intermediacp.tech Open in urlscan Pro
172.67.134.66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
Effective URL:
https://intermediacp.tech/serve
Submission: On April 03 via manual (April 3rd 2024, 4:46:52 pm UTC) from US — Scanned from DE

Summary HTTP 22 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 22 HTTP transactions. The main IP is 172.67.134.66, located in United States and belongs to CLOUDFLARENET, US. The main domain is intermediacp.tech.
TLS certificate: Issued by GTS CA 1P5 on March 25th 2024. Valid for: 3 months.

This is the only time intermediacp.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	185.64.213.245 185.64.213.245	50152 (IMED) (IMED)
1 1	162.241.85.155 162.241.85.155	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 5	2606:4700:303... 2606:4700:3034::6815:1984	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	172.67.134.66 172.67.134.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	3

11 185.64.213.245 (United Kingdom)

ASN50152 (IMED, GB)
PTR: intermedia.co.uk

url.emailprotection.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.241.85.155 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-85-155.unifiedlayer.com

chms.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3034::6815:1984 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

intermediacp.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.134.66 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

intermediacp.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	intermediacp.tech 2 redirects intermediacp.tech	88 KB
11	emailprotection.link url.emailprotection.link — Cisco Umbrella Rank: 140556	401 KB
1	chms.in 1 redirects chms.in	96 B
22	3

	Domain	Requested by
13	intermediacp.tech	2 redirects url.emailprotection.link intermediacp.tech
11	url.emailprotection.link	url.emailprotection.link
1	chms.in	1 redirects
22	3

This site contains no links.

Subject Issuer	Validity	Valid
*.emailprotection.link GeoTrust TLS RSA CA G1	`2023-07-10` - `2024-08-09`	a year	crt.sh
intermediacp.tech GTS CA 1P5	`2024-03-25` - `2024-06-23`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://intermediacp.tech/serve
Frame ID: 2FC4532F7324922F2A0DB46192852E7A
Requests: 18 HTTP requests in this frame

Frame: https://intermediacp.tech/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: 6404BEC3970626992711F20513A01F2F
Requests: 2 HTTP requests in this frame

Frame: https://intermediacp.tech/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
Frame ID: B65587B5E43677D3FAE522789114B569
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJ... Page URL
https://chms.in/owacp.php HTTP 302
https://intermediacp.tech/serve Page URL
https://intermediacp.tech/serve Page URL
https://intermediacp.tech/serve Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

91 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

488 kB
Transfer

611 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~ Page URL
https://chms.in/owacp.php HTTP 302
https://intermediacp.tech/serve Page URL
https://intermediacp.tech/serve Page URL
https://intermediacp.tech/serve Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://chms.in/owacp.php HTTP 302
https://intermediacp.tech/serve

Request Chain 13

https://intermediacp.tech/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://intermediacp.tech/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

Request Chain 18

https://intermediacp.tech/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://intermediacp.tech/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

22 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
url.emailprotection.link/ 5 KB
3 KB 551ms
43ms Document
text/html 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: b858bd96740443757d01b3288d50cb57ed4534a91e0c94c493a32bf2e483be06

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Apr 2024 16:46:44 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Robots-Tag: noindex

GET
H/1.1 200
OK new_style.css
url.emailprotection.link/new/css/ 8 KB
2 KB 24ms
23ms Stylesheet
text/css 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/css/new_style.css
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: 8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 16:46:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-1e80"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK new_screenshot.js Show response
url.emailprotection.link/new/js/ 1 KB
979 B 93ms
23ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/new_screenshot.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: c92b1aece38d5bae7bfb72e26a5070d5663d40774c7aceb973631025d6e6e592

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 16:46:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-574"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK tooltipster.css
url.emailprotection.link/new/css/ 10 KB
3 KB 92ms
23ms Stylesheet
text/css 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/css/tooltipster.css
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 16:46:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-2965"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK jquery-1.9.1.js Show response
url.emailprotection.link/new/js/libs/ 142 KB
47 KB 116ms
47ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/libs/jquery-1.9.1.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: 6938c77be180b60f67086ac99a2692f9af393675279711f0dad73d541b675964

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 16:46:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-23758"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK jquery.tooltipster.min.js Show response
url.emailprotection.link/new/js/libs/ 17 KB
6 KB 98ms
28ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/libs/jquery.tooltipster.min.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: e337f687babe708a9f8e6642d7793ee3ed5eb4696cf11e28dd0682a858a591ea

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 16:46:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-43a9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK new_scanning.js Show response
url.emailprotection.link/new/js/ 947 B
758 B 93ms
24ms Script
application/javascript 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/js/new_scanning.js
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: 04ba8897950ca15879762ccae3323b8f0952259461c13c3e90d6d973b213133c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 16:46:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-3b3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK scanning_70.gif
url.emailprotection.link/new/images/ 30 KB
30 KB 56ms
53ms Image
image/gif 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://url.emailprotection.link/new/images/scanning_70.gif
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 16:46:44 GMT
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: "64f70b38-78dd"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 30941

GET
H/1.1 200
OK logo_160_19.svg
url.emailprotection.link/new/images/ 1 KB
1005 B 23ms
23ms Image
image/svg+xml 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://url.emailprotection.link/new/images/logo_160_19.svg
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: 7d8d729017c5d5d7e51c687274fb47335f0727eb4efc009adb5f1e2a2c9ad49e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 16:46:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: W/"64f70b38-52c"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
X-Robots-Tag: noindex

GET
H/1.1 200
OK notosans-regular.ttf
url.emailprotection.link/new/fonts/ 306 KB
306 KB 23ms
23ms Font
application/octet-stream 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/fonts/notosans-regular.ttf
Requested by: Host: url.emailprotection.link
URL: https://url.emailprotection.link/new/css/new_style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/new/css/new_style.css
Origin: https://url.emailprotection.link
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 16:46:44 GMT
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: "64f70b38-4c738"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 313144

GET
H/1.1 200
OK favicon_ui.ico
url.emailprotection.link/new/images/ 894 B
1 KB 23ms
22ms Other
image/x-icon 185.64.213.245
IMED

General

Check archive.org

Show headers Download Go to

Full URL: https://url.emailprotection.link/new/images/favicon_ui.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.213.245 , United Kingdom, ASN50152 (IMED, GB),
Reverse DNS: intermedia.co.uk
Software: nginx /
Resource Hash: d17232bb1555a2f83c7fbc4a697de155b604e9f7afe233e1a9b28d9590328e64

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Apr 2024 16:46:44 GMT
Last-Modified: Tue, 05 Sep 2023 11:04:24 GMT
Server: nginx
ETag: "64f70b38-37e"
Content-Type: image/x-icon
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 894

GET
H2

503

serve Show response
intermediacp.tech/
Redirect Chain

https://chms.in/owacp.php
https://intermediacp.tech/serve

19 KB
20 KB

147ms
86ms

Document
text/html

2606:4700:3034::6815:1984
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intermediacp.tech/serve

Requested by

Host: url.emailprotection.link
URL: https://url.emailprotection.link/new/js/new_scanning.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1984 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01049f7526f33e861f8199fce091b6ea55d6f313be2f33c2e764886d47550b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Referer: https://url.emailprotection.link/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 86ea89691c191909-FRA
content-type: text/html; charset=utf-8
date: Wed, 03 Apr 2024 16:46:47 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LjPlBBRtlnl1RTlF08q9XdLmdHaKUCbDdqYiE63CO5j96NtbeI0rFDt0n5igGFmKn3VjFFWjGQ5XkAXAoNbundZweYBQYqwAxocRlJAGkxxfUwVUwZznhMr%2BHjcL1Eq8Q1McqruIYIYpPuA8peIt0w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 03 Apr 2024 16:46:47 GMT
location: https://intermediacp.tech/serve
server: Apache

POST
H2 204 serve
intermediacp.tech/ 0
618 B 55ms
54ms XHR
text/plain 2606:4700:3034::6815:1984
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intermediacp.tech/serve

Requested by

Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1984 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

MZ05sbs632vaiM-MKv42mwKPyAQ: 22282426
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Requested-TimeStamp-Expire
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination: GET
Content-type: application/x-www-form-urlencoded
X-Requested-Type: GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://intermediacp.tech/serve
X-Requested-with: XMLHttpRequest
X-Requested-TimeStamp
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Apr 2024 16:46:47 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bxr1fKOn5XmkFIePgrrFKn2M2hgSPQe4QXnjhjyck2PiOeD1FIof%2BYZmBbHJ7Q1ZdkSHUZAjIb1Vzv6RMENPQmMFEoAmOvjxFV3%2F6Uo%2FT6VOEyshEpw51j54UlYMnMG%2Fiwc4APZtUopNo6Uulo%2BVbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 86ea8969dd0f1909-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
expires: 0

GET
H2

200

main.js Show response
intermediacp.tech/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame 6404
Redirect Chain

https://intermediacp.tech/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://intermediacp.tech/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

8 KB
4 KB

19ms
19ms

Script
application/javascript

2606:4700:3034::6815:1984
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intermediacp.tech/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

Protocol

Server

2606:4700:3034::6815:1984 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dbec96b17928c97e479756c02bbb7647d0ae56c4e2c8b429b104e1ae695d47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Wed, 03 Apr 2024 16:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L0sumjQjvsKmVg%2FmhU18%2Fk3PUkV4VmF0tqi%2FnqGlMpgZKzYlC5UCOPWtnE1HeIT7uKNb7qCDnHF%2BE09ehrAzEW75jEbqSH9AHNFy4FK5lnwqfQ%2FZImNJ23e%2Bm8fEjW%2F21PpztHO2cVc5E%2FtAdUWvNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 86ea8969fd311909-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 03 Apr 2024 16:46:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2Brj9HwhJ9JqcvHS6PkjgFROiNcV46lmWeqNDx70h2i%2FET4ymfREpQnOgSo0Pr8xzZ4Ie7%2BW4Y0G61LxqBtM6wj%2BL2togW3VCPLfRAoY%2FNzZLio20Ddc4CM%2BRnfGyT841OtALaSy4zb%2Fc7o3xYDInA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
cache-control: max-age=300, public
cf-ray: 86ea8969dd121909-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 503 favicon.ico
intermediacp.tech/ 18 KB
18 KB 113ms
112ms Other
text/html 2606:4700:3034::6815:1984
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intermediacp.tech/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:1984 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://intermediacp.tech/serve
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Apr 2024 16:46:47 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YxKETvSvtKbnx%2FMYASjw2p6Cr8iuuhz1PplWxrJHN7wmWY4Cnd27tGrDFhprVLY9Vsnpt0irLoArYJ1u44lW3MwL%2FCuRxPlxbhaP6pbmMRh5ZOBzHCD67kqolpDx8lP0f1GzWEH3xlvwltOCNLeuZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 86ea8969dd131909-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
expires: 0

POST
H3 200 86ea89691c191909
intermediacp.tech/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6404 0
632 B 35ms
35ms XHR
text/plain 172.67.134.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intermediacp.tech/cdn-cgi/challenge-platform/h/g/jsd/r/86ea89691c191909
Requested by: Host: intermediacp.tech
URL: https://intermediacp.tech/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Apr 2024 16:46:47 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=StJ9stZYDAD%2BvxuhoJ0hOQBVADSljfV5ZX352WaQCZaFvQdWrfEWtv%2Fh1YOZLZ72kTlDf8DyeQUqZ2CpAiUX6Nl1cmEdPZYEbL5sR%2B0VB%2Ftksw1oSseMLDthM9TU9tPhRhaQaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 86ea896a6f8d9f2d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 503 serve Show response
intermediacp.tech/ 19 KB
20 KB 114ms
113ms Document
text/html 172.67.134.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intermediacp.tech/serve

Requested by

Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.134.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec60067cd0f25789d2d9fa4672400f713045efb9108ff376b9bd2c5bb3d1802c

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Referer: https://intermediacp.tech/serve
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 86ea896a6f919f2d-FRA
content-type: text/html; charset=utf-8
date: Wed, 03 Apr 2024 16:46:47 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uo9znq12McgMCOkFSfs%2FrsZQFR7P31uCAWVMXpnXZ9%2FJeDH%2F0WwNhyB5mr2mySJXLipHeeLxXxqEzA5E5o45A06Yn289ozXh%2FQ188bvge3G8wjL0FCC27UV3nDQ6cZU2RleToA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

POST
H3 204 serve
intermediacp.tech/ 0
823 B 56ms
55ms XHR
text/plain 172.67.134.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intermediacp.tech/serve

Requested by

Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.134.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Requested-TimeStamp-Expire
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination: GET
Content-type: application/x-www-form-urlencoded
X-Requested-Type: GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://intermediacp.tech/serve
X-Requested-with: XMLHttpRequest
X-Requested-TimeStamp
6GD5s2Jd9UB7E6il5OYcyUof9w: 22282426
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Apr 2024 16:46:47 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H6PmxR8wtGTGVguF55Avd%2BB2Vkk3SlrLKqZxmCm8ENdFh8QN1ct5cJfonF5UT7l%2BWmS9HaxNtm292SmwdZPaLKUqKpS%2BBXhifgzfX7xCYhCdAMnoZ5m%2B9%2FQsD%2B8g2JtHeyJiBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 86ea896b48d19f2d-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
expires: 0

GET
H3

200

main.js Show response
intermediacp.tech/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/ Frame B655
Redirect Chain

https://intermediacp.tech/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://intermediacp.tech/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

8 KB
4 KB

20ms
19ms

Script
application/javascript

172.67.134.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intermediacp.tech/cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js

Protocol

Server

172.67.134.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

372cb10e29809b8de777a8c9d57369fc06515f42734c8fff4b45f546aa88670a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Wed, 03 Apr 2024 16:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rbIJsaYkVv4xIGlxEDxYDiC2Sr5iDdpQMWS0wmeBsuznanibRZvvTRpITPyQ4ZrBE8JTy41k95JKUre6EXSiG6Hu%2F1zzjXzLihvCtdVYibbKxStANV%2FjBHOAxOqlhXzRsV%2BtDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 86ea896b69009f2d-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 03 Apr 2024 16:46:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0QJ1sLUtuYnrxuXjSZfWFdMvNO5qQ8ngnIMQxTPh5b2eY1NcUIVxIWhlUHzDxURV6GxbdvNtBlTV21LGAsHzJcxcZ%2BVzsm8FOB4kBrxXuylSkAozkj8GwiNrqT1Wy88Buv2beQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dc6b543c1346/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 86ea896b48d69f2d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 503 favicon.ico
intermediacp.tech/ 18 KB
19 KB 128ms
128ms Other
text/html 172.67.134.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intermediacp.tech/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.134.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://intermediacp.tech/serve
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 03 Apr 2024 16:46:47 GMT
x-content-type-options: nosniff, nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uUBcCT9jH%2BgpVJKBLRiCZ4HeKXH7VzY5%2FWz6xlR6KEAkxja7lrWdWS0RtL1VZPFDf2%2FM8bZRWkWjVvF7O3MLz%2FbHEYKOGpC1RvpSWtBCUZv92v6QfosgG8c3c9Alw6AI9zJDjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 86ea896b48d89f2d-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
expires: 0

POST
H3 200 86ea896a6f919f2d
intermediacp.tech/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame B655 0
596 B 29ms
29ms XHR
text/plain 172.67.134.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://intermediacp.tech/cdn-cgi/challenge-platform/h/g/jsd/r/86ea896a6f919f2d
Requested by: Host: intermediacp.tech
URL: https://intermediacp.tech/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.134.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 03 Apr 2024 16:46:47 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2F7uY%2F64nUDy3NnM4oDd0xsOICRtCSUim4RGbCab%2Bf8hFvDc3ok16fKk8mFFmPfZR%2BgPYbcWDJUeicmVeuYB8EVYNRAGlLdZOrB2uyzO5C1wVSVLEQbXQQVkSyRKcyHnLPP6ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 86ea896bc98a9f2d-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 404 Primary Request serve
intermediacp.tech/ 257 B
0 5232ms
5232ms Document
text/html 172.67.134.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://intermediacp.tech/serve

Requested by

Host: url.emailprotection.link
URL: https://url.emailprotection.link/?b47yg_3RAT4Zdb-3I-CPWWZQwNu-IcHUiGR_DHSuNCf-okO4gGTI65nbpsu9zdG-Y9Zp84zk7OJDttSHlFPCNvg~~

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.134.66 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Referer: https://intermediacp.tech/serve
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86ea896bd98e9f2d-FRA
content-encoding: br
content-type: text/html
date: Wed, 03 Apr 2024 16:46:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1yC5pdNEBXRY76R5k5SgxVXjfU6cKdcdFFvZ2Mvl1x2GLhEgCZnwI%2BHr6H7dlD37eqI37RbxfDAwBhtYJqAIGa3%2BtdiSLeFghSFWiJyRaRttFRv7aHvPMO8aoxx4BxnqoRc6Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff nosniff
x-xss-protection: 1; mode=block 1; mode=block

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
intermediacp.tech/	1970-01-20 19:37:29	Name: nd7xW8BoWi0SO6-Z73A7XDtOwXw Value: LAsPh9cx3yEZPI3_SYc03Zd926s
intermediacp.tech/	1970-01-20 19:37:29	Name: 26PNsDweJuY0I6NrnI4pWZK-pwo Value: 1712162801
intermediacp.tech/	1970-01-20 19:37:29	Name: wy5RheAlyBiSlEetpI8RjG15D10 Value: 1712249201
intermediacp.tech/	1970-01-20 19:37:29	Name: cCwaTF4SmiXMZeTjrkCAQPnAnW8 Value: T5z1nBmRvYf4GXoPH6TeuwOgV9s
intermediacp.tech/	1970-01-20 19:37:29	Name: 0i5hWJEtJYfc_3AaeoT1xSb5W_U Value: lBMCZbbB0jBlO4oHnxu0cH-K1dQ
intermediacp.tech/	1970-01-20 19:37:29	Name: ANhWCEuSuISEgpnPzXyAsGlsVTM Value: vTCITj9UNpl7caMjaBHqUKtdUEI
intermediacp.tech/	1970-01-20 19:37:29	Name: aySKMiwGQUikZtEEPNr8ypfdR7U Value: 1712162807
intermediacp.tech/	1970-01-20 19:37:29	Name: k7dGxTd_awgZNf-OyN-q2QXlTQA Value: 1712249207
intermediacp.tech/	1970-01-20 19:37:29	Name: buce63Me0Dy6gDHt193x1ZqYXNc Value: 5gLKLk4up1BwYecU7-KWolzlQDE
intermediacp.tech/	1970-01-20 19:37:29	Name: EjowDny9fsjRa5oo8GzEsibaVdo Value: uK93yqdVQOnpnTeKTsO0nwfIYVE
intermediacp.tech/	1970-01-20 19:37:29	Name: BoX2JUSCTYWk7ap9wvXZu6MAXz4 Value: 1712162804
intermediacp.tech/	1970-01-20 19:37:29	Name: ZggTIBLkhIonHycCEiz_n52-cs4 Value: 1712249204
intermediacp.tech/	1970-01-20 19:37:29	Name: LmY3eP2NfrXNbemWC54PgILwZw0 Value: 94QKERHZWwbq4qpnMz0jkC7XXZI
intermediacp.tech/	1970-01-20 19:37:29	Name: jykxd4bK2Pyn6rmyJ3hitV2ZjDU Value: EQXk41FI1FhxXBUPH0TJ2QiC0Jg
intermediacp.tech/	1970-01-20 19:37:29	Name: VRwjhnni3XQnnJDGu7iUBICTXig Value: 1712162780
intermediacp.tech/	1970-01-20 19:37:29	Name: _G-5PC0mjW-vbm60_KWYKsneRXI Value: 1712249180
intermediacp.tech/	1970-01-20 19:37:29	Name: 5mav0UrsWpuvSKv3B5ewph6O8bI Value: 8cOiJdZR39u6eL1yKO3Kz04vf2Q
intermediacp.tech/	1970-01-20 19:37:29	Name: ApBP1RLvKSb4WwhgPKsGpWcoRAI Value: MaCBcQG_J8jZlq4mosykElHRtAk
intermediacp.tech/	1970-01-20 19:37:29	Name: zA5j69RSSJpSZCTB3hnPNE71P2E Value: 1712162807
intermediacp.tech/	1970-01-20 19:37:29	Name: ICLFKPgLWAtroSyD07WkTEoIIaY Value: 1712249207
intermediacp.tech/	1970-01-20 19:37:29	Name: xtVW2TuuE-bSkadwYWJyYTBUMXw Value: 82Ds2um8H9zI74jleJWvACJrr0k
.intermediacp.tech/	1970-01-21 04:21:38	Name: cf_clearance Value: mF5r3JQ0.NAPunEfWZsxqrVcSnErU5M2bQW8dopSpT8-1712162807-1.0.1.1-rDwRRYVXSbCIC82tdcvqIpVcj9VVaGqAV07AANUzDU8mm4ZaB9d2XqWnZ63BXNrQySqCn_vzt0CS6arVcJgEnA
intermediacp.tech/	1970-01-20 19:37:29	Name: cXR4Wjb9A9RotV8M0Hs5222rJfM Value: LbIQkV_Uuyg7B-iX4R_ZViwd7B4
intermediacp.tech/	1970-01-20 19:37:29	Name: R769yUURHPcO0qHvUv7K9i827SE Value: 1712162784
intermediacp.tech/	1970-01-20 19:37:29	Name: imGHigxxFw_zSRPZiOUEoaM6J88 Value: 1712249184
intermediacp.tech/	1970-01-20 19:37:29	Name: 4tdXlfwZOAtNjCwsJyFshQkv0Bs Value: eQLyZKgWPllf2QEEPEqI4Q57mOI

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://intermediacp.tech/serve Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://intermediacp.tech/favicon.ico Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://intermediacp.tech/serve Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://intermediacp.tech/favicon.ico Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://intermediacp.tech/serve Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

chms.in
intermediacp.tech
url.emailprotection.link
162.241.85.155
172.67.134.66
185.64.213.245
2606:4700:3034::6815:1984
01049f7526f33e861f8199fce091b6ea55d6f313be2f33c2e764886d47550b73
04ba8897950ca15879762ccae3323b8f0952259461c13c3e90d6d973b213133c
372cb10e29809b8de777a8c9d57369fc06515f42734c8fff4b45f546aa88670a
3dbec96b17928c97e479756c02bbb7647d0ae56c4e2c8b429b104e1ae695d47f
6938c77be180b60f67086ac99a2692f9af393675279711f0dad73d541b675964
7d8d729017c5d5d7e51c687274fb47335f0727eb4efc009adb5f1e2a2c9ad49e
8be2e88f4beed8e6d7c70115a1b71fa50c5da67abbc6e7f393a4960613079069
b12ac9e2fa728424155567aa27e3d36d764b33f07d663e496dc178974048a6f8
b858bd96740443757d01b3288d50cb57ed4534a91e0c94c493a32bf2e483be06
c8cff31fcae0edc0e4ffd3628f36361dfc24d71cc5b9793e5ffad8e76e6f182b
c92b1aece38d5bae7bfb72e26a5070d5663d40774c7aceb973631025d6e6e592
ca8178a737bdd4e6d2394e6c5609d1ca001254667458bb9cd1130bacea58cb86
d17232bb1555a2f83c7fbc4a697de155b604e9f7afe233e1a9b28d9590328e64
e337f687babe708a9f8e6642d7793ee3ed5eb4696cf11e28dd0682a858a591ea
ec60067cd0f25789d2d9fa4672400f713045efb9108ff376b9bd2c5bb3d1802c

intermediacp.tech Open in urlscan Pro 172.67.134.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

22 Requests

91 %HTTPS

25 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

488 kBTransfer

611 kBSize

26 Cookies

0 Outgoing links

Page URL History

Redirected requests

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

26 Cookies

5 Console Messages

Indicators

intermediacp.tech Open in urlscan Pro
172.67.134.66 Public Scan

Screenshot
Live screenshot

Full Image

22
Requests

91 %
HTTPS

25 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

488 kB
Transfer

611 kB
Size

26
Cookies

22 HTTP transactions
0 data transactions