urlscan.io logo urlscan.io
SecurityTrails logo

affordableliens.info Open in urlscan Pro
188.114.96.3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://dargagcn.sa.com/ssa/mainstmnt.html
Effective URL: https://affordableliens.info/statement.exe
Submission: On December 11 via manual from US — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is affordableliens.info.
TLS certificate: Issued by WE1 on November 19th 2024. Valid for: 3 months.
This is the only time affordableliens.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Community Verdicts: Malicious1 votes Show Verdicts

Domain & IP information

IP Address AS Autonomous System
2 107.182.128.31 399471 (AS-SERVERION)
1 9 188.114.96.3 13335 (CLOUDFLAR...)
11 3
Apex Domain
Subdomains		 Transfer
9 affordableliens.info
affordableliens.info
26 KB
2 sa.com
dargagcn.sa.com
843 B
11 2
Domain Requested by
9 affordableliens.info 1 redirects dargagcn.sa.com
affordableliens.info
2 dargagcn.sa.com
11 2

This site contains no links.

Subject Issuer Validity Valid
dargagcn.sa.com
R11		 2024-12-08 -
2025-03-08		 3 months crt.sh
affordableliens.info
WE1		 2024-11-19 -
2025-02-17		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://affordableliens.info/statement.exe
Frame ID: F4A0EDA3668891BCC1767BF1187B4151
Requests: 7 HTTP requests in this frame

Frame: https://affordableliens.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: 9EC474BC497FC1800B5737E44615793C
Requests: 2 HTTP requests in this frame

Frame: https://affordableliens.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: FEA68226A42E7E287C17F98894144F0C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://dargagcn.sa.com/ssa/mainstmnt.html Page URL
  2. https://affordableliens.info/statement.exe Page URL
  3. https://affordableliens.info/statement.exe Page URL

Page Statistics

11
Requests

73 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

26 kB
Transfer

33 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dargagcn.sa.com/ssa/mainstmnt.html Page URL
  2. https://affordableliens.info/statement.exe Page URL
  3. https://affordableliens.info/statement.exe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://affordableliens.info/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://affordableliens.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
mainstmnt.html
dargagcn.sa.com/ssa/ 		87 B
328 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dargagcn.sa.com/ssa/mainstmnt.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.182.128.31 Dallas, United States, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
87
Content-Type
text/html
Date
Wed, 11 Dec 2024 16:56:21 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Wed, 11 Dec 2024 14:05:02 GMT
Server
Apache
statement.exe
affordableliens.info/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://affordableliens.info/statement.exe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78e0cda2379ae08c43503d33f5887e2315b310b9787f5470a0fb91e281692e1d
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://dargagcn.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
BYPASS
cf-ray
8f0701f0eaf8ee3b-WAW
content-type
text/html; charset=utf-8
date
Wed, 11 Dec 2024 16:56:21 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=78ai2a3n1%2B0A9yU7aftVEYhscPkW7ETrT2Mi4sjee91DgHVDDl9l67U6D%2BYR3kzzjVtbeGGA87IhaeIjxYpsb7ywIgpSEOd7gMWyktYRynjAdamVXjsKB28CHt4ZqnjyFCxUvq8k9w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=46818&min_rtt=46333&rtt_var=10140&sent=11&recv=9&lost=0&retrans=0&sent_bytes=4148&recv_bytes=4463&delivery_rate=12582&cwnd=12000&unsent_bytes=0&cid=7ebddec286f836f8&ts=143&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
favicon.ico
dargagcn.sa.com/ 		315 B
515 B 		Other
General
Check archive.org
Download Go to
Full URL
https://dargagcn.sa.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.182.128.31 Dallas, United States, ASN399471 (AS-SERVERION, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dargagcn.sa.com/ssa/mainstmnt.html

Response headers

Keep-Alive
timeout=5, max=99
Content-Length
315
Date
Wed, 11 Dec 2024 16:56:21 GMT
Content-Type
text/html; charset=iso-8859-1
Server
Apache
Connection
Keep-Alive
statement.exe
affordableliens.info/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://affordableliens.info/statement.exe
Requested by
Host: dargagcn.sa.com
URL: https://dargagcn.sa.com/ssa/mainstmnt.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Combination
Referer
https://affordableliens.info/statement.exe
0FM4xjoZ3FRSyQS2yYpzDuoGKo
ED9ogXhuMeRLKwd319rOJogefrk
X-Requested-TimeStamp
X-Requested-Type-Combination
GET
X-Requested-with
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-Requested-Type
GET
Content-type
application/x-www-form-urlencoded
X-Requested-TimeStamp-Expire
x0qNnJszY9t1bKgfarfXOSV-Ns
30363234

Response headers

cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8N85Blia6PaTjXrsvlkVWUBOLREf5nm5RdW8qYiOOcW2okEC9iphaM%2B6D7vFJ2m%2F7CImWD7%2FYUyUA%2BNAGzQ2IWbdOeV5Ifr124M7Rguu5Z%2FrnSiPB2jq8RohTVJZqqD2VRlWIQewmA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
cf-ray
8f0701f1ff38ee3b-WAW
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47540&min_rtt=46333&rtt_var=3335&sent=34&recv=19&lost=0&retrans=0&sent_bytes=25614&recv_bytes=7026&delivery_rate=13678&cwnd=12000&unsent_bytes=0&cid=7ebddec286f836f8&ts=310&x=1", cfExtPri, cfHdrFlush;dur=17
date
Wed, 11 Dec 2024 16:56:22 GMT
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
priority
u=1,i
x-frame-options
SAMEORIGIN
main.js
affordableliens.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame 9EC4
Redirect Chain
  • https://affordableliens.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://affordableliens.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://affordableliens.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f4f72fc77a236e4d540c1cfb84eadd2b85d84859b743c36ac07ab3de48e8445
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=92hbbnFjOnsFh6t3BTzFxAS0%2Fo1Q3kMui7fLCSDC%2Bq9c5Bf%2F69jo4Q3cwp2Bq95D7jrmskpi3Vz%2F4WtyioiR10vR%2FtWrL%2Fr5qh7a9ggGI9KtwLMkpE7O11qVjbSeE276PoLKuB1FUw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f0701f248a5ee3b-WAW
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47540&min_rtt=46333&rtt_var=3335&sent=23&recv=19&lost=0&retrans=0&sent_bytes=13614&recv_bytes=7026&delivery_rate=13678&cwnd=12000&unsent_bytes=0&cid=7ebddec286f836f8&ts=280&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 16:56:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ByStildW2heimC%2Bdw5K6PT2nO22BOTYCcwynbW4dV%2Fzui4L76mNuq8CFJ2wrQcUvhRSIYRrBwDSbKMAwyY%2FC3tLhajYzM55w79OkSM5275Snjiqv7l61lMNBjxorEyueqbobmqrSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0701f1ff3eee3b-WAW
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=46804&min_rtt=46333&rtt_var=2483&sent=21&recv=18&lost=0&retrans=0&sent_bytes=12861&recv_bytes=6532&delivery_rate=120662&cwnd=12000&unsent_bytes=0&cid=7ebddec286f836f8&ts=227&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 16:56:22 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
favicon.ico
affordableliens.info/ 		7 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://affordableliens.info/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://affordableliens.info/statement.exe

Response headers

cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gwdg%2FlcaFJCwCHY%2B9GSxF3Mq2Xwg3W0YcfpBU2qfTkTNU2mBK8hlYPe%2FzXQJ8fzSI8NfLhjutRnfB1zQhxtFHDGVFwndUmTtBgaJkUSXvnv5SVySChjb0JVMaVddkbm15RiNs9Xjlg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47540&min_rtt=46333&rtt_var=3335&sent=28&recv=19&lost=0&retrans=0&sent_bytes=18600&recv_bytes=7026&delivery_rate=13678&cwnd=12000&unsent_bytes=0&cid=7ebddec286f836f8&ts=293&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 16:56:22 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8f0701f1ff44ee3b-WAW
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
8f0701f0eaf8ee3b
affordableliens.info/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 9EC4 		0
0
Primary Request statement.exe
affordableliens.info/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://affordableliens.info/statement.exe
Requested by
Host: dargagcn.sa.com
URL: https://dargagcn.sa.com/ssa/mainstmnt.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c096a1f31db32bb3a7b91c2b23a77b168c661b1116b1a4acfbc0537e5369b1df
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://affordableliens.info/statement.exe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
BYPASS
cf-ray
8f0701f30babee3b-WAW
content-encoding
zstd
content-type
text/html
date
Wed, 11 Dec 2024 16:56:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MD6QzaSqy9k%2F%2BWr3hneyOD27WhbxBr%2BzeR2CtgQ93Xhkr8Z0SqESMqMfJkDDpFYbcm62caJddg%2FaBwAqloKLDe%2BOMflKNu%2BqR5MywWXNyr6x2Gf9cqZmD8eKIvk7HnCMeNR2q%2F8DWg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=54152&min_rtt=46333&rtt_var=9615&sent=43&recv=41&lost=0&retrans=0&sent_bytes=27908&recv_bytes=25565&delivery_rate=178255&cwnd=16800&unsent_bytes=0&cid=7ebddec286f836f8&ts=428&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
main.js
affordableliens.info/cdn-cgi/challenge-platform/scripts/jsd/ Frame FEA6 		9 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://affordableliens.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
Requested by
Host: dargagcn.sa.com
URL: https://dargagcn.sa.com/ssa/mainstmnt.html
Protocol
H3
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f4f72fc77a236e4d540c1cfb84eadd2b85d84859b743c36ac07ab3de48e8445
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=92hbbnFjOnsFh6t3BTzFxAS0%2Fo1Q3kMui7fLCSDC%2Bq9c5Bf%2F69jo4Q3cwp2Bq95D7jrmskpi3Vz%2F4WtyioiR10vR%2FtWrL%2Fr5qh7a9ggGI9KtwLMkpE7O11qVjbSeE276PoLKuB1FUw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f0701f248a5ee3b-WAW
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=47540&min_rtt=46333&rtt_var=3335&sent=23&recv=19&lost=0&retrans=0&sent_bytes=13614&recv_bytes=7026&delivery_rate=13678&cwnd=12000&unsent_bytes=0&cid=7ebddec286f836f8&ts=280&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 16:56:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
8f0701f30babee3b
affordableliens.info/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame FEA6 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://affordableliens.info/cdn-cgi/challenge-platform/h/g/jsd/r/8f0701f30babee3b
Requested by
Host: affordableliens.info
URL: https://affordableliens.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=69rxqaFQiBDwfnBTEbEst9G7rMlHdyBILonvdCwM%2FDwN4NHB%2BA71JCI70a%2F%2FNKvdVT7t2%2B2dyt%2F1PHI00gnTBSwyruTUxsKRs9%2FoTt5LHgxJQziXPWBYAJb%2BYxS5ev0DxVyCO24Syw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0701f3deb1ee3b-WAW
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=54173&min_rtt=46333&rtt_var=6565&sent=60&recv=61&lost=0&retrans=0&sent_bytes=31662&recv_bytes=44241&delivery_rate=22208&cwnd=16800&unsent_bytes=0&cid=7ebddec286f836f8&ts=592&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Wed, 11 Dec 2024 16:56:22 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
favicon.ico
affordableliens.info/ 		548 B
881 B 		Other
General
Check archive.org
Download Go to
Full URL
https://affordableliens.info/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://affordableliens.info/statement.exe

Response headers

content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uRc4%2BW4S9MBHkDEfnDm5CzaUNFFJnQB8W3OZTwAIXWRnhWB1ZiPEgtIvMhOd1mfnPbxBmmFf6PEf6r2tqUArbK6eZnqph%2B2M3pSXwsJ5VJ4O6Hsy%2FqG8wEMllOldXd69jijvTGDuyA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=54173&min_rtt=46333&rtt_var=6565&sent=56&recv=56&lost=0&retrans=0&sent_bytes=30683&recv_bytes=38639&delivery_rate=22208&cwnd=16800&unsent_bytes=0&cid=7ebddec286f836f8&ts=578&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 11 Dec 2024 16:56:22 GMT
content-type
text/html
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
cf-ray
8f0701f3deb6ee3b-WAW
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
affordableliens.info
URL
https://affordableliens.info/cdn-cgi/challenge-platform/h/g/jsd/r/8f0701f0eaf8ee3b

Verdicts & Comments Add Verdict or Comment

Malicious page.url
Submitted on December 11th 2024, 5:42:53 pm UTC — From United States

Threats: Malware
Comment: This URL was collected from a phishing email.

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

11 Cookies

Domain/Path Name / Value
affordableliens.info/ Name: RRdNAYBKljWYq8pv0QaVmEImFNs
Value: D7zO5xZLJjMS00pc32WkWV9l0Lo
affordableliens.info/ Name: 6UZkvXT0g8chMjv_LALBIQXATRI
Value: 1733936180
affordableliens.info/ Name: qkA4lVXvBnVpX8TcKkdaLoYaZQc
Value: 1734022580
affordableliens.info/ Name: _7_AZwdBTERa8H-ctX7fDMp11G0
Value: cP7XiVI4k5L526bhyGhmsMsfc4s
affordableliens.info/ Name: BE448UII_ivmmkmsGfPCWMttdc8
Value: nQGHYO2XDBWi0oW1TyCES-IN4pk
affordableliens.info/ Name: scYX3fRvz-EH2-VJv9SmS9shiMc
Value: rYzEj72XKDHumYph2ZmFUvaOiMQ
affordableliens.info/ Name: UhIjLmhfYd5Dwy9s_8eObipNJMs
Value: 1733936182
affordableliens.info/ Name: ZtFMeZRYBduu83Ru_EpVJg6fb0Y
Value: 1734022582
affordableliens.info/ Name: FgzDj9RkqVtRabFhmNeoAEJ8xOo
Value: Em-kgPnJwN59z8zaQzVaUhMrTTg
affordableliens.info/ Name: PO7zW_kKLZCdNudfZPRLRgYjFro
Value: fHFma-PdpxKlmtIBTZLF78P7Sno
.affordableliens.info/ Name: cf_clearance
Value: hSRN95zx3MFBtir0Z5iGWgcQW65CF5wGeqBguos4RhM-1733936182-1.2.1.1-6N37KyogjOB1qkGTFl057_XuvvrbCuhyjdmZNhHRYvrZ4lKUQ.WORglAHF4.DxvzfK8wfip5Y8_a2k8qcPY3eToKJ6..NTgNjcVD834ObjXzRjNHfmuKlTZsJc.A47dFb.D8rTSCRZyakPa38hMgoku5pHMcyL2xLlK.UPZpOh_Jcj.iTud1a2JB_1HLYgorf7NcLv81gmywLCFHpFlQvpasM.M5aJN50pjeR_7GtxQGUOwXvjCWpk8GgD7iV4ejZkD8UpgiHcUX.gPgHy5sJAoLO5mPFXnSIHvyInDUtdREaa7tAiLrktcXIX9Nzwcp0.L80dLqgXpXoMRmVnlUSwrCCC341xDsZWWqJ2NF4mF3sNuh6wlR7_G08F9Jhg.N

5 Console Messages

Source Level URL
Text
network error URL: https://dargagcn.sa.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://affordableliens.info/statement.exe
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://affordableliens.info/favicon.ico
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://affordableliens.info/statement.exe
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://affordableliens.info/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()