urlscan.io logo urlscan.io
SecurityTrails logo

vinted-pt.pay3d.org Open in urlscan Pro
2606:4700:3035::ac43:ddd2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.nnmn.info/8yVX
Effective URL: https://vinted-pt.pay3d.org/product/4677979741/money
Submission: On September 06 via manual from PT — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3035::ac43:ddd2, located in United States and belongs to CLOUDFLARENET, US. The main domain is vinted-pt.pay3d.org.
TLS certificate: Issued by GTS CA 1P5 on August 28th 2022. Valid for: 3 months.
This is the only time vinted-pt.pay3d.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 4 51.83.138.45 16276 (OVH)
2 2606:4700:303... 13335 (CLOUDFLAR...)
14 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
21 5
4    51.83.138.45 (France)

ASN16276 (OVH, FR)
PTR: protection.wellcloud.io
www.nnmn.info
2    2606:4700:3031::ac43:b3d4 (United States)

ASN13335 (CLOUDFLARENET, US)
static.frosbyte.org
14    2606:4700:3035::ac43:ddd2 (United States)

ASN13335 (CLOUDFLARENET, US)
vinted-pt.pay3d.org
1    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
google.com
1    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
14 pay3d.org
vinted-pt.pay3d.org
214 KB
4 nnmn.info
www.nnmn.info
4 KB
2 google.com
google.com — Cisco Umbrella Rank: 13
www.google.com — Cisco Umbrella Rank: 19
455 B
2 frosbyte.org
static.frosbyte.org
331 KB
0 cloudflareresearch.com Failed
tls-ech-experiment.cloudflareresearch.com Failed
tls-ech-experiment-c.cloudflareresearch.com Failed
21 5
Domain Requested by
14 vinted-pt.pay3d.org www.nnmn.info
vinted-pt.pay3d.org
4 www.nnmn.info 3 redirects
2 static.frosbyte.org www.nnmn.info
1 www.google.com
1 google.com 1 redirects
0 tls-ech-experiment-c.cloudflareresearch.com Failed www.nnmn.info
0 tls-ech-experiment.cloudflareresearch.com Failed www.nnmn.info
21 7

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
www.nnmn.info
R3		 2022-08-09 -
2022-11-07		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-11 -
2023-04-11		 a year crt.sh
*.pay3d.org
GTS CA 1P5		 2022-08-28 -
2022-11-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://vinted-pt.pay3d.org/product/4677979741/money
Frame ID: 6D61F43338D533887DF3355CBD728B22
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://www.nnmn.info/8yVX HTTP 301
    https://www.nnmn.info/8yVX Page URL
  2. https://www.nnmn.info/8yVX HTTP 301
    https://vinted-pt.pay3d.org/product/4677979741/money Page URL
  3. https://vinted-pt.pay3d.org/product/4677979741/money Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jit(?:-yc)?\.js

Page Statistics

21
Requests

81 %
HTTPS

80 %
IPv6

5
Domains

7
Subdomains

5
IPs

3
Countries

549 kB
Transfer

1611 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.nnmn.info/8yVX HTTP 301
    https://www.nnmn.info/8yVX Page URL
  2. https://www.nnmn.info/8yVX HTTP 301
    https://vinted-pt.pay3d.org/product/4677979741/money Page URL
  3. https://vinted-pt.pay3d.org/product/4677979741/money Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.nnmn.info/8yVX HTTP 301
  • https://www.nnmn.info/8yVX
Request Chain 3
  • https://www.nnmn.info/8yVX HTTP 301
  • https://vinted-pt.pay3d.org/product/4677979741/money
Request Chain 4
  • https://www.nnmn.info/jit.jpg HTTP 301
  • https://google.com/ HTTP 301
  • https://www.google.com/

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
8yVX
www.nnmn.info/
Redirect Chain
  • http://www.nnmn.info/8yVX
  • https://www.nnmn.info/8yVX
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nnmn.info/8yVX
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.83.138.45 , France, ASN16276 (OVH, FR),
Reverse DNS
protection.wellcloud.io
Software
/
Resource Hash
e12eca19aae6cff3c47733e1f4a0f19f5a46d5d45d360ba0fd954eab61f9e6ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
no-cache
content-type
text/html
date
Tue, 06 Sep 2022 06:18:51 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
server

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Tue, 06 Sep 2022 06:18:51 GMT
Location
https://www.nnmn.info:443/8yVX
Server
frosbyte-web-engine
Transfer-Encoding
chunked
vs.js
static.frosbyte.org/auth/ 		383 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.frosbyte.org/auth/vs.js
Requested by
Host: www.nnmn.info
URL: https://www.nnmn.info/8yVX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b3d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4abfda0b49e45a556d85d43ba16e1f57a76a6670b511c1c86f8822d9cb0ccec1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.nnmn.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 06:18:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 03:01:20 GMT
server
cloudflare
etag
W/"624fa580-5fcf0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0WqBMBKY%2BwU08tDnqtXEI8CqmsA4T1%2FF63VtUZBfii8u61nqcuZIeFfdJWcI3dziIULaYWa8JDg%2FnxDsEPNQlkdUiIeBSN0dZ3dqsEG7MVEWpW9KKlmcwwWPfyWxV0qfs0yPCqQn0nPgTuYOX4hdSpaY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
746516f77c61d5f1-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jit.js
static.frosbyte.org/auth/ 		660 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.frosbyte.org/auth/jit.js
Requested by
Host: www.nnmn.info
URL: https://www.nnmn.info/8yVX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b3d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c58b6df8d765cfa9b0b781cfaa7393772113d1c3cc11d2a6404f5a6240ab2969

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.nnmn.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 06:18:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 03:00:57 GMT
server
cloudflare
etag
W/"624fa569-a4f3a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHmqGrQ0TpAjOdl0Ag%2BJT7WmDJhNILxdRmWCutPg1NvPu6me71isxhbjMPetgA6BVhRpkowvqRDbELkgcyXG9HkrgDBJ7aIwbGsWXDEpVHxODs%2F%2FtWUvlexd1iXaGfCi6%2Fo4Uc2ksqTupgrrcL%2BIE%2B9c"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=28800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
746516f77c65d5f1-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
money
vinted-pt.pay3d.org/product/4677979741/
Redirect Chain
  • https://www.nnmn.info/8yVX
  • https://vinted-pt.pay3d.org/product/4677979741/money
8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vinted-pt.pay3d.org/product/4677979741/money
Requested by
Host: www.nnmn.info
URL: https://www.nnmn.info/8yVX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ddd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a11beed82e72a690fdf23ec5860fc2a40c742cb87f8b3c025ddc7a4bddea604
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.nnmn.info/8yVX
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
746516fcdb97d24d-CDG
content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 06:18:52 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34a%2Fq6zr46pc%2FpqpfMqPQsw6iEfjIFEcZSqaWu5WeIJqk9setI1zrSoqTG0DDwU3oc2NuissQr4Vsv5aAw4JlpOy%2F47IfgKtMzevShWz6KD7HYonwms%2BTaDI6ZxQoi0BapLQOXVkqiykEgkpCchP2tsd"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 06:18:51 GMT
location
https://vinted-pt.pay3d.org/product/4677979741/money
server
/
www.google.com/
Redirect Chain
  • https://www.nnmn.info/jit.jpg
  • https://google.com/
  • https://www.google.com/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/
Protocol
H2
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.nnmn.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Redirect headers

bfcache-opt-in
unload
date
Tue, 06 Sep 2022 06:18:52 GMT
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
location
https://www.google.com/
cache-control
private, max-age=2592000
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
220
x-xss-protection
0
expires
Tue, 06 Sep 2022 06:18:52 GMT
challenges.css
vinted-pt.pay3d.org/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vinted-pt.pay3d.org/cdn-cgi/styles/challenges.css
Requested by
Host: vinted-pt.pay3d.org
URL: https://vinted-pt.pay3d.org/product/4677979741/money
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ddd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa67d3b2b2220dc526c921c1fc47df5b956559a293d5e07fbaf58a52462f6bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vinted-pt.pay3d.org/product/4677979741/money
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 06:18:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 13:16:33 GMT
server
cloudflare
etag
W/"630f5f31-1896"
x-frame-options
DENY
content-type
text/css
cache-control
max-age=7200, public
cf-ray
746516fe7f8ad24d-CDG
vary
Accept-Encoding
expires
Tue, 06 Sep 2022 08:18:52 GMT
favicon.ico
vinted-pt.pay3d.org/ 		156 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vinted-pt.pay3d.org/favicon.ico
Requested by
Host: vinted-pt.pay3d.org
URL: https://vinted-pt.pay3d.org/product/4677979741/money
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ddd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6fc12d86c914fb48a24300b43e2d2151517485cdb9609ff5235291bac91d60

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vinted-pt.pay3d.org/product/4677979741/money
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 06:18:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 16 Aug 2022 08:21:56 GMT
server
cloudflare
etag
W/"2707a-5e657710265cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcEhZ3iLk8O2sP39NUApNDsnZIaOxhhbzRkDJv2XN8pSLuG4IF4eAq4HCDBDejZkJTLc%2Bka%2B3DfCloQyhMFV541Q3kFWOF0jmzSmtBtyvJh5IRc5%2ByhEzvUMa99T27w0z0FbQOhBDLjNFsiaw%2Fjwtoho"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
746516fe7f8cd24d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
v1
vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 		59 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=746516fcdb97d24d
Requested by
Host: vinted-pt.pay3d.org
URL: https://vinted-pt.pay3d.org/product/4677979741/money
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ddd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b790bc48be9ffa40b178c638557188841fc60f5b4f99c41b5a4954584d3cbb

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vinted-pt.pay3d.org/product/4677979741/money?__cf_chl_rt_tk=c82AovhVJ7D53cZMVkjILarpREdnGlefg92hceQEfQc-1662445132-0-gaNycGzNCGU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 06:18:52 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxiaWyPK9kvzM7XJgzBwPO4%2FqKIecNbiNDRE8kyUmPTZ4j6gu2HBBkXDXyt8hlxY6DG5YbSWvOxEiClyT07cSSaKktRqsO7xIy03LgBuM05dCA8CPedckttxMLbNXUTJBAjQwmOuK3VJaxXmmSVVDAFF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
746516febfd4d24d-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
transparent.gif
vinted-pt.pay3d.org/cdn-cgi/images/trace/jsch/js/ 		42 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vinted-pt.pay3d.org/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=746516fcdb97d24d
Requested by
Host: vinted-pt.pay3d.org
URL: https://vinted-pt.pay3d.org/product/4677979741/money?__cf_chl_rt_tk=c82AovhVJ7D53cZMVkjILarpREdnGlefg92hceQEfQc-1662445132-0-gaNycGzNCGU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:ddd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vinted-pt.pay3d.org/product/4677979741/money?__cf_chl_rt_tk=c82AovhVJ7D53cZMVkjILarpREdnGlefg92hceQEfQc-1662445132-0-gaNycGzNCGU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 06:18:52 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 13:16:33 GMT
server
cloudflare
etag
"630f5f31-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
746516febfd7d24d-CDG
vary
Accept-Encoding
content-length
42
expires
Tue, 06 Sep 2022 08:18:52 GMT
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
a6e9276bb52b16f
vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/flow/ov1/0.3609592264677454:1662441792:GnJNZwOXUlqwIf050VtTYrrF6caS5qZeSbfwHQf1et0/746516fcdb97d24d/ 		101 KB
57 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/flow/ov1/0.3609592264677454:1662441792:GnJNZwOXUlqwIf050VtTYrrF6caS5qZeSbfwHQf1et0/746516fcdb97d24d/a6e9276bb52b16f
Requested by
Host: vinted-pt.pay3d.org
URL: https://vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=746516fcdb97d24d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ddd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85cd47a773a8fc8d115a14691c39e0be7a0ec75ef4e5841ac8d5fc06abf14558

