urlscan.io logo urlscan.io
SecurityTrails logo

pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev Open in urlscan Pro
2606:4700::6812:323  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://deidhautevillo.com/#ce
Effective URL: https://pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/link.html
Submission Tags: 0xscam
Submission: On April 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 2606:4700::6812:323, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev.
TLS certificate: Issued by E1 on February 6th 2024. Valid for: 3 months.
This is the only time pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 104.21.38.50 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 107.174.244.111 36352 (AS-COLOCR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
14 6
8    104.21.38.50 (None, )

ASN13335 (CLOUDFLARENET, US)
deidhautevillo.com
2    2606:4700::6812:323 (United States)

ASN13335 (CLOUDFLARENET, US)
pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev
2    2606:4700::6811:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
2    107.174.244.111 (Seattle, United States)

ASN36352 (AS-COLOCROSSING, CA)
PTR: 107-174-244-111-host.colocrossing.com
eharunakaba.com
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
Apex Domain
Subdomains		 Transfer
8 deidhautevillo.com
deidhautevillo.com
34 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4983
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
28 KB
2 eharunakaba.com
eharunakaba.com
2 KB
2 r2.dev
pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev
28 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 759
30 KB
14 5
Domain Requested by
8 deidhautevillo.com 1 redirects deidhautevillo.com
2 eharunakaba.com pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev
code.jquery.com
2 challenges.cloudflare.com 1 redirects pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev
2 pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev
1 cdnjs.cloudflare.com eharunakaba.com
1 code.jquery.com eharunakaba.com
14 6

This site contains no links.

Subject Issuer Validity Valid
deidhautevillo.com
E1		 2024-04-03 -
2024-07-02		 3 months crt.sh
*.r2.dev
E1		 2024-02-06 -
2024-05-06		 3 months crt.sh
eharunakaba.com
R3		 2024-03-22 -
2024-06-20		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/link.html
Frame ID: A26B6C838125FD2D733B02B07AF70439
Requests: 12 HTTP requests in this frame

Frame: https://deidhautevillo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: F0B14046D2A28403ADFEDC07D28B953E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://deidhautevillo.com/ Page URL
  2. https://deidhautevillo.com/ Page URL
  3. https://pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/link.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

86 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

121 kB
Transfer

233 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://deidhautevillo.com/ Page URL
  2. https://deidhautevillo.com/ Page URL
  3. https://pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/link.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://deidhautevillo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://deidhautevillo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Request Chain 7
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js?onload=onloadTurnstileCallback

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
deidhautevillo.com/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deidhautevillo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.38.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd6ef6460e4758bcca9b0f32656f3c29091c3e2a2d380b026c878bec5e0fd099
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
86e8e4378bb8bb9b-FRA
content-type
text/html; charset=utf-8
date
Wed, 03 Apr 2024 11:59:15 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lyW8Z1O1ifIJ%2F0sipVQCLs2iaahw%2FsQwgC%2BtYVQWraBKg2CumbSCUHr7E8H5lup5aBiIMv0uP8YFc0kaMxFdKQv1cOnSLQQADDpwkYreC9VgnyCUWbutCJEWnITynQSwSfmTXEw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
/
deidhautevillo.com/ 		0
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://deidhautevillo.com/
Requested by
Host: deidhautevillo.com
URL: https://deidhautevillo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Requested-TimeStamp-Expire
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://deidhautevillo.com/
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
m8bUwDLQscGeXGJXcDZ3KzEoT3k
22282426
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 11:59:15 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NTpU%2Fyz%2BFvMKsIy89M6O3iotkGZ5tB4jWqdxDu7PcltFGqvI%2Fjgpvu67SBXt6Ndq2MtaRidL6G%2BLt9FNrhHPL72HEtWoCFzhUcpGsezGvEgv68qQQB9mDMk7ijHtKQwbkLJaxvA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
86e8e43a2be29ebd-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
deidhautevillo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame F0B1
Redirect Chain
  • https://deidhautevillo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://deidhautevillo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deidhautevillo.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Protocol
H3
Server
104.21.38.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da7ce77efef99bef945e7c4de87f1a6eda2f758d357d10e110ad962cc54ed28c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 03 Apr 2024 11:59:15 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sN%2BcDltljBcaQN%2Fnh1CBy7QJNDI0Yopl06sQcz588JhEeXmSolA8BG1LiYX%2BkIpLQThkg6Y%2BRuuaEDqocpPTLcETMCsc9sk3bImDY8hfb1jc5rGGMbts9In49ZSruIzNjHYDX0k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
86e8e43a5c2c9ebd-CDG
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 03 Apr 2024 11:59:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2FkPXurSEQjLeRIsLpk2jbQCt8BrpjrDl8MXMD4J7UW3ptEVPMlxYIJUXYLJu6IjnFFP503V53hTbrFbd5K0Gxj1qmwyMN5MBMwYJ7Yuua6AOGYFAlsphwaWb8j50zOZpKqeSpk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
cache-control
max-age=300, public
cf-ray
86e8e43a2be69ebd-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
favicon.ico
deidhautevillo.com/ 		18 KB
19 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://deidhautevillo.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://deidhautevillo.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 11:59:16 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OcyDV02RWa656JIWS6yzvQ0nasJOqqNUCtXykkvApcV6GrgbBTXCfDF%2Br13JdXeybBm2lObtLlOAfAin%2BJiol4CZvYC6cwCQZyxqSl5dO5sb6A2A1JEjV%2F4zjvxyHfAuj3zzEio%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
86e8e43a2be99ebd-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
86e8e4378bb8bb9b
deidhautevillo.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame F0B1 		0
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://deidhautevillo.com/cdn-cgi/challenge-platform/h/g/jsd/r/86e8e4378bb8bb9b
Requested by
Host: deidhautevillo.com
URL: https://deidhautevillo.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Apr 2024 11:59:15 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2YgWP0I2YX3vUjrgHbWh8ToS02TcLLzFEgfZpXHsZiujHn59ytGpRWatugg2UnE%2FT8BPVmPp2AVeOimt8cCc9eirUiKgsoCJE5gqIQIl83GJfRyNLJQ4MQLvxbmiLS0WuMEU0CE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
86e8e43b2d249ebd-CDG
alt-svc
h3=":443"; ma=86400
/
deidhautevillo.com/ 		285 B
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://deidhautevillo.com/
Requested by
Host: deidhautevillo.com
URL: https://deidhautevillo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf0ef31164ac81a7393f65cb78abd0c79b745a4c9f8dc646a4d7e18944207fd
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://deidhautevillo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86e8e43caf069ebd-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 03 Apr 2024 11:59:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rIV%2FvLu3YK2hNwZHRwpKgXA0o82Jt6w5hS4%2BhlR7nI%2BneFL6r881v8E0F7SIzgEoF74Ej7JXwUIhF4kfZGS7su6X67TgjnLvCqLRPK0fzN48JgTMH2Guc88Oy09raOr7mzd4EG4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-nginx-upstream-cache-status
EXPIRED
x-server-powered-by
Engintron
x-xss-protection
1; mode=block 1; mode=block
favicon.ico
deidhautevillo.com/ 		315 B
730 B 		Other
General
Check archive.org
Download Go to
Full URL
https://deidhautevillo.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.38.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://deidhautevillo.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Wed, 03 Apr 2024 11:59:16 GMT
content-encoding
br
x-content-type-options
nosniff, nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XLhpSfi7mkkugUtgD7ixVdt9AEtOgVFK9fQZ5M8g6rWh9cjrbcKNiUGV09hAgZp17y8y9zTjblR%2Bsma9CExdIl8w9KMv6cWeq%2FDyxdHmHCdYsKP%2FbEGGwXlvGUN6UzfVI1yZY7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray
86e8e43f5a629ebd-CDG
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
Primary Request link.html
pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/ 		655 B
964 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/link.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cddc0d4b450eedb8d204dbf30f2f23215c06efe7e52761380b32a3943991ea2

Request headers

Referer
https://deidhautevillo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
CF-RAY
86e8e445cafe196d-FRA
Connection
keep-alive
Content-Length
655
Content-Type
text/html
Date
Wed, 03 Apr 2024 11:59:17 GMT
ETag
"1ce63afb974559e3152506601267fd5c"
Last-Modified
Wed, 03 Apr 2024 08:36:03 GMT
Server
cloudflare
Vary
Accept-Encoding
api.js
challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
  • https://challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js?onload=onloadTurnstileCallback
39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/dc6b543c1346/api.js?onload=onloadTurnstileCallback
Requested by
Host: pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev
URL: https://pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/link.html
Protocol
H3
Server
2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e584d67a5b1a868363ed5e83a72ea6bc2cad8a052f64583d0fe95e7fa36e97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date
Wed, 03 Apr 2024 11:59:17 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
86e8e4483fb19963-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 03 Apr 2024 11:59:17 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/g/dc6b543c1346/api.js?onload=onloadTurnstileCallback
cache-control
max-age=300, public
cross-origin-resource-policy
cross-origin
cf-ray
86e8e4481f849963-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
sc.php
eharunakaba.com/host[24.0]/admin/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eharunakaba.com/host[24.0]/admin/js/sc.php?r=Iw==
Requested by
Host: pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev
URL: https://pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/link.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.174.244.111 Seattle, United States, ASN36352 (AS-COLOCROSSING, CA),
Reverse DNS
107-174-244-111-host.colocrossing.com
Software
nginx /
Resource Hash
df01e21bc6204b1cbe45c2313027c0277d1617a7b5839edc813e198da1d38031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 11:59:18 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
jquery-3.1.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.1.1.min.js
Requested by
Host: eharunakaba.com
URL: https://eharunakaba.com/host[24.0]/admin/js/sc.php?r=Iw==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 11:59:18 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1916031
x-cache
HIT, HIT
content-length
30070
x-served-by
cache-lga21947-LGA, cache-fra-eddf8230114-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1712145558.300350,VS0,VE0
etag
W/"28feccc0-152b5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
93, 64061
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/crypto-js.min.js
Requested by
Host: eharunakaba.com
URL: https://eharunakaba.com/host[24.0]/admin/js/sc.php?r=Iw==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab5d90a71736f267af39fdf32caa8c71673fd06703279b01e0f92b0d7be0bfc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 11:59:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1279549
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14107
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-bb78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BbdQ%2FU%2F%2BSRYX%2FeduaIXPBYo%2FqFC%2BvRgVYBxIexlRR97XKPIVUSu%2FycSi0rV0ZD97u1R444rXn7t3B5Wf3uchzQU6Z64gWm311OPQK31ILeUSkIwC12SjgZ0Njw0UAr%2BMA8twWicnYoalYnGcOe39xmBu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86e8e44b2e8a9b21-FRA
expires
Mon, 24 Mar 2025 11:59:18 GMT
556be2d.php
eharunakaba.com/host[24.0]/ 		23 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eharunakaba.com/host[24.0]/556be2d.php
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.1.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.174.244.111 Seattle, United States, ASN36352 (AS-COLOCROSSING, CA),
Reverse DNS
107-174-244-111-host.colocrossing.com
Software
nginx /
Resource Hash
ffe0c4c657922e5c01f8080ba891c4d33070b67a81b2d0137669d20723730573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
*/*
Referer
https://pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 03 Apr 2024 11:59:19 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
expires
Thu, 19 Nov 1981 08:52:00 GMT
favicon.ico
pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/ 		27 KB
27 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/link.html
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 03 Apr 2024 11:59:18 GMT
Server
cloudflare
Connection
keep-alive
CF-RAY
86e8e44b89f2196d-FRA
Content-Length
27242
Vary
Accept-Encoding
Content-Type
text/html

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| turnstile object| v0d554c12 number| autograb object| vd8ed43e1 object| CryptoJS function| $ function| jQuery object| bad_res

10 Cookies

Domain/Path Name / Value
deidhautevillo.com/ Name: H5WEmbwvwOnUhbO82pWJ84A-FdM
Value: 80WSuimJ2STaGZ6SCI_kh2OVjwA
deidhautevillo.com/ Name: tVjJRvk19_nqBbprkjuq81vIcx4
Value: 1712145546
deidhautevillo.com/ Name: yIo6IAbLJJslGxgJqbCGEImYSYw
Value: 1712231946
deidhautevillo.com/ Name: HDvruyOZ1F49aJ3guSQMukDCoks
Value: 1CpL-GQXhDnT3hKfW91yxwpqWzw
deidhautevillo.com/ Name: PZb8UE8WmGZJk-azwyzqVeSLXnM
Value: NYyOf1QDQMBwW3tajKMmff3ksEE
deidhautevillo.com/ Name: gzL-L0ZA6Wu9ZGW1g4SzjtD-W0A
Value: EhfDDmUGsajsWnmXrWjDtwa2gNM
.deidhautevillo.com/ Name: cf_clearance
Value: Bd8K0glpCoWhIreHJowCb4Obxn8TiZfvbwTMFnc1Beg-1712145555-1.0.1.1-zfZjvdgekPGmTHxOh1sdzo4ebbDRf6amLZJiL_mxpLSxCtdclIroLq0Ohplzxv7YzQXevsuKK6thNztTLSv1Yw
deidhautevillo.com/ Name: fJ4gWD1MCrMjvXNeVO4GIrtpIM8
Value: 1712145553
deidhautevillo.com/ Name: R86a2wWoJj-lX5T7eXh4EDBeX4o
Value: 1712231953
deidhautevillo.com/ Name: gSwnJVhjGdIaCJz2XIKNUdIhNXs
Value: _w8Tu5W8_-OWkkhj7zAFAJAQd_Y

4 Console Messages

Source Level URL
Text
network error URL: https://deidhautevillo.com/#ce
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://deidhautevillo.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://deidhautevillo.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pub-80db04064f2b437fb1fbc8aa0be11057.r2.dev/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block