dh.nelevatorkjhj.site

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 5 HTTP transactions. The main IP is 170.64.219.79, located in Sydney, Australia and belongs to DIGITALOCEAN-ASN, US. The main domain is dh.nelevatorkjhj.site.
TLS certificate: Issued by E6 on October 31st 2024. Valid for: 3 months.

This is the only time dh.nelevatorkjhj.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	207.211.31.113 207.211.31.113	14135 (NAVISITE-...) (NAVISITE-EAST-2)
1	170.64.219.79 170.64.219.79	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::63	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::5e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1d::6a	15169 (GOOGLE) (GOOGLE)
5	4

2 207.211.31.113 (St. Cloud, United States) 2 redirects

ASN14135 (NAVISITE-EAST-2, US)
PTR: service165-us.mimecast.com

url.us.m.mimecastprotect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 170.64.219.79 (Sydney, Australia)

ASN14061 (DIGITALOCEAN-ASN, US)

dh.nelevatorkjhj.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::63 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1d::6a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	google.com www.google.com — Cisco Umbrella Rank: 3	968 B
2	mimecastprotect.com 2 redirects url.us.m.mimecastprotect.com — Cisco Umbrella Rank: 10509	5 KB
1	gstatic.com www.gstatic.com	215 KB
1	nelevatorkjhj.site dh.nelevatorkjhj.site	62 KB
5	4

	Domain	Requested by
3	www.google.com	dh.nelevatorkjhj.site www.gstatic.com
2	url.us.m.mimecastprotect.com	2 redirects
1	www.gstatic.com	www.google.com
1	dh.nelevatorkjhj.site
5	4

This site contains no links.

Subject Issuer	Validity	Valid
nelevatorkjhj.site E6	`2024-10-31` - `2025-01-29`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://dh.nelevatorkjhj.site/?Vn=jQI
Frame ID: 1CB27CC0A05D5130DFFE8CBF68F37C6B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbwnEqAAAAAOp4CRc8p2FaL_yw_6HhzIYUlt_2&co=aHR0cHM6Ly9kaC5uZWxldmF0b3JramhqLnNpdGU6NDQz&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=uco64rvqk1g3
Frame ID: DF13CC599AADF90DE08EB4E3E2A7D898
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfbwnEqAAAAAOp4CRc8p2FaL_yw_6HhzIYUlt_2
Frame ID: 8B635ABFA8243D82439F6EC999451F47
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

reCAPTCHA: Click Allow to verify that you are not a robot

Page URL History Show full URLs

https://url.us.m.mimecastprotect.com/s/tY7jCYEq6gHz8k7u0fAHxDOpe?domain=dh.nelevatorkjhj.site HTTP 307
https://url.us.m.mimecastprotect.com/r/HFR6QDKmreTvV8R45yNBqR6ot4ooFUdkxJNGL8KyD1KkkCRJqlZ3kTXwsErVbvhtaWzML-Ognx... HTTP 307
https://dh.nelevatorkjhj.site/?Vn=jQI Page URL

Detected technologies

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

5
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

278 kB
Transfer

710 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://url.us.m.mimecastprotect.com/s/tY7jCYEq6gHz8k7u0fAHxDOpe?domain=dh.nelevatorkjhj.site HTTP 307
https://url.us.m.mimecastprotect.com/r/HFR6QDKmreTvV8R45yNBqR6ot4ooFUdkxJNGL8KyD1KkkCRJqlZ3kTXwsErVbvhtaWzML-OgnxtXHGTGa0uuod8TCLkdFvYK_hiCwk2HWdrN5zVkutvUtHTyJfZns_1acKAvF8BfyloQNlgielwXmkPOhKPfCJ-nyJCiZPsxYcvLO0aJCNXXSSHRmcZQPSth3mTFtNfVSrWAKxvsQhoZHxrObHAry_6aWACPfbK-Q9iBZ29_k0vzS2cIX8KXRrdjMzySnnzUvgGxDJLQZKjWJwMEvyZAXhf6_27EXafXHGRSyFXYihwhb0FukQgHjGlKRfIjhdjecSUP4gxBgD5V2-7bYsuCATXV5utvYiMSC_a70SelVfg6IT3-loPNR7R_rpyAYmk7Tg441_7VUH2RNv7QlE1uVY9yS2j1haFyto8XJ9nX1Y5GuslmzsxP5fl9nYqGMTIBNXqTj0FGl6Kwu20jb4t-PCPdWW7cyMA8WCrDIXUgzC38ARR-MPwtyJbVGK9jz2O7KfEb0CuWh2kRD2BDFfvi5jxLdCDc4fB_Bc3N6u_gq285u1iR-xVN2W1knYMS0bDJhdyEmUAakawM_-aDWQyF15RgX-TPP-uPrMeaZj-bYmsxcM1PxVBGBetF-ePk1E-MAxyTi8XtiYq4KzyjthN4RMg-zvghjJVlI1gZfnAvJQqAIiLsmloWHFpYWrC5497CpuTJeoD6OrfcfEWdTdLRi37UXFbHPVULdQr6R-Ah6w_NdS_PxXKKU-8WlQT39LvbfG_p3oESQeIaDjN9xNRpuzyKaR_H8xeJH-zflBacPkea72zT8qqEZBxddYH9LNjNY_q8dq0gjiI6TLrDL9nFb_QU17h2AlLSU-jVimQ2g6rgBgIMpiDIghW93DAudhyeTy03rIqXQWzHf_YViw3ljqF-5g-K2fyYmD3BKgsKrOf8h1pH0sM5Xes6GzIyZ3s7MdVn04-ONmeyD_c0FEZuqSAp7kXocnAfNvkm2vAg7CDkDvszTUz4QRrtNN8iIPm0ggyvZVu54m3uDjHCS70mXVZJlHE3BYAAOl5hsSSZkEhjv3vPwQjw6jZY_Y04kpl8RUtaeLkYE13eXFd4c0ozGl_t_sE7pRcMoGuI-6lcLEEjZZYi61R9-eJxJ7ZbVGjhO85Ngw0y3IDuOlMCMlExTlzqWVwbmmQVwHJI6FsFEjDE56788uZBQ-NLVc03NpeI4goNOQ8GYrfYrU0vciZ6UT2IQBnVB-33LsoYH8TDYQDflHyZCofq9QoYidUh1LA1Qpi8lfnN3KKg3BN8zTAZUrUY2Us2dl-dKNjGWUefnoCfPUdrMkR86iEyolwqbSuYFST4zEL-070k_pIOzwWhHJbsR_NDDqgGqvbx7l1Ebk4IkVNSuSPl8BtVJ89ImIB3nHPos2-ISP_ZyfmbVegiY97PSgjesirBcUyfdyBZQNUY6PLu-nI8gi8GHQs21h85q5XZmJ3SODT84TDgBEu7LxRiJ2hI5xCKUxiS99fEIQoNWNszB8a9NzUIwj4eQRNuSj1EWrLyq1JZVqpS5tTQq2LcDWS5I_jSwTCU4XWvlajDcl5uJeJpmsQ0y2HxUG4WTkXzVlUzldXXpPJzscIFEQX1kVLNjBhiywc62x-uIvXpe95L-4VixjQJea0e0aWKe1HHhy0_1CBsGMBQRMoiAY2wCFL9cJ9dp6imku3veII_cMuNxbZRWPc0yBzfzFcKCg2BwhdoWXv4riFOz99XNKwANW7P_FjiMhsze98WjtFnN9nFTo0I1KmIrVuZjCgoct2psjpRGZpwxY2srHo8Jkn_Gp4VT1ZYOMVr3eRbkhDSMjyPOTNN5XZMupKEzY3kWe-YbqZ8gk6GUrWTvonE-LS422qSXUWjwiEg26oMz6m8E2HcR3cO4pD66_9gFYhVX-IQtmJMKzxQD5voYD719pcQ6fG9Nz6GpWbYH0xUaqJDHYUka11d69oriap4lxl1f5LgdXRx2K0hHu5CUXPqZqwfAAsoVTfnwR5xCI1gLFz_XdS0KE5-OG_jfFJp-mZ11h_npPQbotSxmKxWYWZNHLYgMXEqSZ58gqKgSStTntTSgH4EK3rajPEuqJPUh6bE4wLWI_4yPCL3yTjxulH2l456EsJXKsgO3bc4oA2W0gRWbzqU7RbLHmoBUm7NVO5hL2DsZHfJ7kRorl08ob_YIZC8EQMMWUzDcbAUPruR_SA7UZoizv6y2RbFfd6f16pHrpKoYmiKfvVq59_vuRJ_IYcDe9cb3RUiC65h7vVtP1lZ7emkqrOvTvCvGBwPrTeyn1OZR6MLQWHAEmJyNLVtGbfOUl7eIn1xMZs6bpNnxDwUQ9PHdPizuFxBlUL413gFJ0WhrM6aMo8iNzmKbA-cu8mjVCkO9x159QjpPigP_v0mOr7C-qMeeHzjiaT_fcgSEmeIzHXubHgvTQmMlkVShgyxe_iH4-4OFX9k55pXM3oKP4K_RbtymfAP7EGfsGbf3_y3iHamQJvHfuv7m-G0VfydBHZR95l0i_9uUgSgZ4snbPDivcNbUVEj0eCapiv4UJ_ycEQJ464vYhPmJYyXGJ2a4KFX9tU54jR4QctmcWH4I2XypIxifBu81NQmPU3gzt2LL_XK2htcM9u8c4bkT4hwUV1AXwJayYAwfMATlazy9PolljFBS94jw8SszYlPxEtDvkSPpwefJtIAD5ByAWIBTTSwRG_NiV1fZ7gRqv1CyWUKsMipYPH8MkTO1bKwIsjsHKi29utN95-pG5572sE3W5TCzNHALbJHmTiqniMMb0ORxdeHMPcWpxTXdFOZZz3kfsiNHvnC40f2ItURQe3jCozt_q_3BHGFN06mf7iZb6uHfuj3SBzUETQHl2rilacscnMhsob1wQ0p2VAFY_vMxVoINKbLoHp-y-oPbDihDFGj72sIxIke0ZTGo2BkTRkh90Kfr1SwoCuY887pqk55AzCVUIT2aTQEwWgF_8pwMbH3MxnbcNHTW7cAqOJwKGeV7Uwrx26rrdKb1cInDfUNF8lk6x5WMu5QctgA2aelWNZykkFpw0okpPa1SWPQyzzSCGOw_sOC_r6tqmIQ8u6AK_eaU-1x9xT2zOSmluRZgLwoBGvzXQYf4R1HUJRjgoh_dDOPEwOg27TnZfjRptm0w9l2m3CmsRtyqUqE1-T3qSbduIU4txGoeTRdU2ujHyoX6jutR2DI6S8DyPGtdil4wxT9bHBIZGN4NqlBT9dl-TN0HfCNVoxSXOgwYTk9MsTVnAjfXg3ZnZQcnkeJJrRgDPPuKHKrN6GOIMA2tiEyGgzZ2GbJ0BwDCIgE_V2WIFWYygRBl4zDdcL5RXBjJmPtlbpy8SoDIp0h2aSmUFb0o3QBMPiI0ka3xkHLWXHHQ1YiqpiVr3Yuhz4Tg02gZSXjc4NowbuSxqbYTeBn_YS8b9Wdr4UwEXuk9YbOArroydGmTb0-AdCCDDevdBgKifHCgPPclUJm-ODoVHWC0Op25OaIt1FLUl_VDM2OyzON-a46wppfsmkdvpNAxBw465C3GGHVeJ_hXbvv_EZg7DLdXhDCXIPWywWhiC_fodr2LxJWvczJsCqsGnrUlMWeM5tjqV07iAonUjnMCbHvKpRXzmEhYd2tr4JpN5jNmg6TTAStXFNylmbdCaeyKq3BFk3rZxDwqoLnWKcOpOrR5XQRWaOhWn9_5gW0H_3_oZ-GFOIB8qlgBYoalKIfwXkGsqy-QfFE4WSG_1VBTWNvhDM6IKUaP40QSTS_oTg33brar3ihLwW9a6TAXb4gWKSIWe2f5jejm_PHrZiMaqU-3j2oIEziFnGAGSCaYLg4ORCJjXvdQa6lOhR744krKDqbgk0GmRTkZ2QlDhtPB3nE_zp98qgq7LetDVGNe8Etk5Pd0XY9kP9SFmo2u0VYjCLhkuJ26PdWu-D8Ox5AL5Weywx9KAr7tMKSFnrPWQXKsNeiNtcLOHSZyr2Smq5hq6KgH9Qgwg8XpOXiKWSPqqVxQyZWbmcFm-QJfr6R_pWVlPXtwtMQqhIbrdIgv6ytJSDaNmmG1zpYtw1V6yDZWyAORpRlqGqiWytcqNit7eZEjMz8CE3FHqM8HBdElishbk6PznZR39zKJSocAqR5AEyFO6_-4oVv_OO48eB2APmPEKG0uMwJKyh1s99c7YHKmd6TiMb6QwHxEmXlBZ8Orip-_PL9ZNPEc-eT4e_uX_HES-H57dBoDhDZRRX3oqfMi-Z640ZkI461WYnskqNRVMxph_03JqcMSzqgs1K4cycwMcPvmE446dhBhACmD-A7o75YCYUL_RwgyZTyjCmsVsUsdzulF3uq96xpv_3VseGF8oyJ3gsKn6Xi5sMkLQzi976MmYjrUdMMjT13t5G-Dcz1tha1W4GoOoyaLN7N2J96s0UtDELD7qDesX8J7gYuJpIlmlh96REkNqcuCct-tgZWojI32gZwzz51ZrUBnjhigSc7nacFZRXyNhFyuOatirOCHR2mH7TvCALN9rc4MU8C0_vbiw6tKN1MlWUuZVFC8FBXO7qPVrKsxYS2v5wvoMVWrZZp-Yq0KhUcEmkK1HoKjxpzXh6MBlxRlTwwuy7uItk9gEhxjwIVaJNTgjJgqSij4yGnA7jvpAsaBxiW0m1qCFqGgTJpNTlqXvJHMtL415csEW42AppIIE6OdkDmhZDCxXvtNbuMINgt_2z2xpONu5KJrx81byqCp5OY6Qpan9JrkSY-VWTMOX2pSabqlcJucMxkJZ3rWPEXUIO_YF2tzah9ddoBBBst2IcpcEPMnx2Cw2M-yqgT2qp3zIU8JSyGF5cn3sfJKzQUJjs HTTP 307
https://dh.nelevatorkjhj.site/?Vn=jQI Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
dh.nelevatorkjhj.site/
Redirect Chain

