Submitted URL: http://pwn.qa/
Effective URL: https://pwn.qa/
Submission: On April 21 via api from US — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 2606:4700:3031::6815:2017, located in United States and belongs to CLOUDFLARENET, US. The main domain is pwn.qa.
TLS certificate: Issued by E1 on March 3rd 2024. Valid for: 3 months.
This is the only time pwn.qa was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 188.114.96.3 13335 (CLOUDFLAR...)
6 2
Apex Domain
Subdomains
Transfer
4 pwn.qa
pwn.qa
34 KB
2 tubals.tech
tubals.tech
964 B
6 2
Domain Requested by
4 pwn.qa pwn.qa
2 tubals.tech pwn.qa
6 2

This site contains no links.

Subject Issuer Validity Valid
pwn.qa
E1
2024-03-03 -
2024-06-01
3 months crt.sh
tubals.tech
GTS CA 1P5
2024-04-01 -
2024-06-30
3 months crt.sh

This page contains 2 frames:

Primary Page: https://pwn.qa/
Frame ID: AFD9166F3C659CD313A25D2F7BA2448D
Requests: 2 HTTP requests in this frame

Frame: https://pwn.qa/captcha.html
Frame ID: 8381EEAAA0E002FA6040A936C29AA34A
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://pwn.qa/ HTTP 307
    https://pwn.qa/ Page URL

Page Statistics

6
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

35 kB
Transfer

309 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pwn.qa/ HTTP 307
    https://pwn.qa/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
pwn.qa/
Redirect Chain
  • http://pwn.qa/
  • https://pwn.qa/
38 KB
10 KB
Document
General
Full URL
https://pwn.qa/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2017 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f91e412dc5f3abe0a78806a724f94234988d8606a1e2e631e5ef22bcd517ca8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
877b7fcbca9a37f2-FRA
content-encoding
br
content-type
text/html
date
Sun, 21 Apr 2024 07:00:48 GMT
last-modified
Sat, 20 Apr 2024 11:11:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AAY4Gw%2FcHxzeyhe2A%2BEOOEqyTfhCB2MdwKcZE2J2Hx%2FQfVFyEO6KxToDSOFUhdXNxRk3A3E37XByDnDOi%2FCKGzo0TuxqtOfSRk6BIMJcRgYetj0BS%2FC3wDliY1vzX6O6YxYJ0HU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

Location
https://pwn.qa/
Non-Authoritative-Reason
HttpsUpgrades
favicon.ico
pwn.qa/
564 B
574 B
Other
General
Full URL
https://pwn.qa/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2017 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c8cc37a98346bd0123b35e5ccd87bd07d69914dae04f8b49f61c150d96e9d1f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pwn.qa/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 07:00:48 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nVczatrVi8%2F2EzO0EAERFkDhY7%2FGg3Sh%2FAOgWvYvVyXLZgJT2J95imPKwL8wIaW0c6iGc1CGLFe7upLsf6IopTTabR3Lz3hWHUt2jFX84oqLP9SH6YU7LwaBHG8%2Fjx8oGy6lWtM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cache-control
max-age=14400
cf-ray
877b7fcd0bff37f2-FRA
alt-svc
h3=":443"; ma=86400
captcha.html
pwn.qa/ Frame 8381
104 KB
23 KB
Document
General
Full URL
https://pwn.qa/captcha.html
Requested by
Host: pwn.qa
URL: https://pwn.qa/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2017 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04085bb3e6655d7351163990e9dd32644faa0fc4b87897d618f338f4471bbf82

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://pwn.qa/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
877b7fdc0a8f37f2-FRA
content-encoding
br
content-type
text/html
date
Sun, 21 Apr 2024 07:00:51 GMT
last-modified
Sat, 20 Apr 2024 11:11:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hN2WcJvQOwK6Ky2YYgxo6no4DxaAg8sgwPBw48xoLBGRfYVLZq9Ewm0n5AeAOfU73u%2BXHujVKiNrkeP6nlkFLHwBz6R%2Bkb1JvQIUrzGYDppW0bGMkdU%2FHHdeADgDzTevvI8wyYc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
bg.png
pwn.qa/ Frame 8381
61 B
513 B
Image
General
Full URL
https://pwn.qa/bg.png
Requested by
Host: pwn.qa
URL: https://pwn.qa/captcha.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2017 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pwn.qa/captcha.html
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 07:00:51 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 20 Apr 2024 11:11:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6623a2e5-3d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tD4MkqpqwfAQDHwFf5PMgSefD3hctJrUxfz5B%2FVitpUCD%2BE5nx38sAk7duIGUe55xE3keUGBp2mEebycEGQ0IttW6JTERqM6fEQQpXcOt0dJbSAuRxqWgMj9G05uyNzLaAW8Xvk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
877b7fdccb5237f2-FRA
alt-svc
h3=":443"; ma=86400
content-length
61
script.js
tubals.tech/ Frame 8381
1 KB
964 B
Script
General
Full URL
https://tubals.tech/script.js
Requested by
Host: pwn.qa
URL: https://pwn.qa/captcha.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60295dd3cb249c5f8c372b163c7073f14e043252ce63553a7d3783fcc8253f22
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://pwn.qa/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 07:00:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"3b7a2b5d2875e1abbd676ae625c638bb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iWV1tUM4BBupm2sB89I%2BfQOWRrjnyDZYaMplNLhR4jNy64fJagBlF24vD2Yabvy8kmga%2FBSe%2FT9AUcS3m6v5giR0bn7K5LGyk5XHOwW7gdFjFQ8LZ8wClbwTHU%2FGnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
877b7fdef8399f2c-FRA
priority
u=1,i=?0
video.mp4
tubals.tech/ Frame 8381
165 KB
0
Media
General
Full URL
https://tubals.tech/video.mp4
Requested by
Host: pwn.qa
URL: https://pwn.qa/captcha.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://pwn.qa/
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 07:00:51 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range
bytes 0-973640/973641
alt-svc
h3=":443"; ma=86400
Content-Length
973641
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"9a7d62e6f1b2c36a19fe2e4c5f4214e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mw6h4bcWXiXJ54vHgtBv1Ejk7t%2FBKNodUnKwhI2aJPSSBCT41WoUelTYUDxBadwik%2Bjk%2F8dp737R%2FfHzNrV%2FlkiyY%2BCMq0R%2FQkd%2Bkx14m6mSeZVO%2F4LqzHdfBJ0QxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
877b7fdf185c9f2c-FRA
priority
u=3,i

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://pwn.qa/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://pwn.qa/captcha.html(Line 8)
Message:
<link rel=preload> uses an unsupported `as` value