urlscan.io logo urlscan.io
SecurityTrails logo

nu6oidstems.info Open in urlscan Pro
2606:4700:3035::ac43:d41b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://grp-chaseny121991.gotdns.com/
Effective URL: https://nu6oidstems.info/?chase
Submission: On November 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3035::ac43:d41b, located in United States and belongs to CLOUDFLARENET, US. The main domain is nu6oidstems.info.
TLS certificate: Issued by E1 on November 20th 2023. Valid for: 3 months.
This is the only time nu6oidstems.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 20.41.117.232 8075 (MICROSOFT...)
2 8 2606:4700:303... 13335 (CLOUDFLAR...)
8 3
Apex Domain
Subdomains		 Transfer
8 nu6oidstems.info
nu6oidstems.info
30 KB
1 gotdns.com
grp-chaseny121991.gotdns.com
3 KB
8 2
Domain Requested by
8 nu6oidstems.info 2 redirects grp-chaseny121991.gotdns.com
nu6oidstems.info
1 grp-chaseny121991.gotdns.com
8 2

This site contains no links.

Subject Issuer Validity Valid
grp-chaseny121991.gotdns.com
R3		 2023-11-23 -
2024-02-21		 3 months crt.sh
nu6oidstems.info
E1		 2023-11-20 -
2024-02-18		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://nu6oidstems.info/?chase
Frame ID: 05C649623829C1A140BAA81454383C93
Requests: 4 HTTP requests in this frame

Frame: https://nu6oidstems.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 66109ACE82BA3A2AB7E6799D4947E205
Requests: 2 HTTP requests in this frame

Frame: https://nu6oidstems.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 68F2A00BBD68D3E4AAF4E1201DD7EA55
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://grp-chaseny121991.gotdns.com/ Page URL
  2. https://nu6oidstems.info/?chase Page URL
  3. https://nu6oidstems.info/?chase Page URL

Page Statistics

8
Requests

63 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

32 kB
Transfer

38 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://grp-chaseny121991.gotdns.com/ Page URL
  2. https://nu6oidstems.info/?chase Page URL
  3. https://nu6oidstems.info/?chase Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://nu6oidstems.info/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://nu6oidstems.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Request Chain 5
  • https://nu6oidstems.info/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://nu6oidstems.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
grp-chaseny121991.gotdns.com/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://grp-chaseny121991.gotdns.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
20.41.117.232 Seoul, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Keep-Alive
Content-Length
2915
Content-Type
text/html
Date
Thu, 23 Nov 2023 23:47:15 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Thu, 23 Nov 2023 21:56:26 GMT
Server
Apache
/
nu6oidstems.info/ 		19 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nu6oidstems.info/?chase
Requested by
Host: grp-chaseny121991.gotdns.com
URL: https://grp-chaseny121991.gotdns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d41b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://grp-chaseny121991.gotdns.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
82ad4bda484e187d-EWR
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 23:47:16 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Th3lUG%2BD4LoNEatvudZLxuEFgk%2FH2WBhY0hFTddpuZBNv%2BK3TfXjbz%2FiaRP9IXS3Ze7FWERjaru5g%2Fx39UOSVPWr0P1CbzdN2KkP4n9Cnpd2%2BG5H%2BFS64W3QkmNggX%2F%2FSt4BC79LhyG4kMLVNWbA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
/
nu6oidstems.info/ 		0
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nu6oidstems.info/?chase
Requested by
Host: grp-chaseny121991.gotdns.com
URL: https://grp-chaseny121991.gotdns.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:d41b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Expire
dsKu5CVWt0AcgFieJrCo4rNQvNI
43343146
accept-language
en-US,en;q=0.9
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Referer
https://nu6oidstems.info/?chase
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
CRnUZ5Vta19OGfSNc7iYoSh7nI
nW9HhgFhRPRM2Bct6aYpM5kaQMg

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 23:47:16 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LFI%2Bb7mQ9gEPbUyfZitro%2BVYoCOQPd%2F8Sn%2FX83l83Uw7wZ17nA96GH5btX58qzDYwosrGhTy9AMUEdAoB4rl%2BXyi0j1vpG7y2%2B56QAEaPo0UdJ3ivcSZurob8wRED5vawhwT5TZdg7acDWyTk0TX"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
82ad4bde2b27187d-EWR
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
nu6oidstems.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 6610
Redirect Chain
  • https://nu6oidstems.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://nu6oidstems.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nu6oidstems.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Protocol
H3
Server
2606:4700:3035::ac43:d41b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:47:17 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RYbnMHs1pehyZED2ZuSUpHDwrVCACEjFi2xRAFeBvjbKtS3iHgPEGMuWnj1Jz5lJd9IAk07q96LMjHwwV%2FYu7jyLLGdg8gdjLuqFGHsu0Sxr318nTIwEQmpnHhLMHLSL9lGRYjs18KUCeUkia%2FQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
82ad4be03885c434-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 23 Nov 2023 23:47:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=45DvUmJT%2F2Xld%2FuBFd1%2BQXJFnRA7kVKgp17%2BDl0%2FGrY%2FLZDTZ8DahaUCPp63z%2B1zudfHvSkFPal89THG3tvOHRcHUKRhV57cnaRk6EkKuXpdm4b%2BZ1YPazOSL13ZNkCpMyus7Hh2pq62Y4ITnCKu"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control
max-age=300, public
cf-ray
82ad4bde5b72187d-EWR
alt-svc
h3=":443"; ma=86400
Primary Request /
nu6oidstems.info/ 		2 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://nu6oidstems.info/?chase
Requested by
Host: grp-chaseny121991.gotdns.com
URL: https://grp-chaseny121991.gotdns.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d41b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c96ce07dd2e62f7df5a81988eafeffafa037521bd92469d6c567ac5eb4ce0e4
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://nu6oidstems.info/?chase
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82ad4be088dfc434-EWR
content-encoding
br
content-type
text/html
date
Thu, 23 Nov 2023 23:47:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5sJLn6mcnfDxDbVH3d3tMnJnsraaHzIVWm3yV1rexaCeo5a92PZIColv7euCMJJm6H%2Faph%2FLxinVRFD1Rd74qhBMuVFzA7fkosqAcW08Y7rtei4EnitGnc6PWrTLfjJJ6fVtWxS%2F01USCMp4tLOk"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
82ad4bda484e187d
nu6oidstems.info/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6610 		0
0
main.js
nu6oidstems.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 68F2
Redirect Chain
  • https://nu6oidstems.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://nu6oidstems.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nu6oidstems.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Protocol
H3
Server
2606:4700:3035::ac43:d41b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b40a0d792cc4c1ed825c2900c95f6673b811370c29cdd332de307d6c81a66908
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:47:18 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7iROY2KmteDp2FSmCk%2FKUhgrg1t%2BSFi7k3SjsvdIkulR5QRZdoV8lTELPlWCxaIIQ2DgiRNx9ubklvFMs0QJdy6BwipkqQfdJSw3CAyoxGxUbeUJSkKiPD7DOPBboFl2UxhOBzpEM%2FFA5QD2qdT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
82ad4be8fa30c434-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 23 Nov 2023 23:47:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqXOJeGvgGYy4Y5jlEcGWntpCL6MTT19RZKA%2B92Tlaw%2BxX7JdsPovCzUBlmpea8goUsjyZk0Rfk0AdNaoC21tMW%2BkhRb6XH%2FOMjGFxg3yZRiFyZ4gCqTaTkrbI%2Ba54YWOSpXl478t9KInW4M1AnV"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
82ad4be879c1c434-EWR
alt-svc
h3=":443"; ma=86400
82ad4be088dfc434
nu6oidstems.info/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 68F2 		0
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nu6oidstems.info/cdn-cgi/challenge-platform/h/g/jsd/r/82ad4be088dfc434
Requested by
Host: nu6oidstems.info
URL: https://nu6oidstems.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d41b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 23:47:19 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmHz8YAuBZj9sgwzrXaL7WX16XnnTAmn0pTSBKsrhHAYpRkwrDZvEIbJF290T9WrCg%2FTCQUOr%2BZRsZyKP1iRd8s%2BKydfhWlVPX8%2Bm3zr0WHeNfnNof13f0IuGDoICcCADgPXxorENk0hpXjCTjQr"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
82ad4bec7dbcc434-EWR
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nu6oidstems.info
URL
https://nu6oidstems.info/cdn-cgi/challenge-platform/h/g/jsd/r/82ad4bda484e187d

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

11 Cookies

Domain/Path Name / Value
nu6oidstems.info/ Name: 3SxqQdZ3RZyJ2ChPzQHr_mA1y3o
Value: r7cRgGAxCrq2Kqo7PHNvWwOPi0k
nu6oidstems.info/ Name: 5dewNL7gS8tbGwTJLAZalaFiMck
Value: 1700783236
nu6oidstems.info/ Name: POPaVnVwP9RWyrkD017vEGKooKg
Value: 1700869636
nu6oidstems.info/ Name: 1m7HRJPanhxYL-XXS_3HXwzJqdA
Value: XoxrMSrYIFhyCnu487VSyg17PZY
nu6oidstems.info/ Name: LrOsTdabzp20kfdlatESNL_Z7b4
Value: ZBxxPoEHnths5kIqLKPVZ6lILbs
nu6oidstems.info/ Name: kjE6WiRNiY3k3p_O8Ggh8ba-elI
Value: oZBJS2s6bHkLWB_KhlUn5dfYruY
nu6oidstems.info/ Name: 8lM0Du8PitIA5CB_xvw5yy1_BOo
Value: 1700783236
nu6oidstems.info/ Name: B-5xvqg5SQh2YzBwpkEDNQrVN5I
Value: 1700869636
nu6oidstems.info/ Name: UqWTGh4YECSVj3d947_pvBhrlOg
Value: oNKPGx93HgdVDYFff7A1caiHtII
nu6oidstems.info/ Name: 73PqEM6Kx4PAmYgtIi7LBwB1g-E
Value: htWzck_g1AobU2SJhVwE0F24PGM
.nu6oidstems.info/ Name: cf_clearance
Value: 9bzPaJUjzarwSbaooRKrH0vruhA4vz1ZVjUldX3CB0I-1700783239-0-1-e8e572c2.6e8c89e5.4fbb80ef-0.2.1700783239

2 Console Messages

Source Level URL
Text
network error URL: https://nu6oidstems.info/?chase
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://nu6oidstems.info/?chase
Message:
Failed to load resource: the server responded with a status of 403 ()