https://url.us.m.mimecastprotect.com/s/tY7jCYEq6gHz8k7u0fAHxDOpe?domain=dh.nelevatorkjhj.site
https://url.us.m.mimecastprotect.com/r/HFR6QDKmreTvV8R45yNBqR6ot4ooFUdkxJNGL8KyD1KkkCRJqlZ3kTXwsErVbvhtaWzML-OgnxtXHGTGa0uuod8TCLkdFvYK_hiCwk2HWdrN5zVkutvUtHTyJfZns_1acKAvF8BfyloQNlgielwXmkPOhKPfCJ...
https://dh.nelevatorkjhj.site/?Vn=jQI

163 KB
62 KB

1813ms
1305ms

Document
text/html

170.64.219.79
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://dh.nelevatorkjhj.site/?Vn=jQI
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.64.219.79 Sydney, Australia, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d4d3d9ba338642ff16b39ebeefc8ef0f8f4ade21cf8833a7c353472c846efd25

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 01 Nov 2024 16:22:57 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

Cache-control: no-store
Connection: keep-alive
Content-Length: 0
Date: Fri, 01 Nov 2024 16:22:55 GMT
Location: https://dh.nelevatorkjhj.site/?Vn=jQI
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Robots-Tag: noindex, nofollow

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
968 B 72ms
34ms Script
text/javascript 2607:f8b0:4004:c1d::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: dh.nelevatorkjhj.site
URL: https://dh.nelevatorkjhj.site/?Vn=jQI

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::63 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7920c3ee4d6bb39bee9aead6cbf6e02254f8b2ec119b695fe252837cb2e69a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://dh.nelevatorkjhj.site/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 16:22:58 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Fri, 01 Nov 2024 16:22:58 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 546 KB
215 KB 39ms
18ms Script
text/javascript 2607:f8b0:4004:c06::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c06::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://dh.nelevatorkjhj.site
Referer: https://dh.nelevatorkjhj.site/

Response headers

content-encoding: gzip
age: 6080
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sat, 01 Nov 2025 14:41:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 14:41:38 GMT
last-modified: Tue, 22 Oct 2024 00:01:33 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220347
x-xss-protection: 0
server: sffe

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame DF13 0
0 87ms
56ms Document
text/html 2607:f8b0:4004:c1d::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbwnEqAAAAAOp4CRc8p2FaL_yw_6HhzIYUlt_2&co=aHR0cHM6Ly9kaC5uZWxldmF0b3JramhqLnNpdGU6NDQz&hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&size=normal&cb=uco64rvqk1g3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OfYV5pTDuOTTWNxsqt5skg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dh.nelevatorkjhj.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OfYV5pTDuOTTWNxsqt5skg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 16:22:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 8B63 0
0 37ms
36ms Document
text/html 2607:f8b0:4004:c1d::6a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=-ZG7BC9TxCVEbzIO2m429usb&k=6LfbwnEqAAAAAOp4CRc8p2FaL_yw_6HhzIYUlt_2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__en.js

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::6a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RWjZK44HbhiBS2w4IpILWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dh.nelevatorkjhj.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-RWjZK44HbhiBS2w4IpILWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Fri, 01 Nov 2024 16:22:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://dh.nelevatorkjhj.site/?Vn=jQI Message: [GroupMarkerNotSet(crbug.com/242999)!:A0403403E4190000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://dh.nelevatorkjhj.site/?Vn=jQI Message: [GroupMarkerNotSet(crbug.com/242999)!:A0703403E4190000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dh.nelevatorkjhj.site
url.us.m.mimecastprotect.com
www.google.com
www.gstatic.com
170.64.219.79
207.211.31.113
2607:f8b0:4004:c06::5e
2607:f8b0:4004:c1d::63
2607:f8b0:4004:c1d::6a
b7920c3ee4d6bb39bee9aead6cbf6e02254f8b2ec119b695fe252837cb2e69a0
d4d3d9ba338642ff16b39ebeefc8ef0f8f4ade21cf8833a7c353472c846efd25
f8e5f5ce9ff44073cff24bcd3d2b8aa4e67b67891b14ff929fe4743880fdf82e

dh.nelevatorkjhj.site Open in urlscan Pro 170.64.219.79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

60 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

278 kBTransfer

710 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

dh.nelevatorkjhj.site Open in urlscan Pro
170.64.219.79 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

278 kB
Transfer

710 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions