urlscan.io logo urlscan.io
SecurityTrails logo

news.mahtawiat.com Open in urlscan Pro
2606:4700:3034::ac43:bb32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://proesmin.com/
Effective URL: https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/
Submission: On March 27 via manual from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3034::ac43:bb32, located in United States and belongs to CLOUDFLARENET, US. The main domain is news.mahtawiat.com.
TLS certificate: Issued by E1 on March 8th 2023. Valid for: 3 months.
This is the only time news.mahtawiat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 192.232.251.61 46606 (UNIFIEDLA...)
2 2 190.115.26.9 262254 (DDOS-GUAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 10 2606:4700:303... 13335 (CLOUDFLAR...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
18 5
1    192.232.251.61 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-232-251-61.unifiedlayer.com
proesmin.com
2    190.115.26.9 (Belize City, Belize)

ASN262254 (DDOS-GUARD CORP., BZ)
sh-op.shop
mahtawaiat.c-you.cyou
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
10    2606:4700:3034::ac43:bb32 (United States)

ASN13335 (CLOUDFLARENET, US)
news.mahtawiat.com
8    2606:4700::6812:7b9 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
10 mahtawiat.com
news.mahtawiat.com
131 KB
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4950
130 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
1 c-you.cyou
mahtawaiat.c-you.cyou
407 B
1 sh-op.shop
sh-op.shop
220 B
1 proesmin.com
proesmin.com
590 B
18 6
Domain Requested by
10 news.mahtawiat.com 1 redirects www.google.com
news.mahtawiat.com
proesmin.com
8 challenges.cloudflare.com 1 redirects news.mahtawiat.com
challenges.cloudflare.com
proesmin.com
1 www.google.com proesmin.com
1 mahtawaiat.c-you.cyou 1 redirects
1 sh-op.shop 1 redirects
1 proesmin.com
18 6

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
www.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
*.mahtawiat.com
E1		 2023-03-08 -
2023-06-06		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/
Frame ID: 1B48AF6BC036B411C204AFEF5B8151EA
Requests: 15 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/s3lod/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 391B8224EBF076AE7B6BB4DC114F74C1
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://proesmin.com/ Page URL
  2. https://sh-op.shop/qtn0r5 HTTP 302
    https://mahtawaiat.c-you.cyou/ HTTP 302
    https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwie7crrq9L9... Page URL
  3. https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

18
Requests

83 %
HTTPS

60 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

263 kB
Transfer

585 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://proesmin.com/ Page URL
  2. https://sh-op.shop/qtn0r5 HTTP 302
    https://mahtawaiat.c-you.cyou/ HTTP 302
    https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwie7crrq9L9AhUmR6QEHdSvDkoQFnoECAgQAQ&url=https%3A%2F%2Fnews.mahtawiat.com%2F36%2Ftiktok-announces-a-move-that-angers-viewers-and-delights-content-creators%2F&usg=AOvVaw3yKafAYDY4Ovmz-D-7iUlb Page URL
  3. https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://sh-op.shop/qtn0r5 HTTP 302
  • https://mahtawaiat.c-you.cyou/ HTTP 302
  • https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwie7crrq9L9AhUmR6QEHdSvDkoQFnoECAgQAQ&url=https%3A%2F%2Fnews.mahtawiat.com%2F36%2Ftiktok-announces-a-move-that-angers-viewers-and-delights-content-creators%2F&usg=AOvVaw3yKafAYDY4Ovmz-D-7iUlb
Request Chain 5
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
Request Chain 6
  • https://news.mahtawiat.com/favicon.ico HTTP 302
  • https://news.mahtawiat.com/wp-content/uploads/2023/03/rsz_2286682.png

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
proesmin.com/ 		696 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
http://proesmin.com/
Protocol
HTTP/1.1
Server
192.232.251.61 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-232-251-61.unifiedlayer.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
329
Content-Type
text/html; charset=UTF-8
Date
Mon, 27 Mar 2023 16:42:40 GMT
Keep-Alive
timeout=5, max=75
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding
url
www.google.com/
Redirect Chain
  • https://sh-op.shop/qtn0r5
  • https://mahtawaiat.c-you.cyou/
  • https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwie7crrq9L9AhUmR6QEHdSvDkoQFnoECAgQAQ&url=https%3A%2F%2Fnews.mahtawiat.com%2F36%2Ftiktok-announces-a-move-tha...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwie7crrq9L9AhUmR6QEHdSvDkoQFnoECAgQAQ&url=https%3A%2F%2Fnews.mahtawiat.com%2F36%2Ftiktok-announces-a-move-that-angers-viewers-and-delights-content-creators%2F&usg=AOvVaw3yKafAYDY4Ovmz-D-7iUlb
Requested by
Host: proesmin.com
URL: http://proesmin.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
http://proesmin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
615
content-security-policy-report-only
object-src 'none';base-uri 'self';script-src 'nonce-NXLfv9_NElws1vSET03PTA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
date
Mon, 27 Mar 2023 16:42:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
pragma
no-cache
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0

Redirect headers

content-length
0
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Mon, 27 Mar 2023 16:42:45 GMT
location
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwie7crrq9L9AhUmR6QEHdSvDkoQFnoECAgQAQ&url=https%3A%2F%2Fnews.mahtawiat.com%2F36%2Ftiktok-announces-a-move-that-angers-viewers-and-delights-content-creators%2F&usg=AOvVaw3yKafAYDY4Ovmz-D-7iUlb
server
ddos-guard
Primary Request /
news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/ 		8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwie7crrq9L9AhUmR6QEHdSvDkoQFnoECAgQAQ&url=https%3A%2F%2Fnews.mahtawiat.com%2F36%2Ftiktok-announces-a-move-that-angers-viewers-and-delights-content-creators%2F&usg=AOvVaw3yKafAYDY4Ovmz-D-7iUlb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:bb32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22623c4b50ddcdcfc74d23f87b57d2e8c82644386d4abc405506487d3d3a43ed
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
7ae916a39f2b0412-MAD
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 27 Mar 2023 16:42:45 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqbSUNICuTEh%2BaaEfmxitbaM40NNS%2FwVT3FLOF8m4mjcJIFdD1H0GC0XWy9ASwP5DuiuC5DsA%2B30BEljk9hMNtLJb5QHX4OnGQT0eBdn7bjfltG24NkpxpoFMRMRw4gPhndXNAE90BVj4WM7zOGkwLs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
challenges.css
news.mahtawiat.com/cdn-cgi/styles/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.mahtawiat.com/cdn-cgi/styles/challenges.css
Requested by
Host: news.mahtawiat.com
URL: https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:bb32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 16:42:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 Mar 2023 12:30:57 GMT
server
cloudflare
etag
W/"6419a381-19c8"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=7200, public
cf-ray
7ae916a3f8450412-MAD
expires
Mon, 27 Mar 2023 18:42:45 GMT
v1
news.mahtawiat.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 		160 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.mahtawiat.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7ae916a39f2b0412
Requested by
Host: news.mahtawiat.com
URL: https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:bb32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02298215516969a43d0c57fa08fd1cde0b655cbd830d1aa242433aea4692595

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/?__cf_chl_rt_tk=mEel0D_CRCfh.1xDzzumaUeF3F_RKmegNV0YDO8EBkU-1679935365-0-gaNycGzNC-U
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 16:42:45 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpX82oS%2FF8x%2FitDsyEctBzpyBaLF3kglRWIqzNoDIaE%2FcAI2Q70rEjB5NxTC3XO1AiWKo%2FSE4li3xQQ0NZ0n8KIcrd7i2UoSSdHvKhILiofTw8sK5VzLDIPeeVokPte%2Bcy%2Bnt4I917WpzHAcUeZwB3s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7ae916a438c90412-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
transparent.gif
news.mahtawiat.com/cdn-cgi/images/trace/managed/js/ 		42 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.mahtawiat.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7ae916a39f2b0412
Requested by
Host: news.mahtawiat.com
URL: https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/?__cf_chl_rt_tk=mEel0D_CRCfh.1xDzzumaUeF3F_RKmegNV0YDO8EBkU-1679935365-0-gaNycGzNC-U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:bb32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/?__cf_chl_rt_tk=mEel0D_CRCfh.1xDzzumaUeF3F_RKmegNV0YDO8EBkU-1679935365-0-gaNycGzNC-U
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 16:42:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 21 Mar 2023 12:30:57 GMT
server
cloudflare
etag
"6419a381-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7ae916a438cb0412-MAD
content-length
42
expires
Mon, 27 Mar 2023 18:42:45 GMT
api.js
challenges.cloudflare.com/turnstile/v0/b/c09a1a74/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: news.mahtawiat.com
URL: https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/
Protocol
H2
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38065ca232356314bc86aad8e1b1ad253d7b20a16bc6387d01ab225c29e86490

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 16:42:46 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7ae916a58e1814fd-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 27 Mar 2023 16:42:45 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/b/c09a1a74/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control
max-age=300, public
cf-ray
7ae916a54dbb14fd-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rsz_2286682.png
news.mahtawiat.com/wp-content/uploads/2023/03/
Redirect Chain
  • https://news.mahtawiat.com/favicon.ico
  • https://news.mahtawiat.com/wp-content/uploads/2023/03/rsz_2286682.png
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.mahtawiat.com/wp-content/uploads/2023/03/rsz_2286682.png
Requested by
Host: news.mahtawiat.com
URL: https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/
Protocol
H3
Server
2606:4700:3034::ac43:bb32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db19c7476a7f7a4e8189068079cfc03deee9dc2fdb0101abb79f09029092a03b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 16:42:46 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qrVOAqwVMPo0BgmNlK0f3sMVRHWVQ8hhan3ljSK%2Fu93XFahfUoDfPh5YFxV3raCulyi4eZDOBNBgRQrXCLH3FNiCbKMzmA9J1GSzu6jUtfgNN1AGBVMvcFkzeqj4aI0XcGem29MuzSbLdLKglHb7ApI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
7ae916a7986466ad-MAD
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

date
Mon, 27 Mar 2023 16:42:46 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-redirect-by
WordPress
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fw%2BKIB%2BEuYSwqxtTQUzUvzD%2FRHSRmxy2bhfbMMXIlclbJWbBTWSWl2Ykt%2FNGezFcEaPo6I%2BYbbrMBsYASoQTl2wTb3uUH3sCUKldzvIRpYi5lS3OsZL4qZ4q4fMf9VJi92oPjhzbxkDjonxgrrbZvbw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://news.mahtawiat.com/wp-content/uploads/2023/03/rsz_2286682.png
cf-ray
7ae916a4dacd66ad-MAD
link
<https://news.mahtawiat.com/wp-json/>; rel="https://api.w.org/"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		586 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
040e392c41a501c
news.mahtawiat.com/cdn-cgi/challenge-platform/h/b/flow/ov1/406673984:1679933497:8EiLQd8l6AMyyNqnUak_EI_axK5il5BmFiyrhlXCcj0/7ae916a39f2b0412/ 		103 KB
51 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.mahtawiat.com/cdn-cgi/challenge-platform/h/b/flow/ov1/406673984:1679933497:8EiLQd8l6AMyyNqnUak_EI_axK5il5BmFiyrhlXCcj0/7ae916a39f2b0412/040e392c41a501c
Requested by
Host: news.mahtawiat.com
URL: https://news.mahtawiat.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7ae916a39f2b0412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bb32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d47a78d4df7f78169e3c8a514efe805088578b4e5f237d5c5bf6c8829bf19e5

Request headers

Referer
https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
CF-Challenge
040e392c41a501c
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Mar 2023 16:42:46 GMT
content-encoding
br
cf_chl_gen
eTdNfytVN+CSuiWISs0GiQuV1Mh1yRaCNbfooTPfDzfw1moQ9TY2BpWtQahN+zbSSiv7HMBHC7QuuckyQRfR9eEAHKBtfwbRceY3ENIdOZE+ZrmeV0jDhSSM+1ztL2Lc3kHo+6MwJ4oS/1+qpaM0UXYR84mmlFHrYHcELysa1iouannNEXQkftzB1cnASr+8LD+668zb7Yx48R84rRi4Ja+RDNiiKoj9EJdfxQBExd74x22V+/qA1SaZZaLiAQZsNV3eGrcQhj+ePEHe83nt53UGH3oNXrMK4/WwPz5nY9y5v+9kn7buPf5iKCrqR6WaB9vVyszNMivpNyQgEZu9lAWB0iG3zOlbwKyjPf8V1/VhtgaDX3rQF5ChurXlICAqxi0wvl+kchqx14LhOc2PQci2bM5S3LtX/xmtKGt8KG6rGBhCYy9qT9LgcHxqIjiR$3bUH3g0vdiXM5rpNHTcsYw==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZlOsdGOQkV4oG0XtC9kJco6nKv%2Bpi009jhq%2FjZTuhmIa%2F5PyPqFeW3F772uMb1n2VJy1kEK3n%2Bl2iCfy8lDSSXHnQwlupPfhZp93EZ4QGojnUOgakvq0PjsQp3frL14eC9PUttD2zfhgvNr1U6DrYo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7ae916a58c0666ad-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
FpyjUZr37lRWe4e
news.mahtawiat.com/cdn-cgi/challenge-platform/h/b/img/7ae916a39f2b0412/1679935366010/ 		61 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://news.mahtawiat.com/cdn-cgi/challenge-platform/h/b/img/7ae916a39f2b0412/1679935366010/FpyjUZr37lRWe4e
Requested by
Host: news.mahtawiat.com
URL: https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bb32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d601d2039495687bf4aeeb9418b21c37555c56c3be3f06caf23c8ad02eacca3e

