urlscan.io logo urlscan.io
SecurityTrails logo

owa123.sbs Open in urlscan Pro
2606:4700:3035::ac43:ba68  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fmanage.kmail%2dlists.com%2fsubscriptions%2fsubscribe%2f...
Effective URL: https://owa123.sbs/frame/pivot/bread/index.html
Submission: On March 20 via manual from MY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 4 domains to perform 9 HTTP transactions. The main IP is 2606:4700:3035::ac43:ba68, located in United States and belongs to CLOUDFLARENET, US. The main domain is owa123.sbs.
TLS certificate: Issued by GTS CA 1P5 on March 19th 2024. Valid for: 3 months.
This is the only time owa123.sbs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.214.169.223 16509 (AMAZON-02)
1 1 54.210.223.121 14618 (AMAZON-AES)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 9 2606:4700:303... 13335 (CLOUDFLAR...)
9 2
Apex Domain
Subdomains		 Transfer
9 owa123.sbs
owa123.sbs
20 KB
2 m1lkw.sbs
m1lkw.sbs
3 KB
1 kmail-lists.com
manage.kmail-lists.com — Cisco Umbrella Rank: 64275
465 B
1 trendmicro.com
ddec1-0-en-ctp.trendmicro.com
264 B
9 4
Domain Requested by
9 owa123.sbs 2 redirects m1lkw.sbs
owa123.sbs
2 m1lkw.sbs m1lkw.sbs
1 manage.kmail-lists.com 1 redirects
1 ddec1-0-en-ctp.trendmicro.com 1 redirects
9 4

This site contains no links.

Subject Issuer Validity Valid
owa123.sbs
GTS CA 1P5		 2024-03-19 -
2024-06-17		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://owa123.sbs/frame/pivot/bread/index.html
Frame ID: B2A6C84B912D5C53724A17B90DD63379
Requests: 5 HTTP requests in this frame

Frame: https://owa123.sbs/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Frame ID: 4CE89B25F2B2A8E7E39445A1E68D4F97
Requests: 2 HTTP requests in this frame

Frame: https://owa123.sbs/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Frame ID: 268216558102FA8CEE1569BC53F1823D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fmanage.kmail%2dlists.com%2fsubscrip... HTTP 302
    https://manage.kmail-lists.com/subscriptions/subscribe/update?c=01H0G3BVA5P4WT38NKH3DY6QEB&a=WkVYqE&p=eyJUa... HTTP 302
    http://m1lkw.sbs/Vb6kx0/kanaga@mtradeasia.com Page URL
  2. https://owa123.sbs/frame/pivot/bread/index.html Page URL
  3. https://owa123.sbs/frame/pivot/bread/index.html Page URL

