offauthapi.com Open in urlscan Pro
2606:4700:3034::6815:216d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://linkedin.com/slink?code=eVxteDHu#%73%75%67%61%72%6D%61%6E%40%74%68%65%63%61%70%69%74%61%6C%63%6F%72%70%73%2E%...
Effective URL:
https://offauthapi.com/Msugarman%40thecapitalcorps.com
Submission: On August 01 via manual (August 1st 2023, 6:47:44 pm UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3034::6815:216d, located in United States and belongs to CLOUDFLARENET, US. The main domain is offauthapi.com.
TLS certificate: Issued by GTS CA 1P5 on July 19th 2023. Valid for: 3 months.

This is the only time offauthapi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	38.242.233.86 38.242.233.86	51167 (CONTABO) (CONTABO)
12	2606:4700:303... 2606:4700:3034::6815:216d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6811:3b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	4

2 2620:1ec:21::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.242.233.86 (Düsseldorf, Germany) 1 redirects

ASN51167 (CONTABO, DE)
PTR: vmi1287564.contaboserver.net

jpdoaraguaia.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3034::6815:216d (United States)

ASN13335 (CLOUDFLARENET, US)

offauthapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	offauthapi.com offauthapi.com	169 KB
4	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 6466	17 KB
2	jpdoaraguaia.com.br 1 redirects jpdoaraguaia.com.br	1 KB
2	linkedin.com 2 redirects linkedin.com — Cisco Umbrella Rank: 222 www.linkedin.com — Cisco Umbrella Rank: 543	3 KB
19	4

	Domain	Requested by
12	offauthapi.com	jpdoaraguaia.com.br offauthapi.com
4	challenges.cloudflare.com	offauthapi.com challenges.cloudflare.com
2	jpdoaraguaia.com.br	1 redirects
1	www.linkedin.com	1 redirects
1	linkedin.com	1 redirects
19	5

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
*.jpdoaraguaia.com.br R3	`2023-06-28` - `2023-09-26`	3 months	crt.sh
offauthapi.com GTS CA 1P5	`2023-07-19` - `2023-10-17`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://offauthapi.com/Msugarman%40thecapitalcorps.com
Frame ID: 1A51A595807C381CA0E1CD279024FDE0
Requests: 19 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ueyuo/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 880C7C41F6238B5B9CBE63E0EEE63524
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/0pbty/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 1E26514B25BBC710CC3D04209A6C582D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

https://linkedin.com/slink?code=eVxteDHu HTTP 301
https://www.linkedin.com/slink?code=eVxteDHu HTTP 301
https://jpdoaraguaia.com.br/wp/wpadjgjhjfdghjkhgfdghj76546765ghjkhgfhjgfhjgfhjgfhjk765786757uhgjbvhjbv//... HTTP 301
https://jpdoaraguaia.com.br/wp/wpadjgjhjfdghjkhgfdghj76546765ghjkhgfhjgfhjgfhjgfhjk765786757uhgjbvhjbv/ Page URL
https://offauthapi.com/Msugarman%40thecapitalcorps.com Page URL
https://offauthapi.com/Msugarman%40thecapitalcorps.com Page URL

Page Statistics

19
Requests

89 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

187 kB
Transfer

471 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://linkedin.com/slink?code=eVxteDHu HTTP 301
https://www.linkedin.com/slink?code=eVxteDHu HTTP 301
https://jpdoaraguaia.com.br/wp/wpadjgjhjfdghjkhgfdghj76546765ghjkhgfhjgfhjgfhjgfhjk765786757uhgjbvhjbv////// HTTP 301
https://jpdoaraguaia.com.br/wp/wpadjgjhjfdghjkhgfdghj76546765ghjkhgfhjgfhjgfhjgfhjk765786757uhgjbvhjbv/ Page URL
https://offauthapi.com/Msugarman%40thecapitalcorps.com Page URL
https://offauthapi.com/Msugarman%40thecapitalcorps.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://linkedin.com/slink?code=eVxteDHu HTTP 301
https://www.linkedin.com/slink?code=eVxteDHu HTTP 301
https://jpdoaraguaia.com.br/wp/wpadjgjhjfdghjkhgfdghj76546765ghjkhgfhjgfhjgfhjgfhjk765786757uhgjbvhjbv////// HTTP 301
https://jpdoaraguaia.com.br/wp/wpadjgjhjfdghjkhgfdghj76546765ghjkhgfhjgfhjgfhjgfhjk765786757uhgjbvhjbv/

19 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

404
Not Found

/
jpdoaraguaia.com.br/wp/wpadjgjhjfdghjkhgfdghj76546765ghjkhgfhjgfhjgfhjgfhjk765786757uhgjbvhjbv/
Redirect Chain

https://linkedin.com/slink?code=eVxteDHu
https://www.linkedin.com/slink?code=eVxteDHu
https://jpdoaraguaia.com.br/wp/wpadjgjhjfdghjkhgfdghj76546765ghjkhgfhjgfhjgfhjgfhjk765786757uhgjbvhjbv//////
https://jpdoaraguaia.com.br/wp/wpadjgjhjfdghjkhgfdghj76546765ghjkhgfhjgfhjgfhjgfhjk765786757uhgjbvhjbv/

395 B
777 B

211ms
211ms

Document
text/html

38.242.233.86
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://jpdoaraguaia.com.br/wp/wpadjgjhjfdghjkhgfdghj76546765ghjkhgfhjgfhjgfhjgfhjk765786757uhgjbvhjbv/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.233.86 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1287564.contaboserver.net
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 01 Aug 2023 18:47:40 GMT
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Keep-Alive: timeout=5, max=99
Link: <https://jpdoaraguaia.com.br/wp/wp-json/>; rel="https://api.w.org/"
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Cache-Control: no-cache, must-revalidate, max-age=0
Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 01 Aug 2023 18:47:40 GMT
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Keep-Alive: timeout=5, max=100
Location: https://jpdoaraguaia.com.br/wp/wpadjgjhjfdghjkhgfdghj76546765ghjkhgfhjgfhjgfhjgfhjk765786757uhgjbvhjbv/
Server: Apache
X-Redirect-By: WordPress

GET
H2 403 Msugarman%40thecapitalcorps.com Show response
offauthapi.com/ 6 KB
5 KB 68ms
22ms Document
text/html 2606:4700:3034::6815:216d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offauthapi.com/Msugarman%40thecapitalcorps.com

Requested by

Host: jpdoaraguaia.com.br
URL: https://jpdoaraguaia.com.br/wp/wpadjgjhjfdghjkhgfdghj76546765ghjkhgfhjgfhjgfhjgfhjk765786757uhgjbvhjbv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:216d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

059e7fd8419aa1fc72d8d0a54dc7ce7f2bb518038cbc44a63e549628de753911

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://jpdoaraguaia.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7f00403f1a3c905e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Tue, 01 Aug 2023 18:47:40 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uoElLLHQZJH%2Fk12w7dfLMgGaw44%2FQSiYVtaxITILs3gxODpfogWYNjKZPWBm9A9Rty3hWjddVjh6b1uvX3O7rNdVgOzvXYQBd8iJIpl0Xc4yItJnDAE2Tn1KxiWgYXPfCU2%2F1fmyv%2Bys3%2FAF7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 challenges.css
offauthapi.com/cdn-cgi/styles/ 6 KB
3 KB 9ms
8ms Stylesheet
text/css 2606:4700:3034::6815:216d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offauthapi.com/cdn-cgi/styles/challenges.css

Requested by

Host: offauthapi.com
URL: https://offauthapi.com/Msugarman%40thecapitalcorps.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:216d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offauthapi.com/Msugarman%40thecapitalcorps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 18:47:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 12:04:42 GMT
server: cloudflare
etag: W/"64c3aeda-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7f00403f6a89905e-FRA
expires: Tue, 01 Aug 2023 20:47:40 GMT

GET
H2 200 v1 Show response
offauthapi.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 181 KB
62 KB 16ms
16ms Script
application/javascript 2606:4700:3034::6815:216d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offauthapi.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f00403f1a3c905e
Requested by: Host: offauthapi.com
URL: https://offauthapi.com/Msugarman%40thecapitalcorps.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:216d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a594273d14a504257fd7c69befeeb70cc57eefae4fbbe478db838711abdfdd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offauthapi.com/Msugarman%40thecapitalcorps.com?__cf_chl_rt_tk=gfaJAF.dmXbFz7XA_PYATg5tRnxD3tvjWYfmyn1wBh0-1690915660-0-gaNycGzNDCU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 18:47:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Mr%2Bh78xVUz78Kbvjooo7s5RHjbczWwIaw2w%2BB6xk2f72V6WISgHsmBlHfinkAfcM5z78r5%2Ba7LZCCI4Ugc%2Bu6O0geLIHComY7faNtRYJJzFlg5UtUczULP6L7MgAxyMtkytl421e2bPyUZSDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7f00403f7aaa905e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/11b725eb/ 25 KB
9 KB 58ms
39ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js?onload=vWaSXN8&render=explicit
Requested by: Host: offauthapi.com
URL: https://offauthapi.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f00403f1a3c905e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecd0b8c3807eed23112c89bd06b4fdc99ac40add0d34bab2e3e3156ae6796e1a

Request headers

Referer
Origin: https://offauthapi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 18:47:40 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f00403fdf5c92c5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
offauthapi.com/ 6 KB
6 KB 15ms
15ms Image
text/html 2606:4700:3034::6815:216d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offauthapi.com/favicon.ico

Requested by

Host: offauthapi.com
URL: https://offauthapi.com/Msugarman%40thecapitalcorps.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:216d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97bb676aed8a6953d61f5dd3d20ac30409bda21cd71c0b0842b9d07d227ccadf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offauthapi.com/Msugarman%40thecapitalcorps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 18:47:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QULHyU0fzZZ2IVf0sUu4S2yzhQZjxX9dojGosBMgpM8sdnCSUWx3tUcj7MU6j6%2FzNUxw0gK58cYi9w5Hw9QKQ0H8EdXq3bqpkNysaGPtWq%2FLBfkoYa3wjvTzwOrp%2F6g6ncLBJpjnZvc9kNLUkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7f00403fb8ca5b6e-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 6ce70c3a-3292-42d9-b82f-fa7e8ad7f05e
https://offauthapi.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://offauthapi.com/6ce70c3a-3292-42d9-b82f-fa7e8ad7f05e
Requested by: Host: offauthapi.com
URL: https://offauthapi.com/Msugarman%40thecapitalcorps.com
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offauthapi.com/Msugarman%40thecapitalcorps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 b64a00cdc28ad86 Show response
offauthapi.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1317993439:1690914258:RcjE0V1-jiEdS1wvhDsd0kuIJGCo6ikluRRlhvBA8LU/7f00403f1a3c905e/ 9 KB
8 KB 25ms
24ms XHR
text/plain 2606:4700:3034::6815:216d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offauthapi.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1317993439:1690914258:RcjE0V1-jiEdS1wvhDsd0kuIJGCo6ikluRRlhvBA8LU/7f00403f1a3c905e/b64a00cdc28ad86
Requested by: Host: offauthapi.com
URL: https://offauthapi.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f00403f1a3c905e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:216d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbe6e37b13d02f4fceb4c5ba04177f4492306e2fdf6da80324b991147a7d65d8

Request headers

Referer: https://offauthapi.com/Msugarman%40thecapitalcorps.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
CF-Challenge: b64a00cdc28ad86
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 01 Aug 2023 18:47:40 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0agHXXsmDVSxrPAT%2Bc2Oyn6IPOrd9Awum2U55mIzLtbmwwwhOzJTxpXfCrWyyAbPQ9nBUgMM4YTgXQ3yC8FQZCX87fvPL8a24vJ8HDTBfAfk1koGiGAAeqXsn%2F7asVslNhZtqvu7LAlWNezrVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7f00404069685b6e-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: 3NRCcz2uTDWPM95E+o0ZsbGX//j+uA+c79uEz4R6lL/dX7MuEuzUj9205wuPyLzo$lF9Sey8Fqjmx5bnEK0Wltw==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ueyuo/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 880C 0
0 34ms
21ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/ueyuo/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js?onload=vWaSXN8&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7f004040ca109c0a-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 01 Aug 2023 18:47:40 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H3 200 b64a00cdc28ad86 Show response
offauthapi.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1317993439:1690914258:RcjE0V1-jiEdS1wvhDsd0kuIJGCo6ikluRRlhvBA8LU/7f00403f1a3c905e/ 2 KB
2 KB 20ms
19ms XHR
text/html 2606:4700:3034::6815:216d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offauthapi.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1317993439:1690914258:RcjE0V1-jiEdS1wvhDsd0kuIJGCo6ikluRRlhvBA8LU/7f00403f1a3c905e/b64a00cdc28ad86
Requested by: Host: offauthapi.com
URL: https://offauthapi.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f00403f1a3c905e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:216d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4085ad08ea2ef2b92e7d3857f4a65d88687758a2b09b890f038fe611a539f3a

Request headers

Referer: https://offauthapi.com/Msugarman%40thecapitalcorps.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
CF-Challenge: b64a00cdc28ad86
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: s0jZad9wM2jUP2CSHsSpw0DhYaP9Jss8sUDXkWVGb99fulRDQ3OKu+Yo4qcUSvoNAHc9ueYPW5fIK/uEFoF02KZdNy6w1SuThfRl2H4nDCg=$i3Vqzx2I6FzrWdfa1kBBRA==
cf-chl-out-s: opWJMAb/sfASV9SLSx2X8wqbUFqbUznZVxUA4r61d2sMCq4hBRzdk0fEbCqVJncpVT+FAXypC5xExaFynS5thi5FpZljED2H3g+j9A0OyHxE4+k3vTjw0AL3v0Dh49XumI6SJCietA+H/vZ7DdToYQ==$/HaRv7eT1Xs2HlZy+e7zYw==
date: Tue, 01 Aug 2023 18:47:41 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2h7y%2F40vU4sNXFdHx4l2YFYoXw%2BuZAMtU8gDzk9mKXXTOZh6%2F%2Byc9OHNpZ108YR0XTKIvllxVcyRuxGuNp5yiUiig0i901oMIxoRWFwZ3kyHBvfliwGy5PPUIbFlSHg862dGyvwtmAIh5xvZJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7f0040421b145b6e-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 Primary Request Msugarman%40thecapitalcorps.com Show response
offauthapi.com/ 6 KB
5 KB 12ms
12ms Document
text/html 2606:4700:3034::6815:216d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offauthapi.com/Msugarman%40thecapitalcorps.com

Requested by

Host: offauthapi.com
URL: https://offauthapi.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f00403f1a3c905e

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:216d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff2845fb515a6ffc4750cbe087879bbf68e9f87aca474d20efb69206c2ec37a8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://offauthapi.com/Msugarman%40thecapitalcorps.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7f0040528b875b6e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Tue, 01 Aug 2023 18:47:43 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvZiAKjBSBI7Ph9C35e1IIhvlh1uHRy1myLjhi1M80WMAFJyHHoG9M1v6ja55ja9rPJxtQz1pDVRV3dTOrifWAYxqYbHLdsHcOujh%2FGQ7dTTmNKR8Bw6IgZrDMFpxXmCa8kVXGdT1%2B5i075sYA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H3 200 challenges.css
offauthapi.com/cdn-cgi/styles/ 6 KB
3 KB 9ms
8ms Stylesheet
text/css 2606:4700:3034::6815:216d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://offauthapi.com/cdn-cgi/styles/challenges.css

Requested by

Host: offauthapi.com
URL: https://offauthapi.com/Msugarman%40thecapitalcorps.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:216d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offauthapi.com/Msugarman%40thecapitalcorps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 18:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 28 Jul 2023 12:04:42 GMT
server: cloudflare
etag: W/"64c3aeda-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7f0040529ba25b6e-FRA
expires: Tue, 01 Aug 2023 20:47:43 GMT

GET
H3 200 v1 Show response
offauthapi.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 179 KB
60 KB 16ms
16ms Script
application/javascript 2606:4700:3034::6815:216d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offauthapi.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f0040528b875b6e
Requested by: Host: offauthapi.com
URL: https://offauthapi.com/Msugarman%40thecapitalcorps.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:216d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d29fe4d5b803344b06b2850387624d03dd2e73d3e3209aeb6e7c17a36f4b3f9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offauthapi.com/Msugarman%40thecapitalcorps.com?__cf_chl_rt_tk=eRIaZNfh3E3z1pWMAKdyG3T6ASVtFtfJekTDIFGoPxw-1690915663-0-gaNycGzNCmU
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 18:47:43 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=II1z2CJECoNLa9u4bmEQ6Z9PpfjyTOsyxFiQRH%2B9oMocQlekh%2FYiuw4QWKgxDHYznlusw93%2F6pV1aCRKKeqo%2BNIZJ75ri9Z%2FuWTRYdm5piGURwWzefdAzB8acrosaeZb1Tp1GRJbePFmOkugXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7f004052bbb75b6e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/11b725eb/ 25 KB
9 KB 33ms
32ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js?onload=vWaSXN8&render=explicit
Requested by: Host: offauthapi.com
URL: https://offauthapi.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f0040528b875b6e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecd0b8c3807eed23112c89bd06b4fdc99ac40add0d34bab2e3e3156ae6796e1a

Request headers

Referer
Origin: https://offauthapi.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 18:47:43 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7f004052fd5292c5-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
offauthapi.com/ 6 KB
6 KB 12ms
12ms Image
text/html 2606:4700:3034::6815:216d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://offauthapi.com/favicon.ico

Requested by

Host: offauthapi.com
URL: https://offauthapi.com/Msugarman%40thecapitalcorps.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:216d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d433bcbedf770ec1745848a2f2175858fed66efef87d7786b1fbab9475917f3d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offauthapi.com/Msugarman%40thecapitalcorps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 18:47:43 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wh%2FzkzPtpv7Tv1f1ubBs8vaM39mDkIM2LUC%2FUHQLY08CiIkdoN%2FXXKG%2FkflraWEOu58Oi6KFte734uSQOFwAQeXnPoRgLkLV5vuALyJjvBVD4sbwSB4IzWTdsnSiDJBUnoMw%2FE3SCpXHZQ5OSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
origin-agent-cluster: ?1
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7f004052fbee5b6e-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 2efca5f5-6eb8-4fe8-83cd-39ac0981c3a7
https://offauthapi.com/ 13 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://offauthapi.com/2efca5f5-6eb8-4fe8-83cd-39ac0981c3a7
Requested by: Host: offauthapi.com
URL: https://offauthapi.com/Msugarman%40thecapitalcorps.com
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://offauthapi.com/Msugarman%40thecapitalcorps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Length: 13
Content-Type: text/javascript

POST
H3 200 e07aab166b05c2d Show response
offauthapi.com/cdn-cgi/challenge-platform/h/b/flow/ov1/913943481:1690914268:_LBaj8n5eUucaF3oJtwei0uNHHAd25EyviQ3oqS0riw/7f0040528b875b6e/ 9 KB
8 KB 34ms
33ms XHR
text/plain 2606:4700:3034::6815:216d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offauthapi.com/cdn-cgi/challenge-platform/h/b/flow/ov1/913943481:1690914268:_LBaj8n5eUucaF3oJtwei0uNHHAd25EyviQ3oqS0riw/7f0040528b875b6e/e07aab166b05c2d
Requested by: Host: offauthapi.com
URL: https://offauthapi.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f0040528b875b6e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:216d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30dbbabc11bea57c4f014b9cd144857802a0321a491c01b209cad1dce2faed53

Request headers

Referer: https://offauthapi.com/Msugarman%40thecapitalcorps.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
CF-Challenge: e07aab166b05c2d
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 01 Aug 2023 18:47:43 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYMyZ4Nhah7PISal0Dnrl2ciGLZPTuWJ6GksAwUsAy36unkRPnrUdf1nYxKZRmsvI33rwr1d66Ky841o8F0Tn64J0zVZMi5yb3rArkKW%2Fq9wU3lQj%2FppzwcDBCu0ioGRqUfPTelr4Dj3XkHHHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7f0040539c755b6e-FRA
alt-svc: h3=":443"; ma=86400
cf-chl-gen: iPuPLN8nT7RhTzzQVRbH+BfiQR2DXVYjEL5tagNdtZsglRVcPEoFM3f49rnymypQ$Tv8hzs5+Oh0HfaWARr6/fg==

GET
H3 200 normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/0pbty/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 1E26 0
0 23ms
22ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/0pbty/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/11b725eb/api.js?onload=vWaSXN8&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7f004053fe499c0a-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 01 Aug 2023 18:47:44 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H3 200 e07aab166b05c2d Show response
offauthapi.com/cdn-cgi/challenge-platform/h/b/flow/ov1/913943481:1690914268:_LBaj8n5eUucaF3oJtwei0uNHHAd25EyviQ3oqS0riw/7f0040528b875b6e/ 2 KB
2 KB 19ms
19ms XHR
text/html 2606:4700:3034::6815:216d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://offauthapi.com/cdn-cgi/challenge-platform/h/b/flow/ov1/913943481:1690914268:_LBaj8n5eUucaF3oJtwei0uNHHAd25EyviQ3oqS0riw/7f0040528b875b6e/e07aab166b05c2d
Requested by: Host: offauthapi.com
URL: https://offauthapi.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=7f0040528b875b6e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:216d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a02b3c4dabf883aa0b1b44c1e941c00c62e3c0314f7877b8c998e8fbc0874378

Request headers

Referer: https://offauthapi.com/Msugarman%40thecapitalcorps.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
CF-Challenge: e07aab166b05c2d
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-out: 7KrzQP84fkJni1Uu8u+tFoTyfeKdf113yf+deBXKJzIfoCPo9f04K21iCEKJjUOaj58Ikrvmjg3ZDHKL2s81wbv3KzOkqbGEBK5XUhF1eBk=$Xw6eEBfT59QloNz9Pk6Tuw==
cf-chl-out-s: cQnVJbdwjnklI4SbrU1FDl9XDOfKJUiEtngX+Fraq5zStk3LNv0PGuvnOnfiBeJYdvtOHc4DlTg5mpsz2RFMgiQebzoV7AwKprz2vJ8FeA5S5yjRvgtZasHtN3BlGcxLC5LrDWYer7IiO/RGGxBr9eg6c1FKGAVRBMe/+h+/5cp+eQ7FGb7rytUObyVSz230EgGdN9J4ytZT2qzU+A4T2kaxyJ1SVxqAHTsQ9WuwUGw5EszWsuOkWtde9vVe957Q$9K5tXch/ZNG0RM/KkkG+tA==
date: Tue, 01 Aug 2023 18:47:44 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzwMGE5GWcU5q%2BZuev9EPPd4JGPBgduolee9idW5oiLQlVUyy6CCE%2B%2FqSMWtRx7TtXR%2BFULtVu%2Fn%2B1NltLcgq4z7uz3OmUkfEPfQrhH7iGurUkyWa5RRm%2BzNgEOePim1XgKJqq2eXRAPCfsksQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7f0040554e0d5b6e-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.linkedin.com/	1970-01-20 22:27:31	Name: bcookie Value: "v=2&71950e7c-013b-4337-8cc7-2fec4421b968"
.www.linkedin.com/	1970-01-20 22:27:31	Name: bscookie Value: "v=1&20230801184739dedac96f-c33b-42e9-85e2-eca9baf790aeAQHnvTkhg6vDBwtnsE6oSmo79JfOsj6H"
.linkedin.com/	1970-01-20 18:01:07	Name: li_gc Value: MTswOzE2OTA5MTU2NTk7MjswMjEzTSFSKHvZ1uZ7UPehsC7UMHaHh+Duu9e/5n5KlVbfVw==
.linkedin.com/	1970-01-20 13:43:22	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2596:u=1:x=1:i=1690915659:t=1691002059:v=2:sig=AQGPxXomB57z5BIJCTGeTgOuSouThAmd"
offauthapi.com/	1970-01-20 13:41:59	Name: cf_chl_rc_m Value: 1

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://jpdoaraguaia.com.br/wp/wpadjgjhjfdghjkhgfdghj76546765ghjkhgfhjgfhjgfhjgfhjk765786757uhgjbvhjbv/#%73%75%67%61%72%6D%61%6E%40%74%68%65%63%61%70%69%74%61%6C%63%6F%72%70%73%2E%63%6F%6D Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://offauthapi.com/Msugarman%40thecapitalcorps.com Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://offauthapi.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://offauthapi.com/Msugarman%40thecapitalcorps.com Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://offauthapi.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
jpdoaraguaia.com.br
linkedin.com
offauthapi.com
www.linkedin.com
2606:4700:3034::6815:216d
2606:4700::6811:3b8
2620:1ec:21::14
38.242.233.86
059e7fd8419aa1fc72d8d0a54dc7ce7f2bb518038cbc44a63e549628de753911
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
30dbbabc11bea57c4f014b9cd144857802a0321a491c01b209cad1dce2faed53
7a594273d14a504257fd7c69befeeb70cc57eefae4fbbe478db838711abdfdd8
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
97bb676aed8a6953d61f5dd3d20ac30409bda21cd71c0b0842b9d07d227ccadf
a02b3c4dabf883aa0b1b44c1e941c00c62e3c0314f7877b8c998e8fbc0874378
a4085ad08ea2ef2b92e7d3857f4a65d88687758a2b09b890f038fe611a539f3a
d29fe4d5b803344b06b2850387624d03dd2e73d3e3209aeb6e7c17a36f4b3f9b
d433bcbedf770ec1745848a2f2175858fed66efef87d7786b1fbab9475917f3d
ecd0b8c3807eed23112c89bd06b4fdc99ac40add0d34bab2e3e3156ae6796e1a
fbe6e37b13d02f4fceb4c5ba04177f4492306e2fdf6da80324b991147a7d65d8
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa
ff2845fb515a6ffc4750cbe087879bbf68e9f87aca474d20efb69206c2ec37a8

offauthapi.com Open in urlscan Pro 2606:4700:3034::6815:216d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

19 Requests

89 %HTTPS

75 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

187 kBTransfer

471 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

5 Cookies

7 Console Messages

Indicators

offauthapi.com Open in urlscan Pro
2606:4700:3034::6815:216d Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

187 kB
Transfer

471 kB
Size

5
Cookies

19 HTTP transactions
2 data transactions