urlscan.io logo urlscan.io
SecurityTrails logo

www.nulled.to Open in urlscan Pro
2606:4700:10::6816:1bc9  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.nulled.to//forum//67/-money//
Effective URL: https://www.nulled.to/forum//67/-money//?__cf_chl_rt_tk=49ujnf5kAb7hddbBwUgwrnsFCM_bMRMZ2ytnrzOjQk8-1727722170-0.0.1.1...
Submission: On September 30 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 17 HTTP transactions. The main IP is 2606:4700:10::6816:1bc9, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nulled.to.
TLS certificate: Issued by WE1 on September 18th 2024. Valid for: 3 months.
This is the only time www.nulled.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
17 4
Apex Domain
Subdomains		 Transfer
9 nulled.to
www.nulled.to
165 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3541
16 KB
17 2
Domain Requested by
9 www.nulled.to www.nulled.to
2 challenges.cloudflare.com www.nulled.to
challenges.cloudflare.com
17 2

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
nulled.to
WE1		 2024-09-18 -
2024-12-17		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.nulled.to/forum//67/-money//?__cf_chl_rt_tk=49ujnf5kAb7hddbBwUgwrnsFCM_bMRMZ2ytnrzOjQk8-1727722170-0.0.1.1-6484
Frame ID: E60EB92942C8023BAEE555655720AA3F
Requests: 13 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bvkrx/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/normal/auto/
Frame ID: F2450894CE69883BA66B1D478B4015F1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://www.nulled.to//forum//67/-money// HTTP 307
    https://www.nulled.to//forum//67/-money// Page URL
  2. https://www.nulled.to/forum//67/-money//?__cf_chl_rt_tk=49ujnf5kAb7hddbBwUgwrnsFCM_bMRMZ2ytnrzOjQk... Page URL

Page Statistics

17
Requests

65 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

4
IPs

1
Countries

180 kB
Transfer

420 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.nulled.to//forum//67/-money// HTTP 307
    https://www.nulled.to//forum//67/-money// Page URL
  2. https://www.nulled.to/forum//67/-money//?__cf_chl_rt_tk=49ujnf5kAb7hddbBwUgwrnsFCM_bMRMZ2ytnrzOjQk8-1727722170-0.0.1.1-6484 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.nulled.to//forum//67/-money// HTTP 307
  • https://www.nulled.to//forum//67/-money//

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.nulled.to//forum//67/-money//
Redirect Chain
  • http://www.nulled.to//forum//67/-money//
  • https://www.nulled.to//forum//67/-money//
11 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nulled.to//forum//67/-money//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1bc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edb0a195d273bcb05107990d1e82e5230cb28655241a2d9cd2a81708632ec667
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
hsruQpFH2SN+AYSJ+3+Wdfi3VxcXYgfCEzu50sG8JM6PjrEbJDc3w4CeKyVJS/bSH/VuKZayc7JLiW7iBZ0fAzIPSAkasANu51XJGd6P+RN7irxAWg8qh6pGh0kiZgbErgZvJmtTiD017zZwIPviWQ==$XU+5wlWD2NzX+fnVzoV1ig==
cf-mitigated
challenge
cf-ray
8cb664aaff877783-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 30 Sep 2024 18:49:30 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://www.nulled.to//forum//67/-money//
Non-Authoritative-Reason
HttpsUpgrades
v1
www.nulled.to/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		154 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nulled.to/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cb664aaff877783
Requested by
Host: www.nulled.to
URL: https://www.nulled.to//forum//67/-money//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1bc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88b5e8e0ced2cd042e8f40501fab6a80771fe5a9097ed671f60b47226e2bf7c6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.nulled.to/forum//67/-money//?__cf_chl_rt_tk=49ujnf5kAb7hddbBwUgwrnsFCM_bMRMZ2ytnrzOjQk8-1727722170-0.0.1.1-6484

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
8cb664ad0adb7783-LHR
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
date
Mon, 30 Sep 2024 18:49:30 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
41e0acf2-43e9-45f3-ad2f-a985769c4057
https://www.nulled.to/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
Requested by
Host: www.nulled.to
URL: https://www.nulled.to/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cb664aaff877783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96bd1c81d59d6ac2ec9f8ebe4937a315e85443667c5728a7cd9053848dd8d3d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.nulled.to
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8cb664ae7f6279bd-LHR
access-control-allow-origin
*
date
Mon, 30 Sep 2024 18:49:30 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 17 Sep 2024 16:06:37 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
www.nulled.to/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nulled.to/favicon.ico
Requested by
Host: www.nulled.to
URL: https://www.nulled.to/forum//67/-money//?__cf_chl_rt_tk=49ujnf5kAb7hddbBwUgwrnsFCM_bMRMZ2ytnrzOjQk8-1727722170-0.0.1.1-6484
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1bc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27c65e4bf124c48d525d52b0dbf2d6cbd20336afd271ad9ccc28aa50dfde993
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.nulled.to/forum//67/-money//?__cf_chl_rt_tk=49ujnf5kAb7hddbBwUgwrnsFCM_bMRMZ2ytnrzOjQk8-1727722170-0.0.1.1-6484

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Mon, 30 Sep 2024 18:49:30 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
TxBvXJwqWxO2oBWHd6T96tDiXCWrAsVPvIVuunZNoGDNnaMWLxx9ZR0uiKDXKvKrBGPhA2iTiuBvfOMR0m51LS8SA2i1YT3O3QZCef/LS57/qeiyaHb2o6vPnifAqf7+vjmZQD3nHes+mnjeLTlU0Q==$S2/icDoVAYQ7uBWoag9E0Q==
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8cb664adec267783-LHR
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
interactive
www.nulled.to/cdn-cgi/challenge-platform/h/g/beacon/ov1/2046632801:1727719978:wxVuoK3fN6O2MHXvmsqmmDuuzuX9tGL44tY36WMPQmo/8cb664aaff877783/019d578b32e681d/ 		2 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nulled.to/cdn-cgi/challenge-platform/h/g/beacon/ov1/2046632801:1727719978:wxVuoK3fN6O2MHXvmsqmmDuuzuX9tGL44tY36WMPQmo/8cb664aaff877783/019d578b32e681d/interactive
Requested by
Host: www.nulled.to
URL: https://www.nulled.to/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cb664aaff877783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1bc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://www.nulled.to/forum//67/-money//?__cf_chl_rt_tk=49ujnf5kAb7hddbBwUgwrnsFCM_bMRMZ2ytnrzOjQk8-1727722170-0.0.1.1-6484

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
8cb664ae0c4d7783-LHR
content-length
2
date
Mon, 30 Sep 2024 18:49:30 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
019d578b32e681d
www.nulled.to/cdn-cgi/challenge-platform/h/g/flow/ov1/2046632801:1727719978:wxVuoK3fN6O2MHXvmsqmmDuuzuX9tGL44tY36WMPQmo/8cb664aaff877783/ 		16 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nulled.to/cdn-cgi/challenge-platform/h/g/flow/ov1/2046632801:1727719978:wxVuoK3fN6O2MHXvmsqmmDuuzuX9tGL44tY36WMPQmo/8cb664aaff877783/019d578b32e681d
Requested by
Host: www.nulled.to
URL: https://www.nulled.to/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cb664aaff877783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1bc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e13048b48783b88b1763162a80a989292261e2eb66f18af70f93c710d090f095
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.nulled.to/forum//67/-money//?__cf_chl_rt_tk=49ujnf5kAb7hddbBwUgwrnsFCM_bMRMZ2ytnrzOjQk8-1727722170-0.0.1.1-6484
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
019d578b32e681d

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
8cb664ae9cfd7783-LHR
content-encoding
br
date
Mon, 30 Sep 2024 18:49:30 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
a+c4bR63+/flUd9MANS7zfzRQe1xMOon6OPwlhb6EjOgN0txrZB89E/0P750J5IcUtpMBNL37g==$6gdz8lzQNC8sBAFM
server
cloudflare
2d1e118d-eb2e-404f-8fa4-789741b104b6
https://www.nulled.to/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bvkrx/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/normal/auto/ Frame F245 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/bvkrx/0x4AAAAAAAAjq6WYeRDKmebM/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8cb664b02ea863ec-LHR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 30 Sep 2024 18:49:30 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
favicon.ico
www.nulled.to/ 		8 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.nulled.to/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1bc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0d46a784a8aaa6b8f5f969926b1edcda1b4f6a1b1fe4b7c8491fb9bf0a65a66
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.nulled.to/forum//67/-money//?__cf_chl_rt_tk=49ujnf5kAb7hddbBwUgwrnsFCM_bMRMZ2ytnrzOjQk8-1727722170-0.0.1.1-6484