Page Statistics

9
Requests

56 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

2
IPs

1
Countries

22 kB
Transfer

27 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fmanage.kmail%2dlists.com%2fsubscriptions%2fsubscribe%2fupdate%3fc%3d01H0G3BVA5P4WT38NKH3DY6QEB%26a%3dWkVYqE%26p%3deyJUaWNrZXRfb3B0IGluIjogIlllcyJ9%26k%3d53b9cf0c5602fbaff2d592c0e9b9058a%26r%3d%2f%2fm1lkw.sbs%2fVb6kx0%2fkanaga%40mtradeasia.com&umid=cc420506-5b54-48b2-a003-a1ba52cfceab&auth=adc345337d063de6e8472666d11e44f7787dfce8-9d18e41001790f225602f76dbbc78adf1187f41a HTTP 302
    https://manage.kmail-lists.com/subscriptions/subscribe/update?c=01H0G3BVA5P4WT38NKH3DY6QEB&a=WkVYqE&p=eyJUaWNrZXRfb3B0IGluIjogIlllcyJ9&k=53b9cf0c5602fbaff2d592c0e9b9058a&r=//m1lkw.sbs/Vb6kx0/kanaga@mtradeasia.com HTTP 302
    http://m1lkw.sbs/Vb6kx0/kanaga@mtradeasia.com Page URL
  2. https://owa123.sbs/frame/pivot/bread/index.html Page URL
  3. https://owa123.sbs/frame/pivot/bread/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fmanage.kmail%2dlists.com%2fsubscriptions%2fsubscribe%2fupdate%3fc%3d01H0G3BVA5P4WT38NKH3DY6QEB%26a%3dWkVYqE%26p%3deyJUaWNrZXRfb3B0IGluIjogIlllcyJ9%26k%3d53b9cf0c5602fbaff2d592c0e9b9058a%26r%3d%2f%2fm1lkw.sbs%2fVb6kx0%2fkanaga%40mtradeasia.com&umid=cc420506-5b54-48b2-a003-a1ba52cfceab&auth=adc345337d063de6e8472666d11e44f7787dfce8-9d18e41001790f225602f76dbbc78adf1187f41a HTTP 302
  • https://manage.kmail-lists.com/subscriptions/subscribe/update?c=01H0G3BVA5P4WT38NKH3DY6QEB&a=WkVYqE&p=eyJUaWNrZXRfb3B0IGluIjogIlllcyJ9&k=53b9cf0c5602fbaff2d592c0e9b9058a&r=//m1lkw.sbs/Vb6kx0/kanaga@mtradeasia.com HTTP 302
  • http://m1lkw.sbs/Vb6kx0/kanaga@mtradeasia.com
Request Chain 4
  • https://owa123.sbs/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://owa123.sbs/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Request Chain 6
  • https://owa123.sbs/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://owa123.sbs/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
kanaga@mtradeasia.com
m1lkw.sbs/Vb6kx0/
Redirect Chain
  • https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fmanage.kmail%2dlists.com%2fsubscriptions%2fsubscribe%2fupdate%3fc%3d01H0G3BVA5P4WT38NKH3DY6QEB%26a%3dWkVYqE%26p%3deyJU...
  • https://manage.kmail-lists.com/subscriptions/subscribe/update?c=01H0G3BVA5P4WT38NKH3DY6QEB&a=WkVYqE&p=eyJUaWNrZXRfb3B0IGluIjogIlllcyJ9&k=53b9cf0c5602fbaff2d592c0e9b9058a&r=//m1lkw.sbs/Vb6kx0/kanaga...
  • http://m1lkw.sbs/Vb6kx0/kanaga@mtradeasia.com
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://m1lkw.sbs/Vb6kx0/kanaga@mtradeasia.com
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
a0fba7ee22a1886e5d8108f631a06fb46b0996be31bd9b7dad8832bddcefde01

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
86724c4cb9a40e80-AMS
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Wed, 20 Mar 2024 02:33:33 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7cY951yHqSsCOKcOiX8OcMx9%2FYz5jEvB66Ik5aPpxeZiQt0y6vhV%2BUVWIse5DcDyRCBTwTSQi6YX4pUjzSBFxqPA9F7lI9B5SSB%2BMSuh3%2FETwZ6j4gLYpa8Y0kyJqcNMMUQlZuRlGE%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed

Redirect headers

Allow
POST, OPTIONS, GET
Connection
keep-alive
Content-Language
en-us
Content-Length
0
Content-Security-Policy
script-src 'report-sample' 'strict-dynamic' 'unsafe-eval' https://cdn.ampproject.org/; base-uri 'none'; object-src 'none'; report-uri /csp/
Content-Type
text/html; charset=utf-8
Date
Wed, 20 Mar 2024 02:33:32 GMT
Location
http:////m1lkw.sbs/Vb6kx0/kanaga@mtradeasia.com
Server
nginx
Vary
Accept-Language, Cookie
site.js
m1lkw.sbs/Vb6kx0/ 		166 B
967 B 		Script
General
Check archive.org
Download Go to
Full URL
http://m1lkw.sbs/Vb6kx0/site.js
Requested by
Host: m1lkw.sbs
URL: http://m1lkw.sbs/Vb6kx0/kanaga@mtradeasia.com
Protocol
HTTP/1.1
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
fb45ce024f55b2bb1de5540be1bb24d3aa07587bf22ed9d30a75ab42459bd18f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://m1lkw.sbs/Vb6kx0/kanaga@mtradeasia.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Wed, 20 Mar 2024 02:33:34 GMT
Content-Encoding
gzip
CF-Cache-Status
BYPASS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.33
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
pragma
no-cache
Server
cloudflare
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dXMqMt6impn7WBTzfsTcjt8Qy4baoRTmYglvOiddATUDiZBSFAv8BKQlZeGjX6OQZH%2BnHfb6Op%2FHPCFCeW%2FXqUd2fM4IFTJ81bxMLW0esvrRxtnrkGFmOvdvurKG7I7qaU7rB%2FU932Y%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/html;charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
x-turbo-charged-by
LiteSpeed
CF-RAY
86724c537d7c0e80-AMS
expires
Thu, 19 Nov 1981 08:52:00 GMT
index.html
owa123.sbs/frame/pivot/bread/ 		7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://owa123.sbs/frame/pivot/bread/index.html
Requested by
Host: m1lkw.sbs
URL: http://m1lkw.sbs/Vb6kx0/kanaga@mtradeasia.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ba68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fca516a0ce7cc97361c23ce31231ba79eebdd2b105a9facef71554880aa599e7
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
http://m1lkw.sbs/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
86724c56aa5835e4-FRA
content-type
text/html; charset=utf-8
date
Wed, 20 Mar 2024 02:33:34 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cv4EXD3dRzaFP%2BP3hGDNiM6qOfXYVjTTG%2F72sl6cONuYyVY9xz5BgRxBEwzS2rEaPZxTl0GhzE%2B9MxCWjyUMdrUTgRLXVVg3auxZqRYag7W5vALMcAi1k2fFcz4WsbGHQ6TAIaiBjUE4"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
index.html
owa123.sbs/frame/pivot/bread/ 		0
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://owa123.sbs/frame/pivot/bread/index.html
Requested by
Host: m1lkw.sbs
URL: http://m1lkw.sbs/Vb6kx0/kanaga@mtradeasia.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ba68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Expire
accept-language
de-DE,de;q=0.9
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
KFhGiY1EaDwHKmSMWOqIR0sBAo
38272342
Referer
https://owa123.sbs/frame/pivot/bread/index.html
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
OOStCMznYufUJ93MZsjQZeG644
EQsFtDBrVFBXnk76UMIBqLnNzQ

Response headers

pragma
no-cache
date
Wed, 20 Mar 2024 02:33:34 GMT
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=euedik%2BnoTrWUcTaKcBQgAllrjvWbhPPyimOd2zeTfgrmhzXBov7l2MArpXK0Hp%2BPk4btMzaw8WKTSJsmd%2FIOOteLO7sEjZlpGLBW9YjuEQ1E6JhG196nrQjoYre0qR%2BKV4i%2FmZ2Udd7"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
86724c573acc35e4-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
owa123.sbs/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/ Frame 4CE8
Redirect Chain
  • https://owa123.sbs/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://owa123.sbs/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://owa123.sbs/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Protocol
H2
Server
2606:4700:3035::ac43:ba68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13b4b9e8839f04d79daadb66bc77a34ea68ea7bde795fd7071727fc1f518dc83
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 02:33:34 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y0uPpEiDdsg6NTkph77Yxw3te2XjC%2BG7hZYcPrgx1Owz3Q23M9Jy%2Bdg%2FhbWdyNDnn2kgVh%2B%2FsqXChSwfWd%2BNQlXmRSWdRda9Y%2Bo7mhkAlcM6NT4hpFaHY9BPsPEQG5hEDw9bAg15WQF7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
86724c575ad735e4-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 20 Mar 2024 02:33:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IWnPa9J9dx4%2BMZVI0GYDE3hKUwJSheRhT%2FWEWll4MzLrxArSqmWrJS3YJakaId8KWjHFjS6Vfson5I0bGOPVVZ1RWsxP%2FQtll2gL64kdfajiOQgP9pyxcKkv2YwJkgB3aOTD%2BUSJTD41"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
86724c574acd35e4-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
86724c56aa5835e4
owa123.sbs/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 4CE8 		0
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://owa123.sbs/cdn-cgi/challenge-platform/h/g/jsd/r/86724c56aa5835e4
Requested by
Host: owa123.sbs
URL: https://owa123.sbs/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ba68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Mar 2024 02:33:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2lnFkK4VGkTCfx04F19opYg527bYKz%2FrP6OnprFvcYVrwdf16qtTNmpXALa7k5LFP72hOkORSQtC6TPOJSVmZ5sDrC80Isj%2BjmcIKSdH1vyi1aberdj6vsyJRLAZ2QS3o%2Faxc6Phz6Or"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
86724c57def6694f-FRA
alt-svc
h3=":443"; ma=86400
Primary Request index.html
owa123.sbs/frame/pivot/bread/ 		2 KB
1021 B 		Document
General
Check archive.org
Download Go to
Full URL
https://owa123.sbs/frame/pivot/bread/index.html
Requested by
Host: m1lkw.sbs
URL: http://m1lkw.sbs/Vb6kx0/kanaga@mtradeasia.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ba68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30d1e39a6dd5a394a2f45665f6c5962391293c2ad865810bb6dd5c79003fcbb2
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://owa123.sbs/frame/pivot/bread/index.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86724c57def8694f-FRA
content-encoding
br
content-type
text/html
date
Wed, 20 Mar 2024 02:33:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jFiQo3%2FCr0WFHJL3M3B%2BiIsG7sexdA91MSB1zP630mCw%2FDxJMJtre3D5FGwGfh3GDu9nvJmxQn5GznPFiGt7okUgM3qB5y9M75DppSLR9gK5hIBee78Tnjy59o8gokmqYM3%2Bf%2BgOxnl%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
main.js
owa123.sbs/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/ Frame 2682
Redirect Chain
  • https://owa123.sbs/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://owa123.sbs/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://owa123.sbs/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Protocol
H3
Server
2606:4700:3035::ac43:ba68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1830619b6812147f38969a046d3d48b96244fc1976597e4df97c6108d96d4dfa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 02:33:34 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RxQqOV4i%2B%2F9si1xCF6ymCtvhAHngP9gJNktAEuEef2c%2BHIjUMV8hXBgkDxG%2FxmJ%2BhXoNxYhdOdjra%2Fg%2BsqnjAK5u%2F2gLu2MBQEZaCEtltZSQbvjtWTM3bJuFi3713jyye%2F3iMv4LrfSu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
86724c587f37694f-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 20 Mar 2024 02:33:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AmNrrSbs%2Bjg2%2FlLo5KV73dY6iiAxlPngtfS6eNIfusul%2Bilz2zpRDFQqAgAjNSXApiOvEU0KXHi1GdbGioP25CQ%2BiRrkuMtAxWy494QWWva7CfI2hOHYLlTtAEGCy345hbF82WEpvIL5"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
86724c586f2e694f-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
86724c57def8694f
owa123.sbs/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2682 		0
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://owa123.sbs/cdn-cgi/challenge-platform/h/g/jsd/r/86724c57def8694f
Requested by
Host: owa123.sbs
URL: https://owa123.sbs/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ba68 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Mar 2024 02:33:34 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DA%2FEPIZwAI5RQKqkBAYi1t%2Bwgsq1ANdFePBqaZjtMn94C3oVN2YnrEkrIDYMW7gAoqQ1a2MxzalKnobGN8WaztYyZHTkI3Fxr6IVY130rczHpH9XTCcxVWN%2F9Tj0H8ufTrKpiXoa08xZ"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
86724c58ff73694f-FRA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

12 Cookies

Domain/Path Name / Value
m1lkw.sbs/ Name: PHPSESSID
Value: df88fa40633b6c7a84737ad31a612187
owa123.sbs/ Name: nUWzI5u_eZVwJMESAd8mqk7-lk0
Value: rT9YNe1Q7vh8PafCbb2C3OyVJZ0
owa123.sbs/ Name: gSFynKVI4CNPgm2Xfm5iNFjXnro
Value: 1710901984
owa123.sbs/ Name: Br4hx0tkYkMh8clfz24KDGeLO98
Value: 1710988384
owa123.sbs/ Name: tcIyJFXIH2m7dyhoJFokOY8yqZE
Value: KYi0Nkoxq3qEmH5_dMZDcoh-DcE
owa123.sbs/ Name: WY3NA0IaZ9tNJXlDNrSxRJ2YkKQ
Value: X4LEh6KomZ7AANuYrvU3NDfQaoI
owa123.sbs/ Name: 3LA2rjBlISQeNbAl_1cArdrbjhQ
Value: pFgiU1-9Yu0lRq2QAXLksKc33Rw
owa123.sbs/ Name: _T_WG9uPo9vJcx-eLyvyxWo_TQc
Value: 1710902013
owa123.sbs/ Name: 9DLITsY0Dn-kMzVTDI37fZrQgjs
Value: 1710988413
owa123.sbs/ Name: tlciBoXIRJNtdhLpJn5y0DMamTo
Value: 6nhCJ9UuydQfIFankGAZ3clXaOI
owa123.sbs/ Name: MOPYWQ7ZyCCI_DENuVoMSgT0_d8
Value: hDKnCpl4WsvHkMt29rXmBzcFBt4
.owa123.sbs/ Name: cf_clearance
Value: Du_8Iw3b9_h28_cgVTgnYayLiplYklQIi1g45S_JQog-1710902014-1.0.1.1-pWSt7jzSX8tTuwaOc1WXqwXYksOCYiteJ2oNwIRreTkc7OJJE.bwDSx2VrEbRHzd_sN.o4SoGe18e0y9eTg4gg

2 Console Messages

Source Level URL
Text
network error URL: https://owa123.sbs/frame/pivot/bread/index.html#kanaga@mtradeasia.com
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://owa123.sbs/frame/pivot/bread/index.html#kanaga@mtradeasia.com
Message:
Failed to load resource: the server responded with a status of 403 ()