urlscan.io logo urlscan.io
SecurityTrails logo

nsavalueadded.org Open in urlscan Pro
2606:4700:e0::ac40:6726  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u24568554.ct.sendgrid.net/ls/click?upn=IIf-2BeZqYH-2B0-2FF0Vvzy485UHqez7oEBxrYaG-2B9ATAHCy1XTi2SUOtLfPJGKA1vHtvFSPCH-2FGdT...
Effective URL: https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com
Submission: On January 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 2606:4700:e0::ac40:6726, located in United States and belongs to CLOUDFLARENET, US. The main domain is nsavalueadded.org.
TLS certificate: Issued by R3 on December 8th 2021. Valid for: 3 months.
This is the only time nsavalueadded.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.16 11377 (SENDGRID)
12 2606:4700:e0:... 13335 (CLOUDFLAR...)
12 2
Apex Domain
Subdomains		 Transfer
12 nsavalueadded.org
nsavalueadded.org
184 KB
1 sendgrid.net
u24568554.ct.sendgrid.net
259 B
12 2
Domain Requested by
12 nsavalueadded.org nsavalueadded.org
1 u24568554.ct.sendgrid.net 1 redirects
12 2

This site contains links to these domains. Also see Links.

Domain
derchris.net
www.cloudflare.com
Subject Issuer Validity Valid
*.nsavalueadded.org
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com
Frame ID: 23DC2E222E6B7ADF7BED231A0645120E
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://u24568554.ct.sendgrid.net/ls/click?upn=IIf-2BeZqYH-2B0-2FF0Vvzy485UHqez7oEBxrYaG-2B9ATAHCy1XTi2SUOtLfP... HTTP 302
    https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com Page URL
  2. https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com Page URL

Page Statistics

12
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

184 kB
Transfer

337 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u24568554.ct.sendgrid.net/ls/click?upn=IIf-2BeZqYH-2B0-2FF0Vvzy485UHqez7oEBxrYaG-2B9ATAHCy1XTi2SUOtLfPJGKA1vHtvFSPCH-2FGdTLe6dl8rXuhqfDBKC-2BrRpxvLYSM1Vj-2FnJH0-3DHfFo_aipwGU-2B1uFY00xg-2BWDzHFq52vZ0wXM4HMUasb3fB1s9lq26sOuXr-2FTQRFAoDGr9vppEUAZX8Bf4ijS0w0SkEZ-2FU89VCpvRjeBLBwmrS7a-2FZyHRl32wmvLSCn2nq5MH98FCpAKscClmLA8wuXfuG6esRmoTwnKLM0w9fsF5YZ9Tfrx-2FjVJkvknTYXWkPXDGJdTG4F7PLX6vS5IevRzeER5w-3D-3D HTTP 302
    https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com Page URL
  2. https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://u24568554.ct.sendgrid.net/ls/click?upn=IIf-2BeZqYH-2B0-2FF0Vvzy485UHqez7oEBxrYaG-2B9ATAHCy1XTi2SUOtLfPJGKA1vHtvFSPCH-2FGdTLe6dl8rXuhqfDBKC-2BrRpxvLYSM1Vj-2FnJH0-3DHfFo_aipwGU-2B1uFY00xg-2BWDzHFq52vZ0wXM4HMUasb3fB1s9lq26sOuXr-2FTQRFAoDGr9vppEUAZX8Bf4ijS0w0SkEZ-2FU89VCpvRjeBLBwmrS7a-2FZyHRl32wmvLSCn2nq5MH98FCpAKscClmLA8wuXfuG6esRmoTwnKLM0w9fsF5YZ9Tfrx-2FjVJkvknTYXWkPXDGJdTG4F7PLX6vS5IevRzeER5w-3D-3D HTTP 302
  • https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
fhgnb.fgh
nsavalueadded.org/
Redirect Chain
  • https://u24568554.ct.sendgrid.net/ls/click?upn=IIf-2BeZqYH-2B0-2FF0Vvzy485UHqez7oEBxrYaG-2B9ATAHCy1XTi2SUOtLfPJGKA1vHtvFSPCH-2FGdTLe6dl8rXuhqfDBKC-2BrRpxvLYSM1Vj-2FnJH0-3DHfFo_aipwGU-2B1uFY00xg-2BW...
  • https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com
10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32b04367db81f4c8740123d4eea76e5fb03e6cf182dc10362831382ef737ba45
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 04 Jan 2022 20:38:36 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWDL80KAqMIxDUY5g2hk5no5%2BtrU59XC%2Fs2QzuMsbg0tc3OLxSvfyea72wOxjVvv%2FIr8c4K6rmwtIq2qqJMMcEy3qZ9hiLJqYSaAt0gAUcHZUoZMXNO4N1qZGwIOtoToRUVugbtTCZz0TPkyo7zKjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c87457f5fd25b2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Server
nginx
Date
Tue, 04 Jan 2022 20:38:36 GMT
Content-Type
text/html; charset=utf-8
Content-Length
79
Connection
keep-alive
Location
https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com
X-Robots-Tag
noindex, nofollow
v1
nsavalueadded.org/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsavalueadded.org/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=6c87457f5fd25b2c
Requested by
Host: nsavalueadded.org
URL: https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94fcf867ddf51c35e7cf7e950fa8661173642095d8b7e14d3b181e873c159013

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck%40wwt.com&__cf_chl_rt_tk=ySYqJXTzIQmLH6lnNq5.pEPFx89gE9T5D.7Lemm0FdA-1641328716-0-gaNycGzNCCU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 20:38:36 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OgzWpxgqckggouQ%2BF79IsXqGawXd7aP8gwDmnifqESqzPNZnFZOQPxYd7vf%2BRu8hDn7tm8n9bfj%2Fi6aJaIVg9Szm%2B4x41r%2BBdce425tqOAYl6nuYnvMfqUTfTNmK8VxxQwKlp9KveLsCMw%2FRw%2FaAyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=0, must-revalidate
cf-ray
6c87457f98465b2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
transparent.gif
nsavalueadded.org/cdn-cgi/images/trace/jschal/js/ 		42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsavalueadded.org/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6c87457f5fd25b2c
Requested by
Host: nsavalueadded.org
URL: https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck%40wwt.com&__cf_chl_rt_tk=ySYqJXTzIQmLH6lnNq5.pEPFx89gE9T5D.7Lemm0FdA-1641328716-0-gaNycGzNCCU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck%40wwt.com&__cf_chl_rt_tk=ySYqJXTzIQmLH6lnNq5.pEPFx89gE9T5D.7Lemm0FdA-1641328716-0-gaNycGzNCCU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 20:38:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 26 Dec 2021 13:14:45 GMT
server
cloudflare
etag
"61c86ac5-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
6c87457f98485b2c-FRA
vary
Accept-Encoding
content-length
42
expires
Tue, 04 Jan 2022 22:38:36 GMT
transparent.gif
nsavalueadded.org/cdn-cgi/images/trace/jschal/nojs/ 		42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsavalueadded.org/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6c87457f5fd25b2c
Requested by
Host: nsavalueadded.org
URL: https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck%40wwt.com&__cf_chl_rt_tk=ySYqJXTzIQmLH6lnNq5.pEPFx89gE9T5D.7Lemm0FdA-1641328716-0-gaNycGzNCCU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck%40wwt.com&__cf_chl_rt_tk=ySYqJXTzIQmLH6lnNq5.pEPFx89gE9T5D.7Lemm0FdA-1641328716-0-gaNycGzNCCU
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 20:38:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 26 Dec 2021 13:14:45 GMT
server
cloudflare
etag
"61c86ac5-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
6c87457f984c5b2c-FRA
vary
Accept-Encoding
content-length
42
expires
Tue, 04 Jan 2022 22:38:36 GMT
8f7802d30daaa50
nsavalueadded.org/cdn-cgi/challenge-platform/h/g/flow/ov1/0.4957767407742606:1641326636:b9ffcae6bef117f1fc63da1905954d5bdead84a52f941ae1f2e203987ba753d6/6c87457f5fd25b2c/ 		143 KB
71 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nsavalueadded.org/cdn-cgi/challenge-platform/h/g/flow/ov1/0.4957767407742606:1641326636:b9ffcae6bef117f1fc63da1905954d5bdead84a52f941ae1f2e203987ba753d6/6c87457f5fd25b2c/8f7802d30daaa50
Requested by
Host: nsavalueadded.org
URL: https://nsavalueadded.org/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=6c87457f5fd25b2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
789484211c2e0d0c98d0e439fcac470e09d9cef2ea01993ce1dcd9d5b239c195

Request headers

Referer
https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
CF-Challenge
8f7802d30daaa50
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 04 Jan 2022 20:38:36 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vx05bfgKaqIOlmdtuazSmom7%2FYPViV3wUKZnhWOan3KNj3BgP38TpurRrCZ%2BoW8AI3WUli%2FayLpcUljrFq2O3qe1jvNWOK4MWOJoJxlkNT7atuVxOVx05WZiTc4L9ALehAzuLwihhOJG%2BpK9DP8YWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
6c874580194f5b2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
8f7802d30daaa50
nsavalueadded.org/cdn-cgi/challenge-platform/h/g/flow/ov1/0.4957767407742606:1641326636:b9ffcae6bef117f1fc63da1905954d5bdead84a52f941ae1f2e203987ba753d6/6c87457f5fd25b2c/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nsavalueadded.org/cdn-cgi/challenge-platform/h/g/flow/ov1/0.4957767407742606:1641326636:b9ffcae6bef117f1fc63da1905954d5bdead84a52f941ae1f2e203987ba753d6/6c87457f5fd25b2c/8f7802d30daaa50
Requested by
Host: nsavalueadded.org
URL: https://nsavalueadded.org/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=6c87457f5fd25b2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa8e79b496f7c0853c552a4f5dcad3897ad073a731e964b8cea71bcc3d125470

Request headers

Referer
https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
CF-Challenge
8f7802d30daaa50
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 04 Jan 2022 20:38:37 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf_chl_out
NXwoT8+ciIc19MGt4KPyIQ3BuGtVHoeSoeDmznkkncXDzo7IAgmxy8GmDbheZ3SJ/vEXZ3dGOcnzOjSYWxCf3w==$HxFJvKGpnuuC1uVgHhTpMw==
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gv2xsJaAgI4cKX2qxMQ6ZqdvAhou8hIvsZTU%2BaJz%2FDDIbgHmh4y8PZQIeCsNtblt9TewHO4ObajqFlyQK2zgceN5xGuGyL26%2BeShL1BkQGxW2IHUjwQ63Dij6%2BpETrgB%2Bu9hDNt4zrLtg9elgECmeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf_chl_out_s
0D3Ti0pCPEiduUTTDbydqRCb8EnkQbR3EmUZgroy7FoHmIQ0b4v05ZiNh/KdGP6WzuDZV2iN9MUm0XYHXIu+UElcrg5+B8Ck8lTmVoaTQ+JrXz/pMZnO8DebadkZX24jQ8kL1nQRy5AgfI0yXGmlmvmwj9ErMgJdtyP5hnYIvwk=$SXESCFX2Jc6ODU8uMTCYDg==
cf-ray
6c8745859cbe5b2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Primary Request fhgnb.fgh
nsavalueadded.org/ 		10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com
Requested by
Host: nsavalueadded.org
URL: https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52ee0a4f049cb22dae4f6a9e2a3b8ddfe04d336239b85db951befc1cb8d819e9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com

Response headers

date
Tue, 04 Jan 2022 20:38:39 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires
Thu, 01 Jan 1970 00:00:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owvuJdzi2YuaHvztB6g8GlR17O2CGmpNUn94CkFZhJDXJ%2F2CwW4ekC7YlR8ybNrAHX4Vm6s3RCIcsKMhG2NlmOp%2FMVx3ELNBLiG%2F3ZiZJrhGYMVAbijAu3C4IhM6yWiDeBXjMtSdyPplbah5HzfIxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6c8745936c8d5b2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
v1
nsavalueadded.org/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nsavalueadded.org/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=6c8745936c8d5b2c
Requested by
Host: nsavalueadded.org
URL: https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2610b847bc9f23e45488e4d362440477767e55a8d910c52359e3c9523d0364eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck%40wwt.com&__cf_chl_rt_tk=uA_uT4JBPmU2HEswkfSh3TOub97tCEJhe_u6bPX3AZQ-1641328719-0-gaNycGzNBv0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 20:38:39 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8r1BZ%2B9NaOZJow7STNPi7b%2FA6CRt0tboijCfHKpkCtjyCPDKs6HfTJJr9Y70X67JrqIsiK%2FfsR5B%2FRzry52huYQbljAhZZFcIHCA8eWGLz99V%2B6x2akT5AldTm8PehsJkPEFbkb%2F96infbbzjg1KbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=0, must-revalidate
cf-ray
6c874593acf55b2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
transparent.gif
nsavalueadded.org/cdn-cgi/images/trace/jschal/js/ 		42 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsavalueadded.org/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=6c8745936c8d5b2c
Requested by
Host: nsavalueadded.org
URL: https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck%40wwt.com&__cf_chl_rt_tk=uA_uT4JBPmU2HEswkfSh3TOub97tCEJhe_u6bPX3AZQ-1641328719-0-gaNycGzNBv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck%40wwt.com&__cf_chl_rt_tk=uA_uT4JBPmU2HEswkfSh3TOub97tCEJhe_u6bPX3AZQ-1641328719-0-gaNycGzNBv0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 20:38:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 26 Dec 2021 13:14:45 GMT
server
cloudflare
etag
"61c86ac5-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
6c874593acfa5b2c-FRA
vary
Accept-Encoding
content-length
42
expires
Tue, 04 Jan 2022 22:38:39 GMT
transparent.gif
nsavalueadded.org/cdn-cgi/images/trace/jschal/nojs/ 		42 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nsavalueadded.org/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=6c8745936c8d5b2c
Requested by
Host: nsavalueadded.org
URL: https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck%40wwt.com&__cf_chl_rt_tk=uA_uT4JBPmU2HEswkfSh3TOub97tCEJhe_u6bPX3AZQ-1641328719-0-gaNycGzNBv0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck%40wwt.com&__cf_chl_rt_tk=uA_uT4JBPmU2HEswkfSh3TOub97tCEJhe_u6bPX3AZQ-1641328719-0-gaNycGzNBv0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 20:38:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 26 Dec 2021 13:14:45 GMT
server
cloudflare
etag
"61c86ac5-2a"
x-frame-options
DENY
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
6c874593acfb5b2c-FRA
vary
Accept-Encoding
content-length
42
expires
Tue, 04 Jan 2022 22:38:39 GMT
8a04656c4e70f9a
nsavalueadded.org/cdn-cgi/challenge-platform/h/g/flow/ov1/0.39764793285866373:1641326645:bbf7916107f5d49120c4900567f676dcae1b2adb0e9c7d6d2c16e649cfffa8fb/6c8745936c8d5b2c/ 		95 KB
58 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nsavalueadded.org/cdn-cgi/challenge-platform/h/g/flow/ov1/0.39764793285866373:1641326645:bbf7916107f5d49120c4900567f676dcae1b2adb0e9c7d6d2c16e649cfffa8fb/6c8745936c8d5b2c/8a04656c4e70f9a
Requested by
Host: nsavalueadded.org
URL: https://nsavalueadded.org/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=6c8745936c8d5b2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b97ef4f79cd6e74a2a6f481ccabd6b0f42127166f09d767483e5af3bb76cff

Request headers

Referer
https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
CF-Challenge
8a04656c4e70f9a
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 04 Jan 2022 20:38:40 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bi38C%2FYfkv1yezhoqUcUgBKUrwwtR8xrq5BfFSYtm7tuvKiZh4kOQH6pNxz3OLN5ifj3TCiU1Xcmw0ro5iIjhOFS7soiaSNgMtNkBEZ4z15KGCOJvCtv0gkZ4O0OsUcBlPDn8MyOSQlZnjBV1rXLTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
cf-ray
6c8745940dc15b2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
8a04656c4e70f9a
nsavalueadded.org/cdn-cgi/challenge-platform/h/g/flow/ov1/0.39764793285866373:1641326645:bbf7916107f5d49120c4900567f676dcae1b2adb0e9c7d6d2c16e649cfffa8fb/6c8745936c8d5b2c/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nsavalueadded.org/cdn-cgi/challenge-platform/h/g/flow/ov1/0.39764793285866373:1641326645:bbf7916107f5d49120c4900567f676dcae1b2adb0e9c7d6d2c16e649cfffa8fb/6c8745936c8d5b2c/8a04656c4e70f9a
Requested by
Host: nsavalueadded.org
URL: https://nsavalueadded.org/cdn-cgi/challenge-platform/h/g/orchestrate/jsch/v1?ray=6c8745936c8d5b2c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2edc810a693eda709bb58a9004bc43516a70d11924ed229f3e3e3b10491ee14

Request headers

Referer
https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
CF-Challenge
8a04656c4e70f9a
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 04 Jan 2022 20:38:41 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf_chl_out
oWjAwbiRd/5Ph7QumkOSRU25kuiQq8XGTUoeFLhQkY2E9zMeVPg6Z9I8xeS5xwVdGGI871GHuQvkpQvsVkNbhQ==$4CnO5/LcFqoFoboznUSDeQ==
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/plain;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4RvTMnX8SkUo1ByxuEg6NQNCtqMoP5S0%2FpxG3mT%2Bdhpii%2BwCfobKX%2Fwgj0PQbUNPfta8r9PgUqWQJ%2FifKDK6fm8%2FWXzS13yVEiHO0h64Kfk9Pp99cqZ2Ye%2FJ7qBb4CAg5DkJI5%2B1fiKXkeE14zL7g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf_chl_out_s
czbL1iueBpIw7UqIgf1AE9+K0RifHg3SA8+bql+4nG8xNEeiNnz+QyEzvwoGvGanO3puhAgylaD2F/E8MmMaESm2n++LuvNAr+NExRC1UstYNXkmezKxxVbhm1a3RYBGCR6Q//wqGzaTsCRwq1lDa3naEBv+fPvSnE2WQrfRFClINtoMCQ4w0eHru60VOsms/MmFNdZuKRcIGYI+/OkAWIQN2G8vSYB3Nef8aRLG9ahBZ1LpnCisdfr9BouukI3s$6ZiDPkO2XiiBKcZyEUvqsQ==
cf-ray
6c87459a0a3e5b2c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 function| sendRequest function| _cf_atob object| _cf_chl_ctx function| _ number| PtAQd

3 Cookies

Domain/Path Name / Value
nsavalueadded.org/cdn-cgi/challenge-platform/h/g/flow/ov1/0.39764793285866373:1641326645:bbf7916107f5d49120c4900567f676dcae1b2adb0e9c7d6d2c16e649cfffa8fb/6c8745936c8d5b2c Name: cf_chl_seq_8a04656c4e70f9a
Value: 164920ecff9c61d
nsavalueadded.org/ Name: cf_chl_rc_ni
Value: 1
nsavalueadded.org/ Name: cf_chl_prog
Value: e

6 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com
Message:
Failed to load resource: the server responded with a status of 503 ()
deprecation warning (Line 3)
Message:
'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://nsavalueadded.org/fhgnb.fgh?yth=liz.beck@wwt.com
Message:
Failed to load resource: the server responded with a status of 503 ()
deprecation warning (Line 3)
Message:
'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN