urlscan.io logo urlscan.io
SecurityTrails logo

thefirsts.cc Open in urlscan Pro
2606:4700:3035::ac43:8be1  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://thefirsts.cc/
Submission: On October 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3035::ac43:8be1, located in United States and belongs to CLOUDFLARENET, US. The main domain is thefirsts.cc.
TLS certificate: Issued by WE1 on September 30th 2024. Valid for: 3 months.
This is the only time thefirsts.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 16 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
23 3
Apex Domain
Subdomains		 Transfer
16 thefirsts.cc
thefirsts.cc
148 KB
4 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3443
16 KB
23 2
Domain Requested by
16 thefirsts.cc 1 redirects thefirsts.cc
4 challenges.cloudflare.com thefirsts.cc
challenges.cloudflare.com
23 2

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
thefirsts.cc
WE1		 2024-09-30 -
2024-12-29		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://thefirsts.cc/
Frame ID: 85474E4D8DA19094FCE605E7DA5021A3
Requests: 17 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/3h2nj/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: 99C371869119AC88A3F2F5D55324E8B2
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z3v5b/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: E9897E6361C2C114DE0350E95F9D0295
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nur einen Moment…

Page URL History Show full URLs

  1. https://thefirsts.cc/ Page URL
  2. https://thefirsts.cc/cdn-cgi/phish-bypass?atok=yJLC7cxQkVZ3slsORqaNMDfUAEZ144lN9zHY89UK34c-172981... HTTP 301
    https://thefirsts.cc/ Page URL
  3. https://thefirsts.cc/ Page URL

Page Statistics

23
Requests

83 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

164 kB
Transfer

401 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://thefirsts.cc/ Page URL
  2. https://thefirsts.cc/cdn-cgi/phish-bypass?atok=yJLC7cxQkVZ3slsORqaNMDfUAEZ144lN9zHY89UK34c-1729814390-0.0.1.1-%2F HTTP 301
    https://thefirsts.cc/ Page URL
  3. https://thefirsts.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://thefirsts.cc/cdn-cgi/phish-bypass?atok=yJLC7cxQkVZ3slsORqaNMDfUAEZ144lN9zHY89UK34c-1729814390-0.0.1.1-%2F HTTP 301
  • https://thefirsts.cc/

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
thefirsts.cc/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thefirsts.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8be1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95b660ea2182924b46c0be7909e334a5348ff2a12c7ad5b4cc6e528208bdac31
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

cf-ray
8d7dec42ad05d246-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 24 Oct 2024 23:59:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B6m29Kq18minxo8AFb%2BFmRIoT300JT7StHcIhbQ2SBzKBeVXrRmDWCoUcIlgHRRqfF23v7E78HmK2W%2F%2Fdf49lrcLjsnF78Xb5icaHkRlnPvFbaD3MiAkVIhsYeG1Rh5rpe0TD7WhkhRdglQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf.errors.css
thefirsts.cc/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thefirsts.cc/cdn-cgi/styles/cf.errors.css
Requested by
Host: thefirsts.cc
URL: https://thefirsts.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8be1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://thefirsts.cc/

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"6712b228-5df3"
x-content-type-options
nosniff
cf-ray
8d7dec42cd0dd246-FRA
expires
Fri, 25 Oct 2024 01:59:50 GMT
date
Thu, 24 Oct 2024 23:59:50 GMT
content-type
text/css
last-modified
Fri, 18 Oct 2024 19:08:24 GMT
server
cloudflare
x-frame-options
DENY
icon-exclamation.png
thefirsts.cc/cdn-cgi/images/ 		452 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefirsts.cc/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: thefirsts.cc
URL: https://thefirsts.cc/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8be1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://thefirsts.cc/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"6712b228-1c4"
x-content-type-options
nosniff
cf-ray
8d7dec42ed16d246-FRA
expires
Fri, 25 Oct 2024 01:59:50 GMT
accept-ranges
bytes
content-length
452
date
Thu, 24 Oct 2024 23:59:50 GMT
content-type
image/png
last-modified
Fri, 18 Oct 2024 19:08:24 GMT
server
cloudflare
x-frame-options
DENY
favicon.ico
thefirsts.cc/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://thefirsts.cc/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8be1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46ee37a1e11c91f9add15731e4cf6bca7a45f14cf3b76a2b8387fb1103667f9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://thefirsts.cc/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hdPsZ8ien5Kfa9sMRJgwvgEVM0GwlvnLnZ61OLeLsDazoU9NGneewitdMzIkddyXK3rQVuNe1unnovFGMSC5%2FzU4pTXauoXde2zc2BS7TedmfdD9NS8Oc5fCXSqzcdBqt7gEwfZSucdfCrI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7dec430d22d246-FRA
date
Thu, 24 Oct 2024 23:59:50 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
/
thefirsts.cc/
Redirect Chain
  • https://thefirsts.cc/cdn-cgi/phish-bypass?atok=yJLC7cxQkVZ3slsORqaNMDfUAEZ144lN9zHY89UK34c-1729814390-0.0.1.1-%2F
  • https://thefirsts.cc/
8 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thefirsts.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8be1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de29abc4b8cbe9e67ba34206e9be17ad80132e0ff180803da46ecd8ddfb55624
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://thefirsts.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
NrB3isMYupUCUnjjYJV0eLFVmqOat16anOu0S2LNPCQO3IuXPOei5VhhkQ5JNfOe+ZLe++eLFupRwQQr/Ugl56m6SfSY+7aRN+BVDfybSoEbd9OJpczASpMkCCCgZMx8P20rHY65W1dBqpza0qyHUQ==$+80nZXkrHSxVOnj6fpVQ1Q==
cf-mitigated
challenge
cf-ray
8d7dec62599cd246-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 24 Oct 2024 23:59:55 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nhy0%2BJKG5OBshaRagLPvKvDFKtg2tjW3MDzgCbNP1yq8mfJbLg8s2ApRg%2FDBMvIqbYJBa%2FaJ8CwVUND7NfhPmUporW0oU70OdR5q25YhvYx9wqk7q6ZTS8LqmyDywD6%2B9tlen2c0SyyuYnE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=9762&sent=30&recv=21&lost=0&retrans=0&sent_bytes=14782&recv_bytes=6710&delivery_rate=44999&cwnd=12000&unsent_bytes=0&cid=bb46430908281d20&ts=5087&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

cache-control
private, no-cache
cf-ray
8d7dec624995d246-FRA
content-length
167
content-type
text/html
date
Thu, 24 Oct 2024 23:59:55 GMT
location
https://thefirsts.cc/
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
v1
thefirsts.cc/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thefirsts.cc/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d7dec62599cd246
Requested by
Host: thefirsts.cc
URL: https://thefirsts.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8be1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41e6d544440504e1915e44fb9defcb5d0ed8ee410b62f9600fc0465fda73fc2c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://thefirsts.cc/?__cf_chl_rt_tk=WhJz60jCFG25aEjaGKI50vGrEZRfO8x.XevnzGL7u3o-1729814395-1.0.1.1-vWX5vu9Gs0uxTvaCneW4HeZl6oq4ph.ETPdqUiwyHtA

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=51QxFd%2FAxYDKyP8jnGf%2B1UnLSDEptLidhyAdb5mWE5D%2F4wB3BrgOILu7%2FJykkKynbf3paclKi7%2BsOBvJ8D4rMRstXazDLm8PS5kes2R34Ft4z%2BOcqbKHmW5glgXjLIt6%2F%2FTlLq7sqCMZ4nU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7dec6299b0d246-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12045&sent=38&recv=26&lost=0&retrans=0&sent_bytes=21721&recv_bytes=7356&delivery_rate=454792&cwnd=12000&unsent_bytes=0&cid=bb46430908281d20&ts=5133&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 23:59:55 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
priority
u=3,i=?0
435c417f-f439-46cf-9cb5-3ed9ca7fbc73
https://thefirsts.cc/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit
Requested by
Host: thefirsts.cc
URL: https://thefirsts.cc/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d7dec62599cd246
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbacce424d00878284db8c04089f007944324d9cd2432db2472e4cf62a39dbbf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://thefirsts.cc
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8d7dec62e910d2a9-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 23:59:55 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 23 Oct 2024 21:21:17 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
thefirsts.cc/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefirsts.cc/favicon.ico
Requested by
Host: thefirsts.cc
URL: https://thefirsts.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8be1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c976263d7669846cd348fc3aeffa2a7a9a4e9f1f07f7a8cc7e8da11e3ea1e3f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://thefirsts.cc/

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rk%2BhxxBLCWcre00I5AC3vIw0uE2w0%2B74GkweMX6nzXMw%2B%2B5JVF97KotS%2B1OopAf1MW9x%2F%2BCPcH1ppr7c6UqeED7g64cWSLd1vphyu79eXhujhwC3uHdT3sOjQgvBUj2K8qbe4Hr1JC%2BpSdQ%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8112&sent=73&recv=44&lost=0&retrans=0&sent_bytes=62247&recv_bytes=8493&delivery_rate=4080195&cwnd=26400&unsent_bytes=0&cid=bb46430908281d20&ts=5181&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options
nosniff
date
Thu, 24 Oct 2024 23:59:55 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
d8bqq1O5Z7zapzz6gZJgRkNJK0sHLBKfgivwSvvxQFFh5h/BTKY/wS18j0GOypOYiVOe83PC9LNTFny/sD1eHYHkz7586f+Bh3Z5bpSO6bLNtnRBgAj1nELq0/7d3BkcAfImGK/OWlSGBB4gGHMkig==$b9D3OO8qhjPLnREb6V3rDw==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d7dec62e9cbd246-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
favicon.ico
thefirsts.cc/ 		8 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://thefirsts.cc/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8be1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c489f16ab0e22088daf95e21c42a79ef7b9be739f800881f3ba27f1e2004580
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://thefirsts.cc/

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ce5hZOsz%2B%2Bho3yu50Rfyfe%2FlCdUpYmEoTzMk0VREUcOhGfg0ZMnX5I3U6V4EC2eIJ7fXRPonihcpQTjJcMxAZGr0mTl9BA0deno3nn6%2FqK64HKmRvGMyFcHBYzapaIDiB1sr%2Bs0It7HmVok%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7572&sent=81&recv=48&lost=0&retrans=0&sent_bytes=69206&recv_bytes=9046&delivery_rate=571843&cwnd=26400&unsent_bytes=0&cid=bb46430908281d20&ts=5209&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options
nosniff
date
Thu, 24 Oct 2024 23:59:55 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
7KZ6LB938DTkeEgYXyXRJmUBO7KTvvA3Bf7F3QdEO6m3wLj9HUlWaIEaYrerxGHkZGRuxrRJjEM2xnwgVxORpfejJWQQcFx81WJ7rmvkdEw36C/tbdxxG+K8BhVq3k770jCfUyPBqXXAaiUmVXr8nA==$as6w9hZTpqOvChwLMuG6xw==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d7dec6319d8d246-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
WZ8bmdHLgLPLJJAPFJeWpRQvbIIliq1cZRCEBvKY304-1729814395-1.2.1.1-_w333w7PuMhI4jGJPpOh.UT1pnyO3o_uibBmFvDeZgXdhQHpyiukrx8q9FgfEWUN
thefirsts.cc/cdn-cgi/challenge-platform/h/b/flow/ov1/190092498:1729811493:96vpCFDwTS0O1KwUc3js4TM7t0t5emOLazIIGKR9xJI/8d7dec62599cd246/ 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://thefirsts.cc/cdn-cgi/challenge-platform/h/b/flow/ov1/190092498:1729811493:96vpCFDwTS0O1KwUc3js4TM7t0t5emOLazIIGKR9xJI/8d7dec62599cd246/WZ8bmdHLgLPLJJAPFJeWpRQvbIIliq1cZRCEBvKY304-1729814395-1.2.1.1-_w333w7PuMhI4jGJPpOh.UT1pnyO3o_uibBmFvDeZgXdhQHpyiukrx8q9FgfEWUN
Requested by
Host: thefirsts.cc
URL: https://thefirsts.cc/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d7dec62599cd246
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8be1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
491d5a5f01e36a2fe6d863503e51b52cd31a103c1bbef5480b29312b5d347fcc

Request headers

Referer
https://thefirsts.cc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Content-type
application/x-www-form-urlencoded
CF-Challenge
WZ8bmdHLgLPLJJAPFJeWpRQvbIIliq1cZRCEBvKY304-1729814395-1.2.1.1-_w333w7PuMhI4jGJPpOh.UT1pnyO3o_uibBmFvDeZgXdhQHpyiukrx8q9FgfEWUN

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ur2Jh2eoaWgurtXtR%2Bo98hLJJ9mPDuMrSmWEvcakfZuGADg9znExWTjixSy780z%2FDwcLvihrMdP4IUvU7tVOTQ4Vwo5KLnn9%2BZLxQexcRhpLGxKZPVDb7wj46x794YxJ6Y07FkGGX5IbED0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7dec639a09d246-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7616&sent=92&recv=56&lost=0&retrans=0&sent_bytes=76230&recv_bytes=13440&delivery_rate=573336&cwnd=26400&unsent_bytes=0&cid=bb46430908281d20&ts=5301&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 23:59:55 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
FW7vLdSaIOB34JS4fJRkxNdrIU2bJkCb20OCpEOE/ZqnycuYvZ+qWOY3CaCZzuG/fr2TozEvPzw=$cA6xnbyENdeII4uK
server
cloudflare
priority
u=1,i
35fd4fdc-6a1c-416e-8bcd-cc08cde184e6
https://thefirsts.cc/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/3h2nj/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame 99C3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/3h2nj/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8d7dec63e9a30374-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 23:59:55 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
WZ8bmdHLgLPLJJAPFJeWpRQvbIIliq1cZRCEBvKY304-1729814395-1.2.1.1-_w333w7PuMhI4jGJPpOh.UT1pnyO3o_uibBmFvDeZgXdhQHpyiukrx8q9FgfEWUN
thefirsts.cc/cdn-cgi/challenge-platform/h/b/flow/ov1/190092498:1729811493:96vpCFDwTS0O1KwUc3js4TM7t0t5emOLazIIGKR9xJI/8d7dec62599cd246/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://thefirsts.cc/cdn-cgi/challenge-platform/h/b/flow/ov1/190092498:1729811493:96vpCFDwTS0O1KwUc3js4TM7t0t5emOLazIIGKR9xJI/8d7dec62599cd246/WZ8bmdHLgLPLJJAPFJeWpRQvbIIliq1cZRCEBvKY304-1729814395-1.2.1.1-_w333w7PuMhI4jGJPpOh.UT1pnyO3o_uibBmFvDeZgXdhQHpyiukrx8q9FgfEWUN
Requested by
Host: thefirsts.cc
URL: https://thefirsts.cc/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d7dec62599cd246
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8be1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
652d4699d03c4670fdc0e863912616d7fd3975360dd7b33e7c7994201b674bbd

Request headers

Referer
https://thefirsts.cc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Content-type
application/x-www-form-urlencoded
CF-Challenge
WZ8bmdHLgLPLJJAPFJeWpRQvbIIliq1cZRCEBvKY304-1729814395-1.2.1.1-_w333w7PuMhI4jGJPpOh.UT1pnyO3o_uibBmFvDeZgXdhQHpyiukrx8q9FgfEWUN

Response headers

cf-chl-out
+pG0KqnOZqzker0KEkKqRk9GLyO8tF71rkGbrhyEkOaWtgs0cM6WmQphizHxBy4h6j65dAj7Q75ttS89byFl8sI27IoukWOSq5AbM0wfekuZLeBBS+BAWVM=$PxYCjsdEGY4K2fDN
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2F5e%2FujA%2BAJqD6knRHIll7L%2Fk2LmBwtygVX4oOUKs9PA0CGp4BnGBG%2BkqajOJB%2FEUaC1Y835j75YHFRgABzvSXtGi5KddZ2EYXYmDRRkD%2BjQ3VaWEtYU6itlQeq54YpyOhNbUlL6%2BvkbHa8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7dec674be6d246-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7082&sent=103&recv=66&lost=0&retrans=0&sent_bytes=85959&recv_bytes=18676&delivery_rate=446737&cwnd=26400&unsent_bytes=0&cid=bb46430908281d20&ts=5890&x=1", cfExtPri, cfHdrFlush;dur=0
cf-chl-out-s
2vfN1TR2li9w6685RBXtsmMphr9ECCoernrVN3qOzrmtETQL1RhcHqX2eRNBFeOA+sXYcvOEzpUcmohRbn21cfcx7mNKIyXb7Ri+gD/aXY3ayvqpec1uTPGnS4hL/fxZiu3tt4tjTOHqeyRXe/DzDEgzrjCTxMUtzQB4fZoGnjdR5tCqzllaVc1ZEHShXLXgOYb76QPoQQk4N16eF2HC/okcNLf7otyhCfbxwFE8NGlxPlJylt/HUyrgve/5QT4cHrhIp47vf0vsbBEZGTKkAqA2hUwqFtR8oiYdBkXVvdhxE/sYb1ykvi8b9GLmM8xtQmz2mmFVKjPXstjrhZh8YWK5bf8PPST8xS0mkOHi4UURUyxLj7+gxXa4JsfRD48XImIhyvgFmEfAfxtWjfYUXBL7FH7WBvX5Ar/fVottHrKSEcq3sUQHv8INtxfcjc0481JqUH10xM5YqmASpFzv3Fb0sykI7xhT05YOCC/wRH5gObA4deoYVymdE1ta7eQoqskedPNEVWVwe9r4AxhMXj8ubNs7VPt6gv74rFu1EF6HsbXrUJris4yM5D+TlyatUtkQ8SEsbXBEBj1vrYdYmYX0wUSaigGBlxk+niV2RxQE4C+ncX/Pqw9spLVJG09+KN3eNBLWzTsERnsPpHuCetzJXpEQd1fyRpdQ0oVHdnTGUh7GSW+0PQAD3X9gRwRCp4brVucatGqC9lxOUUH4ctQqf9qlFeCIjZM+F0jA7YC0eTTP0LLKreYdhx5C/dpw8Q==$a3j3cAjY49eGcxLf
date
Thu, 24 Oct 2024 23:59:56 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=1,i
Primary Request /
thefirsts.cc/ 		8 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thefirsts.cc/
Requested by
Host: thefirsts.cc
URL: https://thefirsts.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8be1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92e1ac0fa202143741f31e15a4c5a7358359348954084a0dd3e13003e00f415d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://thefirsts.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
WjMQYYLWhkNXRNU2xvVDwMQfAogfS4Ui1diCv1uZKTUACnsdvAPaE7I1zdkGv6AW5impmZE5E3xyQ/Kw32EDjELyDB1VKBXUvQ+dbPYYs53Z3XwFmvv5+ffGl+ZO0FQLw8iVH2fE36QYlwCL5kIezQ==$Qh9Z3ExpubSI8f3obVMCwA==
cf-mitigated
challenge
cf-ray
8d7dec75a9fed246-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 24 Oct 2024 23:59:58 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dUPlrIVQqur7jIuyh4wzI10ik6GjemDyfwmfwlkzlQotfbfIhLSg2VC7SeJvS8tZmxffRsjCyAzQ0e6TTCRK9%2BNtRTSyYi48uvvLWHc7HSHrLPAbfUJTWnLF2ex82r1ttMsLyNziAfcXuWM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=7830&sent=108&recv=69&lost=0&retrans=0&sent_bytes=89171&recv_bytes=19238&delivery_rate=129521&cwnd=26400&unsent_bytes=0&cid=bb46430908281d20&ts=8180&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
v1
thefirsts.cc/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thefirsts.cc/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d7dec75a9fed246
Requested by
Host: thefirsts.cc
URL: https://thefirsts.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8be1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee744b668655de325b4cd66a1959f362e9fe5b9114ec306dde94b27028a55b93

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://thefirsts.cc/?__cf_chl_rt_tk=WFNY3X8o0239z8QNHDktoxlsX5ixzbrxUe2JEkQUSGQ-1729814398-1.0.1.1-O_DtBlUjRWDfR5pWYwwrtd7c0Dornu.IdPrAr09xXws

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JOJEzwqi91cPyENDp%2BtVhm35xvS%2Bs%2FRn%2BREFs67IDeA2TTxW96LzYNEWkcXvVO5LrUzW2O8Pz5HeH3WTHUHnWzMYcv6%2Bbcw1NtPi9y4Oib1OTsgv89CuPnTTDxvW%2FWaThINI2rpb0mDgwCw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7dec75da1bd246-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7719&sent=116&recv=71&lost=0&retrans=0&sent_bytes=96109&recv_bytes=19769&delivery_rate=493145&cwnd=26400&unsent_bytes=0&cid=bb46430908281d20&ts=8213&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 23:59:58 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
priority
u=3,i=?0
0a5dac7a-0479-44e4-a231-ab4948810066
https://thefirsts.cc/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/ 		47 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit
Requested by
Host: thefirsts.cc
URL: https://thefirsts.cc/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d7dec75a9fed246
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbacce424d00878284db8c04089f007944324d9cd2432db2472e4cf62a39dbbf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Origin
https://thefirsts.cc
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8d7dec62e910d2a9-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 23:59:55 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 23 Oct 2024 21:21:17 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
thefirsts.cc/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thefirsts.cc/favicon.ico
Requested by
Host: thefirsts.cc
URL: https://thefirsts.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8be1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1b0f56a0f224a86ec1ce85601408667b839e90205e4f0b39727d8b9fbb707db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://thefirsts.cc/

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jo03otXMEV95hgGyby6gStNYHgMcJvs%2FGdooyGWnf1M7cCYE1RIgsOvz%2BQlbo2RJ0xkRJP73fxvJ7YvPbQXL9nDRx87fM5vYW6cnXmPCipN7WFyREgB7tL50UCjs7DVrYdt0UQf7W8r0pZg%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7349&sent=153&recv=77&lost=0&retrans=0&sent_bytes=137771&recv_bytes=20408&delivery_rate=2036069&cwnd=38400&unsent_bytes=0&cid=bb46430908281d20&ts=8252&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options
nosniff
date
Thu, 24 Oct 2024 23:59:58 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
Hiaf/LaiddZwcRWhR3Sc5pjeO45V5bfwvJK3MCea0HLleIG7X7hJC21FWftMW5gEhhmEwm756yG9qMz2jVs4SMYF2Tc1Vpmfyt41PJMMa53KXVY9C0Sog+fzXojG+XgwZZNAz78J4Wex5iAoorwi3A==$l3aM79wTOpplB83hhtBZnQ==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d7dec761a2ed246-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
favicon.ico
thefirsts.cc/ 		8 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://thefirsts.cc/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8be1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
528dd529b25ce6b6d86adb17ad0181c7ff0cb3eb2d1f9ccc3eb4571633cdb7ed
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Referer
https://thefirsts.cc/

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XFdhWgcLN1pL%2FD7q1s0DmXyrzryyZaPk236ndXSQNM726WwILB8oQ5hjPICjjFLWDKFkrMbzrd5VnNzobcAu2%2Bk%2BNHq8V3bT2X63dxzO7oZHdTJS2Xme4wZZLn2olcSq1JR5ylGxwjeAZCE%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7304&sent=161&recv=79&lost=0&retrans=0&sent_bytes=144725&recv_bytes=20879&delivery_rate=434199&cwnd=38400&unsent_bytes=0&cid=bb46430908281d20&ts=8270&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options
nosniff
date
Thu, 24 Oct 2024 23:59:58 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
sdSEZaM2NTQPb30OsBwhlwDWpBdpoVxhao29DA5HENkTBmB5IFYuPBCcaIWqCK5P2HhNYbIqwrQlV3gQqFHZsn8SLbeoI11nr9vDH4XF9UjpCjdM/tir70GInZfCHkFTnDk58h8wvjy5CI2ZKDFeXw==$B9YDlxqj/0d2sbdktexdDg==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8d7dec763a3bd246-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
Xf4B5xePYLcUM8F_7ytSuqxV8vO43tsdd0feHMoI7BA-1729814398-1.2.1.1-2ORMJ_a_gl7N7tTZj_lIqvWqeYZ7lb9Q6nzt6ZhZiS_6bZBK1snf.fJeIQfr9zpG
thefirsts.cc/cdn-cgi/challenge-platform/h/b/flow/ov1/413329493:1729811541:qCE6ivUPGrS24dpNuDeWXHxSttpAjLma2Y0auFbsaS8/8d7dec75a9fed246/ 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://thefirsts.cc/cdn-cgi/challenge-platform/h/b/flow/ov1/413329493:1729811541:qCE6ivUPGrS24dpNuDeWXHxSttpAjLma2Y0auFbsaS8/8d7dec75a9fed246/Xf4B5xePYLcUM8F_7ytSuqxV8vO43tsdd0feHMoI7BA-1729814398-1.2.1.1-2ORMJ_a_gl7N7tTZj_lIqvWqeYZ7lb9Q6nzt6ZhZiS_6bZBK1snf.fJeIQfr9zpG
Requested by
Host: thefirsts.cc
URL: https://thefirsts.cc/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8d7dec75a9fed246
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:8be1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d69b66a16fc31a70d061db43e8666d759fc5599992ef2ea4877a12922215df0

Request headers

Referer
https://thefirsts.cc/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666
Content-type
application/x-www-form-urlencoded
CF-Challenge
Xf4B5xePYLcUM8F_7ytSuqxV8vO43tsdd0feHMoI7BA-1729814398-1.2.1.1-2ORMJ_a_gl7N7tTZj_lIqvWqeYZ7lb9Q6nzt6ZhZiS_6bZBK1snf.fJeIQfr9zpG

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yMcaTl7JApdi3oXvmHXc7IxJrZW1oOW3qKB3ysjbF%2FbE4KnMmRlkJmgjy%2FGJz2%2FkWvnwbhKft%2FNKkmx8pPPuR%2F0uG0uekKvdGY5pnsQ%2FDVsq3Xrqtkx8215AoN6IWf0q106et0EWGylaQgs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7dec76ca76d246-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7267&sent=171&recv=84&lost=0&retrans=0&sent_bytes=151722&recv_bytes=25123&delivery_rate=473990&cwnd=38400&unsent_bytes=0&cid=bb46430908281d20&ts=8370&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 24 Oct 2024 23:59:58 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
anET2Xzi2W1yWN53jtAi4oi9wIxZ82CSxhIO1axRE/veWoerqrmxp7I0pSAfkGRUKJKeknF0GD4=$fPwPBQaKJU9RMtJJ
server
cloudflare
priority
u=1,i
76a02ecd-efcc-4a36-b924-9cdb5e008dfe
https://thefirsts.cc/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z3v5b/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame E989 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/z3v5b/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/e1a56f38220d/api.js?onload=tDpp4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_2_1) AppleWebKit/537.3666 (KHTML, like Gecko) Chrome/110.0.0.0.0 Safari/537.3666

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8d7dec789a0b0374-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 23:59:58 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
thefirsts.cc
URL
blob:https://thefirsts.cc/435c417f-f439-46cf-9cb5-3ed9ca7fbc73
Domain
thefirsts.cc
URL
blob:https://thefirsts.cc/35fd4fdc-6a1c-416e-8bcd-cc08cde184e6
Domain
thefirsts.cc
URL
blob:https://thefirsts.cc/0a5dac7a-0479-44e4-a231-ab4948810066
Domain
thefirsts.cc
URL
blob:https://thefirsts.cc/76a02ecd-efcc-4a36-b924-9cdb5e008dfe

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| pqPjZ5 function| gFEi8 function| Lsws0 object| xpuJb1 object| ZQkn8 function| tDpp4 function| gQBhC1 function| QyLSu7 function| OkUJb2 function| eLZdk2 object| XXnfe7 number| qGJle3 object| angular object| VBhX8 object| turnstile boolean| Toah6 function| _ string| HShN1 boolean| blpi3

2 Cookies

Domain/Path Name / Value
.thefirsts.cc/ Name: __cf_mw_byp
Value: yJLC7cxQkVZ3slsORqaNMDfUAEZ144lN9zHY89UK34c-1729814390-0.0.1.1-/
thefirsts.cc/ Name: cf_chl_rc_ni
Value: 1

8 Console Messages

Source Level URL
Text
network error URL: https://thefirsts.cc/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://thefirsts.cc/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://thefirsts.cc/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://thefirsts.cc/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://thefirsts.cc/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://thefirsts.cc/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://thefirsts.cc/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://thefirsts.cc/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN