Submitted URL: https://ken19.at/
Effective URL: https://captcha.kra18.lat/
Submission: On November 27 via api from US — Scanned from AT

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 12 HTTP transactions. The main IP is 172.67.163.202, located in United States and belongs to CLOUDFLARENET, US. The main domain is captcha.kra18.lat.
TLS certificate: Issued by WE1 on November 17th 2024. Valid for: 3 months.
This is the only time captcha.kra18.lat was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.21.30.209 13335 (CLOUDFLAR...)
2 9 104.21.15.191 13335 (CLOUDFLAR...)
4 172.67.163.202 13335 (CLOUDFLAR...)
12 3
Apex Domain
Subdomains
Transfer
13 kra18.lat
kra18.lat
captcha.kra18.lat
23 KB
1 ken19.at
ken19.at
686 B
12 2
Domain Requested by
9 kra18.lat 2 redirects kra18.lat
4 captcha.kra18.lat kra18.lat
captcha.kra18.lat
1 ken19.at 1 redirects
12 3

This site contains no links.

Subject Issuer Validity Valid
kra18.lat
WE1
2024-11-17 -
2025-02-15
3 months crt.sh

This page contains 1 frames:

Frame: https://captcha.kra18.lat/
Frame ID: 02E0EA35EB46505C2F6923A49F8EBD63
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

KRAKEN

Page URL History Show full URLs

  1. https://ken19.at/ HTTP 302
    https://kra18.lat/ Page URL
  2. https://kra18.lat/ HTTP 302
    https://kra18.lat/ Page URL
  3. https://kra18.lat/?cf_captcha_success=1 HTTP 302
    https://captcha.kra18.lat/ Page URL

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

21 kB
Transfer

40 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ken19.at/ HTTP 302
    https://kra18.lat/ Page URL
  2. https://kra18.lat/ HTTP 302
    https://kra18.lat/ Page URL
  3. https://kra18.lat/?cf_captcha_success=1 HTTP 302
    https://captcha.kra18.lat/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ken19.at/ HTTP 302
  • https://kra18.lat/
Request Chain 4
  • https://kra18.lat/ HTTP 302
  • https://kra18.lat/
Request Chain 11
  • https://captcha.kra18.lat/ HTTP 302
  • https://captcha.kra18.lat/ HTTP 302
  • https://captcha.kra18.lat/

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
kra18.lat/
Redirect Chain
  • https://ken19.at/
  • https://kra18.lat/
718 B
1 KB
Document
General
Full URL
https://kra18.lat/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.15.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85018d7c7027dc4181e0fee07d363010e8862c44a4e0968021bf3be8d6d6c216

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e93cfddd9495a9d-VIE
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2024 17:24:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5YzOQN3izvO34zyoWAh3iWQzeMQfzM8fNpULetY5kfcn2JdS9BBqDzxx%2BnDsn0yLYmTQ1wRJJ%2BFJ4ntxveBl63kISUn47P8GXFfd7aqnjoGg1gO3i3b%2FAzXtsOM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=23998&min_rtt=19499&rtt_var=10281&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4264&recv_bytes=4482&delivery_rate=19494&cwnd=12000&unsent_bytes=0&cid=014354a4f2c275c7&ts=179&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e93cfd15f21c259-VIE
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2024 17:24:28 GMT
location
https://kra18.lat
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YaerMxMqAdpwG49Mpfh%2BxSwRX7i7i2OlFalSHUwzlSS%2F1acEWagxkfrqy%2B%2FNF67eSTsyTUkArTO2jbWg4Le9lUlwr4T7KGthztMRFJIqVnsZftZ0u%2FZMRhFDcg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=35023&min_rtt=23467&rtt_var=14254&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4188&recv_bytes=4477&delivery_rate=307&cwnd=12000&unsent_bytes=0&cid=8f9b922fc4a19c5e&ts=1809&x=1" cfHdrFlush;dur=0
connect.min.js
kra18.lat/js/
11 KB
4 KB
Script
General
Full URL
https://kra18.lat/js/connect.min.js?1
Requested by
Host: kra18.lat
URL: https://kra18.lat/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.15.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa0fd5b129cc1062500cf31c6be66f6617d829c3e4ccf0dc7cdba46f992632e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kra18.lat/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"2c0a-6243578862419-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CqfLI4FKHup4KJs6kv6d6mfZsaPKBVRmwoykr3jWzvDfzJNpEV1OmWmeRxzMfU55GyjLS7YelxPI5j5NdlaE7EKhVrdIxIzEvjrdYXGflSnPA1e%2B4ukZQtstatI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33575&min_rtt=19499&rtt_var=21440&sent=16&recv=13&lost=0&retrans=1&sent_bytes=5982&recv_bytes=4944&delivery_rate=2576&cwnd=12000&unsent_bytes=0&cid=014354a4f2c275c7&ts=428&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 17:24:28 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 15:52:14 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e93cfdf8c5c5a9d-VIE
accept-ranges
bytes
content-length
2923
server
cloudflare
take_server.php
kra18.lat/modules/onion_servers/
0
695 B
XHR
General
Full URL
https://kra18.lat/modules/onion_servers/take_server.php
Requested by
Host: kra18.lat
URL: https://kra18.lat/js/connect.min.js?1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.15.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
X-Requested-With
XMLHttpRequest

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cj7CnEjP%2BKqZfYQVZ0kM4SoIRU7BhSYSkdv2OD6mRTdpIHJJysrvbibXDx1GWuszg3sAQjcQP9b3UI6z7HFG7R9Tr6nfQjo7qjHuJc0BUdiJ6UBsVSQ3kqyp%2B%2Bo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e93cfe04df85a9d-VIE
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32154&min_rtt=19499&rtt_var=14522&sent=22&recv=17&lost=0&retrans=1&sent_bytes=9722&recv_bytes=5916&delivery_rate=47237&cwnd=12000&unsent_bytes=0&cid=014354a4f2c275c7&ts=536&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 17:24:28 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=1,i
favicon.ico
kra18.lat/
598 B
1 KB
Other
General
Full URL
https://kra18.lat/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.15.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"256-624357819dd6a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SdhA%2FEXMfZb9M5WwlMR2o3kYrIDmNByQQp57FtX5848fuK21IoNLy6vm0JUM9B48QcdxJsyIiGOCaQLARyZx%2Bzmqts26DVfkzm7ElgGBTPxlIdGWSdw2hpcAuqg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e93cfe06e1e5a9d-VIE
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31290&min_rtt=19499&rtt_var=12619&sent=24&recv=18&lost=0&retrans=1&sent_bytes=10464&recv_bytes=6431&delivery_rate=9683&cwnd=12000&unsent_bytes=0&cid=014354a4f2c275c7&ts=577&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 17:24:28 GMT
content-type
image/vnd.microsoft.icon
last-modified
Fri, 11 Oct 2024 15:52:07 GMT
vary
Accept-Encoding
priority
u=1,i
/
kra18.lat/
Redirect Chain
  • https://kra18.lat/
  • https://kra18.lat/
14 KB
7 KB
Document
General
Full URL
https://kra18.lat/
Requested by
Host: kra18.lat
URL: https://kra18.lat/js/connect.min.js?1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.15.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aba4dfd7e88cc9ca1cdf75e77dadaf3d1ca1a2d33866a271a8414e56a9494bff

Request headers

Referer
https://kra18.lat/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e93cfe11f5c5a9d-VIE
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2024 17:24:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W4J12vu4jMpALGuhnnck0YOBNbsUFBFWN1hydObrPevL0vfGSZInNgtn7QYp9KQ1uL17pQhLNu%2BE9MXuzxxYTwHgHp6dhZaFaCTYqZxj8%2FkqoQoPEIG%2FdpJqaZg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=30017&min_rtt=19499&rtt_var=10231&sent=28&recv=20&lost=0&retrans=1&sent_bytes=12606&recv_bytes=7006&delivery_rate=64901&cwnd=12000&unsent_bytes=0&cid=014354a4f2c275c7&ts=671&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e93cfe0cebc5a9d-VIE
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2024 17:24:28 GMT
location
/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FG2oWnwZxkZH32EXZ3eKEm7SM0OxaYsGp9%2FnlFgpp3%2BHnhxNHeSABEg2L8TTNLlLfLzkVyYFkAgEYo8EcLb5m7Wx%2BvyG%2FDZorRiyuUYy2R8d%2FqkJ7WeaxnMyEsc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=31290&min_rtt=19499&rtt_var=12619&sent=26&recv=18&lost=0&retrans=1&sent_bytes=11813&recv_bytes=6431&delivery_rate=9683&cwnd=12000&unsent_bytes=0&cid=014354a4f2c275c7&ts=607&x=1" cfExtPri cfHdrFlush;dur=0
truncated
/
586 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
transparent.gif
kra18.lat/cdn-cgi/images/trace/managed/nojs/
553 B
553 B
Image
General
Full URL
https://kra18.lat/cdn-cgi/images/trace/managed/nojs/transparent.gif?ray=794d630be9c098f7
Requested by
Host: kra18.lat
URL: https://kra18.lat/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.15.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fc8caf11b83feb15665491d9f3d0d788299fa8a94adc7adbc256acc0917f5cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kra18.lat/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8e93cfe1c86b5a9d-VIE
date
Wed, 27 Nov 2024 17:24:29 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
favicon.ico
kra18.lat/
598 B
0
Other
General
Full URL
https://kra18.lat/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.15.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0b7e5217318eedc1b42ca1ce5e128c649c97082912f1d800eec1325207ad96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kra18.lat/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"256-624357819dd6a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SdhA%2FEXMfZb9M5WwlMR2o3kYrIDmNByQQp57FtX5848fuK21IoNLy6vm0JUM9B48QcdxJsyIiGOCaQLARyZx%2Bzmqts26DVfkzm7ElgGBTPxlIdGWSdw2hpcAuqg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e93cfe06e1e5a9d-VIE
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31290&min_rtt=19499&rtt_var=12619&sent=24&recv=18&lost=0&retrans=1&sent_bytes=10464&recv_bytes=6431&delivery_rate=9683&cwnd=12000&unsent_bytes=0&cid=014354a4f2c275c7&ts=577&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 17:24:28 GMT
content-type
image/vnd.microsoft.icon
last-modified
Fri, 11 Oct 2024 15:52:07 GMT
vary
Accept-Encoding
priority
u=1,i
Primary Request /
captcha.kra18.lat/
Redirect Chain
  • https://kra18.lat/?cf_captcha_success=1
  • https://captcha.kra18.lat/
718 B
1 KB
Document
General
Full URL
https://captcha.kra18.lat/
Requested by
Host: kra18.lat
URL: https://kra18.lat/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.163.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85018d7c7027dc4181e0fee07d363010e8862c44a4e0968021bf3be8d6d6c216

Request headers

Referer
https://kra18.lat/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e93cfefeb0e5b03-VIE
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2024 17:24:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BXex5l0ePyUr%2BLFM4MA8GJeZ2Cf8eeu8J4djkGovUGw3i5Mnf5D3JzT4bUtdceSZhOsxaigfS1ikPRM1y%2FSKwu7cDB1TAri7O6xoYqc1lqv3KxAlgVHXfiQIIG1pqay%2Fi5b3TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=534&min_rtt=501&rtt_var=160&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3363&recv_bytes=2437&delivery_rate=7252086&cwnd=254&unsent_bytes=0&cid=8b5b4810cc9ef0fa&ts=101&x=0"
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e93cfeef8515a9d-VIE
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2024 17:24:31 GMT
location
https://captcha.kra18.lat
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NPJ6bV%2BUjh464TXGojZ3W%2BTho%2BD1YUPR8X4iOBt50vJM%2B4AJHHS68OtARAWSzeK0hIq5469xhrNxSYdOfUT4o1jErq%2B9ORuurFZH2s6v4vVtZr8DlE%2F5xhNnBxY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=27302&min_rtt=19499&rtt_var=6675&sent=38&recv=27&lost=0&retrans=1&sent_bytes=20449&recv_bytes=8308&delivery_rate=5207&cwnd=12000&unsent_bytes=0&cid=014354a4f2c275c7&ts=2880&x=1" cfExtPri cfHdrFlush;dur=0
connect.min.js
captcha.kra18.lat/js/
11 KB
3 KB
Script
General
Full URL
https://captcha.kra18.lat/js/connect.min.js?1
Requested by
Host: captcha.kra18.lat
URL: https://captcha.kra18.lat/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.67.163.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa0fd5b129cc1062500cf31c6be66f6617d829c3e4ccf0dc7cdba46f992632e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://captcha.kra18.lat/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"2c0a-6243578862419-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i6dcmmYyXfUdWo1jx%2FXLby0pKOB93gx7LD%2FdifKGNvrU3%2BRWsnhsUdPVvyi8BkQEBL1WcPRv38joWNQMvLnGooVtrMFO2iYLtr76JqbWnwA5w4990oUUINW78vokaEc1VJnwmg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=543&min_rtt=501&rtt_var=137&sent=10&recv=12&lost=0&retrans=0&sent_bytes=4781&recv_bytes=2654&delivery_rate=7252086&cwnd=257&unsent_bytes=0&cid=8b5b4810cc9ef0fa&ts=965&x=0"
date
Wed, 27 Nov 2024 17:24:32 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 15:52:14 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e93cff0ac695b03-VIE
accept-ranges
bytes
content-length
2923
server
cloudflare
take_server.php
captcha.kra18.lat/modules/onion_servers/
0
744 B
XHR
General
Full URL
https://captcha.kra18.lat/modules/onion_servers/take_server.php
Requested by
Host: captcha.kra18.lat
URL: https://captcha.kra18.lat/js/connect.min.js?1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
X-Requested-With
XMLHttpRequest

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WBUNoZ%2BxIGlfc1pIrf%2Fs0pjP2iVQxTyz4fdA2CMVXRkIAygj2WPlfwY8PBSAa3kQuh3LwS%2FnXcG7z7FGLqpcIRYPCJNgT%2BCCU0t0TxFeLXuT2a%2FVCEc%2Fii0Mc74paSvortvqVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e93cff61a405af5-VIE
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20748&min_rtt=19400&rtt_var=5288&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4234&recv_bytes=4548&delivery_rate=553&cwnd=12000&unsent_bytes=0&cid=6c3ef616ffef7074&ts=946&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 17:24:32 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=1,i
favicon.ico
captcha.kra18.lat/
598 B
1 KB
Other
General
Full URL
https://captcha.kra18.lat/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0b7e5217318eedc1b42ca1ce5e128c649c97082912f1d800eec1325207ad96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"256-624357819dd6a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bji2ZTWZffCnxXkJP8LSnCCF644oJKXkVrPESxcK6TXOG1NwDyUUOIvM49aMdIeObR8aC0X7d4qin7KkSbuG0PXfEAogiitZ3AOksTKBGFDIZzCRslruxrLsLIDSTYMWVbFjfw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e93cff6bb4f5af5-VIE
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21159&min_rtt=19400&rtt_var=4788&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5049&recv_bytes=5524&delivery_rate=7414&cwnd=12000&unsent_bytes=0&cid=6c3ef616ffef7074&ts=1014&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 17:24:32 GMT
content-type
image/vnd.microsoft.icon
last-modified
Fri, 11 Oct 2024 15:52:07 GMT
vary
Accept-Encoding
priority
u=1,i
/
captcha.kra18.lat/
Redirect Chain
  • https://captcha.kra18.lat/
  • https://captcha.kra18.lat/
  • https://captcha.kra18.lat/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
captcha.kra18.lat
URL
https://captcha.kra18.lat/

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| connecting_hash function| _0x145c93 function| MD5 function| M function| X function| V function| Y function| md5_cmn function| _0x4989 function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| safe_add function| bit_rol object| date function| _0x18d8 function| takeOnionServer function| httpGetAsync function| connectingStrHandler

17 Cookies

Domain/Path Name / Value
ken19.at/ Name: go
Value: 1
kra18.lat/ Name: tor_scheme_id
Value: 1733518534
kra18.lat/ Name: tor_port
Value: 9091
kra18.lat/ Name: session_id
Value: ac4e702d25d0320d8437dbdaf7c2c435
kra18.lat/ Name: connecting_hash_lite_version
Value: 1732728268
kra18.lat/ Name: connecting_hash
Value: 3ea09d7607c3c14a8670ef27b7f24274
kra18.lat/ Name: onion_server_id
Value: 5
kra18.lat/ Name: session_temp_active
Value: 1
kra18.lat/ Name: cf_check_x0_cptch
Value: 1
captcha.kra18.lat/ Name: tor_scheme_id
Value: 1732883777
captcha.kra18.lat/ Name: tor_port
Value: 9175
captcha.kra18.lat/ Name: session_id
Value: d6c7081cc89f4bd3696c82316753ad44
captcha.kra18.lat/ Name: connecting_hash_lite_version
Value: 1732728271
captcha.kra18.lat/ Name: connecting_hash
Value: de006322255f4952113c5ac4c7174f53
captcha.kra18.lat/ Name: onion_server_id
Value: 7
captcha.kra18.lat/ Name: session_temp_active
Value: 1
captcha.kra18.lat/ Name: proxy_cf_session_id
Value: 2345287

1 Console Messages

Source Level URL
Text
network error URL: https://kra18.lat/cdn-cgi/images/trace/managed/nojs/transparent.gif?ray=794d630be9c098f7
Message:
Failed to load resource: the server responded with a status of 404 ()