nfo.protected.to Open in urlscan Pro
162.245.81.122 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://nfo.protected.to/f-af6b49b1e79e5494
Submission: On June 04 via manual (June 4th 2024, 3:13:37 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 162.245.81.122, located in Buffalo, United States and belongs to COLOUP, US. The main domain is nfo.protected.to.

This is the only time nfo.protected.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	162.245.81.122 162.245.81.122	19084 (COLOUP) (COLOUP)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
15	2

13 162.245.81.122 (Buffalo, United States)

ASN19084 (COLOUP, US)
PTR: host.coloup.com

nfo.protected.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	protected.to nfo.protected.to	89 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65	17 KB
15	2

	Domain	Requested by
13	nfo.protected.to	nfo.protected.to
2	www.google-analytics.com	nfo.protected.to
15	2

This site contains links to these domains. Also see Links.

Domain
rlsbb.ru
www.tvmaze.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://nfo.protected.to/f-af6b49b1e79e5494
Frame ID: 938329524B7B22E7C8EC3518BAE439F8
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Untitled - RlsBB NFO

Page URL History Show full URLs

http://nfo.protected.to/f-af6b49b1e79e5494 HTTP 307
https://nfo.protected.to/f-af6b49b1e79e5494 HTTP 307
http://nfo.protected.to/f-af6b49b1e79e5494 Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

106 kB
Transfer

286 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://rlsbb.ru/
Title: RlsBB NFO

Search URL Search Domain Scan URL

URL: https://www.tvmaze.com/shows/66198/the-daily-show
Title: https://www.tvmaze.com/shows/66198/the-daily-show

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nfo.protected.to/f-af6b49b1e79e5494 HTTP 307
https://nfo.protected.to/f-af6b49b1e79e5494 HTTP 307
http://nfo.protected.to/f-af6b49b1e79e5494 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 12

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=518874807&utmhn=nfo.protected.to&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Untitled%20-%20RlsBB%20NFO&utmhid=466456294&utmr=-&utmp=%2Ff-af6b49b1e79e5494&utmht=1717514013230&utmac=UA-35445002-1&utmcc=__utma%3D250079705.2108746773.1717514013.1717514013.1717514013.1%3B%2B__utmz%3D250079705.1717514013.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1585829476&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=518874807&utmhn=nfo.protected.to&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Untitled%20-%20RlsBB%20NFO&utmhid=466456294&utmr=-&utmp=%2Ff-af6b49b1e79e5494&utmht=1717514013230&utmac=UA-35445002-1&utmcc=__utma%3D250079705.2108746773.1717514013.1717514013.1717514013.1%3B%2B__utmz%3D250079705.1717514013.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1585829476&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request f-af6b49b1e79e5494 Show response
nfo.protected.to/
Redirect Chain

http://nfo.protected.to/f-af6b49b1e79e5494
https://nfo.protected.to/f-af6b49b1e79e5494
http://nfo.protected.to/f-af6b49b1e79e5494

8 KB
8 KB

112ms
112ms

Document
text/html

162.245.81.122
COLOUP

General

Check archive.org

Show headers Download Go to

Full URL: http://nfo.protected.to/f-af6b49b1e79e5494
Protocol: HTTP/1.1
Server: 162.245.81.122 Buffalo, United States, ASN19084 (COLOUP, US),
Reverse DNS: host.coloup.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: de0271110d990d1f6a542a387ce29db8b5aaf5dd66c202c31b0364b8f47ba547

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Content-Length: 8087
Content-Type: text/html; charset=utf-8
Date: Tue, 04 Jun 2024 15:13:23 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

Redirect headers

Location: http://nfo.protected.to/f-af6b49b1e79e5494
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK reset.css
nfo.protected.to/Content/nfo/ 989 B
1 KB 183ms
94ms Stylesheet
text/css 162.245.81.122
COLOUP

General

Check archive.org

Show headers Download Go to

Full URL: http://nfo.protected.to/Content/nfo/reset.css
Requested by: Host: nfo.protected.to
URL: http://nfo.protected.to/f-af6b49b1e79e5494
Protocol: HTTP/1.1
Server: 162.245.81.122 Buffalo, United States, ASN19084 (COLOUP, US),
Reverse DNS: host.coloup.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 73e69e9f268caba87e17657329ebbbc573f6e9a599d0a3b2b8bdc7d5ccb7f155

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://nfo.protected.to/f-af6b49b1e79e5494
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 15:13:23 GMT
Last-Modified: Thu, 26 Aug 2021 04:17:17 GMT
Server: Microsoft-IIS/8.5
ETag: "da279b41319ad71:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 989

GET
H/1.1 200
OK fonts.css
nfo.protected.to/Content/nfo/ 534 B
780 B 185ms
92ms Stylesheet
text/css 162.245.81.122
COLOUP

General

Check archive.org

Show headers Download Go to

Full URL: http://nfo.protected.to/Content/nfo/fonts.css
Requested by: Host: nfo.protected.to
URL: http://nfo.protected.to/f-af6b49b1e79e5494
Protocol: HTTP/1.1
Server: 162.245.81.122 Buffalo, United States, ASN19084 (COLOUP, US),
Reverse DNS: host.coloup.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: eaf877ebfe8077d63cf94b8070e503e79b36000881611b87af513c5dcbe32402

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://nfo.protected.to/f-af6b49b1e79e5494
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 15:13:23 GMT
Last-Modified: Thu, 26 Aug 2021 04:17:36 GMT
Server: Microsoft-IIS/8.5
ETag: "319cc14c319ad71:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 534

GET
H/1.1 200
OK main.css
nfo.protected.to/Content/nfo/ 7 KB
2 KB 190ms
95ms Stylesheet
text/css 162.245.81.122
COLOUP

General

Check archive.org

Show headers Download Go to

Full URL: http://nfo.protected.to/Content/nfo/main.css
Requested by: Host: nfo.protected.to
URL: http://nfo.protected.to/f-af6b49b1e79e5494
Protocol: HTTP/1.1
Server: 162.245.81.122 Buffalo, United States, ASN19084 (COLOUP, US),
Reverse DNS: host.coloup.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 33fe64e95e38c01c6687c088ebf79846fb47d00bc1956b7cf3d21bd404718c70

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://nfo.protected.to/f-af6b49b1e79e5494
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 15:13:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Aug 2021 04:17:49 GMT
Server: Microsoft-IIS/8.5
ETag: "80545a54319ad71:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1848

GET
H/1.1 200
OK codemirror.css
nfo.protected.to/Content/nfo/ 3 KB
1 KB 192ms
96ms Stylesheet
text/css 162.245.81.122
COLOUP

General

Check archive.org

Show headers Download Go to

Full URL: http://nfo.protected.to/Content/nfo/codemirror.css
Requested by: Host: nfo.protected.to
URL: http://nfo.protected.to/f-af6b49b1e79e5494
Protocol: HTTP/1.1
Server: 162.245.81.122 Buffalo, United States, ASN19084 (COLOUP, US),
Reverse DNS: host.coloup.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6e4617f930aaea5e6606867410a9a1afad209d9f8161f5cee159b839b7e0e02d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://nfo.protected.to/f-af6b49b1e79e5494
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 15:13:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Aug 2021 04:18:01 GMT
Server: Microsoft-IIS/8.5
ETag: "8062815b319ad71:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 970

GET
H/1.1 200
OK diff.css
nfo.protected.to/Content/nfo/ 89 B
334 B 201ms
101ms Stylesheet
text/css 162.245.81.122
COLOUP

General

Check archive.org

Show headers Download Go to

Full URL: http://nfo.protected.to/Content/nfo/diff.css
Requested by: Host: nfo.protected.to
URL: http://nfo.protected.to/f-af6b49b1e79e5494
Protocol: HTTP/1.1
Server: 162.245.81.122 Buffalo, United States, ASN19084 (COLOUP, US),
Reverse DNS: host.coloup.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5fa8f817e9e22bf5d296723e67fdf514bb8728f66276b14f80e5143ea0e37689

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://nfo.protected.to/f-af6b49b1e79e5494
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 15:13:23 GMT
Last-Modified: Thu, 26 Aug 2021 04:18:17 GMT
Server: Microsoft-IIS/8.5
ETag: "80e72d65319ad71:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 89

GET
H/1.1 200
OK print.css
nfo.protected.to/Content/nfo/ 248 B
493 B 101ms
101ms Stylesheet
text/css 162.245.81.122
COLOUP

General

Check archive.org

Show headers Download Go to

Full URL: http://nfo.protected.to/Content/nfo/print.css
Requested by: Host: nfo.protected.to
URL: http://nfo.protected.to/f-af6b49b1e79e5494
Protocol: HTTP/1.1
Server: 162.245.81.122 Buffalo, United States, ASN19084 (COLOUP, US),
Reverse DNS: host.coloup.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 22e17543fc96b2a7252dd2df95d556a1c2ac891a00683d73e2f3bb8743bad738

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://nfo.protected.to/f-af6b49b1e79e5494
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 15:13:23 GMT
Last-Modified: Thu, 26 Aug 2021 04:18:27 GMT
Server: Microsoft-IIS/8.5
ETag: "832796b319ad71:0"
X-Powered-By: ASP.NET
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 248

GET
H/1.1 200
OK jquery.js Show response
nfo.protected.to/Scripts/nfo/ 93 KB
33 KB 129ms
109ms Script
application/javascript 162.245.81.122
COLOUP

General

Check archive.org

Show headers Download Go to

Full URL: http://nfo.protected.to/Scripts/nfo/jquery.js
Requested by: Host: nfo.protected.to
URL: http://nfo.protected.to/f-af6b49b1e79e5494
Protocol: HTTP/1.1
Server: 162.245.81.122 Buffalo, United States, ASN19084 (COLOUP, US),
Reverse DNS: host.coloup.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://nfo.protected.to/f-af6b49b1e79e5494
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 15:13:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Aug 2021 04:19:14 GMT
Server: Microsoft-IIS/8.5
ETag: "04d487319ad71:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 33717

GET
H/1.1 200
OK jquery.timers.js Show response
nfo.protected.to/Scripts/nfo/ 3 KB
1 KB 189ms
94ms Script
application/javascript 162.245.81.122
COLOUP

General

Check archive.org

Show headers Download Go to

Full URL: http://nfo.protected.to/Scripts/nfo/jquery.timers.js
Requested by: Host: nfo.protected.to
URL: http://nfo.protected.to/f-af6b49b1e79e5494
Protocol: HTTP/1.1
Server: 162.245.81.122 Buffalo, United States, ASN19084 (COLOUP, US),
Reverse DNS: host.coloup.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c0e74168d43bb4f3b4d210417f127ed012bd61e887823bf5d258e432ac3d9795

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://nfo.protected.to/f-af6b49b1e79e5494
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 15:13:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Aug 2021 04:19:32 GMT
Server: Microsoft-IIS/8.5
ETag: "0e2be91319ad71:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1054

GET
H/1.1 200
OK stikked.js Show response
nfo.protected.to/Scripts/nfo/ 2 KB
2 KB 188ms
92ms Script
application/javascript 162.245.81.122
COLOUP

General

Check archive.org

Show headers Download Go to

Full URL: http://nfo.protected.to/Scripts/nfo/stikked.js
Requested by: Host: nfo.protected.to
URL: http://nfo.protected.to/f-af6b49b1e79e5494
Protocol: HTTP/1.1
Server: 162.245.81.122 Buffalo, United States, ASN19084 (COLOUP, US),
Reverse DNS: host.coloup.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b5e3f7528ac75a025904f7778486d767ba6ca8a4cbd0c0f69948eb87fafb8af6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://nfo.protected.to/f-af6b49b1e79e5494
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 15:13:23 GMT
Last-Modified: Sat, 04 Sep 2021 14:28:58 GMT
Server: Microsoft-IIS/8.5
ETag: "3529e83299a1d71:0"
X-Powered-By: ASP.NET
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 2160

GET
H/1.1 200
OK codemirror.js Show response
nfo.protected.to/Scripts/nfo/ 119 KB
32 KB 197ms
95ms Script
application/javascript 162.245.81.122
COLOUP

General

Check archive.org

Show headers Download Go to

Full URL: http://nfo.protected.to/Scripts/nfo/codemirror.js
Requested by: Host: nfo.protected.to
URL: http://nfo.protected.to/f-af6b49b1e79e5494
Protocol: HTTP/1.1
Server: 162.245.81.122 Buffalo, United States, ASN19084 (COLOUP, US),
Reverse DNS: host.coloup.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 884dd088fd59dd5a54251308024b49bb327b158c1168b6fd1f157f4defaf0672

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://nfo.protected.to/f-af6b49b1e79e5494
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 15:13:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Aug 2021 04:19:48 GMT
Server: Microsoft-IIS/8.5
ETag: "04a489b319ad71:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 32520

GET
H/1.1 200
OK codemirror_exec.js Show response
nfo.protected.to/Scripts/nfo/ 1 KB
1 KB 200ms
96ms Script
application/javascript 162.245.81.122
COLOUP

General

Check archive.org

Show headers Download Go to

Full URL: http://nfo.protected.to/Scripts/nfo/codemirror_exec.js
Requested by: Host: nfo.protected.to
URL: http://nfo.protected.to/f-af6b49b1e79e5494
Protocol: HTTP/1.1
Server: 162.245.81.122 Buffalo, United States, ASN19084 (COLOUP, US),
Reverse DNS: host.coloup.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 123751790d7223d5b57411a3e9d943249253c735bf415146de283c09d962353e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://nfo.protected.to/f-af6b49b1e79e5494
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 15:13:23 GMT
Last-Modified: Thu, 26 Aug 2021 04:19:58 GMT
Server: Microsoft-IIS/8.5
ETag: "985582a1319ad71:0"
X-Powered-By: ASP.NET
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1172

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

30ms
8ms

Script
text/javascript

2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: nfo.protected.to
URL: http://nfo.protected.to/f-af6b49b1e79e5494

Protocol

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://nfo.protected.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 04 Jun 2024 14:30:35 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2578
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Tue, 04 Jun 2024 16:30:35 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=518874807&utmhn=nfo.protected.to&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Untit...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=518874807&utmhn=nfo.protected.to&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Unti...

35 B
197 B

14ms
14ms

Image
image/gif

2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=518874807&utmhn=nfo.protected.to&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Untitled%20-%20RlsBB%20NFO&utmhid=466456294&utmr=-&utmp=%2Ff-af6b49b1e79e5494&utmht=1717514013230&utmac=UA-35445002-1&utmcc=__utma%3D250079705.2108746773.1717514013.1717514013.1717514013.1%3B%2B__utmz%3D250079705.1717514013.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1585829476&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: nfo.protected.to
URL: http://nfo.protected.to/f-af6b49b1e79e5494

Protocol

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://nfo.protected.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 Jun 2024 15:13:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=518874807&utmhn=nfo.protected.to&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Untitled%20-%20RlsBB%20NFO&utmhid=466456294&utmr=-&utmp=%2Ff-af6b49b1e79e5494&utmht=1717514013230&utmac=UA-35445002-1&utmcc=__utma%3D250079705.2108746773.1717514013.1717514013.1717514013.1%3B%2B__utmz%3D250079705.1717514013.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1585829476&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK photo_2021-09-04_21-57-59.jpg
nfo.protected.to/Content/icon/ 4 KB
4 KB 96ms
96ms Other
image/jpeg 162.245.81.122
COLOUP

General

Check archive.org

Show headers Download Go to

Full URL: http://nfo.protected.to/Content/icon/photo_2021-09-04_21-57-59.jpg
Protocol: HTTP/1.1
Server: 162.245.81.122 Buffalo, United States, ASN19084 (COLOUP, US),
Reverse DNS: host.coloup.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: de91600b625acc38b11ccff811cd23a4fb511ad5ddc9b450594cbf14aa280eed

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://nfo.protected.to/f-af6b49b1e79e5494
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Date: Tue, 04 Jun 2024 15:13:24 GMT
Last-Modified: Sat, 04 Sep 2021 17:28:37 GMT
Server: Microsoft-IIS/8.5
ETag: "b82daa4bb2a1d71:0"
X-Powered-By: ASP.NET
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 3942

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
nfo.protected.to/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: p3gr5nvusozcd2jxb435p3qx
.nfo.protected.to/	1970-01-21 06:41:14	Name: __utma Value: 250079705.2108746773.1717514013.1717514013.1717514013.1
.nfo.protected.to/	1969-12-31 23:59:59	Name: __utmc Value: 250079705
.nfo.protected.to/	1970-01-21 01:28:02	Name: __utmz Value: 250079705.1717514013.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.nfo.protected.to/	1970-01-20 21:05:14	Name: __utmt Value: 1
.nfo.protected.to/	1970-01-20 21:05:15	Name: __utmb Value: 250079705.1.10.1717514013

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nfo.protected.to
www.google-analytics.com
162.245.81.122
2a00:1450:4001:813::200e
123751790d7223d5b57411a3e9d943249253c735bf415146de283c09d962353e
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
22e17543fc96b2a7252dd2df95d556a1c2ac891a00683d73e2f3bb8743bad738
33fe64e95e38c01c6687c088ebf79846fb47d00bc1956b7cf3d21bd404718c70
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
5fa8f817e9e22bf5d296723e67fdf514bb8728f66276b14f80e5143ea0e37689
6e4617f930aaea5e6606867410a9a1afad209d9f8161f5cee159b839b7e0e02d
73e69e9f268caba87e17657329ebbbc573f6e9a599d0a3b2b8bdc7d5ccb7f155
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
884dd088fd59dd5a54251308024b49bb327b158c1168b6fd1f157f4defaf0672
b5e3f7528ac75a025904f7778486d767ba6ca8a4cbd0c0f69948eb87fafb8af6
c0e74168d43bb4f3b4d210417f127ed012bd61e887823bf5d258e432ac3d9795
de0271110d990d1f6a542a387ce29db8b5aaf5dd66c202c31b0364b8f47ba547
de91600b625acc38b11ccff811cd23a4fb511ad5ddc9b450594cbf14aa280eed
eaf877ebfe8077d63cf94b8070e503e79b36000881611b87af513c5dcbe32402

nfo.protected.to Open in urlscan Pro 162.245.81.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

0 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

106 kBTransfer

286 kBSize

6 Cookies

2 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

6 Cookies

Indicators

nfo.protected.to Open in urlscan Pro
162.245.81.122 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

0 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

106 kB
Transfer

286 kB
Size

6
Cookies

15 HTTP transactions
0 data transactions