urlscan.io logo urlscan.io
SecurityTrails logo

hidan.sh Open in urlscan Pro
2606:4700:20::681a:c06  Public Scan

Go To Rescan Add Verdict Report
URL: https://hidan.sh/04zfl821vsot
Submission: On August 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 18 HTTP transactions. The main IP is 2606:4700:20::681a:c06, located in United States and belongs to CLOUDFLARENET, US. The main domain is hidan.sh.
TLS certificate: Issued by WE1 on June 16th 2024. Valid for: 3 months.
This is the only time hidan.sh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 104.18.95.41 13335 (CLOUDFLAR...)
2 2600:9000:26e... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 188.114.97.3 13335 (CLOUDFLAR...)
2 188.114.96.3 13335 (CLOUDFLAR...)
1 18.244.18.94 16509 (AMAZON-02)
1 104.18.94.41 13335 (CLOUDFLAR...)
18 9
5    2606:4700:20::681a:c06 (United States)

ASN13335 (CLOUDFLARENET, US)
hidan.sh
2    104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
2    2600:9000:26e8:5c00:11:a097:2cc0:21 (United States)

ASN16509 (AMAZON-02, US)
d2lg0swrp15nsj.cloudfront.net
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
2    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
atethebenefitsshe.com
1    18.244.18.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-94.fra56.r.cloudfront.net
signamentswithded.com
1    104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
5 hidan.sh
hidan.sh
73 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3877
15 KB
2 atethebenefitsshe.com
atethebenefitsshe.com
952 B
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 17180
101 KB
2 cloudfront.net
d2lg0swrp15nsj.cloudfront.net
107 KB
1 signamentswithded.com
signamentswithded.com
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
0 google.com Failed
accounts.google.com — Cisco Umbrella Rank: 46 Failed
0 facebook.com Failed
www.facebook.com Failed
18 9
Domain Requested by
5 hidan.sh hidan.sh
static.cloudflareinsights.com
3 challenges.cloudflare.com 1 redirects hidan.sh
challenges.cloudflare.com
2 atethebenefitsshe.com hidan.sh
2 pogothere.xyz d2lg0swrp15nsj.cloudfront.net
2 d2lg0swrp15nsj.cloudfront.net hidan.sh
1 signamentswithded.com d2lg0swrp15nsj.cloudfront.net
1 static.cloudflareinsights.com hidan.sh
0 accounts.google.com Failed hidan.sh
0 www.facebook.com Failed hidan.sh
18 9

This site contains no links.

Subject Issuer Validity Valid
hidan.sh
WE1		 2024-06-16 -
2024-09-14		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
cloudflareinsights.com
WE1		 2024-07-06 -
2024-10-04		 3 months crt.sh
pogothere.xyz
WE1		 2024-07-23 -
2024-10-21		 3 months crt.sh
atethebenefitsshe.com
WE1		 2024-07-28 -
2024-10-26		 3 months crt.sh
signamentswithded.com
Amazon RSA 2048 M03		 2024-06-18 -
2025-07-17		 a year crt.sh
challenges.cloudflare.com
E5		 2024-07-17 -
2024-10-15		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://hidan.sh/04zfl821vsot
Frame ID: 0A5AC75408F223854BF7572FC623DA7B
Requests: 16 HTTP requests in this frame

Frame: https://signamentswithded.com/QVE4enggM1sXRyBsWlwNMz0FX0oHdAo8HHM9X0oLNiNIS00vIlJUGy0+TR4eMz5WDlYvNExfSgcAbkgMKzB9N0gDEAg1HgIcezhJFyhiS00ZBmAgDhUDdRsyKxdvOQ8EP3YdLg8WQQ4AAAN5MjQSNW8xKnkofwMbEBBRSx8EOGESIhIcajhJFylbKxsCE1EoCRUAYT0xBiFZKCkqP3YsIhkFUhkWAxBQLDIoMn45KTZkaB09EhIKLxECPQw8NAJhez4PEDhbFhMtCW9LFhU9fiMZOGhZLxNwJn4vTRMGe0JdcxN6KCEQC1UsGgZgeks7B2BgKy8bPW8NVQgIdQALDhd5ShAREHEiLBkUaiIUAzdaLSolA1QKAicmeTYwAmUPLhQEI2IXLiMVTz8XDDoNKC8CAEE5OSYZWRQyGwRPCQoLAGk1PBYLVDYuCzBcMhQjBW4SDBthDSgvBRAKPikIMHMUMhsbbksPGBRuKyAsBFEsFAh3UgkXLyEFMA8wHXQJEi9mQT8x
Frame ID: C2F6E095C46CEE41A66E11D344EC526B
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/eotpx/0x4AAAAAAAcCu11cpNkXQJK8/light/fbE/normal/auto/
Frame ID: EC38DFC8352BEB0398BC2CCFEA64557C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

411scenes Dexter Morgan - Dexter (2006) S01B - [Upscaled 4K h265] - SYCO.mp4

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Page Statistics

18
Requests

78 %
HTTPS

38 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

304 kB
Transfer

841 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/api.js
Request Chain 9
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdF4I76sC4MRAmmKUOab-9RkHDiUZ9cRnKpi1s9OLr0BA5SNT5sp4AJ0TxDNUowz9iQhshPAqj7P7Q HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdF4I748hEP3DTS3hKylj9xCed0HOV28D0RZVlS-zqU9g0lrJ0I22KSggcJYj6DLX77f7wez8I0y-A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1762987675%3A1723203028550206&ddm=0
Request Chain 10
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdF4I77XZM7g4W3NeyxZfi0K8Cv31b4F6K36osPCZN8nCxxOOwudeH_Clcxw0XRRiXwiSIqYAGxpLA HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdF4I775130xzQaey1ar8SIiMV2eRnQjtnEEuCT9jYBmk--6OnpsrN7ThZ1dP1QQux8gmlWvSbvJog&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-133619493%3A1723203028599872&ddm=0

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 04zfl821vsot
hidan.sh/ 		68 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hidan.sh/04zfl821vsot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0d8a02b0f16d2e84990db9919cb1bccbdc97761d73dcc7b2ed18aeb8e572242

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8b076a0d09a84d64-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 09 Aug 2024 11:30:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QiTvziGdSF4iioaj%2Bv4ce4eSFUoekC1vxoGUeiDuR375SFijU8gcpGrd0zBLcZEaR8e8mQVkHj%2FfWKZr%2Bp2CSgDyu%2BR4P3rjejiv2p9eKhbSx8nfQAdTZ5%2BkFa6Optca24b3Evlq"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin,Accept-Encoding
bundle.js
hidan.sh/static/ 		96 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hidan.sh/static/bundle.js?v=9830d5df5f3315c76f05f103dd860e7ccd835432-dirty
Requested by
Host: hidan.sh
URL: https://hidan.sh/04zfl821vsot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5acfecb4b9faf0959afc77487f05434404c88fb95859a60bc82f7d9af775e1ce

Request headers

Referer
https://hidan.sh/04zfl821vsot
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 11:30:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Jul 2024 13:44:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2151978
vary
Origin,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KrtA96oJlOTWXPLfCgt1Bs%2Fq2tQZgTKCdFI76IHdZGy5K180l%2BWg72%2FxsJS9oDxKOgKwY9DDcCWf2yE6NPxXS0y8hdW4MUJcxPctAHsvILrZiVXAq9QXWF5m5Ect%2FDOxqNJRL27a"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
public, max-age=86400000
cf-ray
8b076a0e0adc4d64-FRA
whysostylish.css
hidan.sh/static/ 		29 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hidan.sh/static/whysostylish.css?v=9830d5df5f3315c76f05f103dd860e7ccd835432-dirty
Requested by
Host: hidan.sh
URL: https://hidan.sh/04zfl821vsot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be65632fc12cd62c5d9369db43d52be8d24785ebcd44912b1ba52d8d27769150

Request headers

Referer
https://hidan.sh/04zfl821vsot
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 11:30:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 15 Jul 2024 13:44:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2151978
vary
Origin,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lP8Ws%2FMUL06wwYxfT9alwODzV%2FLZcUC4ZSqX5H%2Fi1zqreuSdpSbYLkG%2BkP%2FFJYJk1C44mxE9u1x8LsSfHE7wyaMA4c%2BC%2FQbhhPyEXR6ffN0OeNcgFsgRPKkmCHdDRmfAghHa%2FgQB"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=86400000
cf-ray
8b076a0e0ad14d64-FRA
api.js
challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/api.js
43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/769ce3c24a3b/api.js
Requested by
Host: hidan.sh
URL: https://hidan.sh/04zfl821vsot
Protocol
H3
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce9b46c18d0769c78a7e889eb237606cb96b602061b39b4c1159a22a015b51df

Request headers

Referer
https://hidan.sh/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 11:30:28 GMT
content-encoding
br
last-modified
Thu, 01 Aug 2024 13:51:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy
cross-origin
cf-ray
8b076a0edb50923e-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 09 Aug 2024 11:30:28 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/g/769ce3c24a3b/api.js
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy
cross-origin
cf-ray
8b076a0eab20923e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
/
d2lg0swrp15nsj.cloudfront.net/ 		164 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2lg0swrp15nsj.cloudfront.net/?wsgld=1054158
Requested by
Host: hidan.sh
URL: https://hidan.sh/04zfl821vsot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:5c00:11:a097:2cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ffe1a4087e475ae309d0e87cb086a28bb9dba1bfb439f4c1b7e7a4279b6771cf

Request headers

Referer
https://hidan.sh/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Aug 2024 11:30:28 GMT
content-encoding
gzip
via
1.1 0c32b42e3b5070fcbe6b5b320d0621b2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
54591
x-amz-cf-id
Su6ukZc4x-SG6Z5AacMpy8ctaqe58i4p5c6smDTnmADSIKv1IssRpQ==
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: hidan.sh
URL: https://hidan.sh/04zfl821vsot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
Origin
https://hidan.sh
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 11:30:28 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8b076a0f3da39213-FRA
asd100.bin
pogothere.xyz/ 		100 KB
101 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d2lg0swrp15nsj.cloudfront.net
URL: https://d2lg0swrp15nsj.cloudfront.net/?wsgld=1054158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

Referer
https://hidan.sh/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 11:30:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1975
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 09 Aug 2024 10:57:33 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://hidan.sh
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6FVoS1EuIjXHTfyw3XcmhGu9pUpuYX3OJ7cXiA4orRCYjMprIVpe8xgBw6FGnHKj9xGnZRld4A9WGXPTNVWwBsMKLCiRp2u%2FFQjnbrHscTpDt4KImQA%2F%2FNc3P1toUjFl"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8b076a0fee4690e6-FRA
access-control-allow-headers
X-Requested-With, content-type
/
pogothere.xyz/ 		27 B
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d2lg0swrp15nsj.cloudfront.net
URL: https://d2lg0swrp15nsj.cloudfront.net/?wsgld=1054158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce202c3f58001c74c0c985bfe187ceb3c7a98088284e062a24666271c34b1d53

Request headers

Referer
https://hidan.sh/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 11:30:28 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yZyEu6cpayKIVV11ZrSLvdxIpaNuk9vVdfpCIjjJR%2BKTtqQlrfge0RUMXi0nSAIJf7LmE1uPGUKny2LvpwbUU792M%2FTXTgBvl3dHMyeRJN7cmeL%2ByCK1M7Z2Cm2aam%2F%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://hidan.sh
content-type
text/plain
access-control-allow-credentials
true
cf-ray
8b076a0fee4b90e6-FRA
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
RmRLZ0ZpWygUexdXDS8LPCY8NA4HLwpUCA8CLBQMJTEBVwcxNW0TLyJZeldzclV+X2A2DS9ad2AXPwYyMxd2VmAvCi0Ie2ASdlZodVBlVHBoUG0Se3dCPxcnIVl6QTYyECdad3FWeFV2dVR5X3J1Vg
atethebenefitsshe.com/ 		0
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atethebenefitsshe.com/RmRLZ0ZpWygUexdXDS8LPCY8NA4HLwpUCA8CLBQMJTEBVwcxNW0TLyJZeldzclV+X2A2DS9ad2AXPwYyMxd2VmAvCi0Ie2ASdlZodVBlVHBoUG0Se3dCPxcnIVl6QTYyECdad3FWeFV2dVR5X3J1Vg
Requested by
Host: hidan.sh
URL: https://hidan.sh/04zfl821vsot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hidan.sh/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 11:30:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VetwK7aTUCyOo9cK%2Fjq4VQeila3wyd9mqtLjaVBxfk%2B%2F9fpUrbXrU2EiXsOqGwIw3OjxOkTkn0i%2BxsnHY0LIRL%2BXAkFSfzeuS1Mg3GEhJ3sQEZ7C13TAaHXjb5TjLPDd767JgUV%2Bl0U%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8b076a104f8a3a98-FRA
alt-svc
h3=":443"; ma=86400
login.php
www.facebook.com/ 		0
0
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AdF4I76sC4MRAmmKUOab-9RkHDiUZ9cRnKpi1s9OLr0BA5SNT5sp4AJ0TxDNUow...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdF4I748hEP3DTS3hKylj9xCed0HOV28D0RZVlS-zqU9g0lrJ0I22KSggcJYj6DLX77f7wez8I0y-A&passiv...
0
0
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AdF4I77XZM7g4W3NeyxZfi0K8Cv31b4F6K36osPCZN8nCxxOOwudeH_Clcx...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdF4I775130xzQaey1ar8SIiMV2eRnQjtnEEuCT9jYBmk--6OnpsrN7ThZ1dP1QQux8gmlWvSbvJog&passi...
0
0
popunder.gif
atethebenefitsshe.com/ 		35 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atethebenefitsshe.com/popunder.gif
Requested by
Host: hidan.sh
URL: https://hidan.sh/04zfl821vsot
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://hidan.sh/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 11:30:28 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
72347
alt-svc
h3=":443"; ma=86400
content-length
58
pragma
public
last-modified
Thu, 08 Aug 2024 15:24:41 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Otz6Fzpnv3D0xn3PONEw2VriNGi5lAo5NiyXl8CdsxGaA5PjK1%2BrVaRq1moCMx5iH0U6L98Z9TyqI98XXH760nApcNHW8rFH%2BA0PP%2F7g28AQMw%2FIMdVSLYSyjQBIO7jCUfB2pN11X0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
accept-ranges
bytes
cf-ray
8b076a104f903a98-FRA
/
d2lg0swrp15nsj.cloudfront.net/ 		164 KB
54 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d2lg0swrp15nsj.cloudfront.net/?wsgld=1054158
Requested by
Host: hidan.sh
URL: https://hidan.sh/04zfl821vsot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:5c00:11:a097:2cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8ed56e673256063b02f461ef900f907d85c3e35ecfe0c457267be7d0f5c41cb9

Request headers

Referer
https://hidan.sh/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Aug 2024 11:30:28 GMT
content-encoding
gzip
via
1.1 87b9fb3f8157b5916fbe1d11149c4f3a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
access-control-allow-origin
https://hidan.sh
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
access-control-allow-credentials
true
content-length
54592
x-amz-cf-id
EBXGs1BaOUYQUtBK6RDIlcexaStWzfVefejK2uEueyjlPZ5jhcXX_w==
QVE4enggM1sXRyBsWlwNMz0FX0oHdAo8HHM9X0oLNiNIS00vIlJUGy0+TR4eMz5WDlYvNExfSgcAbkgMKzB9N0gDEAg1HgIcezhJFyhiS00ZBmAgDhUDdRsyKxdvOQ8EP3YdLg8WQQ4AAAN5MjQSNW8xKnkofwMbEBBRSx8EOGESIhIcajhJFylbKxsCE1EoCRUAY...
signamentswithded.com/ Frame C2F6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://signamentswithded.com/QVE4enggM1sXRyBsWlwNMz0FX0oHdAo8HHM9X0oLNiNIS00vIlJUGy0+TR4eMz5WDlYvNExfSgcAbkgMKzB9N0gDEAg1HgIcezhJFyhiS00ZBmAgDhUDdRsyKxdvOQ8EP3YdLg8WQQ4AAAN5MjQSNW8xKnkofwMbEBBRSx8EOGESIhIcajhJFylbKxsCE1EoCRUAYT0xBiFZKCkqP3YsIhkFUhkWAxBQLDIoMn45KTZkaB09EhIKLxECPQw8NAJhez4PEDhbFhMtCW9LFhU9fiMZOGhZLxNwJn4vTRMGe0JdcxN6KCEQC1UsGgZgeks7B2BgKy8bPW8NVQgIdQALDhd5ShAREHEiLBkUaiIUAzdaLSolA1QKAicmeTYwAmUPLhQEI2IXLiMVTz8XDDoNKC8CAEE5OSYZWRQyGwRPCQoLAGk1PBYLVDYuCzBcMhQjBW4SDBthDSgvBRAKPikIMHMUMhsbbksPGBRuKyAsBFEsFAh3UgkXLyEFMA8wHXQJEi9mQT8x
Requested by
Host: d2lg0swrp15nsj.cloudfront.net
URL: https://d2lg0swrp15nsj.cloudfront.net/?wsgld=1054158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-94.fra56.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1228
content-type
text/html
date
Fri, 09 Aug 2024 11:30:28 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 39cfa117a3536e9c0afd90708900b558.cloudfront.net (CloudFront)
x-amz-cf-id
-weKS4SOgTvljXYp9vhwNxGzG90LR8kun3gKXQ2Gn9D6-wtFe0_JMg==
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/eotpx/0x4AAAAAAAcCu11cpNkXQJK8/light/fbE/normal/auto/ Frame EC38 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/eotpx/0x4AAAAAAAcCu11cpNkXQJK8/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8b076a103cc030d0-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 09 Aug 2024 11:30:28 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
rum
hidan.sh/cdn-cgi/ 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hidan.sh/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 09 Aug 2024 11:30:28 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://hidan.sh
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8b076a11ff584d64-FRA
favicon.ico
hidan.sh/static/ 		159 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://hidan.sh/static/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f600b84eff9d029fc94228102216ed47944f37ddca34937927c87fcef81801c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 11:30:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 01 Jul 2024 08:08:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3381736
vary
Origin,Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NbFJOqOSV5CzHDzLB83wJtk1RrfUrt6R66NAu15becCXFWHRYRm0mvebs3nblO4d9KtuGa4ZajDaqE97LeQMeuuhAYfpaeX3PIHCP7Rib97LqfZ5I8hQTDUQaqXihHBuy%2FDXwWyF"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
public, max-age=86400000
cf-ray
8b076a11ff624d64-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Domain
accounts.google.com
URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AdF4I748hEP3DTS3hKylj9xCed0HOV28D0RZVlS-zqU9g0lrJ0I22KSggcJYj6DLX77f7wez8I0y-A&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S1762987675%3A1723203028550206&ddm=0
Domain
accounts.google.com
URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AdF4I775130xzQaey1ar8SIiMV2eRnQjtnEEuCT9jYBmk--6OnpsrN7ThZ1dP1QQux8gmlWvSbvJog&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-133619493%3A1723203028599872&ddm=0

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| utr_1054158 number| userTrackingInterval number| _1927755235 function| s3ii function| P7Q boolean| SUPPORT_IE8 boolean| MOBILE_VERSION boolean| SEND_PIXELS boolean| PIXEL_LOG_LEVEL_ERROR boolean| PIXEL_LOG_LEVEL_METRICS function| G2tt function| download function| App function| parseXHRError function| copyTextToClipboard function| copyTextToClipboardFallback function| humanReadableSize object| htmx object| Alpine function| turnstileCallback object| turnstile object| __cfBeacon number| iinf

1 Cookies

Domain/Path Name / Value
pogothere.xyz/ Name: csu
Value: 1975262783450440@1@1723203028