urlscan.io logo urlscan.io
SecurityTrails logo

extranet.67841l.com Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://extranet.67841l.com/254943125
Submission: On February 05 via automatic, source openphish — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 26 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is extranet.67841l.com.
TLS certificate: Issued by E1 on February 2nd 2024. Valid for: 3 months.
This is the only time extranet.67841l.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Booking (Travel)

Domain & IP information

IP Address AS Autonomous System
2 24 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2600:9000:25a... 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
26 5
24    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
extranet.67841l.com
1    2600:9000:25a2:cc00:5:bf05:acc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
q-xx.bstatic.com
2    2606:4700:10::ac43:2910 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tailwindcss.com
2    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
24 67841l.com
extranet.67841l.com
78 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 867
15 KB
2 tailwindcss.com
cdn.tailwindcss.com — Cisco Umbrella Rank: 46008
109 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
1 bstatic.com
q-xx.bstatic.com — Cisco Umbrella Rank: 15869
125 KB
26 5
Domain Requested by
24 extranet.67841l.com 2 redirects extranet.67841l.com
unpkg.com
2 unpkg.com 1 redirects extranet.67841l.com
2 cdn.tailwindcss.com 1 redirects extranet.67841l.com
1 fonts.googleapis.com extranet.67841l.com
1 q-xx.bstatic.com extranet.67841l.com
26 5

This site contains no links.

Subject Issuer Validity Valid
67841l.com
E1		 2024-02-02 -
2024-05-02		 3 months crt.sh
*.bstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-29 -
2024-11-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://extranet.67841l.com/254943125
Frame ID: A236E041DD989023B9DAC1D06224401C
Requests: 7 HTTP requests in this frame

Frame: https://extranet.67841l.com/supportChatFrame/254943125
Frame ID: 76D640002EBCA5CBF7C868FBE765EC9C
Requests: 15 HTTP requests in this frame

Frame: https://extranet.67841l.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
Frame ID: 32DF418063D2DC656379A591A853845C
Requests: 2 HTTP requests in this frame

Frame: https://extranet.67841l.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
Frame ID: C3FFC879CB97659565A67F2E8D204DE7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Booking.com - Payment information

Detected technologies

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Page Statistics

26
Requests

85 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

327 kB
Transfer

703 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://extranet.67841l.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://extranet.67841l.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
Request Chain 10
  • https://cdn.tailwindcss.com/ HTTP 302
  • https://cdn.tailwindcss.com/3.4.1
Request Chain 17
  • https://unpkg.com/axios/dist/axios.min.js HTTP 302
  • https://unpkg.com/axios@1.6.7/dist/axios.min.js
Request Chain 21
  • https://extranet.67841l.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://extranet.67841l.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 254943125
extranet.67841l.com/ 		58 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://extranet.67841l.com/254943125
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a3b57c68de022c19dd01ae400b2f1117f9a1a04bf0b47d73aa72126d0767a345

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
850751bd7c104d67-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 05 Feb 2024 01:18:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JAzBhcqwLEFEJGalWYQJicQ9A35cR6SsaCFSnf0XkBjJMiPQK9bTQIa72ZT7oK%2FKbclmUj30YTPhWay7PDpHLforYYazfVZ%2BWCM%2FG576ZgQddsrIq%2BmJBdP3NAvTPd%2BrrocQHlJcqi2sKfrYnorA%2B3UT"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
script.js
extranet.67841l.com/services/booking/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extranet.67841l.com/services/booking/js/script.js
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/254943125
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a140484b48096baf0db17d9db57a330c818b6bca7607152884b2eefce4e02b87