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 16:42:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7ae916a69e2066ad-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcWXYjaZx%2BR1gaP3r6aTXXgit8rUDLSCt4AMQTEzN13lGynrcAgNoa%2FmQJ%2BFl9Ddf3pV9X75SI1nn%2B2fHG%2FShuP%2B5BCR%2BCna1YNo4ML9P4c%2BupGa%2FAxD1YbDjGr%2F%2Fse8ZfXM9HisCBP7yI3xyN9SgS8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
e9SCSEkJunxaR0R
news.mahtawiat.com/cdn-cgi/challenge-platform/h/b/pat/7ae916a39f2b0412/1679935366010/b704f24eb8ca4ed5ae58d517d92ef583a80ffa43a57b22d16a479fa18333ebf2/ 		1 B
929 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.mahtawiat.com/cdn-cgi/challenge-platform/h/b/pat/7ae916a39f2b0412/1679935366010/b704f24eb8ca4ed5ae58d517d92ef583a80ffa43a57b22d16a479fa18333ebf2/e9SCSEkJunxaR0R
Requested by
Host: proesmin.com
URL: http://proesmin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bb32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 16:42:46 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gtwTyTrjKTtWuWNUX2S71g6gP-kOleyLRakefoYMz6_IAEm5ld3MubWFodGF3aWF0LmNvbQ==, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsZX7oXKP7loT52LdLGGhPx-FcBMIdXnohMZ_iqCvbnx5wO3UpaaYQijaS2knGPME34_57i843skNJNu0cqfk3kSO_UbCNZB1O7R-1HHR-ZeqVYD4DkZsO9MgvQyNI2dA-0ft0Hpg9ZWh8CvxSsydRSbQXQQ7njXvtE7Fgt-epNrnMmxQ1vdZvRFy06TPE1BYopLEuTNzMAh9-7c49XMNwctaTluD96isf1HWDhFRV33vn_F4nLEzOfSbQM2PWLMClyEk-6XFxMfoMxOz-DKqPWJ75hfxsdiW9U4-ylW0C6EFDNYLwJseHmFeb5bjkGR7pDkVj5QfYDajhmkBdl5ODwIDAQAB, max-age=20
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6iZ2LbS7%2Fy2zWdbTfGfo4dWnBjYt3f8GRK6wjNk09MRkiJoLYbrZZAGKqtmKLma71KjSsATeaOibX0ZlK208ouyEDBi0fxOjZva9SG%2B5ySKBVsJzKAnxUT1sGzyfySe4P6SEEUAEQ1NjuHh80PT5LH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7ae916a6eed966ad-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
040e392c41a501c
news.mahtawiat.com/cdn-cgi/challenge-platform/h/b/flow/ov1/406673984:1679933497:8EiLQd8l6AMyyNqnUak_EI_axK5il5BmFiyrhlXCcj0/7ae916a39f2b0412/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.mahtawiat.com/cdn-cgi/challenge-platform/h/b/flow/ov1/406673984:1679933497:8EiLQd8l6AMyyNqnUak_EI_axK5il5BmFiyrhlXCcj0/7ae916a39f2b0412/040e392c41a501c
Requested by
Host: news.mahtawiat.com
URL: https://news.mahtawiat.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7ae916a39f2b0412
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::ac43:bb32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
490409a27f9e0fde88d8ad4a4fc48a39ed09328ce41fc3c6e5ed90ed2c538e76

Request headers

Referer
https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
CF-Challenge
040e392c41a501c
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Mar 2023 16:42:47 GMT
content-encoding
br
cf_chl_gen
FMTkDD7Du1Ck/VNjCLNHFloE/veLT5ulVxRc+HWfUY8u7JELEaS2n3Cyx4aBpICa$XPc9Ti4nF5BuZmL0uJbaow==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GiZiDzgPuMQVsAiFBR1mh1jDxrp3jp9WzeFGY%2F36EPKvVTFYqEmEAlTDxJK%2BPJhbnJxQNyNW3O2Ot%2FSnGGPO2VKDMGs%2Bypvehoa2Qp%2FqDPddfOw%2FIBAzncH59sQdkqqIFPL%2F4EtSAsLNgqvcGdwjfg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7ae916af2f9066ad-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/s3lod/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 391B 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/s3lod/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5966aa6dc791f484ac5a071c094e975e2abce0f5bfc9b1845a449ff590a14c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7ae916afed1e2fcb-MAD
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 27 Mar 2023 16:42:47 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
truncated
/ 		187 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/png
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 391B 		154 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7ae916afed1e2fcb
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/s3lod/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6418a47b305114719186236be271f5e157114e2da432e5954f5dfcc291bda08

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/s3lod/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 16:42:48 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7ae916b228e72fcb-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
52dcd74da42c683
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1228704502:1679933206:VIBxClD7BX8Z-v_p2wJl7AvYl1Ebdug0LYHK6Ew0pR4/7ae916afed1e2fcb/ Frame 391B 		93 KB
52 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1228704502:1679933206:VIBxClD7BX8Z-v_p2wJl7AvYl1Ebdug0LYHK6Ew0pR4/7ae916afed1e2fcb/52dcd74da42c683
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7ae916afed1e2fcb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a844d6b277f1739439843e94a4068655ea667df3e743f39c36dc25e7dbda8adb

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/s3lod/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
CF-Challenge
52dcd74da42c683
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Mar 2023 16:42:48 GMT
content-encoding
br
cf_chl_gen
0lpOap1Yj2oId/8XA8gm0A2PTkoPpFceq8Ee/jt1E3ovFaRQG9AaaPF0+qa2GWHJ0lk9CicBtEC+yKM28JHk0iaMDeirWgMClfl/jB5P8dvtMQijmfblvTaKqapvoJIESo9fk9mgfhJnmWI4xGzHLsKOoxdMgfi2xijzdVZN1paBtChE7Fm0nTuoZITBTPV3fxmV30yCeOeNWv6HnZ6Pdn3lUy9hKtlOBx3NATVmC5iwmmalXmTkYYI5vPIdmH+329AJTdYI646aWO44dKd0DOWeiHZYNDNsY26wZJsGnxTKDzWqs0AF7CJTn8midX5gGYJgfE9y06cSBidFXepOvy2gyji+AsQ1CGGd4orhv3VBef3LB5W/K4Cs3ljXdUKMnUQw1IQRbxNXSYNvIcO9yw==$WVRiJu4nu7j1pKWiDITQBw==
server
cloudflare
cf-ray
7ae916b39b6f2fcb-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
Q5wPNBd5yqjAeP3
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7ae916afed1e2fcb/1679935368272/71926fd5bed378411c4e91ee81149ae0308820e6aabe2ff8422097b1bbcf6750/ Frame 391B 		1 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7ae916afed1e2fcb/1679935368272/71926fd5bed378411c4e91ee81149ae0308820e6aabe2ff8422097b1bbcf6750/Q5wPNBd5yqjAeP3
Requested by
Host: proesmin.com
URL: http://proesmin.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/s3lod/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 16:42:48 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gcZJv1b7TeEEcTpHugRSa4DCIIOaqvi_4QiCXsbvPZ1AAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsZX7oXKP7loT52LdLGGhPx-FcBMIdXnohMZ_iqCvbnx5wO3UpaaYQijaS2knGPME34_57i843skNJNu0cqfk3kSO_UbCNZB1O7R-1HHR-ZeqVYD4DkZsO9MgvQyNI2dA-0ft0Hpg9ZWh8CvxSsydRSbQXQQ7njXvtE7Fgt-epNrnMmxQ1vdZvRFy06TPE1BYopLEuTNzMAh9-7c49XMNwctaTluD96isf1HWDhFRV33vn_F4nLEzOfSbQM2PWLMClyEk-6XFxMfoMxOz-DKqPWJ75hfxsdiW9U4-ylW0C6EFDNYLwJseHmFeb5bjkGR7pDkVj5QfYDajhmkBdl5ODwIDAQAB, max-age=20
server
cloudflare
cf-ray
7ae916b49d6f2fcb-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
aahFrnjtb6U5NXw
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7ae916afed1e2fcb/1679935368272/ Frame 391B 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/7ae916afed1e2fcb/1679935368272/aahFrnjtb6U5NXw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edcbf5d73d9cf6d6703676f56ee447d8dacaa6879359806722d2b132869a47f5

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/s3lod/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Mon, 27 Mar 2023 16:42:48 GMT
server
cloudflare
cf-ray
7ae916b4ddd82fcb-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
52dcd74da42c683
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1228704502:1679933206:VIBxClD7BX8Z-v_p2wJl7AvYl1Ebdug0LYHK6Ew0pR4/7ae916afed1e2fcb/ Frame 391B 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1228704502:1679933206:VIBxClD7BX8Z-v_p2wJl7AvYl1Ebdug0LYHK6Ew0pR4/7ae916afed1e2fcb/52dcd74da42c683
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7ae916afed1e2fcb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3efabe29d7f369f91af3ad2626f41d7dd3bcb31178ad16316f437584427d6f72

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/s3lod/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
es-ES,es;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
CF-Challenge
52dcd74da42c683
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Mar 2023 16:42:49 GMT
content-encoding
br
cf_chl_gen
xg1dS5dKFOXErA7Z/JFRZsuZQlw0flN5oQVi4HFQ34vtlPltyWNBaPvMineRJDJm$bRhwAhe0KjjO9X/ZWNMvDQ==
server
cloudflare
cf-ray
7ae916be39202fcb-MAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| SHA256 function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| __cf_md5 function| sendRequest function| _cf_chl_turnstile_l object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded object| _

5 Cookies

Domain/Path Name / Value
.sh-op.shop/ Name: __ddg1_
Value: 7xhChM7ZDyNbBgjSaQwl
.c-you.cyou/ Name: __ddg1_
Value: V87StGLGSdx1ofk3saC3
.google.com/ Name: __Secure-ENID
Value: 11.SE=fFh3Rdxdx559ESQ5-8OlcJBP8UzHx94WbuFT4sNwt22SpUkZUBZyMSZtL-PgcP7CZzIY2AZh7CNlEmS_zj0ZqAGZkvbT7tAeUgJdfQLDSksesqZnmBs3MmIMwDgldOMAzJy1_DR63t7fbCLpt2BO1yusGajvJBWKcmFOE4C1X1s
.google.com/ Name: CONSENT
Value: PENDING+418
news.mahtawiat.com/ Name: cf_chl_2
Value: 040e392c41a501c

6 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://news.mahtawiat.com/36/tiktok-announces-a-move-that-angers-viewers-and-delights-content-creators/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://news.mahtawiat.com/cdn-cgi/challenge-platform/h/b/pat/7ae916a39f2b0412/1679935366010/b704f24eb8ca4ed5ae58d517d92ef583a80ffa43a57b22d16a479fa18333ebf2/e9SCSEkJunxaR0R
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://news.mahtawiat.com/wp-content/uploads/2023/03/rsz_2286682.png
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7ae916afed1e2fcb/1679935368272/71926fd5bed378411c4e91ee81149ae0308820e6aabe2ff8422097b1bbcf6750/Q5wPNBd5yqjAeP3
Message:
Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
mahtawaiat.c-you.cyou
news.mahtawiat.com
proesmin.com
sh-op.shop
www.google.com
190.115.26.9
192.232.251.61
2606:4700:3034::ac43:bb32
2606:4700::6812:7b9
2a00:1450:4001:80f::2004
22623c4b50ddcdcfc74d23f87b57d2e8c82644386d4abc405506487d3d3a43ed
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
2d47a78d4df7f78169e3c8a514efe805088578b4e5f237d5c5bf6c8829bf19e5
38065ca232356314bc86aad8e1b1ad253d7b20a16bc6387d01ab225c29e86490
3efabe29d7f369f91af3ad2626f41d7dd3bcb31178ad16316f437584427d6f72
490409a27f9e0fde88d8ad4a4fc48a39ed09328ce41fc3c6e5ed90ed2c538e76
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
a844d6b277f1739439843e94a4068655ea667df3e743f39c36dc25e7dbda8adb
b02298215516969a43d0c57fa08fd1cde0b655cbd830d1aa242433aea4692595
d5966aa6dc791f484ac5a071c094e975e2abce0f5bfc9b1845a449ff590a14c9
d601d2039495687bf4aeeb9418b21c37555c56c3be3f06caf23c8ad02eacca3e
db19c7476a7f7a4e8189068079cfc03deee9dc2fdb0101abb79f09029092a03b
edcbf5d73d9cf6d6703676f56ee447d8dacaa6879359806722d2b132869a47f5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6418a47b305114719186236be271f5e157114e2da432e5954f5dfcc291bda08
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa