urlscan.io logo urlscan.io
SecurityTrails logo

drfawazs.com Open in urlscan Pro
185.146.22.242  Public Scan

Go To Rescan Add Verdict Report
URL: https://drfawazs.com/include/?classic=JYQtjf5cv3QskqCpvIFavZzuv3Dcvq8
Submission: On August 09 via manual from IN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 6 HTTP transactions. The main IP is 185.146.22.242, located in United States and belongs to A2HOSTING, US. The main domain is drfawazs.com.
TLS certificate: Issued by R11 on June 20th 2024. Valid for: 3 months.
This is the only time drfawazs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 185.146.22.242 55293 (A2HOSTING)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
6 4
4    185.146.22.242 (United States)

ASN55293 (A2HOSTING, US)
PTR: nl1-tr3.supercp.com
drfawazs.com
2    2606:4700::6812:5f29 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    2606:4700::6812:5e29 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    2607:f8b0:400d:c01::84 (Morganton, United States)

ASN15169 (GOOGLE, US)
s2.googleusercontent.com
1    2607:f8b0:400d:c04::67 (Morganton, United States)

ASN15169 (GOOGLE, US)
t3.gstatic.com
Apex Domain
Subdomains		 Transfer
4 drfawazs.com
drfawazs.com
4 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3877
15 KB
1 gstatic.com
t3.gstatic.com
1 KB
1 googleusercontent.com
s2.googleusercontent.com — Cisco Umbrella Rank: 40687
634 B
6 4
Domain Requested by
4 drfawazs.com 1 redirects drfawazs.com
3 challenges.cloudflare.com 1 redirects drfawazs.com
challenges.cloudflare.com
1 t3.gstatic.com
1 s2.googleusercontent.com 1 redirects
6 4

This site contains no links.

Subject Issuer Validity Valid
webdisk.drfawazs.com
R11		 2024-06-20 -
2024-09-18		 3 months crt.sh
challenges.cloudflare.com
E5		 2024-07-17 -
2024-10-15		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://drfawazs.com/include/?classic=JYQtjf5cv3QskqCpvIFavZzuv3Dcvq8
Frame ID: E06D5E18B512D3B427D10C11BD2D22FC
Requests: 5 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ag3dz/0x4AAAAAAAgwGAR2hfHjt0iH/auto/fbE/normal/auto/
Frame ID: B76340B82E09B488EE59A393BF0AAFA2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Elkjop VPN

Page URL History Show full URLs

  1. https://drfawazs.com/include/?classic=JYQtjf5cv3QskqCpvIFavZzuv3Dcvq8 Page URL
  2. https://drfawazs.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=19316305 HTTP 302
    https://drfawazs.com/include/?classic=JYQtjf5cv3QskqCpvIFavZzuv3Dcvq8 Page URL

Page Statistics

6
Requests

67 %
HTTPS

80 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

19 kB
Transfer

47 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://drfawazs.com/include/?classic=JYQtjf5cv3QskqCpvIFavZzuv3Dcvq8 Page URL
  2. https://drfawazs.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=19316305 HTTP 302
    https://drfawazs.com/include/?classic=JYQtjf5cv3QskqCpvIFavZzuv3Dcvq8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/api.js
Request Chain 4
  • https://s2.googleusercontent.com/s2/favicons?domain=elkjop.no HTTP 301
  • https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://elkjop.no&size=16

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
drfawazs.com/include/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://drfawazs.com/include/?classic=JYQtjf5cv3QskqCpvIFavZzuv3Dcvq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.146.22.242 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
nl1-tr3.supercp.com
Software
imunify360-webshield/1.21 /
Resource Hash
747f4946a9248d4e65abe45e3efb79171f19886703179fc8063c9fa89b65480f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0 no-store, max-age=0
content-length
1509
content-type
text/html
date
Fri, 09 Aug 2024 14:17:52 GMT
server
imunify360-webshield/1.21
Primary Request /
drfawazs.com/include/
Redirect Chain
  • https://drfawazs.com/z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f?wsidchk=19316305
  • https://drfawazs.com/include/?classic=JYQtjf5cv3QskqCpvIFavZzuv3Dcvq8
1 KB
918 B 		Document
General
Check archive.org
Download Go to
Full URL
https://drfawazs.com/include/?classic=JYQtjf5cv3QskqCpvIFavZzuv3Dcvq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.146.22.242 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
nl1-tr3.supercp.com
Software
imunify360-webshield/1.21 / PHP/7.4.33
Resource Hash
03f07f680a60e6113d398ce6e0e2f3d74e7a1f6d4d2959f9852323563e91406a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://drfawazs.com/include/?classic=JYQtjf5cv3QskqCpvIFavZzuv3Dcvq8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
459
content-type
text/html; charset=UTF-8
date
Fri, 09 Aug 2024 14:17:53 GMT
server
imunify360-webshield/1.21
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed

Redirect headers

content-length
0
date
Fri, 09 Aug 2024 14:17:52 GMT
location
https://drfawazs.com/include/?classic=JYQtjf5cv3QskqCpvIFavZzuv3Dcvq8
server
imunify360-webshield/1.21
api.js
challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/api.js
43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/api.js
Requested by
Host: drfawazs.com
URL: https://drfawazs.com/include/?classic=JYQtjf5cv3QskqCpvIFavZzuv3Dcvq8
Protocol
H3
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce9b46c18d0769c78a7e889eb237606cb96b602061b39b4c1159a22a015b51df

Request headers

Referer
https://drfawazs.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:17:53 GMT
content-encoding
br
last-modified
Thu, 01 Aug 2024 13:51:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy
cross-origin
cf-ray
8b085f4b5be415af-EWR
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 09 Aug 2024 14:17:53 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/g/769ce3c24a3b/api.js
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy
cross-origin
cf-ray
8b085f4b3bcf15af-EWR
alt-svc
h3=":443"; ma=86400
content-length
0
style.css
drfawazs.com/include/ 		1 KB
867 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://drfawazs.com/include/style.css
Requested by
Host: drfawazs.com
URL: https://drfawazs.com/include/?classic=JYQtjf5cv3QskqCpvIFavZzuv3Dcvq8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.146.22.242 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
nl1-tr3.supercp.com
Software
imunify360-webshield/1.21 /
Resource Hash
c43fc6fa3c17c86dee38871c90cb2e4cf4a37f56084524b9383156f5e7aab932
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://drfawazs.com/include/?classic=JYQtjf5cv3QskqCpvIFavZzuv3Dcvq8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:17:53 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Fri, 09 Aug 2024 09:01:49 GMT
server
imunify360-webshield/1.21
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=604800, public
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
377
expires
Fri, 16 Aug 2024 14:17:53 GMT
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ag3dz/0x4AAAAAAAgwGAR2hfHjt0iH/auto/fbE/normal/auto/ Frame B763 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/ag3dz/0x4AAAAAAAgwGAR2hfHjt0iH/auto/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://drfawazs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8b085f4c1bff4249-EWR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 09 Aug 2024 14:17:53 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
faviconV2
t3.gstatic.com/
Redirect Chain
  • https://s2.googleusercontent.com/s2/favicons?domain=elkjop.no
  • https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://elkjop.no&size=16
487 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://elkjop.no&size=16
Protocol
H2
Server
2607:f8b0:400d:c04::67 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f7f1e60cc49565fa64796d0acca5ab18f9cfafdc157d6f8823a3c547382389c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://drfawazs.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 14:17:53 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
487
x-xss-protection
0
last-modified
Thu, 01 Feb 2018 11:48:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://www.elkjop.no/favicon.ico
expires
Fri, 16 Aug 2024 14:17:53 GMT

Redirect headers

date
Fri, 09 Aug 2024 14:17:53 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://elkjop.no&size=16
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 09 Aug 2024 14:47:53 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| turnstile function| TurnstileSuccess

2 Cookies

Domain/Path Name / Value
drfawazs.com/include Name: omni
Value: JYQtjf5cv3QskqCpvIFavZzuv3Dcvq8
.drfawazs.com/ Name: wssplashuid
Value: 4f660e86bdc0962c7304ccbbc5dd9b3bba365854.1723216672.1