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/254943125
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 07 Oct 2023 14:59:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"2fc7-18b0aa6d6a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ft92gyhXsXu73CCQR%2B2lgXCdMWGMesXyDWNZPbNPp12cuLbDMR0G6QfyBJrrRo%2FZzivF%2B4Ie2TVZW6d7ovOW83L4t4ok8mqYb16v5fEfYTcQg7vcrzPrGG2hl2mQJl7L%2BsI4ZWlkq1vOJifWn7oTD05b"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
850751be4c734d67-FRA
alt-svc
h3=":443"; ma=86400
styles.css
extranet.67841l.com/services/booking/css/ 		32 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://extranet.67841l.com/services/booking/css/styles.css
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/254943125
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b2e3158656f24d0f69988896ea2facd530904745d286f84eadb67ceb2ce9d4c2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/254943125
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Sat, 19 Aug 2023 22:18:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"802a-18a0fe0d338"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gng5ZhLDQ%2FcHw%2BlwCzTA6ZWrTh3d7o0qZWA3AJdn7cfELO4mqCsHXSRjJRPI7LuOUp7XrH%2FwoIaDa%2BzbcGvEfvsiOOAPgJuoa5Zlnfp1FvAmDoeUvhNrcH7iZ48uSjl4tXG21vaYJDu6KHM%2Fuf%2B3xycK"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
850751be4c714d67-FRA
alt-svc
h3=":443"; ma=86400
485683517.jpg
q-xx.bstatic.com/xdata/images/hotel/max1024x768/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q-xx.bstatic.com/xdata/images/hotel/max1024x768/485683517.jpg?k=832816e82e1d9dbc28862b7d87ad23927c3caf6ffc28895533e35e6985e048de&o=
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/254943125
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:cc00:5:bf05:acc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f760992decea405729e1bb4636f8d0edf4989dbcc312854f78e8197380ecb0d7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 18:39:53 GMT
via
1.1 b03c46754456cd1729ff37c2faafd4ec.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
ZRH55-P1
age
196712
etag
"49f1e7e3d2847cb7bf9f51424a7f8475a304dbcf"
x-cache
Hit from cloudfront
content-language
127589
access-control-allow-origin
*
content-type
image/jpeg
cache-control
max-age=2592000
timing-allow-origin
*
x-amz-cf-id
62ejyzoN5FXWrdv3TR-_l0vjiFSqkHTnnoLNNtUrMYOme8jiiLkGww==
x-xss-protection
1; mode=block
support_parent.css
extranet.67841l.com/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://extranet.67841l.com/css/support_parent.css
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/254943125
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
20f5cc0ebb84eb9bdeb82a9b908e9f922ab10ea415857c8b00b8302e00c61a5c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/254943125
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 23 Aug 2023 14:42:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"12b3-18a22d925f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blDUMgucBXyMMGbP8E4%2BXyUrfBvWSL83Xk2RyO5rYSsvT1OcfBGngO7E1MciErg3K9TKyoyJpiBof8tHoBVaN3yYEzLw5q8%2B1bO%2BBHAXDN5RLXuDjXEjjbsJUoDo%2BgilP%2F63O3BD40Akm4mKpTFQxW8J"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
850751be4c724d67-FRA
alt-svc
h3=":443"; ma=86400
254943125
extranet.67841l.com/supportChatFrame/ Frame 76D6 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://extranet.67841l.com/supportChatFrame/254943125
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/254943125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f48802dc5aba149d0aafcd710114167c7591f279aa12f3f2b04fb257143b1a2b

Request headers

Referer
https://extranet.67841l.com/254943125
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
850751bed8e52ba6-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 05 Feb 2024 01:18:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Gwre9r2FBpdvAhfLo6060fVNm8G5ZjxUTkjHaGcuWxdb7Piq1NuYzUChO6GOYHHB%2FS3%2F5W91YL8FOnDcl2Ztp26q3K6RmxdE7Yjl4GVNoIjpNOx2VeiTn1BO3Rna%2BIUiVVQYchYbJoOqwWyfhUCGObU"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
flags.png
extranet.67841l.com/services/booking/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extranet.67841l.com/services/booking/images/flags.png
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/254943125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fc78e1550450ab81964ef660b05cb14fb17e0b895b261925ad7e6e073502dfc4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/254943125
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
cf-cache-status
MISS
last-modified
Sat, 19 Aug 2023 17:18:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"77d8-18a0ece3e40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6pAcrGGY9M3QZW0HxYB8RQ%2F4a3EOGlw9MhRSW20Dp9e04Yu%2Bn7rXKzhgHYnQMcClT8Y4E38rc6p51SKfo8LIllUw4jGb5ixSom1U8ZlSLIc7cFsfNhjSyFcWXcMRjgetnsBtVlL94Mk4l3EkuegCvJK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
850751bed8e82ba6-FRA
alt-svc
h3=":443"; ma=86400
content-length
30680
pluxurydarklord.svg
extranet.67841l.com/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extranet.67841l.com/img/pluxurydarklord.svg
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/css/support_parent.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fbb307bc48c763f9a4893ba918ca9a322f4e084dbb994504d526af90c1a4d1e9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/css/support_parent.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 23 Aug 2023 14:41:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"4b6-18a22d77460"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qK6q8mEWPNZW53H63Qy%2BfNR7l%2BYtasra8MUeisTORzz4HkWk1KSFWpm9QUtKMC7MVW9Albwacdgxi%2FLyFNARzt8Nx%2BPH0%2BxpvU0XJapDMlSvoGCF7sbSHrGKagzvmDWNJhAM8LMYlI4ZkegTHBYVjM70"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
850751bed8e92ba6-FRA
alt-svc
h3=":443"; ma=86400
main.js
extranet.67841l.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/ Frame 32DF
Redirect Chain
  • https://extranet.67841l.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://extranet.67841l.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extranet.67841l.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/254943125
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17de010305d5a9c2d8ba325d38450e44a160eda370f1df3b0f5838ba98cae980
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R88bp2oFBBuSQO%2FWJWOqIuu3iO1hu0hg5tF9co2jjrDZM7jOtt%2FWRiynXs9t7450W5CApoxJdsvL9SLjRZjAaUOhmA20MNLbMIVzrX%2Bq1SuvKBjdgaQqwc%2FZ%2F1vifD1gmpHfgIfkzldyMGrfaOJBaUpM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
850751bf290c2ba6-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 05 Feb 2024 01:18:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfZ5NJ%2FavRIVoqsegYZVQuIJ%2FH4ZDHcOlBXFLwhWHwteJrh9mks4rleGYivuCP44D6eMFusRjjpJVZhaOSRxZJXOcdIbirnWt7Njs8EtlTTH7tqXOqmCHrJre%2Bt63fqo1gxA6bL39yXHGU%2FoKjXR482N"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
850751bf08f92ba6-FRA
alt-svc
h3=":443"; ma=86400
850751bd7c104d67
extranet.67841l.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 32DF 		0
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://extranet.67841l.com/cdn-cgi/challenge-platform/h/b/jsd/r/850751bd7c104d67
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5tyIqZYLkE%2BnusUEMs87IzMMPK%2BXLDEdFNNNfxtfcqh%2BWryXwhoyBO9M4F7bMSmewihRpVA8JQFVPcso7Zh6h2tmu1o6WdlsArLzAZUZT%2BtHEQbrh6PdIALQim%2F6fGjLtN%2FT2is1LrrbILwP9RpcXMs"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
850751bfa94c2ba6-FRA
alt-svc
h3=":443"; ma=86400
chat.css
extranet.67841l.com/assets/css/ Frame 76D6 		243 B
679 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://extranet.67841l.com/assets/css/chat.css
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/supportChatFrame/254943125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c5e7e8f07db5f90f5b179d122a425eacb8e7b0b57e79349f6e414158d3db0f77

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/supportChatFrame/254943125
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 23 Aug 2023 14:01:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"f3-18a22b2e8e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndrY3BSbxHuSkpGY8RlfuFIv9I0PrfeRuCAgp3w2ktvRSyvEp7c9%2F0IhP6DsJljaYGuhJmL%2FkYtzBZErXE5iU1VknFOZJ7j6NStOIOw2Yek0ZVv9oep0rQjQF6oNO8VOpc2SjbSQcRvdlPiGbYlFTjRi"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
850751bfb94d2ba6-FRA
alt-svc
h3=":443"; ma=86400
3.4.1
cdn.tailwindcss.com/ Frame 76D6
Redirect Chain
  • https://cdn.tailwindcss.com/
  • https://cdn.tailwindcss.com/3.4.1
359 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tailwindcss.com/3.4.1
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/supportChatFrame/254943125
Protocol
H2
Server
2606:4700:10::ac43:2910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
151c30a9c3810c4a00decc7ac92110d0660b64b6e25973116935faa14d232a81
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000
last-modified
Fri, 05 Jan 2024 20:53:26 GMT
x-vercel-id
cle1::iad1::nrl2g-1704488004870-28d22f50c8bf
cf-cache-status
HIT
age
2607817
server
cloudflare
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
cf-ray
850751c03d4d193c-FRA

Redirect headers

date
Mon, 05 Feb 2024 01:18:25 GMT
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
cle1::iad1::pm24d-1707094417398-d74595170050
server
cloudflare
age
645
x-vercel-cache
MISS
vary
Accept-Encoding
location
/3.4.1
cache-control
max-age=14400
cf-ray
850751bffd41193c-FRA
content-length
0
bookmark.svg
extranet.67841l.com/assets/icons/ Frame 76D6 		247 B
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extranet.67841l.com/assets/icons/bookmark.svg
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/supportChatFrame/254943125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
846a64b15537fd60cbebc9dbdca9a2df72aa05a6e564210f78acfd701a386ef7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/supportChatFrame/254943125
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2023 08:23:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"f7-18a1c570a88"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKwMwNAT7gGGD80fwrVcAHWCrrWw9vuKiHd5HjPrJXY2qKk%2BILnsfcyjTGl7IBOJv3%2FjVL6%2ByivKYw%2BNUefLRX%2B96tD2vF9Mdjz69kkdZ%2BuTLHQPQohQitkRPPdmOm8Kyt7lnE1Udu3xS7l25CP0ylZi"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
850751bfb94e2ba6-FRA
alt-svc
h3=":443"; ma=86400
chevron-down.svg
extranet.67841l.com/assets/icons/ Frame 76D6 		231 B
663 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extranet.67841l.com/assets/icons/chevron-down.svg
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/supportChatFrame/254943125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d7a5152180593b0144e6a36c21ca0e19aa9a64da790d7a1d14f0cbe49d45525a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/supportChatFrame/254943125
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2023 14:42:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"e7-18a1db2d5b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Moy3%2FTyJKqKLtLIF8sJadLKDZgqzJJ01K7ymWrxpqJx1%2BDD%2FqCSBRsVuaUaV3U9MhSO139iN9not4hrr9ztX%2F1uKsZ6Q%2Bt6IrmgFrgFyS7IVnjSWgXLKDM0k9HDWIZ3AjQyVdUxP%2FYJzvMuomNkw4gaE"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
850751bfb94f2ba6-FRA
alt-svc
h3=":443"; ma=86400
close.svg
extranet.67841l.com/assets/icons/ Frame 76D6 		230 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extranet.67841l.com/assets/icons/close.svg
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/supportChatFrame/254943125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9a60eed802ef3d6b6784369cf91a4be28f925fa426293244ad43b9d2868f2988

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/supportChatFrame/254943125
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2023 08:16:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"e6-18a1c513e28"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTXRX981RCBqGUmEshm1rYd%2FhXGSA7cnYGrLtP%2FPMTnzjTKoEXi%2Fv2XSKvPyayz%2F%2FTSwl0SkgG7d%2Bx3%2B3S6MhSjkq3ajR%2Bf7ApGsXDwV2WQ23nTxfaH9OCUHDuxrEBmEnA3HjstFmyeaLkptqx6oQ%2FFs"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
850751c0398f2ba6-FRA
alt-svc
h3=":443"; ma=86400
person-circle.svg
extranet.67841l.com/assets/icons/ Frame 76D6 		563 B
836 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extranet.67841l.com/assets/icons/person-circle.svg
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/supportChatFrame/254943125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b4784b8b0b3e2cfefe7106fea734e0a37df601a093d8bdb1aa3ee5216716546b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/supportChatFrame/254943125
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2023 08:20:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"233-18a1c54eb90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7HILsLHTuVJ5oetmrLKLgjci0T3ByTO3oeH4yWFYFT8HkU5yB4HiRgotIqI7dmKLUQDngwS%2FtiAOyUCSB6iviaK2QVsR%2BKtOesbVn6RanaNXTPvHMUp7bvzmficzUUjk9B35c7%2BkbeNuVAMbhVhc%2BWx"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
850751c039912ba6-FRA
alt-svc
h3=":443"; ma=86400
document.svg
extranet.67841l.com/assets/icons/ Frame 76D6 		339 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extranet.67841l.com/assets/icons/document.svg
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/supportChatFrame/254943125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1d3af5838269f41ffd019f04eefcf2b494953d28fb1401acfbfa4ec55c57d515

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/supportChatFrame/254943125
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2023 14:37:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"153-18a1dadebe0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7cR9o5XxKbXjK%2FcHAN7dHFCTfxsj%2BA7s3VGOVjhOahBZJ1DCmcO6jtNwH4M77iCelalWRY%2FvdOMyuRdN2R4KbSld0mvgCberw5h1WggJL78SGI7QxIK8RwidkyvcK4yuppWqUNg1E4Vk4qoW27xWm07"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
850751c099b22ba6-FRA
alt-svc
h3=":443"; ma=86400
send.svg
extranet.67841l.com/assets/icons/ Frame 76D6 		402 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://extranet.67841l.com/assets/icons/send.svg
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/supportChatFrame/254943125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
97d008f0efeb03337a4a169d85b9f8907ef5d6dcb74fb88f7e2f981250903349

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/supportChatFrame/254943125
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 22 Aug 2023 08:14:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"192-18a1c4f1f30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mrcs2vDybukRypZykjPcOYl%2FDPbhgrj4qKWIlYw3xEGNbk6bu5aUHR2uEYPPf4JCfEo46V9cDfN%2FewH2YOPz9Hz5IEjIvO0x%2Fgw3TGoVJErPr3%2B5YMqNEm7GuxjGtgbBaSBCEoD5kpuADnWlSLDSShqI"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
850751c0e9db2ba6-FRA
alt-svc
h3=":443"; ma=86400
axios.min.js
unpkg.com/axios@1.6.7/dist/ Frame 76D6
Redirect Chain
  • https://unpkg.com/axios/dist/axios.min.js
  • https://unpkg.com/axios@1.6.7/dist/axios.min.js
40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/axios@1.6.7/dist/axios.min.js
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/supportChatFrame/254943125
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3434b67595c68071824e142d077ce7e105d40ac40b15164896d11e54078d0213
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
882917
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HN13G4D7QCT44RWF71ZNBJ7T-fra
server
cloudflare
etag
W/"a025-pU1dreb3BCFPYYTIFZJhWMD8IeA"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
850751c15bf5917c-FRA

Redirect headers

date
Mon, 05 Feb 2024 01:18:25 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01HNVCZ30DT6MGE0J25Z5HA5MC-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
576
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/axios@1.6.7/dist/axios.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
850751c12bd2917c-FRA
chat.js
extranet.67841l.com/assets/js/ Frame 76D6 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extranet.67841l.com/assets/js/chat.js
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/supportChatFrame/254943125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
548d3fcf016980e21a6c570c4a483bbdd7a94e3034f04dd30c4c1bd07a0cf653

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/supportChatFrame/254943125
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 09 Nov 2023 06:25:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"1774-18bb2c1df60"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hiGJr6ZOTGUtTvPeEQXdWyWy%2FKVP2uBlsAfkudKLjnA87GAbdnq%2FXVcj0R7VvmYNm0k8gMzHBYQKNx7RHLCF2YeeTLKpnPzpYWWDF2qz3AH3jKlrcsadk5FjLvtWdC8GNOyPLhhzLOOZb1YpBTLWFjEG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
850751c0e9da2ba6-FRA
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ Frame 76D6 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Manrope:wght@200;300;400;500;600;700;800&display=swap
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/assets/css/chat.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8cbafd49c896a6e02a3a959409874806cff8792343936c0ba532f58ecc95333
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://extranet.67841l.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 00:18:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 05 Feb 2024 01:18:25 GMT
getMessages
extranet.67841l.com/api/support/ Frame 76D6 		27 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://extranet.67841l.com/api/support/getMessages
Requested by
Host: unpkg.com
URL: https://unpkg.com/axios/dist/axios.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
12f4bb3900ae3d0d83b7f00ec74d8bdbdd6877c78ec8ef7873de567e940dbd50

Request headers

Accept
application/json, text/plain, */*
Referer
https://extranet.67841l.com/supportChatFrame/254943125
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"1b-JdRC7uUKY1POKHHgmkfxEUy6yKQ"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7fDX3gqoAfw7xt1iBe6%2BYNJeAy8U1%2FFiJK9wMHF4h8I%2FDP1CJReJZscN3K2aSTKb3wtYyjsoBP5omzUX6ktRnVxMpgxIUJHgVhQ%2BUDsrRytOuvw7RIxFzOmMH2FscuLdd2gL3UHNCJI112Ksxvulb5r"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cf-ray
850751c19a182ba6-FRA
alt-svc
h3=":443"; ma=86400
content-length
27
main.js
extranet.67841l.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/ Frame C3FF
Redirect Chain
  • https://extranet.67841l.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://extranet.67841l.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://extranet.67841l.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0233d12ca215a58d57b4c8b00bc0a80a662e07635f86d83706505b9b518c84b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bb5UfODeI04wYMPcUNrRbjpZTgWuFAY8dgcGCeTvI3E2zomJ8iapvspH%2B7YFyYcDLWkdTuk%2BS3Si44qSLtdsreJohtLpTWX%2FGOK2FOp9dcc5b8vs0pRMnc3Lw5%2Bpr%2Bn%2BBot%2FgAX0i5xWo7mcGd8bAwH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
850751c1ca422ba6-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Mon, 05 Feb 2024 01:18:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZzxoJTUK9z%2Bxzy4PNbB8iKPinfO6fYTvYQqhhXprw5ZQz%2Fdm0F9y1RqcaT6YNI1f0Nyf1ED03z%2F%2BG%2Fsku4b7VquhJUAnKJlkjIwM%2BTY3QwfpfFhBaruzrxo4p2QRxBJRrcC7Z2WZ70ftAgN8UWzK8WG"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
850751c19a1c2ba6-FRA
alt-svc
h3=":443"; ma=86400
850751bed8e52ba6
extranet.67841l.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame C3FF 		0
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://extranet.67841l.com/cdn-cgi/challenge-platform/h/b/jsd/r/850751bed8e52ba6
Requested by
Host: extranet.67841l.com
URL: https://extranet.67841l.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Feb 2024 01:18:25 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S46H977O7Qk6twZr7oZ7ChWbkwCGD190xnj9HHLv7h1q%2Bw0WPxI0fPb3kXBYPtIYrWTP%2FVLm0OyEGUOpDUg%2BKWzWTd8eGWw6EPbg74KmyQO5krC8wN5p7SxLfGqPcbu5kahsy4UyRZA0Muyv%2BnAWjZNB"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
850751c24ac42ba6-FRA
alt-svc
h3=":443"; ma=86400
getMessages
extranet.67841l.com/api/support/ Frame 76D6 		27 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://extranet.67841l.com/api/support/getMessages
Requested by
Host: unpkg.com
URL: https://unpkg.com/axios/dist/axios.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
12f4bb3900ae3d0d83b7f00ec74d8bdbdd6877c78ec8ef7873de567e940dbd50

Request headers

Accept
application/json, text/plain, */*
Referer
https://extranet.67841l.com/supportChatFrame/254943125
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Feb 2024 01:18:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"1b-JdRC7uUKY1POKHHgmkfxEUy6yKQ"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2FVo3VV6VhJe7a%2B824ijEEf5f7O0kSYKWmWVaWChiwtoEcQY%2BBd4rdrmGa%2FThB2m4OwodtDK%2FyKkBGtYkTfCi4EQ31%2BKW6e8A8b0YIrMOWRXqafmtTVJl7lcC%2FVRfdQFOnr7Tz2pRRQHKq6iJRow8UId"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cf-ray
850751cba8192ba6-FRA
alt-svc
h3=":443"; ma=86400
content-length
27
getMessages
extranet.67841l.com/api/support/ Frame 76D6 		27 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://extranet.67841l.com/api/support/getMessages
Requested by
Host: unpkg.com
URL: https://unpkg.com/axios/dist/axios.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
12f4bb3900ae3d0d83b7f00ec74d8bdbdd6877c78ec8ef7873de567e940dbd50

