawjcNu2NcVZuMPyCn41yn
.treasurydragons.org/	1970-01-21 02:11:45	Name: cf_clearance Value: 8huL8e.UFln4Hp.NUpoXmWg1Rs4k95Jlsj13z5CoSsA-1704369239-0-2-a71dbfd1.ea7d30f6.75a923cf-0.2.1704369239

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i.emlfiles4.com
treasurydragons.org
104.17.129.171
2606:4700::6812:ddae
3cb6f9fe4f74d52da3fe49f077b9454ba50cdf9ae1c40701e493812cbc6320bd
5da9c6231e8ebbb67c4006339546da1bbd8f88420836b18f2f173feae0e826a7
74a789382c2a1b544ae2e6f0524943f58f247d1c2f3bade017652e1027411759
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bbf04590def7581e082925f66924eaeb5000bab692a7ae94b8ca96f7ddc3ba7b
c5aecb0af4c43e2f56096c580d717962152643a8daf001479bed36e1953c70af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

treasurydragons.org Open in urlscan Pro 104.17.129.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

8 Requests

88 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

343 kBTransfer

368 kBSize

3 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

3 Cookies

Indicators

treasurydragons.org Open in urlscan Pro
104.17.129.171 Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

343 kB
Transfer

368 kB
Size

3
Cookies

8 HTTP transactions
0 data transactions