now.mode-layer.icu Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://now.mode-layer.icu/
Submission Tags: @phish_report
Submission: On April 05 via api (April 5th 2024, 1:25:29 pm UTC) from FI — Scanned from NL

Summary HTTP 15 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is now.mode-layer.icu.
TLS certificate: Issued by GTS CA 1P5 on April 5th 2024. Valid for: 3 months.

This is the only time now.mode-layer.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 12	188.114.97.3 188.114.97.3		13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2

12 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

now.mode-layer.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	mode-layer.icu 1 redirects now.mode-layer.icu	1 MB
0	Failed function sub() { [native code] }. Failed
15	2

	Domain	Requested by
12	now.mode-layer.icu	1 redirects now.mode-layer.icu
0	scrapbook Failed	now.mode-layer.icu
15	2

This site contains links to these domains. Also see Links.

Domain
app.mode.network
mode.mirror.xyz
explorer.mode.network
sepolia.explorer.mode.network
docs.mode.network
github.com
mode.hashnode.dev
discord.gg
twitter.com
t.me
mirror.xyz
modenetwork.notion.site
www.kim.exchange
www.ionic.money
space.id
bridge.mode.network

Subject Issuer	Validity	Valid
mode-layer.icu GTS CA 1P5	`2024-04-05` - `2024-07-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://now.mode-layer.icu/
Frame ID: 31D3BA5D22B627AD675B4E6C08AF0CA8
Requests: 13 HTTP requests in this frame

Frame: https://now.mode-layer.icu/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: F57F482D43A3540DA080C9EF28C489F5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

About the Airdrop

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

67 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1044 kB
Transfer

1141 kB
Size

1
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://app.mode.network/early
Title: • JOIN THE Mode AIRDROP

Search URL Search Domain Scan URL

URL: https://mode.mirror.xyz/
Title: Blog posts

Search URL Search Domain Scan URL

URL: https://explorer.mode.network/
Title: Mainnet

Search URL Search Domain Scan URL

URL: https://sepolia.explorer.mode.network/
Title: Testnet

Search URL Search Domain Scan URL

URL: https://docs.mode.network/
Title: Docs

Search URL Search Domain Scan URL

URL: https://github.com/mode-network/brandkit
Title: Brand assets

Search URL Search Domain Scan URL

URL: https://mode.hashnode.dev/
Title: Community blog

Search URL Search Domain Scan URL

URL: https://discord.gg/modenetworkofficial
Title: Discord

Search URL Search Domain Scan URL

URL: https://twitter.com/modenetwork
Title: Twitter

Search URL Search Domain Scan URL

URL: https://t.me/ModeNetworkOfficial
Title: Telegram

Search URL Search Domain Scan URL

URL: https://mirror.xyz/modenetwork.eth
Title: Blog

Search URL Search Domain Scan URL

URL: https://modenetwork.notion.site/
Title: Community Hub

Search URL Search Domain Scan URL

URL: https://mode.mirror.xyz/e37GCFsELjLzSJZzEJ31hX0W3GMoraDDyRd6JioSxOc
Title: launch article

Search URL Search Domain Scan URL

URL: https://www.kim.exchange/
Title: Kim

Search URL Search Domain Scan URL

URL: https://www.ionic.money/
Title: Ionic

Search URL Search Domain Scan URL

URL: https://space.id/tld/6
Title: Mode Name Service

Search URL Search Domain Scan URL

URL: https://bridge.mode.network/
Title: Bridge

Search URL Search Domain Scan URL

URL: https://docs.mode.network/mode-testnet/mode-testnet-information
Title: Docs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://now.mode-layer.icu/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://now.mode-layer.icu/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
now.mode-layer.icu/ 27 KB
7 KB 97ms
51ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://now.mode-layer.icu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 777f65c69276a94f7cbf05def6f202d58cb65eaa9c25a69b4c2a2cc0f0f13958

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: nl-NL,nl;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86f9dd325a8d672a-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 05 Apr 2024 13:25:25 GMT
last-modified: Tue, 02 Apr 2024 10:43:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HwoTeVJ4rR0R3yPGTn1BbBLZWgyr%2B1CJCZNAQiXeRn1nmvf4Byj3BA7MXCq8m15%2BeuByXc4bqmIUhvExBrz0%2BxmG8cydE8mn6pp0LauGXpGgcbLcyzLYabj9ow7skuoiFxEFkMU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 nicks-lp.webflow.4c4d5bc6f.min.css
now.mode-layer.icu/ 95 KB
19 KB 26ms
26ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://now.mode-layer.icu/nicks-lp.webflow.4c4d5bc6f.min.css
Requested by: Host: now.mode-layer.icu
URL: https://now.mode-layer.icu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e50cf4cc70c087e96da68107eab76f52238bd76a1e1088304a1fbbf07654e4f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://now.mode-layer.icu/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 13:25:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 25 Feb 2024 02:19:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1547
etag: W/"65daa3bc-17d42"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y97eHrkoLyZq3QfEsuMZy06Ky1sJ%2Fq3o3jC%2Bg%2FMLZ8GAXJpz%2FrBrxr4XL%2BNmFcQRPThcVHGCfv39emo3l0w4AJ7EusDGKOIdEgHVDG3CkPiA7W4nM%2FXMcOB9lWtpqho6dHOk6yU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 86f9dd32aad6672a-AMS
alt-svc: h3=":443"; ma=86400

GET css
scrapbook:download:error:https://fonts.googleapis.com/ 0
0

GET
H3 200 65b6706630193b184e620b34_footerbg.png
now.mode-layer.icu/ 322 KB
322 KB 25ms
25ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.mode-layer.icu/65b6706630193b184e620b34_footerbg.png
Requested by: Host: now.mode-layer.icu
URL: https://now.mode-layer.icu/nicks-lp.webflow.4c4d5bc6f.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c866b815631fa7470a3b185cee6b1d4b51f67abf26ac03c1d6fcb8dec8e28310

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://now.mode-layer.icu/nicks-lp.webflow.4c4d5bc6f.min.css
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 13:25:25 GMT
cf-cache-status: HIT
last-modified: Sun, 25 Feb 2024 02:19:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1547
etag: "65daa3c0-5067d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oduB2MsmfrMB0lq%2BQWBdUT6A8m2rs3lpe5U%2Flo%2BRDBYWq4SNLn8pw4j55o8Tcrd61dDKGDfz0D2wjOOWZEaO0p%2Bz08lagoEflkRrCdh1RnVIRAFxMv8OtlGXsbegb5bPdt8Tv0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86f9dd32fb1f672a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 329341

GET 64ef2fd628bb822055e2cb39_GT-Flexa-Mono-Regular-Trial.otf
scrapbook:download:error:https://uploads-ssl.webflow.com/64c906a6ed3c4d809558853b/ 0
0

GET 64fee5edbc8d537f3c5d1642_IBMPlexMono-Regular.woff
scrapbook:download:error:https://uploads-ssl.webflow.com/64c906a6ed3c4d809558853b/ 0
0

GET 64fee5ed7afe6e69e21eb963_IBMPlexMono-Medium.woff
scrapbook:download:error:https://uploads-ssl.webflow.com/64c906a6ed3c4d809558853b/ 0
0

GET
H3 200 64c906fb9ad227d07937723d_64c3bc4651304278d5aaecee_Logo_mode.svg
now.mode-layer.icu/ 1 KB
1 KB 74ms
73ms Image
image/svg+xml 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.mode-layer.icu/64c906fb9ad227d07937723d_64c3bc4651304278d5aaecee_Logo_mode.svg
Requested by: Host: now.mode-layer.icu
URL: https://now.mode-layer.icu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1898bae45b276f8687d56090870d2c100ddde1d800b0ba9c74114d56f012645

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://now.mode-layer.icu/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 13:25:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 25 Feb 2024 02:19:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1547
etag: W/"65daa3bc-5c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9XB4blsGiGD3OBIEOeVocUU3qClgib0Ohe9wx%2FlznbVNDpccpNxa4WUX8aVNz8kUTSknLtKj8UCED3118Qz%2BkSDbkK%2FrBRAKNcS4tI4UkfEk6ASAEJye5EJ94cfkyQoZbofICo4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 86f9dd330b32672a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 65b92744fb720cd9d88e11f3_image6-p-1080.png
now.mode-layer.icu/ 80 KB
80 KB 74ms
74ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.mode-layer.icu/65b92744fb720cd9d88e11f3_image6-p-1080.png
Requested by: Host: now.mode-layer.icu
URL: https://now.mode-layer.icu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 899c0880f16b08d8ad116d1da3d083be088f2f8dacfc12b21ac35b75a2650ece

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://now.mode-layer.icu/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 13:25:25 GMT
cf-cache-status: HIT
last-modified: Sun, 25 Feb 2024 02:19:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1547
etag: "65daa3be-13e5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=driljDnx8ffBPoarLsLdrynB97Yealshpif6Lul9C8EnSr27ea2w%2FumGzOhRWjfYnRIDFFvFuN0r%2Fheux6O%2Fsfyrtf0ZBjH2DYrFLcmIAidNnMqismeKNCqE9bV5PpBCZRuQuYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86f9dd330b35672a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 81500

GET
H3 200 65b92ae4b023f42d57bda6a3_image3-p-1080.png
now.mode-layer.icu/ 147 KB
147 KB 76ms
75ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.mode-layer.icu/65b92ae4b023f42d57bda6a3_image3-p-1080.png
Requested by: Host: now.mode-layer.icu
URL: https://now.mode-layer.icu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d827fe09cda8142ea85c2b95212f1774edc5fff2df8d8989493bfb06808d03e7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://now.mode-layer.icu/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 13:25:25 GMT
cf-cache-status: HIT
last-modified: Sun, 25 Feb 2024 02:19:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1547
etag: "65daa3be-24b8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BVQ3wNmQONB%2BNTO1DgqMXekzHMq9DLvI%2FtonV3H6cp8lBf2hQs7dfX%2BxwsmO4kjQ3eXGCcyhwAbXVVhsXl4wye4OB7IvrY1JLAunAblsaG3vqFsh44VtIjeTjj9rR%2FF7jzfUiMI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86f9dd330b38672a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 150410

GET
H3 200 65b92c566a3a1b0199248f2d_image2.png
now.mode-layer.icu/ 235 KB
235 KB 89ms
89ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.mode-layer.icu/65b92c566a3a1b0199248f2d_image2.png
Requested by: Host: now.mode-layer.icu
URL: https://now.mode-layer.icu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b91274b67e506dcf93c7f49425d8ea561af6b62f291d7d2ade3c728465c47a2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://now.mode-layer.icu/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 13:25:25 GMT
cf-cache-status: HIT
last-modified: Sun, 25 Feb 2024 02:19:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1547
etag: "65daa3c0-3ab7b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FTnaqjJmD2gKRpdMr6prZ5CEFD%2BI3dx23xU7JIWMdVNP%2FpYYs7t74atoWxXGNDi3TCDuGNu6GADLxwlpUdJMqh3zJ%2BJA7D66JPSsGAoXk%2BxxPcKyKtyGtBIoFyX9BB84z%2BgxmfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86f9dd330b3b672a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 240507

GET
H3 200 65b92cd11b9639072a034cc4_image4.png
now.mode-layer.icu/ 226 KB
226 KB 116ms
116ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://now.mode-layer.icu/65b92cd11b9639072a034cc4_image4.png
Requested by: Host: now.mode-layer.icu
URL: https://now.mode-layer.icu/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ae8203d5674a589b6dce8ac79ddc029f23270e39ed3082fc4fb3fe694ebeebf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://now.mode-layer.icu/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 13:25:25 GMT
cf-cache-status: HIT
last-modified: Sun, 25 Feb 2024 02:19:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1547
etag: "65daa3be-386e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=avnUC283o6UOmXpIY3wrGrqRr7QqtgSS9z4HwvdalooBzLNhxfu9mBLsgZiDNICNTOgCcF7pZ1G7PwcC0rFvR1mOQXFoXI47m0WlOrnJMiBSBNXtGfReeT91I38zUEbWb3tOMF8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86f9dd330b3c672a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 231137

GET
H3

200

main.js Show response
now.mode-layer.icu/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame F57F
Redirect Chain

https://now.mode-layer.icu/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://now.mode-layer.icu/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

8 KB
4 KB

19ms
19ms

Script
application/javascript

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://now.mode-layer.icu/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Protocol

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

437e314ad017c2e7b4a71c4444744235046ea0ae03ceb7423b0d80c62282d16c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Apr 2024 13:25:25 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BO%2FTi4Grtqw4aj6vU15bX%2BKG2Z8WE0UdHuI1OTvlsBn4VjO7gL9UcDhgE4odN%2BiUA84XXp5zXcV%2FKoy5jaM9zmARF3SSvG7uJEIr7Y4AqaiJ4sse24DQrDtoaWpk2W5msUcdpYM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 86f9dd33cbf3672a-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Fri, 05 Apr 2024 13:25:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dGr25Hg4alSIGy6lqY%2Bh5l73XZCZ6IoyHHbpgd9YV6ifuxnfaadtPB3Y0oPGDCgz6bHjs77yzY431jQ45xzU5Wq4TDf290hElAVmO1s2zELVJTPGjW961iox%2FaPZt4Vzkg7IiOg%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 86f9dd330b3d672a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 64d0b081f0331ac3c64c5e4d_flav.png
now.mode-layer.icu/ 844 B
1 KB 37ms
37ms Other
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://now.mode-layer.icu/64d0b081f0331ac3c64c5e4d_flav.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70c4797c09a6005862b46e81c29e994bcb778e16d0ef316ca85f2fcd23aa5ef4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://now.mode-layer.icu/
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 13:25:25 GMT
cf-cache-status: HIT
last-modified: Sun, 25 Feb 2024 02:19:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1806
etag: "65daa3be-34c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6Vbn2hAA4PwGb1vDxmrnJsmX9nted8mUo%2Bb%2BXgF9fl7PZxlq1jDgDaFOozFutxUkH3pSDDAT16VZ8QhMZM2TI2h7%2BiZ9ycKkPgdvuB7RgLPqO2V7NPp7lQBkfCFRXMaE0px%2Bq8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86f9dd338bb5672a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 844

POST
H3 200 86f9dd325a8d672a Show response
now.mode-layer.icu/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F57F 0
588 B 33ms
33ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://now.mode-layer.icu/cdn-cgi/challenge-platform/h/b/jsd/r/86f9dd325a8d672a
Requested by: Host: now.mode-layer.icu
URL: https://now.mode-layer.icu/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: nl-NL,nl;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 05 Apr 2024 13:25:25 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PQd6EEtz1APV4wxwUnC4hLznTtdUNzE5B9ZUa%2BG%2B86Fqe8Q4eyPm%2F96wPcTm9TXJ5iqclhJP1krQyvN1OJkSxxgzKnha6Ozy2kPelCVnfSkHo0yx0LK6YgRfQqyKt8YimmobunA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 86f9dd342c79672a-AMS
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: scrapbook
URL: urn:scrapbook:download:error:https://fonts.googleapis.com/css?family=Chakra+Petch:regular,500,600,700%7CIBM+Plex+Sans:regular,italic,500,500italic,600,600italic,700,700italic

Domain: scrapbook
URL: urn:scrapbook:download:error:https://uploads-ssl.webflow.com/64c906a6ed3c4d809558853b/64ef2fd628bb822055e2cb39_GT-Flexa-Mono-Regular-Trial.otf

Domain: scrapbook
URL: urn:scrapbook:download:error:https://uploads-ssl.webflow.com/64c906a6ed3c4d809558853b/64fee5edbc8d537f3c5d1642_IBMPlexMono-Regular.woff

Domain: scrapbook
URL: urn:scrapbook:download:error:https://uploads-ssl.webflow.com/64c906a6ed3c4d809558853b/64fee5ed7afe6e69e21eb963_IBMPlexMono-Medium.woff

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mode-layer.icu/	1970-01-21 04:24:19	Name: cf_clearance Value: ySYsiZrbSztgS1_Kd_dct_uuox3NEm4_9ZTtUBr.nbc-1712323525-1.0.1.1-1L9dd.ordKezqElyCXcuF3xRW63kGjxP0a7CJ4b3ImmKhW5U5HBytX3.282c3Yiaaxi7hWZbGfN7ujlVOF_rJA

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: urn:scrapbook:download:error:https://fonts.googleapis.com/css?family=Chakra+Petch:regular,500,600,700%7CIBM+Plex+Sans:regular,italic,500,500italic,600,600italic,700,700italic Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
javascript	error	URL: https://now.mode-layer.icu/(Line 1) Message: Access to font at 'urn:scrapbook:download:error:https://uploads-ssl.webflow.com/64c906a6ed3c4d809558853b/64ef2fd628bb822055e2cb39_GT-Flexa-Mono-Regular-Trial.otf' from origin 'https://now.mode-layer.icu' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, isolated-app, chrome-extension, chrome, https, chrome-untrusted.
network	error	URL: urn:scrapbook:download:error:https://uploads-ssl.webflow.com/64c906a6ed3c4d809558853b/64ef2fd628bb822055e2cb39_GT-Flexa-Mono-Regular-Trial.otf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://now.mode-layer.icu/(Line 1) Message: Access to font at 'urn:scrapbook:download:error:https://uploads-ssl.webflow.com/64c906a6ed3c4d809558853b/64fee5edbc8d537f3c5d1642_IBMPlexMono-Regular.woff' from origin 'https://now.mode-layer.icu' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, isolated-app, chrome-extension, chrome, https, chrome-untrusted.
network	error	URL: urn:scrapbook:download:error:https://uploads-ssl.webflow.com/64c906a6ed3c4d809558853b/64fee5edbc8d537f3c5d1642_IBMPlexMono-Regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://now.mode-layer.icu/(Line 1) Message: Access to font at 'urn:scrapbook:download:error:https://uploads-ssl.webflow.com/64c906a6ed3c4d809558853b/64fee5ed7afe6e69e21eb963_IBMPlexMono-Medium.woff' from origin 'https://now.mode-layer.icu' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, isolated-app, chrome-extension, chrome, https, chrome-untrusted.
network	error	URL: urn:scrapbook:download:error:https://uploads-ssl.webflow.com/64c906a6ed3c4d809558853b/64fee5ed7afe6e69e21eb963_IBMPlexMono-Medium.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

now.mode-layer.icu
scrapbook
scrapbook
188.114.97.3
437e314ad017c2e7b4a71c4444744235046ea0ae03ceb7423b0d80c62282d16c
4ae8203d5674a589b6dce8ac79ddc029f23270e39ed3082fc4fb3fe694ebeebf
5b91274b67e506dcf93c7f49425d8ea561af6b62f291d7d2ade3c728465c47a2
5e50cf4cc70c087e96da68107eab76f52238bd76a1e1088304a1fbbf07654e4f
70c4797c09a6005862b46e81c29e994bcb778e16d0ef316ca85f2fcd23aa5ef4
777f65c69276a94f7cbf05def6f202d58cb65eaa9c25a69b4c2a2cc0f0f13958
899c0880f16b08d8ad116d1da3d083be088f2f8dacfc12b21ac35b75a2650ece
c866b815631fa7470a3b185cee6b1d4b51f67abf26ac03c1d6fcb8dec8e28310
d827fe09cda8142ea85c2b95212f1774edc5fff2df8d8989493bfb06808d03e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1898bae45b276f8687d56090870d2c100ddde1d800b0ba9c74114d56f012645

now.mode-layer.icu Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

67 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

1044 kBTransfer

1141 kBSize

1 Cookies

18 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

1 Cookies

7 Console Messages

Indicators

now.mode-layer.icu Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

67 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

1044 kB
Transfer

1141 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions