urlscan.io logo urlscan.io
SecurityTrails logo

bhvwzglhbw9u.cretech.ru Open in urlscan Pro
141.95.99.203  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.nexxt.com/common/track/trackgeneral.asp?tcid=106ttid=2cid=146408910emid=18977&tv1=Unsubscribetl2=3Dsdtv2=3...
Effective URL: https://bhvwzglhbw9u.cretech.ru/bHBwcHNw/
Submission: On July 06 via manual — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 14 HTTP transactions. The main IP is 141.95.99.203, located in France and belongs to OVH, FR. The main domain is bhvwzglhbw9u.cretech.ru.
TLS certificate: Issued by R3 on June 23rd 2023. Valid for: 3 months.
This is the only time bhvwzglhbw9u.cretech.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 68.168.84.60 17378 (AS17378)
1 192.185.79.88 19871 (NETWORK-S...)
1 141.95.99.203 16276 (OVH)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:400... 54113 (FASTLY)
14 6
1    68.168.84.60 (Norristown, United States)

ASN17378 (AS17378, US)
PTR: 60.84.168.68.static.dbsintl.net
www.nexxt.com
1    192.185.79.88 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: websol.ws
horseracingsystems.com.au
1    141.95.99.203 (France)

ASN16276 (OVH, FR)
PTR: s614.fra6.mysecurecloudhost.com
bhvwzglhbw9u.cretech.ru
1    2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
8    2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
Apex Domain
Subdomains		 Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5263
250 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
25 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 749
30 KB
1 cretech.ru
bhvwzglhbw9u.cretech.ru
2 KB
1 horseracingsystems.com.au
horseracingsystems.com.au
122 B
1 nexxt.com
www.nexxt.com — Cisco Umbrella Rank: 143019
1 KB
14 6
Domain Requested by
8 challenges.cloudflare.com 1 redirects bhvwzglhbw9u.cretech.ru
challenges.cloudflare.com
1 cdn.jsdelivr.net horseracingsystems.com.au
1 code.jquery.com horseracingsystems.com.au
1 bhvwzglhbw9u.cretech.ru
1 horseracingsystems.com.au
1 www.nexxt.com 1 redirects
14 6

This site contains no links.

Subject Issuer Validity Valid
horseracingsystems.com.au
R3		 2023-06-03 -
2023-09-01		 3 months crt.sh
www.bhvwzglhbw9u.cretech.ru
R3		 2023-06-23 -
2023-09-21		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://bhvwzglhbw9u.cretech.ru/bHBwcHNw/
Frame ID: BEAF3AB0D7E4B8F03F87F88FF3A47EC3
Requests: 6 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sj22c/0x4AAAAAAAGdnih2SsGspLZq/auto/normal
Frame ID: 0480E4532D0326F642A323A190E7FE79
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

14
Requests

71 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

308 kB
Transfer

692 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.nexxt.com/common/track/trackgeneral.asp?tcid=106ttid=2cid=146408910emid=18977&tv1=Unsubscribetl2=3Dsdtv2=30200224%2B14%3A08bydal=truesid=EFC4BF1A-2DD6-4735-A7FC-6285ED6C4AACintsti=&red=https%3A%2F%2Fhorseracingsystems.com.au%2Fnew%2Fauth%2FMpyc%2F%2F%2F%2FY2FyZWVyc0BjcnlvcG9ydC5jb20= HTTP 302
  • https://horseracingsystems.com.au/new/auth/Mpyc////Y2FyZWVyc0BjcnlvcG9ydC5jb20=
Request Chain 3
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Y2FyZWVyc0BjcnlvcG9ydC5jb20=
horseracingsystems.com.au/new/auth/Mpyc////
Redirect Chain
  • https://www.nexxt.com/common/track/trackgeneral.asp?tcid=106ttid=2cid=146408910emid=18977&tv1=Unsubscribetl2=3Dsdtv2=30200224%2B14%3A08bydal=truesid=EFC4BF1A-2DD6-4735-A7FC-6285ED6C4AACintsti=&red=...
  • https://horseracingsystems.com.au/new/auth/Mpyc////Y2FyZWVyc0BjcnlvcG9ydC5jb20=
0
122 B 		Document
General
Check archive.org
Download Go to
Full URL
https://horseracingsystems.com.au/new/auth/Mpyc////Y2FyZWVyc0BjcnlvcG9ydC5jb20=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.185.79.88 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
websol.ws
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 06 Jul 2023 21:16:27 GMT
refresh
0;url=https://bhvwzglhbw9u.cretech.ru/bHBwcHNw/#careers@cryoport.com
server
Apache

