zklp.denfiles.ru
Open in
urlscan Pro
2a06:98c1:3121::3
Public Scan
Effective URL: https://zklp.denfiles.ru/Mmerve.aydemir@nike.com
Submission Tags: falconsandbox
Submission: On May 02 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on April 24th 2023. Valid for: 3 months.
This is the only time zklp.denfiles.ru was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 50.28.79.140 50.28.79.140 | 32244 (LIQUIDWEB) (LIQUIDWEB) | |
1 | 83.150.216.10 83.150.216.10 | 60558 (SECUREDSE...) (SECUREDSERVERS-EU) | |
7 | 2a06:98c1:312... 2a06:98c1:3121::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
7 | 2606:4700::68... 2606:4700::6812:6b9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
19 | 5 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4009 |
127 KB |
7 |
denfiles.ru
zklp.denfiles.ru |
175 KB |
2 |
zigo.com
1 redirects
www.zigo.com |
549 B |
1 |
plagueremedies.com
plagueremedies.com |
252 B |
19 | 4 |
Domain | Requested by | |
---|---|---|
7 | challenges.cloudflare.com |
zklp.denfiles.ru
challenges.cloudflare.com www.zigo.com |
7 | zklp.denfiles.ru |
zklp.denfiles.ru
|
2 | www.zigo.com | 1 redirects |
1 | plagueremedies.com |
www.zigo.com
|
19 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
zigo.com R3 |
2023-04-11 - 2023-07-10 |
3 months | crt.sh |
plagueremedies.com R3 |
2023-04-30 - 2023-07-29 |
3 months | crt.sh |
denfiles.ru GTS CA 1P5 |
2023-04-24 - 2023-07-23 |
3 months | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2022-09-18 - 2023-09-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://zklp.denfiles.ru/Mmerve.aydemir@nike.com
Frame ID: DCC916B3CC8CEE3A6E4BE442483C600C
Requests: 11 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/2kus0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 7708DE5EEE0BDD08C395F9F91D35585E
Requests: 8 HTTP requests in this frame
Screenshot
Page Title
Loading...Page URL History Show full URLs
- https://www.zigo.com/clickOutI?userID=4209882&url=https%3A%2F%2Fplagueremedies.com%2Femail%2Fveri... Page URL
- https://zklp.denfiles.ru/Mmerve.aydemir@nike.com Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.zigo.com/clickOutI?userID=4209882&url=https%3A%2F%2Fplagueremedies.com%2Femail%2Fverification%2Fvdwztx%2F%2F%2F%2FbWVydmUuYXlkZW1pckBuaWtlLmNvbQ%3D%3D Page URL
- https://zklp.denfiles.ru/Mmerve.aydemir@nike.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://www.zigo.com/clickout2I.php/?source=&userID=4209882&emailClickID=&url=https%3A%2F%2Fplagueremedies.com%2Femail%2Fverification%2Fvdwztx%2F%2F%2F%2FbWVydmUuYXlkZW1pckBuaWtlLmNvbQ%3D%3D HTTP 302
- https://plagueremedies.com/email/verification/vdwztx////bWVydmUuYXlkZW1pckBuaWtlLmNvbQ==
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
clickOutI
www.zigo.com/ |
377 B 462 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bWVydmUuYXlkZW1pckBuaWtlLmNvbQ==
plagueremedies.com/email/verification/vdwztx//// Redirect Chain
|
0 252 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
Mmerve.aydemir@nike.com
zklp.denfiles.ru/ |
8 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
zklp.denfiles.ru/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ |
152 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
zklp.denfiles.ru/cdn-cgi/images/trace/managed/js/ |
42 B 220 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/g/b5e45436/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
51159946976ea45
zklp.denfiles.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/509375340:1683029323:EbrFU4tUG6l8xiy-GbZxevjpxNEPn_2UYAvmfWDeFac/7c1047a459b1b719/ |
146 KB 108 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Do7D2PEa2ydF2B0
zklp.denfiles.ru/cdn-cgi/challenge-platform/h/g/img/7c1047a459b1b719/1683030672310/ |
61 B 455 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vKYbFVFz5biFvOO
zklp.denfiles.ru/cdn-cgi/challenge-platform/h/g/pat/7c1047a459b1b719/1683030672319/7901bda9117efb6f45ba66525d1548a566bce12556b2dcccf616441f63c2de3e/ |
1 B 927 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
d25be268-8544-457e-b020-d05a23328816
https://zklp.denfiles.ru/ |
656 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
51159946976ea45
zklp.denfiles.ru/cdn-cgi/challenge-platform/h/g/flow/ov1/509375340:1683029323:EbrFU4tUG6l8xiy-GbZxevjpxNEPn_2UYAvmfWDeFac/7c1047a459b1b719/ |
7 KB 6 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/2kus0/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 7708 |
22 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 7708 |
151 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
8ac718540878057
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1087714538:1683029277:A6A4EvrfpnKs0VbWh78h9gBZAUWSGGeCqVlvqlcukU4/7c1047b1d8eeb7c7/ Frame 7708 |
99 KB 52 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
2B2UAhUYQNhSgb0
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7c1047b1d8eeb7c7/1683030674542/3e81b98479e0cff22b11afcaa8cceaa25348969d755068d9fa0ad0863476b5a1/ Frame 7708 |
1 B 648 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
SlGy_XxEeYvCS8E
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7c1047b1d8eeb7c7/1683030674543/ Frame 7708 |
61 B 166 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
1e4b4999-629a-435f-9968-803dd2c52e23
https://challenges.cloudflare.com/ Frame 7708 |
539 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
bf877a51-57e7-484e-ae3a-d257b1707d15
https://challenges.cloudflare.com/ Frame 7708 |
656 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
8ac718540878057
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1087714538:1683029277:A6A4EvrfpnKs0VbWh78h9gBZAUWSGGeCqVlvqlcukU4/7c1047b1d8eeb7c7/ Frame 7708 |
10 KB 8 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| _cf_chl_opt function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| sendRequest function| SHA256 function| _cf_chl_turnstile_l object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
challenges.cloudflare.com
plagueremedies.com
www.zigo.com
zklp.denfiles.ru
2606:4700::6812:6b9
2a06:98c1:3121::3
50.28.79.140
83.150.216.10
08c7d4de8ad43a97327f3d9cf3cfb95752ab3b9b9de55353d8b08f519e1b45d6
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8
23ff3e04f0cea6fcac56555264f046a7131dd9f1300ab84507d251e7bd0e91f8
3a59b39ef80a7c80bb709c61eb643e20c98f19b95c744fddbb07380192dee592
3c045d411da07dcef8960e7fc1d19063a911a413bfe1cedf7423d7add3b2ff79
5205e201bbd649a3a4af0ecb9b1e8a80f73aa8ea4aee1740302b1b8f7435b27f
6b80ff011f4e776bc227c339818e5859b7ebbeb864d00a255ecba6a7ec07c3d0
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
6fc4812d146c2b5affc57ff1ec3610e3467e99a18f0c0b036f48fd6683485ac2
831da3169837832f84adfbf9a01f103a98f887789efc85b4e07549b14849bb29
87e9138d300f21f41091f46f2dd729a4585ad3d2355867cbce9b9a033de0b1ae
999364b914d20281a808cac7bdbdf53228537b7628631d043aff08f1ca7bf633
ca8354c74f41568bb25855c2576a687de9db5b1e9717b9979f7b65e67f7ab25e
cf8afe809498d3d161b2966d686a4171a415aef098e0e0a5de901b6554a21519
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629