Request headers

Accept
application/json, text/plain, */*
Referer
https://extranet.67841l.com/supportChatFrame/254943125
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 05 Feb 2024 01:18:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"1b-JdRC7uUKY1POKHHgmkfxEUy6yKQ"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52EMkGAaCfdwo%2FjO8iLqdAR1Zmw2DTUOHoBvt43tYQrtyrvwFMLuMWJI%2BYELL%2Ft5p48TX4X3IC7kheEY4Jb9ru%2F4M6yczHrmfavBQ%2Bjrf7Ly%2FhSVvd1lkSmfwiCwF1QvBq6rfl1cB8aJMvRDXEe%2FcSKf"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cf-ray
850751d5ade02ba6-FRA
alt-svc
h3=":443"; ma=86400
content-length
27

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Booking (Travel)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1

2 Cookies

Domain/Path Name / Value
extranet.67841l.com/ Name: connect.sid
Value: s%3An7LsUuRaHkSFNGdnfu1c1a7R3MLobtc6.%2BCMC2PTk%2Fw%2FuS1h4S59mFT0prBSvltzODFWtVscNu%2Bw
.67841l.com/ Name: cf_clearance
Value: uD8Iu67GhFiFIxi.8BrHw093SDlLJi_.mLwdjfUSS_U-1707095905-1-AU2sU5BUu8gA1dnFqARBaCi8bBbvEkYxqpki2h+/VQEDeUi8sBuPT1BwrEhCKavm5BPsFpZ+gK/mpJR7gFJJ+sk=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tailwindcss.com
extranet.67841l.com
fonts.googleapis.com
q-xx.bstatic.com
unpkg.com
2600:9000:25a2:cc00:5:bf05:acc0:93a1
2606:4700:10::ac43:2910
2606:4700::6810:7aaf
2a00:1450:4001:812::200a
2a06:98c1:3120::3
12f4bb3900ae3d0d83b7f00ec74d8bdbdd6877c78ec8ef7873de567e940dbd50
151c30a9c3810c4a00decc7ac92110d0660b64b6e25973116935faa14d232a81
17de010305d5a9c2d8ba325d38450e44a160eda370f1df3b0f5838ba98cae980
1d3af5838269f41ffd019f04eefcf2b494953d28fb1401acfbfa4ec55c57d515
20f5cc0ebb84eb9bdeb82a9b908e9f922ab10ea415857c8b00b8302e00c61a5c
3434b67595c68071824e142d077ce7e105d40ac40b15164896d11e54078d0213
548d3fcf016980e21a6c570c4a483bbdd7a94e3034f04dd30c4c1bd07a0cf653
846a64b15537fd60cbebc9dbdca9a2df72aa05a6e564210f78acfd701a386ef7
97d008f0efeb03337a4a169d85b9f8907ef5d6dcb74fb88f7e2f981250903349
9a60eed802ef3d6b6784369cf91a4be28f925fa426293244ad43b9d2868f2988
a140484b48096baf0db17d9db57a330c818b6bca7607152884b2eefce4e02b87
a3b57c68de022c19dd01ae400b2f1117f9a1a04bf0b47d73aa72126d0767a345
b2e3158656f24d0f69988896ea2facd530904745d286f84eadb67ceb2ce9d4c2
b4784b8b0b3e2cfefe7106fea734e0a37df601a093d8bdb1aa3ee5216716546b
c5e7e8f07db5f90f5b179d122a425eacb8e7b0b57e79349f6e414158d3db0f77
d0233d12ca215a58d57b4c8b00bc0a80a662e07635f86d83706505b9b518c84b
d7a5152180593b0144e6a36c21ca0e19aa9a64da790d7a1d14f0cbe49d45525a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f48802dc5aba149d0aafcd710114167c7591f279aa12f3f2b04fb257143b1a2b
f760992decea405729e1bb4636f8d0edf4989dbcc312854f78e8197380ecb0d7
f8cbafd49c896a6e02a3a959409874806cff8792343936c0ba532f58ecc95333
fbb307bc48c763f9a4893ba918ca9a322f4e084dbb994504d526af90c1a4d1e9
fc78e1550450ab81964ef660b05cb14fb17e0b895b261925ad7e6e073502dfc4