Redirect headers

beyond-iis
WFE2222
cache-control
private
content-length
196
content-type
text/html; charset=utf-8
date
Thu, 06 Jul 2023 21:16:26 GMT
location
https://horseracingsystems.com.au/new/auth/Mpyc////Y2FyZWVyc0BjcnlvcG9ydC5jb20=
permissions-policy
interest-cohort=()
referrer-policy
no-referrer-when-downgrade
server
Microsoft-IIS/10.0
strict-transport-security
max-age=16000000; includeSubDomains; preload;
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge,chrome=1
Primary Request /
bhvwzglhbw9u.cretech.ru/bHBwcHNw/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bhvwzglhbw9u.cretech.ru/bHBwcHNw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.99.203 , France, ASN16276 (OVH, FR),
Reverse DNS
s614.fra6.mysecurecloudhost.com
Software
LiteSpeed / PHP/8.2.7
Resource Hash
f247b8d42a7b0bc35a46517118d73961f22d245049d86ccb91d6cce6850c40eb

Request headers

Referer
https://horseracingsystems.com.au/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-length
1494
content-type
text/html; charset=UTF-8
date
Thu, 06 Jul 2023 21:16:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/8.2.7
truncated
/ 		130 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ced9e259025b0d5735fa81dbff6d131dc5d2dd7a84d83dfc15e15994a02d966c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
text/javascript
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: horseracingsystems.com.au
URL: https://horseracingsystems.com.au/new/auth/Mpyc////Y2FyZWVyc0BjcnlvcG9ydC5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://bhvwzglhbw9u.cretech.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 06 Jul 2023 21:16:27 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1688678187.dop238.fr8.t,1688678187.cds235.fr8.hn,1688678187.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
api.js
challenges.cloudflare.com/turnstile/v0/g/19b997cb/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js
19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js
Requested by
Host: bhvwzglhbw9u.cretech.ru
URL: https://bhvwzglhbw9u.cretech.ru/bHBwcHNw/
Protocol
H2
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7a5045877238b1271059b2175e224d73844f717d25ee6bb0bd4751d21490075

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bhvwzglhbw9u.cretech.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 21:16:27 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7e2ade712c743604-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Thu, 06 Jul 2023 21:16:27 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/g/19b997cb/api.js
cache-control
max-age=300, public
cf-ray
7e2ade710c513604-FRA
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: horseracingsystems.com.au
URL: https://horseracingsystems.com.au/new/auth/Mpyc////Y2FyZWVyc0BjcnlvcG9ydC5jb20=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bhvwzglhbw9u.cretech.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 06 Jul 2023 21:16:27 GMT
x-content-type-options
nosniff
content-encoding
br
age
2201430
x-jsd-version
5.0.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25360
x-served-by
cache-fra-eddf8230139-FRA
x-jsd-version-type
version
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sj22c/0x4AAAAAAAGdnih2SsGspLZq/auto/ Frame 0480 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sj22c/0x4AAAAAAAGdnih2SsGspLZq/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb1a464e865d86918c6bca6b469c426092c219b6022098f021d526023da01274
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://bhvwzglhbw9u.cretech.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7e2ade715d1c9c00-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 06 Jul 2023 21:16:27 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 0480 		177 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e2ade715d1c9c00
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sj22c/0x4AAAAAAAGdnih2SsGspLZq/auto/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92ab242d0a86976755a3f9713908c9bed6df5edd50f838d85354688a76df93bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sj22c/0x4AAAAAAAGdnih2SsGspLZq/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 21:16:27 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7e2ade71bd819c00-FRA
alt-svc
h3=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
daca04dc-e686-444f-abab-b280c8d0deff
https://challenges.cloudflare.com/ Frame 0480 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/daca04dc-e686-444f-abab-b280c8d0deff
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sj22c/0x4AAAAAAAGdnih2SsGspLZq/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
08dbf2f6333ec96
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2099191363:1688674930:RRbh5rvY3IVvlCXbEwkDMgnptn9t36rLKpXfREGW8Zg/7e2ade715d1c9c00/ Frame 0480 		216 KB
163 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2099191363:1688674930:RRbh5rvY3IVvlCXbEwkDMgnptn9t36rLKpXfREGW8Zg/7e2ade715d1c9c00/08dbf2f6333ec96
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e2ade715d1c9c00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aaab694268416607c7dfcf6be423eaa85086ef0a29075afffd375ac82b8d74c

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sj22c/0x4AAAAAAAGdnih2SsGspLZq/auto/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
08dbf2f6333ec96
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
RO/v/cDdHTdbnkYgOu59XUPw1fVTj75epV5slgzKGuuVo6adHG0lNR8UV6qrL/YVIcYCHPYpwRXiFp/T2iP7C3qi7+t4iKOVGAB+oMFkl/FmBtNbL/amOaalzJ7B0DqGdZTIdEpBc9qDGAsJdObzeJt7mJn2nzJ0mnmFUkYSRo+m947JRJrqZeF5FKcLbLKZMtoQBT/+1b7Xt/hglWxRIT9mfzf9tXc/GPzd0/ZfAJb9FCN1gXKiumUHMUUMUcD8rPdCPPpW20X4ynAi1maJDVPUrHGpfMyH/5HI4uRDwtU66CHsRIEEoMpSmOJjlb1NxbzyTLqhbvtF0O+PN0CULIMpMwFAnJTvQUV/fXvz8tgvM4Y8OBFTh+3w6T7EYyzLja6GzjVMyAt03o0bklYOj1lWD7L3eGYwFN9uQ+CuPidUqTnCMtQy6w+XlMLhbRLv$1d+JdZLFJrFb4GcETmqspQ==
date
Thu, 06 Jul 2023 21:16:28 GMT
content-encoding
br
server
cloudflare
cf-ray
7e2ade72cebe9c00-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
0b780697-b5eb-48f4-b445-63a9bf99e3aa
https://challenges.cloudflare.com/ Frame 0480 		656 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/0b780697-b5eb-48f4-b445-63a9bf99e3aa
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e41277bd48cc271455c85a90d1458c60265604cb04fcd58fc06436741d3d8c7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sj22c/0x4AAAAAAAGdnih2SsGspLZq/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
656
Content-Type
text/javascript
6ba8ee0d-2246-4d80-b611-156b2178b479
https://challenges.cloudflare.com/ Frame 0480 		99 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/6ba8ee0d-2246-4d80-b611-156b2178b479
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sj22c/0x4AAAAAAAGdnih2SsGspLZq/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
99
Content-Type
text/javascript
mp0F2AbMeCw7hBe
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e2ade715d1c9c00/1688678187976/3ecd0ab88ff9f021f080e5d10b30902a6582a05933217e5fd44a785c0fda9665/ Frame 0480 		1 B
628 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e2ade715d1c9c00/1688678187976/3ecd0ab88ff9f021f080e5d10b30902a6582a05933217e5fd44a785c0fda9665/mp0F2AbMeCw7hBe
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e2ade715d1c9c00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sj22c/0x4AAAAAAAGdnih2SsGspLZq/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 21:16:28 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gPs0KuI_58CHwgOXRCzCQKmWCoFkzIX5f1Ep4XA_almUAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAsnhnbals60aWxv0jmjxXrSzdZ94Rg2NRW0YopV9htBYj4BoU19zK1LuViSVIzVcCYE57_KL35HJkxGxtdDIDlTp0vpUfJFuLjWeuY6-UVNh9bERnFXivMB8kYroBKyMP7FAJBT8ZXycjF6sKL2W6-zNXb3tBABTu2kKre_y5s5nNqEjE7P4mh3wiMpr3R0AaUJi9KtLcFBAYyiejLLxLwK-FGakP_d5aSp_krUHWtYoLI89sF8YZXcE0Ljl5JduIo-ZZxfWlmaGbY9hRRjueY5VD4uhxjMAmy7NDr70Ji27c87GtHs1CVTeRX13-3BoGpQdK9epZBNG8rGU4beokwQIDAQAB, max-age=20
server
cloudflare
cf-ray
7e2ade773d649c00-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
e2sZH_CMxjba_ae
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7e2ade715d1c9c00/1688678187978/ Frame 0480 		61 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7e2ade715d1c9c00/1688678187978/e2sZH_CMxjba_ae
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7083e5b828b59dcaf3ced70df631f6d04b4bb8d5bbbf96baee05da8869ba068f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sj22c/0x4AAAAAAAGdnih2SsGspLZq/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 06 Jul 2023 21:16:29 GMT
server
cloudflare
cf-ray
7e2ade7cdd119c00-FRA
alt-svc
h3=":443"; ma=86400
content-type
image/png
08dbf2f6333ec96
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2099191363:1688674930:RRbh5rvY3IVvlCXbEwkDMgnptn9t36rLKpXfREGW8Zg/7e2ade715d1c9c00/ Frame 0480 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/2099191363:1688674930:RRbh5rvY3IVvlCXbEwkDMgnptn9t36rLKpXfREGW8Zg/7e2ade715d1c9c00/08dbf2f6333ec96
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7e2ade715d1c9c00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fec9b600fb8274f8ef382e39443376c7cf2c266ce89c62420f9ddc498122b0a

