urlscan.io logo urlscan.io
SecurityTrails logo

dzrf.amportsinc.com Open in urlscan Pro
2606:4700:3034::6815:155e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.google.md/url?url=https://demeropkdfzdbi&uxzs=zemleptc&icmeyuc=zn0&ywprgz=icmeyuc&uxzs=zemleptc&ywprgz=icm...
Effective URL: https://dzrf.amportsinc.com/HIehDTQk
Submission: On September 18 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3034::6815:155e, located in United States and belongs to CLOUDFLARENET, US. The main domain is dzrf.amportsinc.com.
TLS certificate: Issued by WE1 on September 17th 2024. Valid for: 3 months.
This is the only time dzrf.amportsinc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 5
2    2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.md
2    2606:4700:3033::6815:864 (United States)

ASN13335 (CLOUDFLARENET, US)
sonicmenuguide.com
3    2606:4700:3034::6815:155e (United States)

ASN13335 (CLOUDFLARENET, US)
dzrf.amportsinc.com
2    2606:4700::6812:5e29 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    2606:4700::6812:5f29 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3407
16 KB
3 amportsinc.com
dzrf.amportsinc.com
9 KB
2 sonicmenuguide.com
sonicmenuguide.com
1 KB
2 google.md
www.google.md — Cisco Umbrella Rank: 41212
2 KB
7 4
Domain Requested by
3 challenges.cloudflare.com 1 redirects dzrf.amportsinc.com
challenges.cloudflare.com
3 dzrf.amportsinc.com 1 redirects
2 sonicmenuguide.com
2 www.google.md 2 redirects
7 4

This site contains no links.

Subject Issuer Validity Valid
sonicmenuguide.com
WE1		 2024-08-10 -
2024-11-08		 3 months crt.sh
amportsinc.com
WE1		 2024-09-17 -
2024-12-16		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://dzrf.amportsinc.com/HIehDTQk
Frame ID: E20BEF25F005C907CE1A39B94FB858C8
Requests: 8 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/caesu/0x4AAAAAAAiTk1TsQcIM06cA/auto/fbE/normal/auto/
Frame ID: 7553495FD2E9251BDB978D2697803BDF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page Statistics

7
Requests

57 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

25 kB
Transfer

69 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.google.md/url?url=https://demeropkdfzdbi&uxzs=zemleptc&icmeyuc=zn0&ywprgz=icmeyuc&uxzs=zemleptc&ywprgz=icmeyuc&fzdbi=demeropkd&znzn=ywprgzuxzs&q=amp%2Fsonicmenuguide.com%2F.dev%2F4248868135%2FdmljdG9yaWEud2lsaGl0ZUB0eGRvdC5nb3Y==$%E3%80%82 HTTP 302
  • https://www.google.md/amp/sonicmenuguide.com/.dev/4248868135/dmljdG9yaWEud2lsaGl0ZUB0eGRvdC5nb3Y==$%E3%80%82 HTTP 302
  • http://sonicmenuguide.com/.dev/4248868135/dmljdG9yaWEud2lsaGl0ZUB0eGRvdC5nb3Y==$%E3%80%82 HTTP 307
  • https://sonicmenuguide.com/.dev/4248868135/dmljdG9yaWEud2lsaGl0ZUB0eGRvdC5nb3Y==$%E3%80%82
Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/388c99dd0998/api.js
Request Chain 7
  • https://dzrf.amportsinc.com/favicon.ico HTTP 302
  • https://dzrf.amportsinc.com/owa/favicon.ico

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
dmljdG9yaWEud2lsaGl0ZUB0eGRvdC5nb3Y==$%E3%80%82
sonicmenuguide.com/.dev/4248868135/
Redirect Chain
  • https://www.google.md/url?url=https://demeropkdfzdbi&uxzs=zemleptc&icmeyuc=zn0&ywprgz=icmeyuc&uxzs=zemleptc&ywprgz=icmeyuc&fzdbi=demeropkd&znzn=ywprgzuxzs&q=amp%2Fsonicmenuguide.com%2F.dev%2F424886...
  • https://www.google.md/amp/sonicmenuguide.com/.dev/4248868135/dmljdG9yaWEud2lsaGl0ZUB0eGRvdC5nb3Y==$%E3%80%82
  • http://sonicmenuguide.com/.dev/4248868135/dmljdG9yaWEud2lsaGl0ZUB0eGRvdC5nb3Y==$%E3%80%82
  • https://sonicmenuguide.com/.dev/4248868135/dmljdG9yaWEud2lsaGl0ZUB0eGRvdC5nb3Y==$%E3%80%82
0
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sonicmenuguide.com/.dev/4248868135/dmljdG9yaWEud2lsaGl0ZUB0eGRvdC5nb3Y==$%E3%80%82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:864 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c51d6898c3c4268-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 18 Sep 2024 13:56:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
refresh
0;url=https://dzrf.amportsinc.com/HIehDTQk#dmljdG9yaWEud2lsaGl0ZUB0eGRvdC5nb3Y==
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MAKrlDHeGFobE9EeGuL%2Fe3KfdKXnPeVsZYPu%2B%2B72hIlsS8f%2BFpzx%2BB7t%2F7QQYVyVqoio6A9TZD4pxV531H6mfbIGnsylqt0IxYe3EbOF%2FSz17RNdT7LJwmqbDFZ4FJ4pOcVyAz8doIxaJYzqElrZKrA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"

Redirect headers

Location
https://sonicmenuguide.com/.dev/4248868135/dmljdG9yaWEud2lsaGl0ZUB0eGRvdC5nb3Y==$%E3%80%82
Non-Authoritative-Reason
HttpsUpgrades
speculation
sonicmenuguide.com/cdn-cgi/ 		128 B
578 B 		Other
General
Check archive.org
Download Go to
Full URL
https://sonicmenuguide.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:864 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://sonicmenuguide.com
Referer
https://sonicmenuguide.com/.dev/4248868135/dmljdG9yaWEud2lsaGl0ZUB0eGRvdC5nb3Y==$%E3%80%82

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vp6y8W9q%2BTbQXwB9M7125xUB0ZmS%2BNqxGuUKrUL609m8C9kquNY3BkVBkBAKnRdk4dBV1ffEe7zfsuqWJxRVA%2BNbmu1LRSZ%2BnDppJNz802v5wJO6Cda1OIdNssC8rC4gGT6duBV4HQQgBDGWyAiw1HI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8c51d68b2e474268-EWR
access-control-allow-origin
https://sonicmenuguide.com
alt-svc
h3=":443"; ma=86400
content-length
128
date
Wed, 18 Sep 2024 13:56:12 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
Primary Request HIehDTQk
dzrf.amportsinc.com/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dzrf.amportsinc.com/HIehDTQk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:155e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fffc5590d5b4a44cdd6aa3e7a737ba270877343a51fdf2f1ac345741aa098b19

Request headers

Referer
https://sonicmenuguide.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8c51d68c787342fe-EWR
content-encoding
br
content-type
text/html
date
Wed, 18 Sep 2024 13:56:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lW1to%2FIBiVSTst2mQQgLo1vWVMbUUYsyin7gl19WXmWuPfPp60OdVFy6tnaIfokvSEg50aIKAm%2FK53e8bI8N0gpEiSfm098sNp1LTJ9KOliaV7sz3jhoiuvtbyvya6sKlx8a2CXxGObPdqcnl%2FjrMd9p"}],"group":"cf-nel","max_age":604800}
server
cloudflare
favicon.ico
sonicmenuguide.com/ 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/b/388c99dd0998/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
  • https://challenges.cloudflare.com/turnstile/v0/b/388c99dd0998/api.js
46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/388c99dd0998/api.js
Requested by
Host: dzrf.amportsinc.com
URL: https://dzrf.amportsinc.com/HIehDTQk
Protocol
H3
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eae5159c56bf66c17e0cb002b25fc2e343f3e009dc2a39a7e230f08b7b8c672

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dzrf.amportsinc.com/

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8c51d690294743ff-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 13:56:13 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 11 Sep 2024 15:58:53 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location
/turnstile/v0/b/388c99dd0998/api.js
cross-origin-resource-policy
cross-origin
cf-ray
8c51d68fe8f443ff-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 18 Sep 2024 13:56:13 GMT
vary
Accept-Encoding
server
cloudflare
truncated
/ 		341 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90682803943448f3acffc81014c87fdd71f30d8cf97335fcea451fac1e568221

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
truncated
/ 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50575dc9b9e879fa484ddb25933c1f44624ee1d20270253836e0b1b0d8bd39ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
text/javascript
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/caesu/0x4AAAAAAAiTk1TsQcIM06cA/auto/fbE/normal/auto/ Frame 7553 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/caesu/0x4AAAAAAAiTk1TsQcIM06cA/auto/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Referer
https://dzrf.amportsinc.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8c51d6911e4d8c54-EWR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 18 Sep 2024 13:56:13 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
favicon.ico
dzrf.amportsinc.com/owa/
Redirect Chain
  • https://dzrf.amportsinc.com/favicon.ico
  • https://dzrf.amportsinc.com/owa/favicon.ico
8 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dzrf.amportsinc.com/owa/favicon.ico
Protocol
H3
Server
2606:4700:3034::6815:155e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e35d94b76894d6eca96ff5b1a12d94dfe73485ef3c52cb5b4395be8ffac1cb45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://dzrf.amportsinc.com/HIehDTQk

Response headers

x-feserver
CP3P284CA0012, ROAP284CA0374
content-encoding
br
cf-cache-status
BYPASS
etag
W/"06df7bc1c8db1:0"
x-rum-notupdatequerieddbcopy
1
report-to
{"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=GIG&RemoteIP=2607:9000:8000::&Environment=MT"}],"include_subdomains":true}
request-id
0c559417-bc17-6284-f1e3-9fcf09e22844
alt-svc
h3=":443"; ma=86400
content-type
image/x-icon
last-modified
Mon, 16 Sep 2024 09:42:26 GMT
x-proxy-routingcorrectness
1
x-rum-validated
1
x-responseorigin
OwaAppPool
cache-control
public,max-age=2592000
x-feefzinfo
GIG
x-calculatedfetarget
CP3P284CU001.internal.outlook.com
x-calculatedbetarget
CP4P284MB1828.BRAP284.PROD.OUTLOOK.COM
server
cloudflare
x-firsthopcafeefz
GIG
x-backend-begin
2024-09-18T13:56:14.867
x-diaginfo
CP4P284MB1828
x-ua-compatible
IE=EmulateIE7
date
Wed, 18 Sep 2024 13:56:15 GMT
vary
Accept-Encoding
nel
{"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
x-feproxyinfo
ROAP284CA0374.BRAP284.PROD.OUTLOOK.COM
cf-ray
8c51d6967e4742fe-EWR
x-backend-end
2024-09-18T13:56:14.867
x-backendhttpstatus
200, 200
x-rum-notupdatequeriedpath
1
x-proxy-backendserverstatus
200
x-beserver
CP4P284MB1828

Redirect headers

x-feserver
ROAP284CA0374
cf-cache-status
BYPASS
ms-cv
y9HL9CFQ3g3cEGxDAljCOQ.0
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hQ9ooBrtCBgx0inrzHajWf%2B7eZDOVtF0l5b3QQHnH1J5n3eEzm7J5QaB48J6ULnXioJXgZZhZcTgU%2Bnf9%2Fhj%2BKpCD%2BXKo%2FDwU8LW2E%2Fxng8GCunFB%2FNA7Fbmag5xj7vorXzR5m3z3x1T5KoN5wzpf9e%2F"}],"group":"cf-nel","max_age":604800}
request-id
f4cbd1cb-5021-0dde-dc10-6c430258c239
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 13:56:14 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
location
https://dzrf.amportsinc.com/owa/favicon.ico
x-feefzinfo
GIG
x-feproxyinfo
ROAP284CA0374.BRAP284.PROD.OUTLOOK.COM
cf-ray
8c51d692488642fe-EWR
x-powered-by
ASP.NET
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sonicmenuguide.com
URL
https://sonicmenuguide.com/favicon.ico

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| verifyCallback_CF function| validateElement function| refreshCallBack function| onloadTurnstileCallback function| c function| lp object| turnstile

4 Cookies

Domain/Path Name / Value
.google.md/ Name: NID
Value: 517=49vOvR87HO3LK44oz6Nvs65SRizvK7rofjW4ZXhIyhyGIAizfRBIvA3PnBqEiFNHtQoxxF5gLvJMo7fyv0pEJ4stP7nqKruyT8mMF3cI8LRw-dD2HNnHWdoSMF3TN9UIkvm435ZxmGqPanQsM_fbiprSCtWIGJw8I-3aj9nSE-a0pexe3qtM84iHTdC3vqeA
.amportsinc.com/ Name: lQYy
Value: 06ef73504b046e6bf49f5d324a46a8258350a2bccd75267e0ec5bbd2bcb58987
dzrf.amportsinc.com/ Name: ClientId
Value: EEEBD320441D4F5EB955FB9D6E1F6261
dzrf.amportsinc.com/ Name: OIDC
Value: 1