hfm.novusprintco.top Open in urlscan Pro
172.67.222.192  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://public-eur.mkt.dynamics.com/api/orgs/95d04705-2d7f-ef11-ac1c-7c1e5250436e/r/kPT2M-VMzkygPASMe2h7LwEAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Fhfm.novusprintco.top%252F%22%2C%22RedirectOptions%22%3A%7B%225%22%3Anull%2C%221%22%3Anull%7 Page URL
2. https://hfm.novusprintco.top/ Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	kPT2M-VMzkygPASMe2h7LwEAAAA Show response public-eur.mkt.dynamics.com/api/orgs/95d04705-2d7f-ef11-ac1c-7c1e5250436e/r/	732 B 1008 B	865ms 770ms	Document text/html	40.113.183.0 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://public-eur.mkt.dynamics.com/api/orgs/95d04705-2d7f-ef11-ac1c-7c1e5250436e/r/kPT2M-VMzkygPASMe2h7LwEAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Fhfm.novusprintco.top%252F%22%2C%22RedirectOptions%22%3A%7B%225%22%3Anull%2C%221%22%3Anull%7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.113.183.0 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash 069f5b3f0213db712787c6e976daad752c75c0a0e438925ca9f84b9f3a95ee7c Security Headers Name Value Strict-Transport-Security max-age=2592000; preload X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers Connection keep-alive Content-Length 732 Content-Type text/html Date Tue, 08 Oct 2024 13:05:23 GMT Server nginx Strict-Transport-Security max-age=2592000; preload x-content-type-options nosniff x-ms-trace-id 5574963a65d53f8fd7b57768ad97acca
GET H/1.1	200 OK	BotDetection.bundle.js Show response cxppeur1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/	32 KB 32 KB	224ms 47ms	Script application/javascript	20.60.40.132 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://cxppeur1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/BotDetection.bundle.js Requested by Host: public-eur.mkt.dynamics.com URL: https://public-eur.mkt.dynamics.com/api/orgs/95d04705-2d7f-ef11-ac1c-7c1e5250436e/r/kPT2M-VMzkygPASMe2h7LwEAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Fhfm.novusprintco.top%252F%22%2C%22RedirectOptions%22%3A%7B%225%22%3Anull%2C%221%22%3Anull%7 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 20.60.40.132 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash e9c05b187c2fc087941c89378813b7c179df17d5ef2ec3e22316b98b08a48e9b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://public-eur.mkt.dynamics.com/ Response headers Content-MD5 2Gf+JwfY1OVHdaK9ZYWxDw== x-ms-version 2009-09-19 x-ms-lease-status unlocked ETag 0x8DCCCBF099AC587 x-ms-request-id ea5c4bae-201e-0018-4f82-19669c000000 Access-Control-Allow-Origin * Content-Length 32500 Date Tue, 08 Oct 2024 13:05:23 GMT Content-Type application/javascript Last-Modified Wed, 04 Sep 2024 08:53:25 GMT Server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-blob-type BlockBlob
GET DATA	200 OK	truncated /	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
POST H/1.1	202 Accepted	kPT2M-VMzkygPASMe2h7L5eF9vD8bRxCuJZsvrb96kE public-eur.mkt.dynamics.com/api/orgs/95d04705-2d7f-ef11-ac1c-7c1e5250436e/cp/	0 0	76ms 75ms	Fetch	40.113.183.0 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://public-eur.mkt.dynamics.com/api/orgs/95d04705-2d7f-ef11-ac1c-7c1e5250436e/cp/kPT2M-VMzkygPASMe2h7L5eF9vD8bRxCuJZsvrb96kE Requested by Host: cxppeur1rdrect01sa02cdn.blob.core.windows.net URL: https://cxppeur1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/BotDetection.bundle.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.113.183.0 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=2592000; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type application/json Referer https://public-eur.mkt.dynamics.com/api/orgs/95d04705-2d7f-ef11-ac1c-7c1e5250436e/r/kPT2M-VMzkygPASMe2h7LwEAAAA?target=%7B%22TargetUrl%22%3A%22https%253A%252F%252Fhfm.novusprintco.top%252F%22%2C%22RedirectOptions%22%3A%7B%225%22%3Anull%2C%221%22%3Anull%7 Response headers x-ms-trace-id 8e14717107eb3bf1c10749c6744864be Strict-Transport-Security max-age=2592000; preload Access-Control-Allow-Origin * Content-Length 0 Date Tue, 08 Oct 2024 13:05:23 GMT Server nginx Connection keep-alive
GET H3	403	Primary Request / Show response hfm.novusprintco.top/	11 KB 9 KB	377ms 37ms	Document text/html	172.67.222.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hfm.novusprintco.top/ Requested by Host: cxppeur1rdrect01sa02cdn.blob.core.windows.net URL: https://cxppeur1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/BotDetection.bundle.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.222.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 735ccd86824e0cb09a6be06ebc585e11cfa324341c4444bcb5f78b53768ec87b Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://public-eur.mkt.dynamics.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-chl-out f3lNSfWn8uXlTTEv1kUp8C+ejjgP3MaxVXzXMpwyZLZZ0tDopMAXYzM+mn+moRblWCQBH2w5niOwgGxi8W/3SEKkOCem2ZGidzyzsaKHQ9kl2U8Qohw6SMR4fXT6Yt8WTJOJ9HwEFr6zczbg+OYdGg==$l84B2xjRBsLh4jLx08MVZQ== cf-mitigated challenge cf-ray 8cf6579f0852dc4f-FRA content-encoding br content-type text/html; charset=UTF-8 critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Tue, 08 Oct 2024 13:05:24 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ix3Q0YVj2VDdWaxA3onxTKODIYx2daP97YtfHCp1G3k145S1Uzwr8TyUZJaf8Ha3Sisvzsc9TBKGlc%2BO7B%2BQLAI6Fuzzz6omqAyfd2B2WKDTYQJllvF%2BBA0%2BVRkW7GnKFqleu%2Fi%2BFw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation" vary Accept-Encoding x-content-options nosniff x-frame-options SAMEORIGIN
GET H3	403	speculation hfm.novusprintco.top/cdn-cgi/	0 0	38ms 37ms	Other text/html	172.67.222.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hfm.novusprintco.top/cdn-cgi/speculation Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.222.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://hfm.novusprintco.top Referer https://hfm.novusprintco.top/ Response headers content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hT7d1ucyonZ5zeRc44RYbLgccGODXQ%2B3SUv3j6qZyvpV1aawTti%2BD7BY7ljDe2wJ8igOhdd2vzy5LksrBp6FPlKOD1vjUricYJ6BS%2Bhk9Xy98ZyYOS04zd5l5kUPXe7zssYjVxS40w%3D%3D"}],"group":"cf-nel","max_age":604800} critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA expires Thu, 01 Jan 1970 00:00:01 GMT x-content-options nosniff date Tue, 08 Oct 2024 13:05:24 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-frame-options SAMEORIGIN cf-mitigated challenge cf-chl-out zt7DXvrufybWi8PGVGjWHNGMcgMQls1rNA/DtLgLckUVYWLwRUFX4jZ5BKHDCm09dZUqj2/IbRrNcURHzwBHqvhiCRHfjuhTE1ZF4YC+D7b2txZWX7kxiE0SChu5eSAHiEpGZ3f7FbvjMvscSJt1+Q==$gGEJ3rjFWAV2ZgM7WZ1wCw== cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cross-origin-opener-policy same-origin accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA speculation-rules "/cdn-cgi/speculation" cross-origin-resource-policy same-origin referrer-policy same-origin cf-ray 8cf6579fab1adc4f-FRA cross-origin-embedder-policy require-corp permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() origin-agent-cluster ?1 server cloudflare
GET H3	200	v1 Show response hfm.novusprintco.top/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/	150 KB 55 KB	34ms 33ms	Script application/javascript	172.67.222.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hfm.novusprintco.top/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cf6579f0852dc4f Requested by Host: hfm.novusprintco.top URL: https://hfm.novusprintco.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.222.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0005aa85d4cae267f53bb0fa095b6c22b29cbd0cd8ef72d997e2c9e58e28ae4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://hfm.novusprintco.top/?__cf_chl_rt_tk=wI602qOHIFcnGhFh0oUv8Tbg6DLDvcYAEVeY.OWrVdw-1728392724-0.0.1.1-6847 Response headers cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1JfAZ%2B1RwIEi4lvHfzlQRcfxebdjoXG5cfJrulgtJzlL1USChpT6caKMhvoL7L8piikA4%2BhvT9NDoBDkoF36fa7l2d4Y3Iw36mfV1uBuN6ju3YPsvwhJuJJmr0G8Ir2YG4v9HQ1wLw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cf6579fdbb3dc4f-FRA date Tue, 08 Oct 2024 13:05:24 GMT content-type application/javascript; charset=UTF-8 server cloudflare
GET		ea1ca243-989a-4dd1-ba33-0a467f35d448 https://hfm.novusprintco.top/ Frame	0 0
GET H3	200	api.js Show response challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/	46 KB 16 KB	63ms 34ms	Script application/javascript	104.18.94.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit Requested by Host: hfm.novusprintco.top URL: https://hfm.novusprintco.top/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cf6579f0852dc4f Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 96bd1c81d59d6ac2ec9f8ebe4937a315e85443667c5728a7cd9053848dd8d3d7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://hfm.novusprintco.top Referer Response headers cache-control max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public content-encoding br cross-origin-resource-policy cross-origin cf-ray 8cf657a08d0b4d26-FRA access-control-allow-origin * date Tue, 08 Oct 2024 13:05:24 GMT content-type application/javascript; charset=UTF-8 last-modified Tue, 17 Sep 2024 16:06:37 GMT server cloudflare vary Accept-Encoding
GET H3	403	favicon.ico hfm.novusprintco.top/	2 KB 2 KB	28ms 28ms	Image text/html	172.67.222.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://hfm.novusprintco.top/favicon.ico Requested by Host: hfm.novusprintco.top URL: https://hfm.novusprintco.top/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.222.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1d5c52c34fddbc5bad29bf2990e7508decd4c1f7b4eb3fe1c6e3da80f1b3bc83 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://hfm.novusprintco.top/ Response headers content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tl5upg8gZG1%2F9RNMXvTNTlksiTNwKKuN8B%2B%2BysbzzW4mzneC84z9EKr5liM5MVprtv1KCNVNe%2FUk%2Fvc5Cq3qJxrIyHOtfVwSgp%2F2YEDhQ0i1jhtpQ%2FEsVFdPyUSsWwSiGf1BkCXtgw%3D%3D"}],"group":"cf-nel","max_age":604800} critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA expires Thu, 01 Jan 1970 00:00:01 GMT x-content-options nosniff date Tue, 08 Oct 2024 13:05:24 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-frame-options SAMEORIGIN cf-mitigated challenge cf-chl-out EPyIvmz7cf65vCVQYFuh4r9LS5EPS/bnoYjBnN/ZX/JHgqnrsKq639ZWnFmU2Wvle+nqIpl9WQc0lWyl1Y1kBR3e74TrsQ5KBhR7KilTimrRF3j0pf4ueizLrvfFu/sb7+Y/Dvg3z/IwFNsBI8U+ag==$FHo3ccOeMW3pbxGmUKtgdw== cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cross-origin-opener-policy same-origin accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA speculation-rules "/cdn-cgi/speculation" cross-origin-resource-policy same-origin referrer-policy same-origin cf-ray 8cf657a07e35dc4f-FRA cross-origin-embedder-policy require-corp permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() origin-agent-cluster ?1 server cloudflare
GET H3	403	favicon.ico hfm.novusprintco.top/	9 KB 7 KB	31ms 31ms	Other text/html	172.67.222.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hfm.novusprintco.top/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.222.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 872b791a937608880a768bc2b862be18cd79b12faa662b396f5bb7cd80a36277 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://hfm.novusprintco.top/ Response headers content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9a66ERSWeW35EqyvKqByzRPPTsbJrtQtkipHi227Wn4sFjC1ewURto%2F13T5osigjFyFLg3lXIoG4X1tTfulrFfT1L6%2F6lqV12l%2Fcz4YyccsvqTYUA4ANuYmIwL7WmkDqLmlH%2BogG9Q%3D%3D"}],"group":"cf-nel","max_age":604800} critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA expires Thu, 01 Jan 1970 00:00:01 GMT x-content-options nosniff date Tue, 08 Oct 2024 13:05:24 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-frame-options SAMEORIGIN cf-mitigated challenge cf-chl-out unckU7k0kg0do/0xVkLphj3OHxG8by0hEvADLnjKhrr958IVUGdZhxNxvwfbRZL6bxkDCYwmWDaoaMokfTcdkft4zv5v1JuWkMmjI+bUulaxcWwR2TJiRjbcvNRiuhxgWy0hGRTXyimJ0/FmXjn88g==$Ig4RuIoUdhwgUtwYma4LXg== cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cross-origin-opener-policy same-origin accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA speculation-rules "/cdn-cgi/speculation" cross-origin-resource-policy same-origin referrer-policy same-origin cf-ray 8cf657a0eff2dc4f-FRA cross-origin-embedder-policy require-corp permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() origin-agent-cluster ?1 server cloudflare
POST H3	200	0ec5e01ef36f4fd Show response hfm.novusprintco.top/cdn-cgi/challenge-platform/h/g/flow/ov1/2046807995:1728390326:lT8ltNp7rrh-aEwhlg0MjjVDMsOAla34hdPQZRALIrM/8cf6579f0852dc4f/	16 KB 13 KB	51ms 49ms	XHR text/plain	172.67.222.192 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://hfm.novusprintco.top/cdn-cgi/challenge-platform/h/g/flow/ov1/2046807995:1728390326:lT8ltNp7rrh-aEwhlg0MjjVDMsOAla34hdPQZRALIrM/8cf6579f0852dc4f/0ec5e01ef36f4fd Requested by Host: hfm.novusprintco.top URL: https://hfm.novusprintco.top/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8cf6579f0852dc4f Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.222.192 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cb4c6a18c9d3865fec18960fc91d6432dca0eb4c9ab6675d33910878587bbed5 Request headers Referer https://hfm.novusprintco.top/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded CF-Challenge 0ec5e01ef36f4fd Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i7E6TwH10uI2Aah1uvdke%2Bjn89qS11E%2BUHw3uwpj8igR15fvNLte3nI2GNgBuuwExq2oVgHlpXfuVLoO5PYPUoRoXtqkSEttpxbFqZZcC7Jz31xQnhWW28kIdj%2BMaWTTwqvxth4Hnw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cf657a1289bdc4f-FRA date Tue, 08 Oct 2024 13:05:24 GMT content-type text/plain; charset=UTF-8 cf-chl-gen FfGwCKhb6T6OW87dietmDfWAJfSSGTVtina032IJmvjtEnaaOt3AxEvnI6diVPQghwb66ML8hw==$RLLwDPxLtmuWw5/f server cloudflare
GET		0ef9edff-cd84-4261-af46-af65dd2c6488 https://hfm.novusprintco.top/ Frame	0 0
GET H3	200	/ challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/e596l/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame BA41	0 0	54ms 32ms	Document text/html	104.18.95.41 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/e596l/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 8cf657a1fe0adca0-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self' content-type text/html; charset=UTF-8 critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Tue, 08 Oct 2024 13:05:24 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

hfm.novusprintco.top

URL

blob:https://hfm.novusprintco.top/ea1ca243-989a-4dd1-ba33-0a467f35d448

Domain

hfm.novusprintco.top

URL

blob:https://hfm.novusprintco.top/0ef9edff-cd84-4261-af46-af65dd2c6488

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| TMMx5 function| Jeuhg1 boolean| tlLrK2 function| KUjIx3 function| Vguy6 function| Hvmr3 function| mpUaL2 function| FxOnr3 object| eXDlL4 object| YvPd6 object| iHwxM3 number| OuWT7 object| angular object| ohry1 object| turnstile boolean| FrNBi5 string| HcTEI3 boolean| aFyRe6

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cxppeur1rdrect01sa02cdn.blob.core.windows.net/botdetection/BotDetection/BotDetection.bundle.js(Line 1) Message: WebSocket connection to 'wss://public-eur.mkt.dynamics.com/api/orgs/95d04705-2d7f-ef11-ac1c-7c1e5250436e/r/test' failed: Error during WebSocket handshake: Unexpected response code: 404
network	error	URL: https://hfm.novusprintco.top/#msdynmkt_trackingcontext=33f6f490-4ce5-4cce-a03c-048c7b687b2f Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://hfm.novusprintco.top/cdn-cgi/speculation Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://hfm.novusprintco.top/?__cf_chl_rt_tk=wI602qOHIFcnGhFh0oUv8Tbg6DLDvcYAEVeY.OWrVdw-1728392724-0.0.1.1-6847#msdynmkt_trackingcontext=33f6f490-4ce5-4cce-a03c-048c7b687b2f Message: Load failed or canceled (net::ERR_ABORTED; HTTP status 403) for rule set requested from "https://hfm.novusprintco.top/cdn-cgi/speculation" found in Speculation-Rules header.
network	error	URL: https://hfm.novusprintco.top/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://hfm.novusprintco.top/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
cxppeur1rdrect01sa02cdn.blob.core.windows.net
hfm.novusprintco.top
public-eur.mkt.dynamics.com
hfm.novusprintco.top
104.18.94.41
104.18.95.41
172.67.222.192
20.60.40.132
40.113.183.0
069f5b3f0213db712787c6e976daad752c75c0a0e438925ca9f84b9f3a95ee7c
1d5c52c34fddbc5bad29bf2990e7508decd4c1f7b4eb3fe1c6e3da80f1b3bc83
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
735ccd86824e0cb09a6be06ebc585e11cfa324341c4444bcb5f78b53768ec87b
872b791a937608880a768bc2b862be18cd79b12faa662b396f5bb7cd80a36277
96bd1c81d59d6ac2ec9f8ebe4937a315e85443667c5728a7cd9053848dd8d3d7
cb4c6a18c9d3865fec18960fc91d6432dca0eb4c9ab6675d33910878587bbed5
d0005aa85d4cae267f53bb0fa095b6c22b29cbd0cd8ef72d997e2c9e58e28ae4
e9c05b187c2fc087941c89378813b7c179df17d5ef2ec3e22316b98b08a48e9b