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/sj22c/0x4AAAAAAAGdnih2SsGspLZq/auto/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
08dbf2f6333ec96
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
wFImtJrDfvrsElsOBkQ4yyzIydbjq3cVNDgrLuI7OLp+rhsBT31QRqOtE4G5ZjBQ$iU3GN6PhhvAEc9vPRDpN8Q==
date
Thu, 06 Jul 2023 21:16:29 GMT
content-encoding
br
server
cloudflare
cf-ray
7e2ade7f18409c00-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend string| nox function| $ function| jQuery function| x object| turnstile

6 Cookies

Domain/Path Name / Value
.nexxt.com/ Name: BeyondSessionId
Value: rg76ngLXhPfmhUO9YR4jVMnoTiEaCDT%2bowjDHX2v8z8APaqWbFN03FBaa6B3H36q
.nexxt.com/ Name: UB
Value: Key=4deefc9f-440c-4edb-bd2e-fbcc59e12a19
.nexxt.com/ Name: Visitor
Value: NewSessionID=02C407E7-7732-4B91-AA94-F9FAA07ABC3D&Tracked=183D6B5C-728D-488E-8534-20896943757D
www.nexxt.com/ Name: DidIPLkup
Value: Y
www.nexxt.com/ Name: SERVERID
Value: WFE2222
bhvwzglhbw9u.cretech.ru/ Name: PHPSESSID
Value: 2cgcad1394l72o392b13ilhvod

4 Console Messages

Source Level URL
Text
javascript warning URL: data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoImh0bWwiKS5nZXRBdHRyaWJ1dGUoInZhbHVlIikpKSkpO25veD0iQzJZTmNNS1czZHNoZEprV0dmSjciOw==
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoImh0bWwiKS5nZXRBdHRyaWJ1dGUoInZhbHVlIikpKSkpO25veD0iQzJZTmNNS1czZHNoZEprV0dmSjciOw==
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7e2ade715d1c9c00/1688678187976/3ecd0ab88ff9f021f080e5d10b30902a6582a05933217e5fd44a785c0fda9665/mp0F2AbMeCw7hBe
Message:
Failed to load resource: the server responded with a status of 401 ()