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Mon, 30 Sep 2024 18:49:31 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
+6bmBy3sSIg8/IsQ9DXIAYwkZRongUrhXmWGbMzcYI64x0e8zy/jja9DIn8SWfesAwBjNBs2Rk+7KnEAGdSOFZB1M1j48b5Uk1innIkdGc9VThnbS6z1kNUNEDDj8RFOzo5ypi9xpYkHQ+TyR8OXtw==$FJHiuCDc1KYZcarJg0OKQQ==
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8cb664b148fa7783-LHR
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
Primary Request /
www.nulled.to/forum//67/-money// 		8 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nulled.to/forum//67/-money//?__cf_chl_rt_tk=49ujnf5kAb7hddbBwUgwrnsFCM_bMRMZ2ytnrzOjQk8-1727722170-0.0.1.1-6484
Requested by
Host: www.nulled.to
URL: https://www.nulled.to/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cb664aaff877783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1bc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e8087becadc3026e84453fbaba4800ee0ef67e44b7a1f7ddd8af372eb9c2065
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nulled.to/forum//67/-money//?__cf_chl_rt_tk=49ujnf5kAb7hddbBwUgwrnsFCM_bMRMZ2ytnrzOjQk8-1727722170-0.0.1.1-6484
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
b2UfStirugofIlesz8cV9rtgXtvIRU8iivDuQ05KAtnPKVioutBcyHhaKwjECzOtm2lVJ/2x4AL40IaMKQbWCSH3iHGTy5uJwhXqGI34Ne4hrynMC/K67RjiBQy7o5h5jgfnnl7/YHQ0dQgCn8PzpA==$8B9GrYdzcuj2Jq6JHmG8pQ==
cf-mitigated
challenge
cf-ray
8cb664c2dc347783-LHR
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 30 Sep 2024 18:49:33 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
v1
www.nulled.to/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		155 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nulled.to/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cb664c2dc347783
Requested by
Host: www.nulled.to
URL: https://www.nulled.to/forum//67/-money//?__cf_chl_rt_tk=49ujnf5kAb7hddbBwUgwrnsFCM_bMRMZ2ytnrzOjQk8-1727722170-0.0.1.1-6484
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1bc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e649a11fae1c41c072b3843c2670833a30e52c206936f432d6006f105029a7e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.nulled.to/forum//67/-money//?__cf_chl_rt_tk=SyW5UfqFOGJbX7izFWPl_zp68Gz3NhlHhb2NxHx9LkE-1727722173-0.0.1.1-3924

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
8cb664c44e257783-LHR
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
date
Mon, 30 Sep 2024 18:49:34 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
api.js
challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/ 		0
0
favicon.ico
www.nulled.to/ 		0
0
575e175f-4c8e-4331-bdd4-82f91e4d7b62
https://www.nulled.to/ Frame 		0
0
truncated
/ 		420 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
105e350aa0bfb751df0fcaf4aa08d494376601d2714c0caff3a2c75ac1e66284

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
6c277d0ca9f65c2
www.nulled.to/cdn-cgi/challenge-platform/h/g/flow/ov1/755225569:1727719886:jj5ryCKHZ1M80b8N4LCrgh-sIODRAmk7TUvf2GAAt68/8cb664c2dc347783/ 		16 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nulled.to/cdn-cgi/challenge-platform/h/g/flow/ov1/755225569:1727719886:jj5ryCKHZ1M80b8N4LCrgh-sIODRAmk7TUvf2GAAt68/8cb664c2dc347783/6c277d0ca9f65c2
Requested by
Host: www.nulled.to
URL: https://www.nulled.to/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cb664c2dc347783
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:1bc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416ee4bbcca86e62aa189c26f68c1710f43c70e75ef0a63d4a97d873f21e072e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://www.nulled.to/forum//67/-money//?__cf_chl_rt_tk=49ujnf5kAb7hddbBwUgwrnsFCM_bMRMZ2ytnrzOjQk8-1727722170-0.0.1.1-6484
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
6c277d0ca9f65c2

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-ray
8cb664c5d8927783-LHR
content-encoding
br
date
Mon, 30 Sep 2024 18:49:34 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
QNaSSDjeSyJFRGrfUm3qPdGrnkGn5w0VbSA5jtjN4NNWYpeJGQgeI+REEu8ianjCiNXLUGi+Gw==$KU/RS5SsKa/oj2JI
server
cloudflare
8236dad8-3fc8-4b90-a9d9-046d08b09396
https://www.nulled.to/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.nulled.to
URL
blob:https://www.nulled.to/41e0acf2-43e9-45f3-ad2f-a985769c4057
Domain
www.nulled.to
URL
blob:https://www.nulled.to/2d1e118d-eb2e-404f-8fa4-789741b104b6
Domain
challenges.cloudflare.com
URL
https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
Domain
www.nulled.to
URL
https://www.nulled.to/favicon.ico
Domain
www.nulled.to
URL
blob:https://www.nulled.to/575e175f-4c8e-4331-bdd4-82f91e4d7b62
Domain
www.nulled.to
URL
blob:https://www.nulled.to/8236dad8-3fc8-4b90-a9d9-046d08b09396

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| Vguy6 function| Hvmr3 function| TMMx5 function| mpUaL2 function| FxOnr3 object| eXDlL4 object| YvPd6 function| Jeuhg1 function| KUjIx3 object| iHwxM3 number| OuWT7 object| angular object| ohry1

1 Cookies

Domain/Path Name / Value
www.nulled.to/ Name: cf_chl_rc_i
Value: 1

4 Console Messages

Source Level URL
Text
network error URL: https://www.nulled.to//forum//67/-money//
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.nulled.to/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.nulled.to/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.nulled.to/forum//67/-money//?__cf_chl_rt_tk=49ujnf5kAb7hddbBwUgwrnsFCM_bMRMZ2ytnrzOjQk8-1727722170-0.0.1.1-6484
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN