urlscan.io logo urlscan.io
SecurityTrails logo

neusno.com Open in urlscan Pro
2606:4700:3036::ac43:827d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://neusno.com/juns
Effective URL: https://neusno.com/juns
Submission Tags: @phish_report
Submission: On August 22 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3036::ac43:827d, located in United States and belongs to CLOUDFLARENET, US. The main domain is neusno.com.
TLS certificate: Issued by GTS CA 1P5 on August 21st 2023. Valid for: 3 months.
This is the only time neusno.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 8 2606:4700:303... 13335 (CLOUDFLAR...)
7 2
Apex Domain
Subdomains		 Transfer
9 neusno.com
neusno.com
18 KB
7 1
Domain Requested by
9 neusno.com 3 redirects neusno.com
7 1

This site contains no links.

Subject Issuer Validity Valid
neusno.com
GTS CA 1P5		 2023-08-21 -
2023-11-19		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://neusno.com/juns
Frame ID: 32FE68B720F90E741507E84F4FE38182
Requests: 3 HTTP requests in this frame

Frame: https://neusno.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: C0140EEE42CE9C24F4AD97CE6EC7C1E3
Requests: 2 HTTP requests in this frame

Frame: https://neusno.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Frame ID: 141947F562E06D8A52E2C8BAB304EF47
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. http://neusno.com/juns HTTP 301
    https://neusno.com/juns Page URL
  2. https://neusno.com/juns Page URL

Page Statistics

7
Requests

57 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

17 kB
Transfer

23 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://neusno.com/juns HTTP 301
    https://neusno.com/juns Page URL
  2. https://neusno.com/juns Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://neusno.com/juns HTTP 301
  • https://neusno.com/juns
Request Chain 2
  • https://neusno.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://neusno.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Request Chain 4
  • https://neusno.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://neusno.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
juns
neusno.com/
Redirect Chain
  • http://neusno.com/juns
  • https://neusno.com/juns
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://neusno.com/juns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:827d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b47430858c6b00b4b0b4a2e07ddd213eeb5f4ed8784bab461f4e511bd24a6ea8
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7faaf7e00c14d92e-HEL
content-type
text/html; charset=utf-8
date
Tue, 22 Aug 2023 12:02:41 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkMS4b%2Fm7mNBhlfakpftMs2JFSb3JipPio1CHBPt0Sl9jRHkj4tX3RSR2faNAEaVadfmf3ZAx5F%2BTaX%2B1IvINbwImIoeiHrVpIMnhVHt%2FfNOuHamYsC%2FfssMoA18JRPR8eZmTZXKQgfR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

CF-RAY
7faaf7df493bd90e-HEL
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 22 Aug 2023 12:02:41 GMT
Expires
Tue, 22 Aug 2023 13:02:41 GMT
Location
https://neusno.com/juns
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuJV%2B4yZblT4Fi8lsas4VppjXzhzNZR98Wx8JbL0SI2lvTVOjjhKtEPt8cZ%2FunfcrlBQIDDIFhTRNcM0UXWSXJaDbAvrXLjibEwUNDqc3HiCREllWWOxK0EM7Ks07eZKttwzq%2FdEo2Ia"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
juns
neusno.com/ 		0
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://neusno.com/juns
Requested by
Host: neusno.com
URL: https://neusno.com/juns
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:827d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Expire
accept-language
fi-FI,fi;q=0.9
OyMkQBXsFht79BlSfjcOv5pr52k
NYm1xhT3RPi2riVDo9p-uvLgC0
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Referer
https://neusno.com/juns
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
nzWwg2DtwEiYciF6z8eCAx6ObmA
41312844

Response headers

pragma
no-cache
date
Tue, 22 Aug 2023 12:02:41 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azeSWHVTEBTN1pML74GQY8PgK1L7l2oqF%2Fm%2FAiSXr4xPGjgDD5Vh4Cui4aLMAGDkfud2OuXyKBlE3hJglNm25aJoD1ZvCUyxYYIxraLRiv7ZMv%2Fy8QAwsmnwHAJXfXxJVj%2FACHA7X0Oq"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7faaf7e15f44d92e-HEL
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
invisible.js
neusno.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame C014
Redirect Chain
  • https://neusno.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://neusno.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://neusno.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Protocol
H2
Server
2606:4700:3036::ac43:827d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98bf6a7c37364c28528d99b2f654ec00955399708873384d6c3ec355e5e38dc8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 12:02:41 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAtUAzSnEYFZTYLlH61QGhXkAG0IJEy6iNI3bqPGKm2AENU%2FvIN4GTIHDYVDbcId7Vevi57a%2B87uERjysInXGfsJrP8in4abUrN9NZwQkF4o0Z1l7kDhPej5LcJkfoF24Wo1GYz2YGFW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7faaf7e1c824d92e-HEL
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 22 Aug 2023 12:02:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvfrHj380wO5MWxZD8h0Duc6QE5rjFwj3xwC84Pu97a3ifv706QhHMkc3LswvtVAvYNADnow5%2FPrG2OTOCSWsAgiAYO%2FtZ%2FCwpqtjoCn45CZ2KfP5Lja%2BRjm4GyDplinwo852jOjkRe5"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7faaf7e18f97d92e-HEL
alt-svc
h3=":443"; ma=86400
7faaf7e00c14d92e
neusno.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame C014 		0
0
Primary Request juns
neusno.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://neusno.com/juns
Requested by
Host: neusno.com
URL: https://neusno.com/juns
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:827d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54747fff80c3f1b8ebe46f6a788ec5c085bc691c43bd02ebcf73e0f6024a6ec7
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://neusno.com/juns
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7faaf7e30baed95f-HEL
content-encoding
br
content-type
text/html
date
Tue, 22 Aug 2023 12:02:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kb0Te7lKIQ2rkmzdKKDyXJnUPIN51WLOKaGJrkdDX33AkoOaRgaOcUzjb5eEAK%2FwhCSSktkJpChki%2FPVLhD5dc%2Bt0ihCRWo59Q3j3dh%2B%2FP6jZbKjwPMP2MZ6WY8eVnmPiKG0psPIoAXy"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
invisible.js
neusno.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/ Frame 1419
Redirect Chain
  • https://neusno.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://neusno.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://neusno.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
Protocol
H3
Server
2606:4700:3036::ac43:827d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
412e6aa8fa6f1c74c825b1b93acd5422e3583f434b152ea84641673b8d853ff5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 22 Aug 2023 12:02:41 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CituWikhu808%2FofFXfsJsHtnsCAwCVnIN8fYlYoZyNvwtaYok72TnqgvhS96nfrSsZTcfxT3%2BwQhwy4w8EE%2FLCI%2FZEaSdkzsoUvCa4ZurCYm5FMVr0yCIYU%2Byns70M%2FUYQ14V33cOPvO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7faaf7e42daad95f-HEL
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 22 Aug 2023 12:02:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jxxqhT%2Fs0kyzfVcBHBogEb83gVAopi%2FmNWY9SzLwAQUOMQ9R7wTc5vYZSjoHXgJowoGYxWxGAWUPLNVOl90DtuvYQZTATKSEgDTcR5HmCC2Usg4D3mr6gqeIKscN7cvmwpC2GhK0STFC"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/313d8a27/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7faaf7e3ed36d95f-HEL
alt-svc
h3=":443"; ma=86400
7faaf7e30baed95f
neusno.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 1419 		0
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://neusno.com/cdn-cgi/challenge-platform/h/g/cv/result/7faaf7e30baed95f
Requested by
Host: neusno.com
URL: https://neusno.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:827d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 22 Aug 2023 12:02:46 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0C8nafetGtgMrQpFYsfi3dURG%2FdPERF%2FVgWSJ6ut8xEHjzjEOxAITBzH8lrIy%2BjhccLdf0vyM5SjCET%2BhQ4lN170LUiJGP5sv8qok0RBshlwC7AxCUYerZWWTs1EwOAIwv8VVUvpIOWG"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7faaf7e51fc9d95f-HEL
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
neusno.com
URL
https://neusno.com/cdn-cgi/challenge-platform/h/g/cv/result/7faaf7e00c14d92e

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

10 Cookies

Domain/Path Name / Value
neusno.com/ Name: UUxnncbTAAYi4XG1cAmXfYIp_fw
Value: 3ELOMHl4y_DS4TIqFvWhwOQm8Pk
neusno.com/ Name: nuv9dHf52IxVUh8mMBbWnZ-OxCU
Value: 1692705753
neusno.com/ Name: wHyHmq37tLE7Wc8uYybOGtSoyh8
Value: 1692792153
neusno.com/ Name: MXqnz2qqtzZFpHG2uZAVNoqJyY4
Value: jmG-0Iheq0bPd7ODXxMYGYu_wPo
neusno.com/ Name: aaJ0qB6xUaZoYc-JZD2k7cllf9s
Value: zhxREy1E4d8GzwHiCNUs3qlCSMk
neusno.com/ Name: _4DeVMQfd7qpuAClkdLseFc80rQ
Value: KXtM0qvX2UkOjETHHOCkVBivkjI
neusno.com/ Name: bJvZebEKreGa_dzX1jEoRlQ1g-Q
Value: 1692705759
neusno.com/ Name: ZZ_jDNSDjjWpF3Jno_cH4JwOpmQ
Value: 1692792159
neusno.com/ Name: p5BNt3McqTLsZfs06dqCfaaBT1I
Value: VXsoHIFN9HnB5k_DIoUxFzKVvIY
neusno.com/ Name: WEw4wtibzirYFiWy3O7J21ydP3c
Value: R0n6gb2eErweZeE_LJCm-v67h4s

2 Console Messages

Source Level URL
Text
network error URL: https://neusno.com/juns
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://neusno.com/juns
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block