urlscan.io logo urlscan.io
SecurityTrails logo

refreshyourdata0.fun Open in urlscan Pro
2606:4700:3035::6815:193e  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://welcome.to/jtq174zc
Effective URL: https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323
Submission: On September 19 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3035::6815:193e, located in United States and belongs to CLOUDFLARENET, US. The main domain is refreshyourdata0.fun.
TLS certificate: Issued by E1 on September 2nd 2023. Valid for: 3 months.
This is the only time refreshyourdata0.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
2 8 2606:4700:303... 13335 (CLOUDFLAR...)
7 2
Apex Domain
Subdomains		 Transfer
8 refreshyourdata0.fun
refreshyourdata0.fun
19 KB
1 welcome.to
welcome.to
573 B
7 2
Domain Requested by
8 refreshyourdata0.fun 2 redirects refreshyourdata0.fun
1 welcome.to 1 redirects
7 2

This site contains no links.

Subject Issuer Validity Valid
refreshyourdata0.fun
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323
Frame ID: 1BCE9A0B5AE1C3094DE93978E58FAD25
Requests: 3 HTTP requests in this frame

Frame: https://refreshyourdata0.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
Frame ID: 6988AA6A737A0C61D5CB15BA4EB0F0A6
Requests: 2 HTTP requests in this frame

Frame: https://refreshyourdata0.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
Frame ID: 4CF8F80374993FD869EC6A7B39C00D6C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://welcome.to/jtq174zc HTTP 302
    https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323 Page URL
  2. https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

7
Requests

57 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

18 kB
Transfer

23 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://welcome.to/jtq174zc HTTP 302
    https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323 Page URL
  2. https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://welcome.to/jtq174zc HTTP 302
  • https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323
Request Chain 2
  • https://refreshyourdata0.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://refreshyourdata0.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
Request Chain 4
  • https://refreshyourdata0.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://refreshyourdata0.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
login.php
refreshyourdata0.fun/coxc/Exo/web/
Redirect Chain
  • https://welcome.to/jtq174zc
  • https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323
7 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:193e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdbab3cae90661ffc3a0752741daf15700d3297abc3c9da1a0607e2d6ed6fc53
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8092697eaa198fee-FRA
content-type
text/html; charset=utf-8
date
Tue, 19 Sep 2023 14:10:25 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7r7BdU0BzjmBpRFUZm1tPI7QxYoQ8iDQMXwlDyHEnSEQoD8zcTTCf5bKw4ZKfGbG8cjoVjp8cJDD0b06GahYwUbhbFmDCE55KK1MdTIsb8nxxmIX8TZWIm%2FThoCZi7Yp4B8WZI54WfnMK6dTg2MLJTgOg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8092697b6afb91ef-FRA
content-type
text/html; charset=UTF-8
date
Tue, 19 Sep 2023 14:10:25 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljH6K9rwtnTruNVyeCXMKF1XEZBzll8DktmPCCkDwOkCUpA4ELf%2FzXB5E0hYKH2lxvPpE7WzGyWc6fTZ1xZeEzRU5CtEKjrETmmkT9IGoQP%2BI2GuTs9jGhxOiCS4hzd2hGfyeM1Fjtna"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
login.php
refreshyourdata0.fun/coxc/Exo/web/ 		0
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323
Requested by
Host: refreshyourdata0.fun
URL: https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:193e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Expire
accept-language
de-DE,de;q=0.9
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination
GET
1xc54-3oKtgpTeJpk8TDgAjBgIs
38322941
Content-type
application/x-www-form-urlencoded
X-Requested-Type
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Referer
https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323
X-Requested-with
XMLHttpRequest
X-Requested-TimeStamp
g01A9Ds7Oj7JgqSilDuB5ImpEU
19G5eA5BA0kzdcgj4uvj0jh9id4

Response headers

pragma
no-cache
date
Tue, 19 Sep 2023 14:10:25 GMT
x-server-powered-by
Engintron
x-content-type-options
nosniff, nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNWQUGrgSV9BgoxA1LSr%2Bpm%2Ffr54J3icOtrkK7Zb29PILaqwX0Hw2DKyqtNsTYXjwTKEwKQ9ZwJqPhB0nlzE5mW6Un4BK7GC%2BIyqSEwOM8ebMNxZ4QYcuAkSfdffujUPpLAmnooHKf5HstLq6M5p1XuGSA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8092697fbb798fee-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block, 1; mode=block
expires
0
main.js
refreshyourdata0.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/ Frame 6988
Redirect Chain
  • https://refreshyourdata0.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://refreshyourdata0.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refreshyourdata0.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
Protocol
H2
Server
2606:4700:3035::6815:193e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 14:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmG320g%2FU8qe4EgsnehkA9CIceta17lPMztJ54caDKaSM7gR%2BpENuyOyb8FJcbqwS1bFAap%2FYqh6SXc9LztcEfEFOVwHga93Bda%2Bi4PdwgoAWsK0Sajp5277Fgle4kS7Y6yfdbzavco3htH4a1K0VM01Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
809269803bf18fee-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 19 Sep 2023 14:10:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLGDp4QiIy2grwOCIGxM2mtN1TeN%2BCotwZdOYrPl6mAObR4vuZZbtL3%2FBJrRKubzKFzk8geZsjmDpEhsHAI1v930D%2Fg4SnkVzYqQbr%2BuHgyqewyzUXYUpEhSmES9xAwgwyERePSQthTg2ZIa9wDtPMQ%2BuA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
cache-control
max-age=300, public
cf-ray
8092697ffba88fee-FRA
alt-svc
h3=":443"; ma=86400
Primary Request login.php
refreshyourdata0.fun/coxc/Exo/web/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323
Requested by
Host: refreshyourdata0.fun
URL: https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:193e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f86358be4f37e386bcce6ae191d9f8f284871ba2b3188d7cb053df6b7258f077
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
809269805e4a1c97-FRA
content-encoding
br
content-type
text/html
date
Tue, 19 Sep 2023 14:10:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HgFsP2wsc%2FWerxumVmURD1tpXLAb4YR4%2BokfBF0jz6YkelpiAT7xs82XRhV0TMmDPXIwV36mLbxrnEjVuln0QzpY4EhwmmUUYbkcaKhgnNKm5j2VBuRRnhwgRlSKWxdnLlOtPf3rkg%2FfBJYoy1SUMJJeUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
8092697eaa198fee
refreshyourdata0.fun/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6988 		0
0
main.js
refreshyourdata0.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/ Frame 4CF8
Redirect Chain
  • https://refreshyourdata0.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://refreshyourdata0.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://refreshyourdata0.fun/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
Protocol
H3
Server
2606:4700:3035::6815:193e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae04f21a98173d5947d0dd3d3bc4019e89cc6d26baca4524ab11f1b7b20626f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Tue, 19 Sep 2023 14:10:26 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47RxIqod9GdkPUsOL%2FhPbY6C1srGq1WQsk07XNsmB3mqjez3cTOd4xkGV4Gu9dMh06x2%2BBSZKwbgpz%2BEqPfOHSK6sp0mNkNmUbfPhhRd2tiGqtyOVFwXPihCRvagAk5S0U6x0BT85tL3KmoWwEABt061xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8092698208a11c97-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 19 Sep 2023 14:10:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwUZjK0Lzrfp15%2Fl7yY4JId9cXb5LkospEnHP9xwgrC%2FTjgDsv7xewO%2BZc1IX64zyIzyxC4EdvNRWGbyaIbzTflpBE4G3LpR%2BK1DEy8ne0UDHVoy1EGnB0H4JzH4UUGjgaKKc%2B8o5bkaqUQ%2FuTX7zxHGTg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/8370c0b3/main.js
cache-control
max-age=300, public
cf-ray
80926981c82e1c97-FRA
alt-svc
h3=":443"; ma=86400
809269805e4a1c97
refreshyourdata0.fun/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 4CF8 		0
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://refreshyourdata0.fun/cdn-cgi/challenge-platform/h/b/jsd/r/809269805e4a1c97
Requested by
Host: refreshyourdata0.fun
URL: https://refreshyourdata0.fun/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:193e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 19 Sep 2023 14:10:26 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xkko1gPah7%2FpExfRsx83eaGIh9dI2M52Afb0d8SPyxmY2Pz3YntrmROvdkc%2B3AE%2BBvoSFFxr41%2FgGdyjGquD%2FtYNVY4oP9OCa7FtETLpF6JfuYFLWpyd6kCDqgw%2BebqjsA58I7v0ZshS%2BQonlnZZ1u1Y%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8092698309d51c97-FRA
alt-svc
h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
refreshyourdata0.fun
URL
https://refreshyourdata0.fun/cdn-cgi/challenge-platform/h/b/jsd/r/8092697eaa198fee

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture

12 Cookies

Domain/Path Name / Value
welcome.to/ Name: PHPSESSID
Value: jljicqmc5fa5634l3ls123254v
refreshyourdata0.fun/ Name: TxS4CCsWO7L3FDMCDHrA9ComUd8
Value: qd6Tr5QP9I3p8uCBRTZW4aePS_8
refreshyourdata0.fun/ Name: PKtuksSazfNJyu-m8cPEzYc_4cg
Value: 1695132584
refreshyourdata0.fun/ Name: HdGCeJCOIy438dGPLPihd1QjGGg
Value: 1695218984
refreshyourdata0.fun/ Name: UgCr-M91AmcaG6D4tBtB6cLd8t0
Value: q1fI5wpuw1mG6Cb6SUrvFoD2J1U
refreshyourdata0.fun/ Name: w6F1S3Q8EG7r789p0EcaqKmkYdo
Value: 8UIlXb_GgK-eNrVn1VXmCzJqZlU
refreshyourdata0.fun/ Name: qnKmZ7Vutd9qoN6TdInTUEpQlAY
Value: w_wAXdhscytIpiUxOqdgOUgtgrk
refreshyourdata0.fun/ Name: p0-Rp3xuqm_5On9CEZkYDfV6H4Y
Value: 1695132625
refreshyourdata0.fun/ Name: 4XgT1jWbIKJwtoJ7rkrgTxLQL4c
Value: 1695219025
refreshyourdata0.fun/ Name: oMYNRDjTBanlYxf-LKKOdbeIQTM
Value: 4ZR7LV6UAnFKM7dN1asQqDpVC-Y
refreshyourdata0.fun/ Name: e1SuzR06oBv6wbKPKCsnAONVYQM
Value: 3trmr9Cp8_7ASn1mRvuAMAOLJ_k
.refreshyourdata0.fun/ Name: cf_clearance
Value: m5ER5NvyfZkg4kKkOocXQAZ4bqUQO5qSs_1QPkZvDDo-1695132626-0-1-b418fa76.a2dc03f8.7248eae7-0.2.1695132626

2 Console Messages

Source Level URL
Text
network error URL: https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://refreshyourdata0.fun/coxc/Exo/web/login.php?64323
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block