Submitted URL: https://www.newdesign.ir/linkout.asp?q=chat&url=https%3A%2F%2Fuapsecrets.sa.com%2Fnew%2Fauth%2Fj3W6%2F%2F%2F%2FcGFkaUBjY2...
Effective URL: https://a5b7c9d1e3f5.s5n.ru/Y4x6V9f1/
Submission: On July 12 via manual from US — Scanned from DE

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3036::ac43:c4e2, located in United States and belongs to CLOUDFLARENET, US. The main domain is a5b7c9d1e3f5.s5n.ru.
TLS certificate: Issued by GTS CA 1P5 on July 5th 2023. Valid for: 3 months.
This is the only time a5b7c9d1e3f5.s5n.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 109.230.205.154 16322 (PARSONLIN...)
1 172.111.230.78 9009 (M247)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
14 7
Apex Domain
Subdomains
Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5263
176 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
25 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 749
30 KB
1 s5n.ru
a5b7c9d1e3f5.s5n.ru
2 KB
1 sa.com
uapsecrets.sa.com
268 B
1 newdesign.ir
www.newdesign.ir
458 B
14 6
Domain Requested by
8 challenges.cloudflare.com 1 redirects a5b7c9d1e3f5.s5n.ru
challenges.cloudflare.com
1 cdn.jsdelivr.net www.newdesign.ir
1 code.jquery.com www.newdesign.ir
1 a5b7c9d1e3f5.s5n.ru
1 uapsecrets.sa.com www.newdesign.ir
1 www.newdesign.ir
14 6

This site contains no links.

Subject Issuer Validity Valid
www.newdesign.ir
R3
2023-07-12 -
2023-10-10
3 months crt.sh
uapsecrets.sa.com
R3
2023-07-10 -
2023-10-08
3 months crt.sh
s5n.ru
GTS CA 1P5
2023-07-05 -
2023-10-03
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3
2022-09-18 -
2023-09-17
a year crt.sh

This page contains 2 frames:

Primary Page: https://a5b7c9d1e3f5.s5n.ru/Y4x6V9f1/
Frame ID: 1C2C5CB65656C56131D1C97AAA542CD7
Requests: 7 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t7qs7/0x4AAAAAAAG_j_OvD2DXNB_m/auto/normal
Frame ID: 5ABB16AB45B2AF7A56815A71BBB18057
Requests: 8 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.newdesign.ir/linkout.asp?q=chat&url=https%3A%2F%2Fuapsecrets.sa.com%2Fnew%2Fauth%2Fj3W6%2... Page URL
  2. https://a5b7c9d1e3f5.s5n.ru/Y4x6V9f1/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

14
Requests

79 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

7
IPs

3
Countries

234 kB
Transfer

591 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.newdesign.ir/linkout.asp?q=chat&url=https%3A%2F%2Fuapsecrets.sa.com%2Fnew%2Fauth%2Fj3W6%2F%2F%2F%2FcGFkaUBjY20uY29t Page URL
  2. https://a5b7c9d1e3f5.s5n.ru/Y4x6V9f1/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/556d0c9f/api.js

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
linkout.asp
www.newdesign.ir/
178 B
458 B
Document
General
Full URL
https://www.newdesign.ir/linkout.asp?q=chat&url=https%3A%2F%2Fuapsecrets.sa.com%2Fnew%2Fauth%2Fj3W6%2F%2F%2F%2FcGFkaUBjY20uY29t
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
109.230.205.154 Tehran, Iran, Islamic Republic Of, ASN16322 (PARSONLINE Tehran - IRAN, IR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
private
content-encoding
gzip
content-length
275
content-type
text/html
date
Wed, 12 Jul 2023 14:42:05 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
cGFkaUBjY20uY29t
uapsecrets.sa.com/new/auth/j3W6////
0
268 B
Document
General
Full URL
https://uapsecrets.sa.com/new/auth/j3W6////cGFkaUBjY20uY29t
Requested by
Host: www.newdesign.ir
URL: https://www.newdesign.ir/linkout.asp?q=chat&url=https%3A%2F%2Fuapsecrets.sa.com%2Fnew%2Fauth%2Fj3W6%2F%2F%2F%2FcGFkaUBjY20uY29t
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.111.230.78 New York, United States, ASN9009 (M247, RO),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://www.newdesign.ir/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 12 Jul 2023 14:42:06 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
refresh
0;url=https://a5b7c9d1e3f5.s5n.ru/Y4x6V9f1/#padi@ccm.com
Primary Request /
a5b7c9d1e3f5.s5n.ru/Y4x6V9f1/
3 KB
2 KB
Document
General
Full URL
https://a5b7c9d1e3f5.s5n.ru/Y4x6V9f1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c4e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.7
Resource Hash
db8687f481431e640501b0938a10246017dabc0c120babe637f6573808c4c724

Request headers

Referer
https://uapsecrets.sa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7e5a0d07fb2e366e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 12 Jul 2023 14:42:06 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8FvFGD%2BnpHWPot8JR%2BxjdjLJouYFf3WrcemZZ09uuGSCRtCqrmwz8osvY0d%2B4MSMvfW5mVB1kupMjb4NdibNhLWowIvgKC490KfzD3ziWB0w1jJVCVacHJAf6dM6OuULho7tn%2FkLPXMGQCjSD%2FbSiL5"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/8.2.7
x-turbo-charged-by
LiteSpeed
truncated
/
130 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
146ac3974add4d0fb47b944619af0ad799a31b6bfa379b93d436b146f000f570

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
text/javascript
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: www.newdesign.ir
URL: https://www.newdesign.ir/linkout.asp?q=chat&url=https%3A%2F%2Fuapsecrets.sa.com%2Fnew%2Fauth%2Fj3W6%2F%2F%2F%2FcGFkaUBjY20uY29t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://a5b7c9d1e3f5.s5n.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 12 Jul 2023 14:42:06 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1689172926.dop143.am5.t,1689172926.cds154.am5.hn,1689172926.cds004.am5.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
api.js
challenges.cloudflare.com/turnstile/v0/b/556d0c9f/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/b/556d0c9f/api.js
19 KB
7 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/556d0c9f/api.js
Requested by
Host: a5b7c9d1e3f5.s5n.ru
URL: https://a5b7c9d1e3f5.s5n.ru/Y4x6V9f1/
Protocol
H2
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3d5cd569dcc9f9c25e22a1094371fec043d8c4382e46ca3851dcc448c6d1fc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a5b7c9d1e3f5.s5n.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:42:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7e5a0d093d819262-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 12 Jul 2023 14:42:06 GMT
server
cloudflare
vary
accept-encoding
location
/turnstile/v0/b/556d0c9f/api.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7e5a0d091d649262-FRA
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/
152 KB
25 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: www.newdesign.ir
URL: https://www.newdesign.ir/linkout.asp?q=chat&url=https%3A%2F%2Fuapsecrets.sa.com%2Fnew%2Fauth%2Fj3W6%2F%2F%2F%2FcGFkaUBjY20uY29t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a5b7c9d1e3f5.s5n.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Jul 2023 14:42:06 GMT
x-content-type-options
nosniff
content-encoding
br
age
2696168
x-jsd-version
5.0.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25360
x-served-by
cache-fra-eddf8230057-FRA
x-jsd-version-type
version
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t7qs7/0x4AAAAAAAG_j_OvD2DXNB_m/auto/ Frame 5ABB
24 KB
8 KB
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t7qs7/0x4AAAAAAAG_j_OvD2DXNB_m/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0a17f77282c2a4912bb139d0a6a6bb27037b02da0bdc8b985b61179f6cc68da
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://a5b7c9d1e3f5.s5n.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7e5a0d099ff63a79-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 12 Jul 2023 14:42:06 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 5ABB
172 KB
60 KB
Script
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e5a0d099ff63a79
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t7qs7/0x4AAAAAAAG_j_OvD2DXNB_m/auto/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1414cb6851b8a093e68e80d499216ec4e069769e7b2af92d66debee0fe9c55b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t7qs7/0x4AAAAAAAG_j_OvD2DXNB_m/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:42:07 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7e5a0d0a088f3a79-FRA
alt-svc
h3=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
69522d81-26f2-4f47-a2c2-e1ab667b3faf
https://challenges.cloudflare.com/ Frame 5ABB
0
0
Other
General
Full URL
blob:https://challenges.cloudflare.com/69522d81-26f2-4f47-a2c2-e1ab667b3faf
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t7qs7/0x4AAAAAAAG_j_OvD2DXNB_m/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
6882cb4ddcc5888
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1791214202:1689171810:8DRH1ZO6L_eW8ANr18AFt10r2VjRJpNp_3E2OA88IfI/7e5a0d099ff63a79/ Frame 5ABB
119 KB
89 KB
XHR
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1791214202:1689171810:8DRH1ZO6L_eW8ANr18AFt10r2VjRJpNp_3E2OA88IfI/7e5a0d099ff63a79/6882cb4ddcc5888
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e5a0d099ff63a79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52681b8e9e213c6a45bc1d561d5f1b23903b7eaa3b56173f6ae40c8d38fd0b15

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t7qs7/0x4AAAAAAAG_j_OvD2DXNB_m/auto/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
6882cb4ddcc5888
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
jv758vq2jqFgN1mjR/EYKqqsoE5XgJM4/LvESUgkqTA+Y/nlLClMjX4tMU52boo4jAaMEh/jNoYlh4DM7uwp8u2+Oqz4ZhYCWNDenfk04hMvDBTi52uUH+913uS6eP1uv8R35W2XdavRa+jU1zNdLFseD219kCIV09V5JDT9/F2rxdliyK4ZTD0qTlBa1v/g7dDYEY3D31aGGyWlBlAJV6yEiVOgxWQYj0hLI7EsLjtHIL6eitUXGyWa+rsXpOhtIf3IWdwUQC56XcOxUJPwWPHvfdn2VcLVIN8ulM2tHXdiG8P0V4u9gbACQ2KBGyzJZ0cvjMQ68V1mf7GpO1L6HDRiTHKNDT4T3rMjBPhAszSqJMWJrn/LidQBMBqvwc2hqlkTbaT47pz0e8fzkHdTfIYterfAyXGNz2YKoqJO5RJmzxOjFkkWURqOUQ4kuQcLU0/nqX1zQopDpB69LhhFwA==$oha7hJj2reHMhgdmKczN6g==
date
Wed, 12 Jul 2023 14:42:07 GMT
content-encoding
br
server
cloudflare
cf-ray
7e5a0d0b19ee3a79-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
g_xJGy9xyndq_XC
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7e5a0d099ff63a79/1689172927224/7c64de67b1b4d06ce5a8b85d2b2483dcdf34b7dfff2535b442ac34d7959f10ae/ Frame 5ABB
1 B
628 B
Fetch
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7e5a0d099ff63a79/1689172927224/7c64de67b1b4d06ce5a8b85d2b2483dcdf34b7dfff2535b442ac34d7959f10ae/g_xJGy9xyndq_XC
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e5a0d099ff63a79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t7qs7/0x4AAAAAAAG_j_OvD2DXNB_m/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:42:08 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gfGTeZ7G00GzlqLhdKySD3N80t9__JTW0Qqw015WfEK4AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAud1722XPCRhYoOIgf36fG5iXSHxfxHUZKz73wnLpMfitU52MrdnNWcrUVkTbnKzyTm0Eu_xxsnRjrrlfx2IsTXnr-s9e4Pcc4HcvRmkMrw3XF39qe1KQIdVCNdNafkz1J0NrctkXi1FQqBHTVhXwGwC9x1OMaJtOuArK5reikVOEOgLbWuDDVKss9TLXqQd0QKZ3UYgzMOidVGZVWwLRZPtrpaduttH1XIUQsUYGRSQt1IHvLpdLLtAA_pm8eFdjSqYgDy2JHY6bJpQgMP2umteUDyWEme_zpnYdR3fNYKWlOYCDaqI0yUEt8n1t3xi5BDAJ6Negpkd6impWYjHWQQIDAQAB, max-age=20
server
cloudflare
cf-ray
7e5a0d110a0d3a79-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
f9d76d5f-c499-4354-88ca-254037c46f2e
https://challenges.cloudflare.com/ Frame 5ABB
99 B
0
Other
General
Full URL
blob:https://challenges.cloudflare.com/f9d76d5f-c499-4354-88ca-254037c46f2e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t7qs7/0x4AAAAAAAG_j_OvD2DXNB_m/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
99
Content-Type
text/javascript
nuUTkWlGs6lj57H
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/7e5a0d099ff63a79/1689172927226/ Frame 5ABB
61 B
147 B
Image
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/7e5a0d099ff63a79/1689172927226/nuUTkWlGs6lj57H
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a055169967154899019357c39c2b60251300c7283550f1c88904afb62b26e493

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t7qs7/0x4AAAAAAAG_j_OvD2DXNB_m/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:42:08 GMT
server
cloudflare
cf-ray
7e5a0d136d2c3a79-FRA
alt-svc
h3=":443"; ma=86400
content-type
image/png
6882cb4ddcc5888
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1791214202:1689171810:8DRH1ZO6L_eW8ANr18AFt10r2VjRJpNp_3E2OA88IfI/7e5a0d099ff63a79/ Frame 5ABB
15 KB
11 KB
XHR
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1791214202:1689171810:8DRH1ZO6L_eW8ANr18AFt10r2VjRJpNp_3E2OA88IfI/7e5a0d099ff63a79/6882cb4ddcc5888
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e5a0d099ff63a79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a364c22258e46182b35ff89b6c612c7ff4051ec4e524c82ba70ca1b227404a14

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/t7qs7/0x4AAAAAAAG_j_OvD2DXNB_m/auto/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
6882cb4ddcc5888
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
9spxCXdxigAdQ2XxVOcK0Athosiqcj9Lbjf+tuIrr4Kq9p2HO4C3lAtxiASyDrwq$f831Fn5V4CRfmtASzSQ8Ug==
date
Wed, 12 Jul 2023 14:42:08 GMT
content-encoding
br
server
cloudflare
cf-ray
7e5a0d144e2a3a79-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend string| nox function| $ function| jQuery function| x object| turnstile

2 Cookies

Domain/Path Name / Value
www.newdesign.ir/ Name: ASPSESSIONIDCEATSAQS
Value: DIJADLMCFLNKAHOFCLGLDAGC
a5b7c9d1e3f5.s5n.ru/ Name: PHPSESSID
Value: eo862ble3p6eeqcs0i2df4n9of

4 Console Messages

Source Level URL
Text
javascript warning URL: data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoImh0bWwiKS5nZXRBdHRyaWJ1dGUoInZhbHVlIikpKSkpO25veD0iSnlFMFNMQTlZbHZ6Z2pIa1dBM3AiOw==
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: data:text/javascript;base64,ZG9jdW1lbnQud3JpdGUoZGVjb2RlVVJJQ29tcG9uZW50KGVzY2FwZShhdG9iKGRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoImh0bWwiKS5nZXRBdHRyaWJ1dGUoInZhbHVlIikpKSkpO25veD0iSnlFMFNMQTlZbHZ6Z2pIa1dBM3AiOw==
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7e5a0d099ff63a79/1689172927224/7c64de67b1b4d06ce5a8b85d2b2483dcdf34b7dfff2535b442ac34d7959f10ae/g_xJGy9xyndq_XC
Message:
Failed to load resource: the server responded with a status of 401 ()