Request headers

Referer
https://vinted-pt.pay3d.org/product/4677979741/money
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
CF-Challenge
a6e9276bb52b16f
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 06 Sep 2022 06:18:52 GMT
content-encoding
br
cf_chl_gen
S/UqpNWt6QXFn8HMLADoFdaL68GTTw1AMg7/F3FFyjX3Ft3ajhSljN8deTKePh8UnEFrJ+XHlW6tc3X39ZhJGKKFb1hCIkbBfCHBOA7M6GXo5FDduznB/IeTlMK1VEXCteZOjoQM9cfh5u/wt36XAtMQ6JhZ6h2Wf4Dl0ASRPnzMJgnaenib7jtkZyAYumQs2EB/A6kMRroQ2YsmMf887lLLUA/eUQzhD0Kx3DzdbS0O68W49xxmzFPPw9JJfIvacUzb/8ambtOyY8A/lY6rJH/p2P9aYt19c+7YQksJrXqvIlhjC7cZd2ozFEZiISQXPzsNtl6s567xyr+y1+d4R7GH/cPlLLoVWm74gap06atVefgj3XTKizm1xDYr6/rn4IYi2e8PofTQhHZN1LT8br3n21CJnrnL20vDHoXgRLcZUtqwMgCBOytI0gsL4lcp$bi3r9OqlEQJ7qDgBdBWbog==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bu37ZnJRrf6doII%2BKBgqRx4QuGS0ONeoCc4bCx1todmKqDFMHcMhQ4WgxnyHOQxwWXnHRfbXsLg59fAKjdODNL4JOyyxpmxnw4Bzfvu177qL9ZBqIqPNAw8qaXoFIqFDr5f%2FiP5ODyxaMGYgekAF55vR"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
746516ffaa3ed6a6-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tzM7zvLfWhxCTFT
vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/img/746516fcdb97d24d/1662445132770/ 		61 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/img/746516fcdb97d24d/1662445132770/tzM7zvLfWhxCTFT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ddd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
962c47dea6d5b65a0a330ae23f9c2bdab001604e51d9cd97fcb349c61aed184a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vinted-pt.pay3d.org/product/4677979741/money
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 06:18:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
74651705ff77d6a6-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lAqshm8mUwvxZhXphBzW4YKUUrRBo8mot%2Fshkb7AbC0Ml%2BdbcprK84OjAy6PqkqwdatGI0oJGlcfCK1T8IktMoCXwoWcjSJbOYUSY37Ke62H5lrUPpvmJ2aNyHQeUcEO0Jri08Pz8qJiu83KQ%2BHOlgU"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cQDWE7OiJkpThuq
vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/pat/746516fcdb97d24d/1662445132771/4d4d4bfc986b3175ca39eecc183141c9bdb7be5f03ee5e1d27a2f1165f389b96/ 		1 B
932 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/pat/746516fcdb97d24d/1662445132771/4d4d4bfc986b3175ca39eecc183141c9bdb7be5f03ee5e1d27a2f1165f389b96/cQDWE7OiJkpThuq
Requested by
Host: www.nnmn.info
URL: https://www.nnmn.info/8yVX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ddd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vinted-pt.pay3d.org/product/4677979741/money
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 06:18:53 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gTU1L_JhrMXXKOe7MGDFByb23vl8D7l4dJ6LxFl84m5YAE3ZpbnRlZC1wdC5wYXkzZC5vcmc=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA5LwsExIrfNXkeC9phDzRB1V7hMQrdw__2IShOiyncd-BCDC2Xis9S9msSNyeQaejWtWrgi_7q4kxuADxqLRZO7zZ0ikiiKgBWe9NJurDQ6LGtnKV5wQ3GrDeRo3oai04gvyYwGCeWoh2jaskE7rl4_lkGNUVMP_-B8ZeDh9JG6_hzdBdTD2cfYaD5uOrW4solqjpr1jMapKj7HUcOU-GmyokpRWvxgM34jq4vI5OJzapptxmh2eQxuUghQ-695cDa42D3l-SDD3-WVklLjNFlA2mO2j-dK-skuseU4tfoj-lj3tg-aTb9KdqO9vuqq6S26aTNusRq6C0VKWKy6Bw8wIDAQAB, max-age=15
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bzd%2FkjiGcItGzflyQBnKuxvG6aJ0mP4RxOj7IjXW9H1WxUX6%2BoTOIfA3aZtJYLrXyxK8%2FS522uXraYx9bWhcNaJ%2F3S0x%2F980doprEDoh0dUVVF3Q6LqX9mecXlKztvk2L2QLYmWOh%2BfAx6K0%2FucyPj%2Fu"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
746517064ff1d6a6-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
probe
tls-ech-experiment.cloudflareresearch.com/.well-known/ 		0
0
probe
tls-ech-experiment-c.cloudflareresearch.com/.well-known/ 		0
0
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
a6e9276bb52b16f
vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/flow/ov1/0.3609592264677454:1662441792:GnJNZwOXUlqwIf050VtTYrrF6caS5qZeSbfwHQf1et0/746516fcdb97d24d/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/flow/ov1/0.3609592264677454:1662441792:GnJNZwOXUlqwIf050VtTYrrF6caS5qZeSbfwHQf1et0/746516fcdb97d24d/a6e9276bb52b16f
Requested by
Host: vinted-pt.pay3d.org
URL: https://vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=746516fcdb97d24d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ddd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c389797d463a99471438c31e9e8b67e744077e13132f3789381b45fcf4fa3d7d

Request headers

Referer
https://vinted-pt.pay3d.org/product/4677979741/money
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
CF-Challenge
a6e9276bb52b16f
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 06 Sep 2022 06:18:54 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf_chl_out
ENLGIz0TN7hPIXt7MklIToxPo6g+t+rScgXJpcp48yKE470V8DsW8unutN9aLL/8ClrDoF6NQgv3NgskkZvqVQ==$V7fDAYRXMFuLWyuwpLSKMg==
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QiG5HOgSazvb37c1ck87i1Xmr6mhINt%2BgNe%2FkWD07wZ7w4Z8xNTyFvihpvA3myPhxlBCYPtLBzwAJ6XpupqLer6IrSwQtP63yso3zW8yt9EozZ1e9kXNfJxLQd5waCw%2BSs6JwP%2B1K5UgS1LgZTxkRMPp"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf_chl_out_s
ybx9Ug0FWiWX2kAl6OK92BDgpi7R28leqpeLkgUrEqn6EwO2IwSni0M6355CtGv6ArpXyJnEXTX5UETMi1ekgTf+/vs9yO+NaxTuUhuLW1zi0cVOYWzp8JM0cgDg7ze7SdexTzSKwYNIylgZGYFJgia98TKd7xx8wnIlEmxYcX+xsErgDXo4ZTuCu6ZCoIZeQUJOezfm2rXpAA7q1VfFxnNxVvPxq/sFwk4jnrk+WWDkDBA/KBTMDF1osc2nsvhxeCTLfz7XMVHzRdHKbRlVEcQBVkWIKSlJM8sKl1nX/A8cgIjmzN7/KcJzKxB/hMPN2Ty1tBOIKEYqWtN6R6m9BcunLGZd1uMUmisxO1ohxtdYhjK8Rjrop1Rx37iD6AKKZodXul3RHDdwgF3KqqMc7MkAfimfSldzwZFoUf81t1pwGrEKgREkyB9lNR1tnCRM$Lma3pNFue/cOSIvHEDSlNA==
cf-ray
7465170aea9ed6a6-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Primary Request money
vinted-pt.pay3d.org/product/4677979741/ 		8 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vinted-pt.pay3d.org/product/4677979741/money
Requested by
Host: www.nnmn.info
URL: https://www.nnmn.info/8yVX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ddd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dd3e0497153a3dedd6ac16a011b972f1a17182f5da1630073adb6cf789eace4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://vinted-pt.pay3d.org/product/4677979741/money
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
74651717f8eed6a6-CDG
content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 06:18:56 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XHk9vHPY7VMsvDHQcvpBE2CbtMFXS%2FN7VGmD8zk7dR3iUqQL6oXOg34t%2Bob3PuapxI6h%2FyvTVxtwE4WckFrgk8OF%2BJgZZ8MbmI72GlzKQbkcT3AsPGNTJFIR%2BWe78Xh5xxre55PLUy9E2ptZ9AX4HH54"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
challenges.css
vinted-pt.pay3d.org/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vinted-pt.pay3d.org/cdn-cgi/styles/challenges.css
Requested by
Host: vinted-pt.pay3d.org
URL: https://vinted-pt.pay3d.org/product/4677979741/money
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ddd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa67d3b2b2220dc526c921c1fc47df5b956559a293d5e07fbaf58a52462f6bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vinted-pt.pay3d.org/product/4677979741/money
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 06:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 13:16:33 GMT
server
cloudflare
etag
W/"630f5f31-1896"
x-frame-options
DENY
content-type
text/css
cache-control
max-age=7200, public
cf-ray
74651718295fd6a6-CDG
vary
Accept-Encoding
expires
Tue, 06 Sep 2022 08:18:56 GMT
favicon.ico
vinted-pt.pay3d.org/ 		156 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vinted-pt.pay3d.org/favicon.ico
Requested by
Host: vinted-pt.pay3d.org
URL: https://vinted-pt.pay3d.org/product/4677979741/money
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ddd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6fc12d86c914fb48a24300b43e2d2151517485cdb9609ff5235291bac91d60

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vinted-pt.pay3d.org/product/4677979741/money
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 06:18:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 16 Aug 2022 08:21:56 GMT
server
cloudflare
etag
W/"2707a-5e657710265cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=US9E7625hb71FfE7BeqYYlqDza6FSrIQcMfVSAK251c5jWKVJ0ywC%2Bzr0PGsojeKLSoLQw4w5%2BtpEt86fMmuaQN%2FDd93SBu8RR%2FoqTQhMHpD9qGEQETkMn9EelMtSKJb0Qmn8QFD1%2Bndib6xT%2BhfcnKo"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
746517182961d6a6-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
v1
vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/ 		60 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=74651717f8eed6a6
Requested by
Host: vinted-pt.pay3d.org
URL: https://vinted-pt.pay3d.org/product/4677979741/money
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ddd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d54029f6742301de95279b466263f8ffa399ad10e16acf110beecc5a38a449d6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vinted-pt.pay3d.org/product/4677979741/money?__cf_chl_rt_tk=HE5Gc5_9.3ogUrxoDefuQ9LYO2eEiyaoT4vK8fOoKjM-1662445136-0-gaNycGzNBr0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 06:18:56 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdME3npYQ1di6c5Pf%2B7DoTks9zLIk7KUq4iKN3BOm28BzQoAEOFwQ%2F8CVdxvRRWslLGmO80tQSJ37LzlIM1yXZTWQZK6uTV5b6ammV%2BvYw57uSQMx5fUhJG%2FM1Y9MFAOCTxpmK0wPIaK0yc2nz4Z1Qa0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7465171859d7d6a6-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
transparent.gif
vinted-pt.pay3d.org/cdn-cgi/images/trace/jsch/js/ 		42 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vinted-pt.pay3d.org/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=74651717f8eed6a6
Requested by
Host: vinted-pt.pay3d.org
URL: https://vinted-pt.pay3d.org/product/4677979741/money?__cf_chl_rt_tk=HE5Gc5_9.3ogUrxoDefuQ9LYO2eEiyaoT4vK8fOoKjM-1662445136-0-gaNycGzNBr0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:ddd2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://vinted-pt.pay3d.org/product/4677979741/money?__cf_chl_rt_tk=HE5Gc5_9.3ogUrxoDefuQ9LYO2eEiyaoT4vK8fOoKjM-1662445136-0-gaNycGzNBr0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 06:18:56 GMT
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 13:16:33 GMT
server
cloudflare
etag
"630f5f31-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7465171859dad6a6-CDG
vary
Accept-Encoding
content-length
42
expires
Tue, 06 Sep 2022 08:18:56 GMT
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
023d7172b03bd4c
vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7583814624701629:1662441784:Z0onHUXKWjuq__MqQnFwP-mrMH7227aaoH9rJrwbE6Q/74651717f8eed6a6/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tls-ech-experiment.cloudflareresearch.com
URL
https://tls-ech-experiment.cloudflareresearch.com/.well-known/probe
Domain
tls-ech-experiment-c.cloudflareresearch.com
URL
https://tls-ech-experiment-c.cloudflareresearch.com/.well-known/probe
Domain
vinted-pt.pay3d.org
URL
https://vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/flow/ov1/0.7583814624701629:1662441784:Z0onHUXKWjuq__MqQnFwP-mrMH7227aaoH9rJrwbE6Q/74651717f8eed6a6/023d7172b03bd4c

