urlscan.io logo urlscan.io
SecurityTrails logo

krnl.place Open in urlscan Pro
15.235.42.227  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://krnl.ca/
Effective URL: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Submission: On August 15 via manual from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 8 HTTP transactions. The main IP is 15.235.42.227, located in Canada and belongs to OVH, FR. The main domain is krnl.place. The Cisco Umbrella rank of the primary domain is 277746.
TLS certificate: Issued by R3 on July 13th 2022. Valid for: 3 months.
This is the only time krnl.place was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 4 15.235.42.227 16276 (OVH)
1 162.159.134.233 13335 (CLOUDFLAR...)
1 104.18.114.97 13335 (CLOUDFLAR...)
1 13.225.63.81 16509 (AMAZON-02)
2 15.235.82.105 16276 (OVH)
8 6
1    2606:4700:3037::ac43:dc51 (United States)

ASN13335 (CLOUDFLARENET, US)
krnl.ca
4    15.235.42.227 (Canada)

ASN16276 (OVH, FR)
PTR: cntr.15-235-42-227.deploy.static.nexuspipe.com
krnl.place
1    162.159.134.233 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.discordapp.com
1    104.18.114.97 (None, )

ASN13335 (CLOUDFLARENET, US)
ipv4.icanhazip.com
1    13.225.63.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-81.ewr53.r.cloudfront.net
static.openreplay.com
2    15.235.82.105 (Canada)

ASN16276 (OVH, FR)
PTR: ns5015366.ip-15-235-82.net
replay.nexuspipe.com
Apex Domain
Subdomains		 Transfer
4 krnl.place
krnl.place — Cisco Umbrella Rank: 277746
120 KB
2 nexuspipe.com
replay.nexuspipe.com
416 B
1 openreplay.com
static.openreplay.com — Cisco Umbrella Rank: 406455
71 KB
1 icanhazip.com
ipv4.icanhazip.com — Cisco Umbrella Rank: 11866
471 B
1 discordapp.com
cdn.discordapp.com — Cisco Umbrella Rank: 3364
18 KB
1 krnl.ca
krnl.ca
675 B
8 6
Domain Requested by
4 krnl.place 2 redirects krnl.place
2 replay.nexuspipe.com static.openreplay.com
1 static.openreplay.com krnl.place
1 ipv4.icanhazip.com krnl.place
1 cdn.discordapp.com krnl.place
1 krnl.ca 1 redirects
8 6

This site contains links to these domains. Also see Links.

Domain
nexuspipe.com
Subject Issuer Validity Valid
krnl.place
R3		 2022-07-13 -
2022-10-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-19 -
2022-12-19		 a year crt.sh
*.openreplay.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
replay.nexuspipe.com
R3		 2022-07-07 -
2022-10-05		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Frame ID: F654D178212456D9E55D1D77F4C9FAD5
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CAPTCHA | NexusPIPE

Page URL History Show full URLs

  1. http://krnl.ca/ HTTP 301
    https://krnl.place/ HTTP 302
    https://krnl.place/.nexus/pipe?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destinati... HTTP 301
    https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destinat... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • zip\.co

Page Statistics

8
Requests

88 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

209 kB
Transfer

437 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://krnl.ca/ HTTP 301
    https://krnl.place/ HTTP 302
    https://krnl.place/.nexus/pipe?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F HTTP 301
    https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
krnl.place/.nexus/pipe/
Redirect Chain
  • http://krnl.ca/
  • https://krnl.place/
  • https://krnl.place/.nexus/pipe?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
  • https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
112 KB
112 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.235.42.227 , Canada, ASN16276 (OVH, FR),
Reverse DNS
cntr.15-235-42-227.deploy.static.nexuspipe.com
Software
Nexuspipe.com | DDoS Mitigation Cluster /
Resource Hash
8b25692edd28c0b61924540beea2ad3f133fd39e2e6e7d099932af4b7682cbc9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-store, no-cache
content-length
114232
content-type
text/html
date
Mon, 15 Aug 2022 06:58:10 GMT
last-modified
Monday, 15-Aug-2022 06:58:10 GMT
server
Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests
1

Redirect headers

cache-control
no-store, no-cache
content-length
175
content-type
text/html
date
Mon, 15 Aug 2022 06:58:10 GMT
last-modified
Monday, 15-Aug-2022 06:58:10 GMT
location
https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
server
Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests
1
download_1.webp
cdn.discordapp.com/attachments/884895718278594591/992630671354904656/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.discordapp.com/attachments/884895718278594591/992630671354904656/download_1.webp
Requested by
Host: krnl.place
URL: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.134.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ee6a0e0f30a9a60da2258e4977db79f04a520603c5752df7ab958c8ab46e8c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://krnl.place/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-goog-hash
crc32c=fT8pWQ==, md5=o5n2lq2U6gg3cmbPuTkThw==
date
Mon, 15 Aug 2022 06:58:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1020346
x-guploader-uploadid
ADPycdurcv6WGNYgs24HaSO--Xlu5GaYU--pXpYmybMiRpto8uu9AQLHvn88LMIDBQpzk6A1I68g98qsDWW4KtwE7tYx42xrZ7RE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17032
last-modified
Sat, 02 Jul 2022 03:19:54 GMT
server
cloudflare
cache-control
public, max-age=31536000
etag
"a399f696ad94ea08377266cfb9391387"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78dhjxAvrEy5kq%2F%2FlHOU5XqTwyMFbAQokOk6Ulh0VPLZgsH%2F5ya01PsZ13sNf%2FFQuH%2BxHx6z1LStOa10TddhBU1%2FTRHsmZCj5HE3v1qUiEu%2FHY0uAe1V%2Fl8mfHjyScPBh1EhBg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1656731994285780
content-type
image/webp
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
x-goog-stored-content-length
17032
accept-ranges
bytes
cf-ray
73b00a54f9e25413-YYZ
expires
Tue, 15 Aug 2023 06:58:11 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b135b72fa2094242a6bb5b528a52420209020d8bd182d551d03bd5dacd9ff2c8

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/webp
/
ipv4.icanhazip.com/ 		15 B
471 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ipv4.icanhazip.com/
Requested by
Host: krnl.place
URL: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.114.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e70e33827d896362080697162f38ced224718451af3f72bd09ad7e1968eea56f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://krnl.place/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 15 Aug 2022 06:58:11 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cf-ray
73b00a551bb0a1e4-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15
interact
krnl.place/.nexus/ 		7 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krnl.place/.nexus/interact
Requested by
Host: krnl.place
URL: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.235.42.227 , Canada, ASN16276 (OVH, FR),
Reverse DNS
cntr.15-235-42-227.deploy.static.nexuspipe.com
Software
Nexuspipe.com | DDoS Mitigation Cluster / Express
Resource Hash
0905e816aa4cbad1603f44c70734c7932bc82b224030144164eb300960262a1b

Request headers

Referer
https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 15 Aug 2022 06:58:10 GMT
etag
W/"1d9e-oQzzxabLEyroYguye7oMpEHlf+I"
last-modified
Monday, 15-Aug-2022 06:58:10 GMT
server
Nexuspipe.com | DDoS Mitigation Cluster
upgrade-insecure-requests
1
x-powered-by
Express
content-type
application/json; charset=utf-8
cache-control
no-store, no-cache
content-length
7582
openreplay-assist.js
static.openreplay.com/3.5.10/ 		278 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.openreplay.com/3.5.10/openreplay-assist.js
Requested by
Host: krnl.place
URL: https://krnl.place/.nexus/pipe/?&reason=0&key=6LekVfYfAAAAABrOb8fA7RniuB3Yh_C2o7RnZhx_&destination=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-81.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
feffa753b9d26b02f336fb47fb006bc736bd0cc683a368c53a4cd9d6df5aef84

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://krnl.place/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 12 Aug 2022 06:10:22 GMT
content-encoding
gzip
last-modified
Mon, 25 Apr 2022 17:08:54 GMT
server
AmazonS3
age
262070
etag
"1616954842430fb22909362ed4cfddfa"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5ec6b37107376867228d2ed46a794602.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR53-C1
accept-ranges
bytes
content-length
72682
x-amz-cf-id
q6Ow0AAdZ6vEn6BbjEyEn5O5u_IKeTWbpBGbSYrWVOI7b5aVX3jDCw==
truncated
/ 		652 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3e19adfe90a85240a9405ebeb0a537c66550a19f32c347392e0b531d6684b3e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e81c3be6bccdbeb5e9fe46cea2a8057bdf05fdbf2d1609678a1a2170d3db8836

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/webp
start
replay.nexuspipe.com/ingest/v1/web/ 		208 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://replay.nexuspipe.com/ingest/v1/web/start
Requested by
Host: static.openreplay.com
URL: https://static.openreplay.com/3.5.10/openreplay-assist.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
15.235.82.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5015366.ip-15-235-82.net
Software
/
Resource Hash
4e1b1dec4de31f7f7932480ca99787449977e8c13aa1b5bb167f48b0ec59a1a5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://krnl.place/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 15 Aug 2022 06:58:11 GMT
access-control-allow-headers
Content-Type,Authorization
content-length
208
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-methods
POST
content-type
application/json
start
replay.nexuspipe.com/ingest/v1/web/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://replay.nexuspipe.com/ingest/v1/web/start
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
15.235.82.105 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5015366.ip-15-235-82.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://krnl.place
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization
access-control-allow-methods
POST
access-control-allow-origin
*
cache-control
max-age=86400
content-length
0
date
Mon, 15 Aug 2022 06:58:11 GMT
strict-transport-security
max-age=15724800; includeSubDomains
e4521d6a-92d1-4c37-a2d1-fdc3172ecd19
https://krnl.place/ 		14 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://krnl.place/e4521d6a-92d1-4c37-a2d1-fdc3172ecd19
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17841064ed6ea1d8d9e7215ff3f43e4e1558c45d90c021a324ef4473287598a2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
14187
Content-Type
text/javascript

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| _0x5c95 function| _0x20d0 function| _0x46de function| _0xd50e function| _0x2091c4 object| OpenReplay object| secretData function| parcelRequire object| peerjs function| Peer object| __OPENREPLAY__ object| asayer

0 Cookies