urlscan.io logo urlscan.io
SecurityTrails logo

login.arcosp.gs Open in urlscan Pro
172.67.70.198  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ktrends.ch/
Effective URL: https://login.arcosp.gs/MgWHiPGl
Submission: On May 20 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 172.67.70.198, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.arcosp.gs.
TLS certificate: Issued by E1 on April 18th 2024. Valid for: 3 months.
This is the only time login.arcosp.gs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.237.197.218 14618 (AMAZON-AES)
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2620:0:890::100 54113 (FASTLY)
5 172.67.70.198 13335 (CLOUDFLAR...)
2 104.17.2.184 13335 (CLOUDFLAR...)
14 5
1    54.237.197.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-197-218.compute-1.amazonaws.com
ktrends.ch
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
bradleyhomebuilders.lol
4    2620:0:890::100 (United States)

ASN54113 (FASTLY, US)
firefliesops.web.app
5    172.67.70.198 (United States)

ASN13335 (CLOUDFLARENET, US)
login.arcosp.gs
2    104.17.2.184 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
5 arcosp.gs
login.arcosp.gs
139 KB
4 web.app
firefliesops.web.app
13 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 4500
14 KB
1 bradleyhomebuilders.lol
bradleyhomebuilders.lol
451 B
1 ktrends.ch
ktrends.ch
2 KB
14 5
Domain Requested by
5 login.arcosp.gs login.arcosp.gs
4 firefliesops.web.app ktrends.ch
firefliesops.web.app
2 challenges.cloudflare.com login.arcosp.gs
challenges.cloudflare.com
1 bradleyhomebuilders.lol 1 redirects
1 ktrends.ch
14 5

This site contains no links.

Subject Issuer Validity Valid
ktrends.ch
R3		 2024-05-20 -
2024-08-18		 3 months crt.sh
web.app
GTS CA 1D4		 2024-03-21 -
2024-06-19		 3 months crt.sh
arcosp.gs
E1		 2024-04-18 -
2024-07-17		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2023-08-18 -
2024-08-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://login.arcosp.gs/MgWHiPGl
Frame ID: 18DB04D6C996F4DCFF8AEC20AEFB0E03
Requests: 13 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4em6c/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 598E4E147DF3F2962F86A009FC63579E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nur einen Moment…

Page URL History Show full URLs

  1. http://ktrends.ch/ HTTP 307
    https://ktrends.ch/ Page URL
  2. https://bradleyhomebuilders.lol/ HTTP 301
    https://firefliesops.web.app/ Page URL
  3. https://login.arcosp.gs/MgWHiPGl HTTP 307
    https://login.arcosp.gs/MgWHiPGl Page URL

Page Statistics

14
Requests

86 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

167 kB
Transfer

505 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ktrends.ch/ HTTP 307
    https://ktrends.ch/ Page URL
  2. https://bradleyhomebuilders.lol/ HTTP 301
    https://firefliesops.web.app/ Page URL
  3. https://login.arcosp.gs/MgWHiPGl HTTP 307
    https://login.arcosp.gs/MgWHiPGl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ktrends.ch/ HTTP 307
  • https://ktrends.ch/
Request Chain 1
  • https://bradleyhomebuilders.lol/ HTTP 301
  • https://firefliesops.web.app/

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ktrends.ch/
Redirect Chain
  • http://ktrends.ch/
  • https://ktrends.ch/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ktrends.ch/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.237.197.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-197-218.compute-1.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 20 May 2024 14:52:10 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Location
https://ktrends.ch/
Non-Authoritative-Reason
HttpsUpgrades
/
firefliesops.web.app/
Redirect Chain
  • https://bradleyhomebuilders.lol/
  • https://firefliesops.web.app/
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://firefliesops.web.app/
Requested by
Host: ktrends.ch
URL: https://ktrends.ch/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e57b804d3667617305b7a22db82cd94e517713c8b22b29169e8726ea74b4731c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://ktrends.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
1452
content-type
text/html; charset=utf-8
date
Mon, 20 May 2024 14:52:11 GMT
etag
"88c3e40fc8d7887e9d6d30fb2d45367c7613dea1324a1b83d0b0863cc3dfa08b-br"
last-modified
Tue, 14 May 2024 11:23:54 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230066-FRA
x-timer
S1716216732.543693,VS0,VE1

Redirect headers

cache-control
max-age=3600
cf-ray
886d262b9b4c9049-FRA
content-length
167
content-type
text/html
date
Mon, 20 May 2024 14:52:11 GMT
expires
Mon, 20 May 2024 15:52:11 GMT
location
https://firefliesops.web.app
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HaPp%2Bc2fcvbWOa52cVJbn1WV%2FhKWLbJtYunBojaGzcnatrC5csM3TiypkBxYnV9XFUH4mqmTobeQUhxr42VLDf9PSwxAc3X6KTVtsO1SzeIXLdaPN2Cka8DZ3gFsejOGGku4Gd2FvD0%2BVNKjSrIc1b2WX0efiA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
transparent.gif
firefliesops.web.app/cdn-cgi/images/trace/jschal/js/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firefliesops.web.app/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6a262fe50874400d
Requested by
Host: firefliesops.web.app
URL: https://firefliesops.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://firefliesops.web.app/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230066-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Mon, 20 May 2024 14:52:11 GMT
last-modified
Tue, 14 May 2024 11:23:54 GMT
x-timer
S1716216732.582704,VS0,VE1
etag
"88c3e40fc8d7887e9d6d30fb2d45367c7613dea1324a1b83d0b0863cc3dfa08b-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1452
x-cache-hits
0
transparent.gif
firefliesops.web.app/cdn-cgi/images/trace/jschal/nojs/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://firefliesops.web.app/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6a262fe50874400d
Requested by
Host: firefliesops.web.app
URL: https://firefliesops.web.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://firefliesops.web.app/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230066-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Mon, 20 May 2024 14:52:11 GMT
last-modified
Tue, 14 May 2024 11:23:54 GMT
x-timer
S1716216732.583628,VS0,VE1
etag
"88c3e40fc8d7887e9d6d30fb2d45367c7613dea1324a1b83d0b0863cc3dfa08b-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1452
x-cache-hits
0
Primary Request MgWHiPGl
login.arcosp.gs/
Redirect Chain
  • https://login.arcosp.gs/MgWHiPGl
  • https://login.arcosp.gs/MgWHiPGl
16 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://login.arcosp.gs/MgWHiPGl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c319abf315e3d7c80b5e7dde9060493ef2afdc14a7746f4458734b65c9f293e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://firefliesops.web.app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
VBc+9jq/WybcGNwYKPEyLL3hf+DuJjPpxKK710MfPv1B78xTyYl1WSnn+1mJcB/aO+DyZt8W6z5P+9mCMLAXBYuSyLmaQODe3Pxnb/ISpf+oK2A55WxTnvvzRwcuneaKXAqmucqhioncFm/zDXr0nQ==$fz+xvN7msQGVshg63LJ1kw==
cf-mitigated
challenge
cf-ray
886d262d2ce19043-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 20 May 2024 14:52:11 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zy0t05CPC6xvmEID6xsWEmGcYMjmlnVKYhXw3OOPkuWzY38fs8BpGxwF5fMEjxpJqoe%2B7Tc676bONAvaVCJRQunhtDdM8R4v8iQKY2aDyda4CsVWFbDWobuqqHtQDG0WQdE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://login.arcosp.gs/MgWHiPGl
favicon.ico
firefliesops.web.app/ 		5 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://firefliesops.web.app/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:0:890::100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://firefliesops.web.app/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-fra-eddf8230066-FRA
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
date
Mon, 20 May 2024 14:52:11 GMT
last-modified
Tue, 14 May 2024 11:23:54 GMT
x-timer
S1716216732.606948,VS0,VE1
etag
"88c3e40fc8d7887e9d6d30fb2d45367c7613dea1324a1b83d0b0863cc3dfa08b-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/html; charset=utf-8
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1452
x-cache-hits
0
v1
login.arcosp.gs/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		394 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.arcosp.gs/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=886d262d2ce19043
Requested by
Host: login.arcosp.gs
URL: https://login.arcosp.gs/MgWHiPGl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a46f913b450797ea072903a00af090cbac99e953928412f8d5e7de3dfd22b334

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.207"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://login.arcosp.gs/MgWHiPGl?__cf_chl_rt_tk=Z2aKuKcAGUgFlx4bGiqzVeIQSO46._0p8d.uX3XfuDc-1716216731-0.0.1.1-1578
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.207", "Google Chrome";v="124.0.6367.207", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 14:52:11 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RmZQsLLBTq7DXU8UV4guAR6P1Qm19VYlV98bFeqdteeB5d98sDcDFPyuQkSZRX3MZNQSa18azXNQjmafRzTFoigBv9CukxBu6%2FWLQklf0asMr6dzAJUO7xt1eT7U6%2B4sSx4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
886d262d7d809043-FRA
alt-svc
h3=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/b/695da7821231/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/695da7821231/api.js?onload=gayxv3&render=explicit
Requested by
Host: login.arcosp.gs
URL: https://login.arcosp.gs/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=886d262d2ce19043
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e158035a6f740b0245a027bf0d559c56782ebbeec7cab5a827083bd16aa47901

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://login.arcosp.gs
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 14:52:11 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=604800, public
cross-origin-resource-policy
cross-origin
cf-ray
886d262e5b8a526c-MXP
alt-svc
h3=":443"; ma=86400
favicon.ico
login.arcosp.gs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.arcosp.gs/favicon.ico
Requested by
Host: login.arcosp.gs
URL: https://login.arcosp.gs/MgWHiPGl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c38a1237d5bd111c1cc7de73272d935f36a8af9bd0d1941d16da61274af69f0
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.207"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://login.arcosp.gs/MgWHiPGl
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.207", "Google Chrome";v="124.0.6367.207", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 14:52:11 GMT
content-encoding
br
x-content-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
cf-chl-out
Uyv3UTP6+8GNCdR3hxg12bGwluF4wN1iCv9g39HSnDHYjrdEn6rFw/UjqdvwyO1HTIvwfpLgEiHICEzcsVjyNLrEqTaZaybREMRySF63dv4RoZTCqir9AxIgvItnz32T3hP2YLZFt+/xPWH4CsncPg==$TGiaZsuAivS8tvNiinw77A==
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rcKa5%2FuzV6xIsXlP8CtA9qlahgV4tT1SkOv0NuU9qX3SxyDEhTQkq1fQyE9KEW0yz6bVK4F8cvj3gIXJSu1eTQTDQfcrgGDa1y%2BSM9asbN8tZOYmkMmuB%2F0rZeRznQnvhvE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
886d262e3e4d9043-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
ee245562-58e5-4862-be93-0f5830cae561
https://login.arcosp.gs/ 		13 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://login.arcosp.gs/ee245562-58e5-4862-be93-0f5830cae561
Requested by
Host: login.arcosp.gs
URL: https://login.arcosp.gs/MgWHiPGl
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://login.arcosp.gs/MgWHiPGl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
13
Content-Type
text/javascript
favicon.ico
login.arcosp.gs/ 		15 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://login.arcosp.gs/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ce638dc6bdc14f1a2fa34549103718153eaa5ab6d6fc0dae8bc236d8f45a60b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-full-version
"124.0.6367.207"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://login.arcosp.gs/MgWHiPGl
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.207", "Google Chrome";v="124.0.6367.207", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 14:52:11 GMT
content-encoding
br
x-content-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy
require-corp
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400
cf-chl-out
tIA2sQlywn7alqBUyplLQEDSOOyFzwIjV11B3MUGpl4OjwPr9pjZUSZ+8tkXUJJBk+n+PWeTRIuVly7GS2r4CZEA23C68t2kC+EaKEoFNEGbGO9UJSjfi/2hC7Prdk/Di22uR6GQN/Bq2Gg3BFbOHQ==$g7Uf/SITi0W+CEwmUv3Pcw==
referrer-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-opener-policy
same-origin
cf-mitigated
challenge
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aiXPajgU%2FZAIYVeoxhtTDa7liW09%2B%2FhegPfG1RwmYVMhjeXsqQr4xKdHVMAZG9ylijsnglGXskzfkDFp9QFts%2BibBQBqIUJcQZVdFSuDXUOjxX4BAGwLf8XrBu5LNES%2BF8c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
origin-agent-cluster
?1
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray
886d262ebf4d9043-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
cb09685f7f76a6a
login.arcosp.gs/cdn-cgi/challenge-platform/h/b/flow/ov1/1275207413:1716214398:vtovdb5b_kTkWdJ_QwB6E8VwGSfp3a2v6LWCLeSXeUU/886d262d2ce19043/ 		16 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.arcosp.gs/cdn-cgi/challenge-platform/h/b/flow/ov1/1275207413:1716214398:vtovdb5b_kTkWdJ_QwB6E8VwGSfp3a2v6LWCLeSXeUU/886d262d2ce19043/cb09685f7f76a6a
Requested by
Host: login.arcosp.gs
URL: https://login.arcosp.gs/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=886d262d2ce19043
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
099eec5dd0084568ff71bfa2a42526dca805b29ab9bec6bc07785acf23141ec2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
Content-type
application/x-www-form-urlencoded
sec-ch-ua-full-version
"124.0.6367.207"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://login.arcosp.gs/MgWHiPGl
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.207", "Google Chrome";v="124.0.6367.207", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-bitness
"64"
sec-ch-ua-model
""
CF-Challenge
cb09685f7f76a6a
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 14:52:12 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ta0oPDNwQ2Qa%2BabJMnN6q0yqpNcUlKra8xnEA5AhMLmgNHAogHkENpFCkRuHy0hKTSBfPQWxVb9XtdQ7jAn6dbv8wcBIzp3oLktEiXLA8xPbrDfa5wn6C2IdLOfuB5sGpD8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
886d262edf829043-FRA
alt-svc
h3=":443"; ma=86400
cf-chl-gen
mhR74vm3QtRZz4lcujf4ALYlDJSk1Bgs8+2OTYm/KLk1D0OOplnjXq5ZxQXG6dwE$fnNGAmjcw2SqyaDHm9t9OQ==
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4em6c/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 598E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/4em6c/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/695da7821231/api.js?onload=gayxv3&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.2.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
886d262f6f395267-MXP
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 20 May 2024 14:52:12 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
e57e4509-1b16-4774-ac1e-36ef9f780737
https://login.arcosp.gs/ 		80 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://login.arcosp.gs/e57e4509-1b16-4774-ac1e-36ef9f780737
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3418640c1204265881221580b9d1554424f6ed49549d408da50c690ab29f400

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://login.arcosp.gs/MgWHiPGl
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
80
Content-Type
text/javascript

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _cf_chl_opt function| gayxv3 boolean| JXhB6 function| QgHlK1 function| rOvQ5 function| oXia4 object| QbEmX0 object| dSEMW3 function| BIbrJ0 function| hfeDJ2 function| WjxD5 object| LXal2 number| aDLZZ3 object| angular object| turnstile boolean| trPbq3 string| AJKC1

0 Cookies

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://login.arcosp.gs/MgWHiPGl
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://login.arcosp.gs/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://login.arcosp.gs/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()