pujdqd.usadocuments.com
Open in
urlscan Pro
2a06:98c1:3120::3
Public Scan
Effective URL: https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ
Submission Tags: falconsandbox
Submission: On May 04 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on April 23rd 2023. Valid for: 3 months.
This is the only time pujdqd.usadocuments.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 63.148.46.109 63.148.46.109 | 53316 (ASN-CHEET...) (ASN-CHEETA-MAIL) | |
1 | 91.236.168.150 91.236.168.150 | 48715 (SEFROYEKP...) (SEFROYEKPARDAZENG-AS Sefroyek Pardaz Engineering Company) | |
7 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 2606:4700::68... 2606:4700::6812:6b9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
19 | 4 |
ASN48715 (SEFROYEKPARDAZENG-AS Sefroyek Pardaz Engineering Company, IR)
PTR: server150.nocmdp.com
6.drroham.ir |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
usadocuments.com
pujdqd.usadocuments.com |
262 KB |
6 |
cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6491 |
124 KB |
1 |
drroham.ir
6.drroham.ir |
550 B |
1 |
citi.com
1 redirects
l.info16.citi.com — Cisco Umbrella Rank: 105170 |
435 B |
19 | 4 |
Domain | Requested by | |
---|---|---|
7 | pujdqd.usadocuments.com |
6.drroham.ir
pujdqd.usadocuments.com |
6 | challenges.cloudflare.com |
pujdqd.usadocuments.com
challenges.cloudflare.com 6.drroham.ir |
1 | 6.drroham.ir | |
1 | l.info16.citi.com | 1 redirects |
19 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.drroham.ir R3 |
2023-04-26 - 2023-07-25 |
3 months | crt.sh |
usadocuments.com GTS CA 1P5 |
2023-04-23 - 2023-07-22 |
3 months | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2022-09-18 - 2023-09-17 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ
Frame ID: 167859292198FDCC0ADF00F4564433B6
Requests: 10 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/scste/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: B116CB6F01431794F6AA76FD5637BF5F
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
Loading...Page URL History Show full URLs
-
https://l.info16.citi.com/rts/go2.aspx?h=4009490&tp=i-1NGB-Q4L-lWT-C1jVeU-1r-3KyZzS-1c-C1fuSq-l8roiBja...
HTTP 302
https://6.drroham.ir/?qp=bG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ== Page URL
- https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://l.info16.citi.com/rts/go2.aspx?h=4009490&tp=i-1NGB-Q4L-lWT-C1jVeU-1r-3KyZzS-1c-C1fuSq-l8roiBjasA-NupOi&x=6.drroham.ir%2F%3Fqp%3DbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ%3D%3D
HTTP 302
https://6.drroham.ir/?qp=bG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ== Page URL
- https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://l.info16.citi.com/rts/go2.aspx?h=4009490&tp=i-1NGB-Q4L-lWT-C1jVeU-1r-3KyZzS-1c-C1fuSq-l8roiBjasA-NupOi&x=6.drroham.ir%2F%3Fqp%3DbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ%3D%3D HTTP 302
- https://6.drroham.ir/?qp=bG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ==
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
6.drroham.ir/ Redirect Chain
|
580 B 550 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ
pujdqd.usadocuments.com/ |
8 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ |
149 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
transparent.gif
pujdqd.usadocuments.com/cdn-cgi/images/trace/managed/js/ |
42 B 220 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/g/b5e45436/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
658bcf730a1fb17
pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/flow/ov1/999174917:1683202007:GjvdahMzgy2cqCkg06z5ltYN0smORf7Kf-ez2WNW_6Q/7c20f2b849835c38/ |
261 KB 195 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
nMExWuaDkdXuuOc
pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/pat/7c20f2b849835c38/1683205451902/98c666ef7dac5c063c914dda447137f759fe029ec85abc3f61c89aad49ee9c3e/ |
1 B 936 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
i-jQ22sW0ACYK6h
pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/img/7c20f2b849835c38/1683205451904/ |
61 B 466 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
f2f8f940-915e-4dbb-a8f9-e3090848adc7
https://pujdqd.usadocuments.com/ |
539 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
658bcf730a1fb17
pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/flow/ov1/999174917:1683202007:GjvdahMzgy2cqCkg06z5ltYN0smORf7Kf-ez2WNW_6Q/7c20f2b849835c38/ |
7 KB 6 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/scste/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame B116 |
22 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame B116 |
157 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
6bc7704ff5e2b0f
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1886384880:1683202154:CtHJOkqSixZGQKkbHGi8R1N4Le5vgcZB52vTs7VxTSk/7c20f2cbde889119/ Frame B116 |
97 KB 54 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
LQGPy7Su2V5Ft1H
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7c20f2cbde889119/1683205454977/0361115df3d9b9c29aa596dabff4d9638225426371e910901712de5d000a2e95/ Frame B116 |
1 B 649 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
J6MX3GGm_VZyJI-
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7c20f2cbde889119/1683205454979/ Frame B116 |
61 B 166 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
d8d1a62d-b244-4a24-85c6-7e636707751f
https://challenges.cloudflare.com/ Frame B116 |
656 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
f90fb14b-5b90-4bad-8f47-5c9de17f8bb1
https://challenges.cloudflare.com/ Frame B116 |
3 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
f90fb14b-5b90-4bad-8f47-5c9de17f8bb1
https://challenges.cloudflare.com/ Frame B116 |
3 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
f90fb14b-5b90-4bad-8f47-5c9de17f8bb1
https://challenges.cloudflare.com/ Frame B116 |
3 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| _cf_chl_opt function| SHA256 function| _cf_chl_turnstile_l function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| sendRequest object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded undefined| _cf_gcr2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
l.info16.citi.com/ | Name: ASP.NET_SessionId Value: 5eyxg3hu3rdipvmiu2im1tce |
|
l.info16.citi.com/ | Name: BIGipServercnv_ats_ssl_pool Value: 1145509898.47873.0000 |
5 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
6.drroham.ir
challenges.cloudflare.com
l.info16.citi.com
pujdqd.usadocuments.com
2606:4700::6812:6b9
2a06:98c1:3120::3
63.148.46.109
91.236.168.150
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8
0a791557fee6262dd872a99c7b31b5b3b9b7fd9662ac693933dcdb6780d0878c
3b3daf4c654a46dd345d8bacaa233ec19f729fe146017e850c174e8c1269b7c1
5205e201bbd649a3a4af0ecb9b1e8a80f73aa8ea4aee1740302b1b8f7435b27f
57b3dd45f2bcc1815a64c1327df9ee7bc1a25e974360ce17006588abf30245e0
5bd3ccb53de82d5d6449fdabccbfae58b4c9c7e38ff2c2b4d675d529b5d52a78
62570997b66aafea5f2f937a4b389c2f1e2a11b127678ebb0617f7daef4f85de
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
88c29c1724090450bb954810876c3c2f696a624ecc590410b2ba46dca96aa109
be49f4d9729992f3368ccdc3d1ef90ff5ac8ff5c0656c55f0cda9983e998bb5a
df5b103c3f856f50b43e777680fb81047b692cdd13acf2ab20f90960562c09ff
e13ef1df92834d56e8aa1d2162e3c690422d445794235456f43e17a055a2d8d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629