urlscan.io logo urlscan.io
SecurityTrails logo

newproject2023.dadsec.win Open in urlscan Pro
113.30.188.186  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://apiservices.krxd.net/click_tracker/track?kx_event_uid=LR25EaJr&clk=https%3A%2F%2Fvgaempreendimento.com.br%2Femail%2Fv...
Effective URL: https://newproject2023.dadsec.win/xofz1/cgi-bin/gt71qkf1/
Submission: On May 24 via manual from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 12 HTTP transactions. The main IP is 113.30.188.186, located in Amsterdam, Netherlands and belongs to CLOUDWEBMANAGE-EU, US. The main domain is newproject2023.dadsec.win.
TLS certificate: Issued by R3 on May 16th 2023. Valid for: 3 months.
This is the only time newproject2023.dadsec.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 151.101.130.133 54113 (FASTLY)
1 108.179.253.168 19871 (NETWORK-S...)
1 113.30.188.186 41436 (CLOUDWEBM...)
1 2a00:1450:400... 15169 (GOOGLE)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
12 5
1    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
apiservices.krxd.net
1    108.179.253.168 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: br586-ip04.hostgator.com.br
vgaempreendimento.com.br
1    113.30.188.186 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
newproject2023.dadsec.win
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
8    2606:4700::6812:7b9 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6358
117 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 320
88 KB
1 dadsec.win
newproject2023.dadsec.win
752 B
1 vgaempreendimento.com.br
vgaempreendimento.com.br
137 B
1 krxd.net
apiservices.krxd.net — Cisco Umbrella Rank: 35429
302 B
12 5
Domain Requested by
8 challenges.cloudflare.com 1 redirects newproject2023.dadsec.win
challenges.cloudflare.com
vgaempreendimento.com.br
1 ajax.googleapis.com newproject2023.dadsec.win
1 newproject2023.dadsec.win
1 vgaempreendimento.com.br
1 apiservices.krxd.net 1 redirects
12 5

This site contains no links.

Subject Issuer Validity Valid
*.vgaempreendimento.com.br
R3		 2023-04-09 -
2023-07-08		 3 months crt.sh
dadsec.win
R3		 2023-05-16 -
2023-08-14		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://newproject2023.dadsec.win/xofz1/cgi-bin/gt71qkf1/
Frame ID: 78A406B8A7F5243A26F60BF2E6C50A9A
Requests: 4 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/36c4f/0x4AAAAAAADweEftSQIbIN21/auto/normal
Frame ID: 7B4C46264BA5A85B0403DEBD164829F2
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

75 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

206 kB
Transfer

354 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://apiservices.krxd.net/click_tracker/track?kx_event_uid=LR25EaJr&clk=https%3A%2F%2Fvgaempreendimento.com.br%2Femail%2Fverification%2Fogxquv.jgybw.lojadotoldeiroevidraceiro.com.br%2FbnZlcnppbm9Ac3BhdWxkaW5ncmlkZ2UuY29t HTTP 302
  • https://vgaempreendimento.com.br/email/verification/ogxquv.jgybw.lojadotoldeiroevidraceiro.com.br/bnZlcnppbm9Ac3BhdWxkaW5ncmlkZ2UuY29t
Request Chain 2
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/api.js

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
bnZlcnppbm9Ac3BhdWxkaW5ncmlkZ2UuY29t
vgaempreendimento.com.br/email/verification/ogxquv.jgybw.lojadotoldeiroevidraceiro.com.br/
Redirect Chain
  • https://apiservices.krxd.net/click_tracker/track?kx_event_uid=LR25EaJr&clk=https%3A%2F%2Fvgaempreendimento.com.br%2Femail%2Fverification%2Fogxquv.jgybw.lojadotoldeiroevidraceiro.com.br%2FbnZlcnppbm...
  • https://vgaempreendimento.com.br/email/verification/ogxquv.jgybw.lojadotoldeiroevidraceiro.com.br/bnZlcnppbm9Ac3BhdWxkaW5ncmlkZ2UuY29t
0
137 B 		Document
General
Check archive.org
Download Go to
Full URL
https://vgaempreendimento.com.br/email/verification/ogxquv.jgybw.lojadotoldeiroevidraceiro.com.br/bnZlcnppbm9Ac3BhdWxkaW5ncmlkZ2UuY29t
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.179.253.168 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
br586-ip04.hostgator.com.br
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 24 May 2023 11:45:05 GMT
refresh
0;url=https://newproject2023.dadsec.win/xofz1/cgi-bin/gt71qkf1/#nverzino@spauldingridge.com
server
Apache

Redirect headers

accept-ranges
bytes
age
0
content-length
0
date
Wed, 24 May 2023 11:45:04 GMT
location
https://vgaempreendimento.com.br/email/verification/ogxquv.jgybw.lojadotoldeiroevidraceiro.com.br/bnZlcnppbm9Ac3BhdWxkaW5ncmlkZ2UuY29t
via
1.1 varnish (Varnish/5.2), 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-served-by
click-tracker-a009-ash-prod.krxd.net, cache-fra-eddf8230088-FRA
x-timer
S1684928704.113143,VS0,VE374
Primary Request /
newproject2023.dadsec.win/xofz1/cgi-bin/gt71qkf1/ 		736 B
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newproject2023.dadsec.win/xofz1/cgi-bin/gt71qkf1/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
113.30.188.186 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx / PHP/7.4.30 PleskLin
Resource Hash
06e00f9e56101d038f63423afe3dceb4b5fcca712f5ed507adfc84b4c7d95551

Request headers

Referer
https://vgaempreendimento.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
479
content-type
text/html; charset=UTF-8
date
Wed, 24 May 2023 11:45:05 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.4.30 PleskLin
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.3/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js
Requested by
Host: newproject2023.dadsec.win
URL: https://newproject2023.dadsec.win/xofz1/cgi-bin/gt71qkf1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newproject2023.dadsec.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 22:19:41 GMT
x-content-type-options
nosniff
age
48324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
89947
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 May 2024 22:19:41 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/api.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/7fe8adc8/api.js
Requested by
Host: newproject2023.dadsec.win
URL: https://newproject2023.dadsec.win/xofz1/cgi-bin/gt71qkf1/
Protocol
H2
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51957b7f445f96a4f027db0a264c33904aaa9cd1ef944148008e41d54d4f8f0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newproject2023.dadsec.win/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:45:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7cc54a5c6c4d9125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Wed, 24 May 2023 11:45:05 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/g/7fe8adc8/api.js
cache-control
max-age=300, public
cf-ray
7cc54a5c4c2a9125-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/36c4f/0x4AAAAAAADweEftSQIbIN21/auto/ Frame 7B4C 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/36c4f/0x4AAAAAAADweEftSQIbIN21/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb063ee5dbd902fa81c9b970b5343d86afe2b7ff362fc9c839e48d91eb7a7dae

Request headers

Referer
https://newproject2023.dadsec.win/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7cc54a5cbd7e2bd9-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 24 May 2023 11:45:06 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 7B4C 		151 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7cc54a5cbd7e2bd9
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/36c4f/0x4AAAAAAADweEftSQIbIN21/auto/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f2944a987bb6489e3772635fe38d184a18f2518fa091b05731b795abbfb6880

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/36c4f/0x4AAAAAAADweEftSQIbIN21/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:45:06 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7cc54a5d3e2b2bd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
2bb0a0ea180ada8
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/106977793:1684928024:Rl77V54PGG6DGSUeDAYD5hx1waA8vQyQrcrjGsBQrmE/7cc54a5cbd7e2bd9/ Frame 7B4C 		65 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/106977793:1684928024:Rl77V54PGG6DGSUeDAYD5hx1waA8vQyQrcrjGsBQrmE/7cc54a5cbd7e2bd9/2bb0a0ea180ada8
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7cc54a5cbd7e2bd9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3d80b1946c0390b99146de70c93e6183f33720ef0e2fb01c03f09b3d6d20dd7

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/36c4f/0x4AAAAAAADweEftSQIbIN21/auto/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge
2bb0a0ea180ada8
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 May 2023 11:45:06 GMT
content-encoding
br
cf_chl_gen
uA5s1jWu4KZQiD5dCpqhoF9d5KBTWBRukSGB+SsRjgkKtbyLSRv5nFHcpM1rfcFFGYpqDeAYRLoAGCVKRh+jgX1fQ5tnKvz1tBkkSARIdjnKEKoV0IU1y+0dHoRGxiAtoy3afXcHs4hAPCjQrJyUefZfwofas52x2jxgQBunO3KTMCxQ5ccjJ8eIXSCNDhZcCh9T4OgXHeFrEu3qhbvjwbf4wfTIGCrpCQLssLTlaCtnidIzYVzjZuhZoA75p/71vVkAN30j8Dl0oApXAXOgix4soLTTajITQ/9ofXRNYjxJnCC29TTGN1DzhQgi/Sy1jtFWH8FdO625RL3lxQ6YFL/vPB043407b3G/nq4CTt91n5a1kHvG3lBKnbVZlv2FWeMM6XOgfqdo6Zx2o6F5R2w0HOMAlXS/J7YbAWJ7N5JW2EFu89ZeT9yBLTlcntkq$L1RXaW3t+zB0bvBRqUla2A==
server
cloudflare
cf-ray
7cc54a5e4fc12bd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
d5792d6b-6973-4bf5-a7e5-4492dc92c0ec
https://challenges.cloudflare.com/ Frame 7B4C 		220 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/d5792d6b-6973-4bf5-a7e5-4492dc92c0ec
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6b64601f895bed389aa525bed33990514b3ea089b51569aaf245f9479caeac8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/36c4f/0x4AAAAAAADweEftSQIbIN21/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
220
Content-Type
application/javascript
20ZR-5Apr7uoMd5
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7cc54a5cbd7e2bd9/1684928706295/ Frame 7B4C 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7cc54a5cbd7e2bd9/1684928706295/20ZR-5Apr7uoMd5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efa2e5dac1447310ceec2d09039719e2d07b3dd1df871185395fc808b1e3a467

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/36c4f/0x4AAAAAAADweEftSQIbIN21/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:45:07 GMT
server
cloudflare
cf-ray
7cc54a63df812bd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
oxIEBfAYh7R0xRR
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7cc54a5cbd7e2bd9/1684928706302/77855fd6fd89167085d1ac33de4d6d5397a92435d962120bea407c5ede222aea/ Frame 7B4C 		1 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7cc54a5cbd7e2bd9/1684928706302/77855fd6fd89167085d1ac33de4d6d5397a92435d962120bea407c5ede222aea/oxIEBfAYh7R0xRR
Requested by
Host: vgaempreendimento.com.br
URL: https://vgaempreendimento.com.br/email/verification/ogxquv.jgybw.lojadotoldeiroevidraceiro.com.br/bnZlcnppbm9Ac3BhdWxkaW5ncmlkZ2UuY29t
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/36c4f/0x4AAAAAAADweEftSQIbIN21/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 24 May 2023 11:45:07 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gd4Vf1v2JFnCF0awz3k1tU5epJDXZYhIL6kB8Xt4iKuoAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArTdvs2-VOeG1gRYSu6le9W8rphJ9hC05duH2SoyJxZcID7eB4pDegSJtNqv3OQbpK4Q95bHTqsH89BCAXLJI-Vt7ySrpRthX6rEPu-Vj7WesutfG-4HKj1HyDTGqAY6a7ewvPAO1MgMa2r1_gzOPEXZzJhEKT6UdIT2kff2r_Ykjw0jlNmXk5cDvIskrZ85GVfUW-rn9g1PLXw9OFhNDD6DD2EiFfNdypws_NYvMuOAHcmAxJlEJcf3CR8kfcZax5XW2G8thhT80V0huiKzfxYVtQL5b4HVbTcNvo9O7UCIklef8agJz95n7nyDUn68MLaxbYGJ0kAASzeN5eEb55QIDAQAB, max-age=20
server
cloudflare
cf-ray
7cc54a64b89b2bd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
a2a27de3-dadf-4593-abc6-d9854c21f47d
https://challenges.cloudflare.com/ Frame 7B4C 		539 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/a2a27de3-dadf-4593-abc6-d9854c21f47d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/36c4f/0x4AAAAAAADweEftSQIbIN21/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
539
Content-Type
text/javascript
2bb0a0ea180ada8
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/106977793:1684928024:Rl77V54PGG6DGSUeDAYD5hx1waA8vQyQrcrjGsBQrmE/7cc54a5cbd7e2bd9/ Frame 7B4C 		10 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/106977793:1684928024:Rl77V54PGG6DGSUeDAYD5hx1waA8vQyQrcrjGsBQrmE/7cc54a5cbd7e2bd9/2bb0a0ea180ada8
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7cc54a5cbd7e2bd9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f9a2801a58fc531ec31610377a9e928373fbc6e48b587cfacd6c41686c1a985

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/36c4f/0x4AAAAAAADweEftSQIbIN21/auto/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
CF-Challenge
2bb0a0ea180ada8
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 May 2023 11:45:07 GMT
content-encoding
br
cf_chl_gen
gbglynaTZ338yj+5u1M4ncfJ+4RmwIHqy6LW2cviXkVif/noY3CJXx1DxS9lCzND$rr+Gb7iBSngjY1/7SHqVqA==
server
cloudflare
cf-ray
7cc54a685d5a2bd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless function| $ function| jQuery function| javascriptCallback object| turnstile

1 Cookies

Domain/Path Name / Value
newproject2023.dadsec.win/ Name: PHPSESSID
Value: m3vk2nomq9domaobr2ksj1hpcs

2 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7cc54a5cbd7e2bd9/1684928706302/77855fd6fd89167085d1ac33de4d6d5397a92435d962120bea407c5ede222aea/oxIEBfAYh7R0xRR
Message:
Failed to load resource: the server responded with a status of 401 ()