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _cf_chl_opt function| SHA256 function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| sendRequest object| _cf_chl_ctx string| prefix object| _

6 Cookies

Domain/Path Name / Value
www.nnmn.info/ Name: fb-jit
Value: BH3PsVWbh1kqNoOX0IctDzgmSvCXwdoRtY0HWG5OEHp1MIWSDCx8ZXJMiB7x3v1tdBkbLZ349DY7VOYXBu4JLsBIO72O8V2e1DMOgPIImnJWYDweu7U0ub1On7hGYHXW
www.nnmn.info/ Name: fb-csp
Value: gIpdqL5OHP
www.nnmn.info/ Name: fb-uid
Value: f8965985a125d7b71296df68a6ccfdc6
vinted-pt.pay3d.org/ Name: cf_chl_2
Value: a6e9276bb52b16f
vinted-pt.pay3d.org/ Name: cf_chl_prog
Value: F16
vinted-pt.pay3d.org/ Name: cf_chl_rc_ni
Value: 1

9 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://vinted-pt.pay3d.org/product/4677979741/money
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://vinted-pt.pay3d.org/cdn-cgi/challenge-platform/h/b/pat/746516fcdb97d24d/1662445132771/4d4d4bfc986b3175ca39eecc183141c9bdb7be5f03ee5e1d27a2f1165f389b96/cQDWE7OiJkpThuq
Message:
Failed to load resource: the server responded with a status of 401 ()
javascript error URL: https://vinted-pt.pay3d.org/product/4677979741/money
Message:
Access to XMLHttpRequest at 'https://tls-ech-experiment-c.cloudflareresearch.com/.well-known/probe' from origin 'https://vinted-pt.pay3d.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://tls-ech-experiment-c.cloudflareresearch.com/.well-known/probe
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://vinted-pt.pay3d.org/product/4677979741/money
Message:
Access to XMLHttpRequest at 'https://tls-ech-experiment.cloudflareresearch.com/.well-known/probe' from origin 'https://vinted-pt.pay3d.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://tls-ech-experiment.cloudflareresearch.com/.well-known/probe
Message:
Failed to load resource: net::ERR_FAILED
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://vinted-pt.pay3d.org/product/4677979741/money
Message:
Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

google.com
static.frosbyte.org
tls-ech-experiment-c.cloudflareresearch.com
tls-ech-experiment.cloudflareresearch.com
vinted-pt.pay3d.org
www.google.com
www.nnmn.info
tls-ech-experiment-c.cloudflareresearch.com
tls-ech-experiment.cloudflareresearch.com
vinted-pt.pay3d.org
2606:4700:3031::ac43:b3d4
2606:4700:3035::ac43:ddd2
2a00:1450:4001:811::2004
2a00:1450:4001:82a::200e
51.83.138.45
09b790bc48be9ffa40b178c638557188841fc60f5b4f99c41b5a4954584d3cbb
1dd3e0497153a3dedd6ac16a011b972f1a17182f5da1630073adb6cf789eace4
4abfda0b49e45a556d85d43ba16e1f57a76a6670b511c1c86f8822d9cb0ccec1
5f6fc12d86c914fb48a24300b43e2d2151517485cdb9609ff5235291bac91d60
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
85cd47a773a8fc8d115a14691c39e0be7a0ec75ef4e5841ac8d5fc06abf14558
8a11beed82e72a690fdf23ec5860fc2a40c742cb87f8b3c025ddc7a4bddea604
962c47dea6d5b65a0a330ae23f9c2bdab001604e51d9cd97fcb349c61aed184a
c389797d463a99471438c31e9e8b67e744077e13132f3789381b45fcf4fa3d7d
c58b6df8d765cfa9b0b781cfaa7393772113d1c3cc11d2a6404f5a6240ab2969
d54029f6742301de95279b466263f8ffa399ad10e16acf110beecc5a38a449d6
e12eca19aae6cff3c47733e1f4a0f19f5a46d5d45d360ba0fd954eab61f9e6ed
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
faa67d3b2b2220dc526c921c1fc47df5b956559a293d5e07fbaf58a52462f6bd
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa