gaminqarts.com Open in urlscan Pro
2606:4700:3037::ac43:9393 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://r20.rs6.net/tn.jsp?f=001gYMiAkzeCCXACWvzN0zQnOXT7Y9KNTyEq8w-XrBf1gpGpDcbLujlDm7I4N_NZKnNxIBmErKTnI-pAqUeCsJo...
Effective URL:
https://gaminqarts.com/Cdavidh@easy2c.co.nz
Submission: On July 19 via manual (July 19th 2023, 2:21:48 am UTC) from NZ — Scanned from NZ

Summary HTTP 17 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3037::ac43:9393, located in United States and belongs to CLOUDFLARENET, US. The main domain is gaminqarts.com.
TLS certificate: Issued by E1 on July 5th 2023. Valid for: 3 months.

This is the only time gaminqarts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	208.75.122.11 208.75.122.11	40444 (ASN-CC) (ASN-CC)
1 2	173.209.54.232 173.209.54.232	36666 (GTCOMM) (GTCOMM)
5	2606:4700:303... 2606:4700:3037::ac43:9393	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6811:2b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	4

1 208.75.122.11 (United States) 1 redirects

ASN40444 (ASN-CC, US)
PTR: rs6.net

r20.rs6.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.209.54.232 (Canada) 1 redirects

ASN36666 (GTCOMM, CA)

eatuitivenutrition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3037::ac43:9393 (United States)

ASN13335 (CLOUDFLARENET, US)

gaminqarts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6811:2b8 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 5263	232 KB
5	gaminqarts.com gaminqarts.com	78 KB
2	eatuitivenutrition.com 1 redirects eatuitivenutrition.com	1 KB
1	rs6.net 1 redirects r20.rs6.net — Cisco Umbrella Rank: 8090	410 B
17	4

	Domain	Requested by
7	challenges.cloudflare.com	gaminqarts.com challenges.cloudflare.com
5	gaminqarts.com	eatuitivenutrition.com gaminqarts.com
2	eatuitivenutrition.com	1 redirects
1	r20.rs6.net	1 redirects
17	4

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com

Subject Issuer	Validity	Valid
eatuitivenutrition.com cPanel, Inc. Certification Authority	`2023-05-19` - `2023-08-17`	3 months	crt.sh
gaminqarts.com E1	`2023-07-05` - `2023-10-03`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://gaminqarts.com/Cdavidh@easy2c.co.nz
Frame ID: 663E148CD2765A660A28A42F3BD6E63B
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/871l6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: ABD057205FB4F870457327AD4D2B8900
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

https://r20.rs6.net/tn.jsp?f=001gYMiAkzeCCXACWvzN0zQnOXT7Y9KNTyEq8w-XrBf1gpGpDcbLujlDm7I4N_NZKnN... HTTP 302
https://eatuitivenutrition.com/wp-includes/images/smilies?365%2FZGF2aWRoQGVhc3kyYy5jby5ueg== HTTP 301
https://eatuitivenutrition.com/wp-includes/images/smilies/?365%2FZGF2aWRoQGVhc3kyYy5jby5ueg== Page URL
https://gaminqarts.com/Cdavidh@easy2c.co.nz Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Page Statistics

17
Requests

76 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

311 kB
Transfer

616 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cloudflare.com/?utm_source=challenge&utm_campaign=m
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://r20.rs6.net/tn.jsp?f=001gYMiAkzeCCXACWvzN0zQnOXT7Y9KNTyEq8w-XrBf1gpGpDcbLujlDm7I4N_NZKnNxIBmErKTnI-pAqUeCsJoaXsR8M9gW_JQr2WLckZ-zdkK3mE_4QqI0qnxGLHFv6EM8TLHuxUhowpVvws8OXMJmq3iapBhFZUYQuLik94LKQ3S-eMHDrtPrHlb3BuUkvAZ&c=&ch=&_365%2FZGF2aWRoQGVhc3kyYy5jby5ueg== HTTP 302
https://eatuitivenutrition.com/wp-includes/images/smilies?365%2FZGF2aWRoQGVhc3kyYy5jby5ueg== HTTP 301
https://eatuitivenutrition.com/wp-includes/images/smilies/?365%2FZGF2aWRoQGVhc3kyYy5jby5ueg== Page URL
https://gaminqarts.com/Cdavidh@easy2c.co.nz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://r20.rs6.net/tn.jsp?f=001gYMiAkzeCCXACWvzN0zQnOXT7Y9KNTyEq8w-XrBf1gpGpDcbLujlDm7I4N_NZKnNxIBmErKTnI-pAqUeCsJoaXsR8M9gW_JQr2WLckZ-zdkK3mE_4QqI0qnxGLHFv6EM8TLHuxUhowpVvws8OXMJmq3iapBhFZUYQuLik94LKQ3S-eMHDrtPrHlb3BuUkvAZ&c=&ch=&_365%2FZGF2aWRoQGVhc3kyYy5jby5ueg== HTTP 302
https://eatuitivenutrition.com/wp-includes/images/smilies?365%2FZGF2aWRoQGVhc3kyYy5jby5ueg== HTTP 301
https://eatuitivenutrition.com/wp-includes/images/smilies/?365%2FZGF2aWRoQGVhc3kyYy5jby5ueg==

17 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
eatuitivenutrition.com/wp-includes/images/smilies/
Redirect Chain

https://r20.rs6.net/tn.jsp?f=001gYMiAkzeCCXACWvzN0zQnOXT7Y9KNTyEq8w-XrBf1gpGpDcbLujlDm7I4N_NZKnNxIBmErKTnI-pAqUeCsJoaXsR8M9gW_JQr2WLckZ-zdkK3mE_4QqI0qnxGLHFv6EM8TLHuxUhowpVvws8OXMJmq3iapBhFZUYQuLik...
https://eatuitivenutrition.com/wp-includes/images/smilies?365%2FZGF2aWRoQGVhc3kyYy5jby5ueg==
https://eatuitivenutrition.com/wp-includes/images/smilies/?365%2FZGF2aWRoQGVhc3kyYy5jby5ueg==

551 B
792 B

318ms
317ms

Document
text/html

173.209.54.232
GTCOMM

General

Check archive.org

Show headers Download Go to

Full URL: https://eatuitivenutrition.com/wp-includes/images/smilies/?365%2FZGF2aWRoQGVhc3kyYy5jby5ueg==
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.209.54.232 , Canada, ASN36666 (GTCOMM, CA),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 551
Content-Type: text/html
Date: Wed, 19 Jul 2023 02:21:42 GMT
Keep-Alive: timeout=5, max=99
Last-Modified: Mon, 10 Jul 2023 18:36:23 GMT
Server: Apache

Redirect headers

Connection: Keep-Alive
Content-Length: 301
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 19 Jul 2023 02:21:42 GMT
Keep-Alive: timeout=5, max=100
Location: https://eatuitivenutrition.com/wp-includes/images/smilies/?365%2FZGF2aWRoQGVhc3kyYy5jby5ueg==
Server: Apache

GET
H2 403 Primary Request Cdavidh@easy2c.co.nz Show response
gaminqarts.com/ 7 KB
5 KB 449ms
151ms Document
text/html 2606:4700:3037::ac43:9393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gaminqarts.com/Cdavidh@easy2c.co.nz

Requested by

Host: eatuitivenutrition.com
URL: https://eatuitivenutrition.com/wp-includes/images/smilies/?365%2FZGF2aWRoQGVhc3kyYy5jby5ueg==

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9393 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f4685cf425003eb2308d4cb4d3535493ba2537870c62dc0913b2693d2041f1e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://eatuitivenutrition.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7e8f7e1a9aaea968-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 19 Jul 2023 02:21:43 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Etpa8MvldUaWe9D2OLfg8WywMKfWys9abFqVl4xW6Z16ClaHZcJ4B8FZjYL5NCfkiIF%2BP1ykpyNj7voebuKPtt9JGvxAOfDmez3fhgEAM8hkT9xYDmGqSfJOnzD9MInEazI5zaPmn3zgPmqXIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 challenges.css
gaminqarts.com/cdn-cgi/styles/ 6 KB
3 KB 143ms
142ms Stylesheet
text/css 2606:4700:3037::ac43:9393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gaminqarts.com/cdn-cgi/styles/challenges.css

Requested by

Host: gaminqarts.com
URL: https://gaminqarts.com/Cdavidh@easy2c.co.nz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:9393 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://gaminqarts.com/Cdavidh@easy2c.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 02:21:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 17 Jul 2023 08:25:02 GMT
server: cloudflare
etag: W/"64b4fade-19c8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7200, public
cf-ray: 7e8f7e1babf9a968-SYD
expires: Wed, 19 Jul 2023 04:21:43 GMT

GET
H2 200 v1 Show response
gaminqarts.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 160 KB
56 KB 154ms
154ms Script
application/javascript 2606:4700:3037::ac43:9393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaminqarts.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7e8f7e1a9aaea968
Requested by: Host: gaminqarts.com
URL: https://gaminqarts.com/Cdavidh@easy2c.co.nz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73a2eb5d37143f148f999a14effaaba0e4814e62aba1ab19fc497bc6d4b7cf70

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://gaminqarts.com/Cdavidh@easy2c.co.nz?__cf_chl_rt_tk=BOvC.MDor2PQhq..mjKn.mkUEUHNW3XpFeVealZ5jq0-1689733303-0-gaNycGzNC9A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 02:21:43 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pT8HOJNBjVA0LIE8cmk8SAvRid0uBq6JOqrpEoLkpJS2LBIPSytEe9V216fIgfdi9I8hsi4wh12uGdb5Bn5RtDhE%2F2%2BaKtdS%2Bd%2BQsbHwxL2j%2F4hPpy%2FnSDU1RiwE82g9xJXoDgod0hnFHU8QZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7e8f7e1c9d09a968-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/556d0c9f/ 19 KB
7 KB 407ms
169ms Script
application/javascript 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/556d0c9f/api.js?onload=UseFQ6&render=explicit
Requested by: Host: gaminqarts.com
URL: https://gaminqarts.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7e8f7e1a9aaea968
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3d5cd569dcc9f9c25e22a1094371fec043d8c4382e46ca3851dcc448c6d1fc1

Request headers

Referer
Origin: https://gaminqarts.com
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 02:21:44 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7e8f7e1fff021c50-AKL
alt-svc: h3=":443"; ma=86400

GET
H3 403 favicon.ico
gaminqarts.com/ 7 KB
7 KB 156ms
155ms Image
text/html 2606:4700:3037::ac43:9393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gaminqarts.com/favicon.ico

Requested by

Host: gaminqarts.com
URL: https://gaminqarts.com/Cdavidh@easy2c.co.nz

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:9393 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

636c7962d8156122ff2f7b8956ac7e547fc506510a3897e9f9a05fbae060f48e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://gaminqarts.com/Cdavidh@easy2c.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 02:21:44 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
cf-mitigated: challenge
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQzpHnr5AwIDm0H6B6ov3ZJKSlhh4CQo%2F3mmZyqSWZetPQa8gaSUPcMgNPRaKL1omIZPvsu9GNYeZyzlFIFcat6RCq7BQAR9t57cvxj2JKE1ZYVRX47fr5FzYO1T%2FhQToPD%2F6Xlw6Gp9BYhDyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cf-ray: 7e8f7e1e9a006a72-SYD
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK cc53e0ff-3d08-4499-91a3-7b3d2b924860
https://gaminqarts.com/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://gaminqarts.com/cc53e0ff-3d08-4499-91a3-7b3d2b924860
Requested by: Host: gaminqarts.com
URL: https://gaminqarts.com/Cdavidh@easy2c.co.nz
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://gaminqarts.com/Cdavidh@easy2c.co.nz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

POST
H3 200 d4fb043819be363 Show response
gaminqarts.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1121884472:1689730074:gOywz97hdosIHeFEYmSlXU5gDFqOnCg-_kz22oI7zbE/7e8f7e1a9aaea968/ 9 KB
8 KB 166ms
165ms XHR
text/plain 2606:4700:3037::ac43:9393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaminqarts.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1121884472:1689730074:gOywz97hdosIHeFEYmSlXU5gDFqOnCg-_kz22oI7zbE/7e8f7e1a9aaea968/d4fb043819be363
Requested by: Host: gaminqarts.com
URL: https://gaminqarts.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7e8f7e1a9aaea968
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:9393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89001ff3f9da2b08cdf2cf02783c48a6e9aa8f2994fd0a3f66d9a3be7eb0261

Request headers

Referer: https://gaminqarts.com/Cdavidh@easy2c.co.nz
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: d4fb043819be363
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 19 Jul 2023 02:21:44 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkV7nmFPN72LRokyMqGGS3X%2FxAH%2FUvhhYtBSeHxFPamCj0IxUclvmtc%2BAsf9RwUbnGoPmnuK6rDy33nJZ9byQsvk3%2BwnZsn3LNOjqB4FavGEi9Z0Tsuqa%2FxVOEvQQTGYVU9KOn0AbujXoX6D0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7e8f7e1f4af26a72-SYD
alt-svc: h3=":443"; ma=86400
cf-chl-gen: 3VrehLIlxumW5Tums7oWSlfvo5V+yc36QG7g8D6vp22OM0mrbCLrF461VPP3S4tL$s1OmJxK/vSnXz7uR2d3xBQ==

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/871l6/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame ABD0 24 KB
7 KB 260ms
138ms Document
text/html 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/871l6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/556d0c9f/api.js?onload=UseFQ6&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae031e53d7ad7e65488ce52adc9f275147e1ea13e3da2eaad1d32d952c30c00e

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7e8f7e21df65fb98-AKL
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 19 Jul 2023 02:21:44 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame ABD0 168 KB
58 KB 134ms
134ms Script
application/javascript 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e8f7e21df65fb98
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/871l6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 043abb5ec79f905da3ee0a05121910b4542137bb7e4bb949e63b11b57286b988

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/871l6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 02:21:44 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7e8f7e22f8e2fb98-AKL
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
BLOB 200
OK aae5f4cd-8e76-48e5-9ef3-a76338939849
https://challenges.cloudflare.com/ Frame ABD0 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/aae5f4cd-8e76-48e5-9ef3-a76338939849
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/871l6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

POST
H3 200 34fb6cd63a64031 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1199996511:1689730081:nDkoD_SxW_v7LJgXrLkbuVFqdLK6wZf_R6OLudHqMAA/7e8f7e21df65fb98/ Frame ABD0 200 KB
148 KB 439ms
439ms XHR
text/plain 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1199996511:1689730081:nDkoD_SxW_v7LJgXrLkbuVFqdLK6wZf_R6OLudHqMAA/7e8f7e21df65fb98/34fb6cd63a64031
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e8f7e21df65fb98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b316e150cd2a180e016b387a6a4588298d300fe0d2b19bc764195fa1ac419a38

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/871l6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: 34fb6cd63a64031
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: CP5Am5AE0ZXJk1qCyhIW/bSDzCcyLgym2DsbeE2aQNee1de3TAq3OEhzYENYyIbu3Bcxr0+hT2jyzyNIE1sMI0y7pf3yeO8QTDb2SqqSJLpJ7BUFpJURsx5ar8aoDoXQpFl4Ez8X37HN0f1hvWZuqwTiYxUfksxwGUrFvEJ6acX0aD1rFMqkVXFttXjEBEH0tg0Qeud09qAUB2k/2ii8Bpzh9MmOndZ9Ur4l8eFwo3uO7QJn4FP8sh1HWKqjtao+z+TiOj93m2mqLV40lg9o969JlWKEaGPXPsmSmKy/kvqwA0VkteQvqHE9290v1d17Azq8GyfcHc7jnDzTNkj8t0aAfsDUrpanMVVsBfdDfv3XXZ8NT1+MkD3OJ2UM77bEY2c9gATw5ey7IF2irxL8LaKD7iYht66VZakt066wObV2ztPuwMR3nzrPhOwbcESMVOBjuNI+2e+O6byaVjk+xWTfp5T62KdNgBG4gQDBit6+78VjJ6dzSAdr/tKIidq7CMW/ySjd3DnTiLctVp0Pfh9ufsgtJClvkemsqzjY6xeDbUgCT4j8HW7N3m8SLz4B$Z7e20vlaoRXGq1d2IiqNNw==
date: Wed, 19 Jul 2023 02:21:45 GMT
content-encoding: br
server: cloudflare
cf-ray: 7e8f7e260ce6fb98-AKL
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
BLOB 200
OK 5cd995c8-5437-431a-b8d4-a57f4bf90b00
https://challenges.cloudflare.com/ Frame ABD0 539 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/5cd995c8-5437-431a-b8d4-a57f4bf90b00
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/871l6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 539
Content-Type: text/javascript

GET
H3 401 vfA1ay4rltKNzSB Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7e8f7e21df65fb98/1689733305316/cb3e4a9eb63cecf04f04054f246d19d73dcf4a9c3f249114446233dce04a12ef/ Frame ABD0 1 B
631 B 130ms
129ms Fetch
text/plain 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7e8f7e21df65fb98/1689733305316/cb3e4a9eb63cecf04f04054f246d19d73dcf4a9c3f249114446233dce04a12ef/vfA1ay4rltKNzSB
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e8f7e21df65fb98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/871l6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 02:21:46 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gyz5KnrY87PBPBAVPJG0Z1z3PSpw_JJEURGIz3OBKEu8AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAxZ1YkzjljZnBl4EjkGkgLJYi23wb8Jswf8zKYPPM85j0nCkawqlMc5VrTdrv4Ev9OgTSZDsnT9h0xeCjJl8r1IvPorSYVOtpPkXAsJsF4qkWsiagHZldCP60SsllIjwYpp-ozS6T3x0Xzp8Zy27QcRTpyS9wckHYYnAkeGtLnO09ejgTgwt_Gth7PN-AdmzzyIoSrERMNsfJ8ICLm-qv36xCXUZqt9MSYNwwxQi2q7gbwvHGVzisaNQ0ejzDDXKS5PBETsG1Q6L_rhvjZcrGWFMm16XU6dbCWo4CkdJXSEO49qpLYrFlSBVp3Vlps82PxWSEfli_2FtKe3JpGSibuQIDAQAB, max-age=20
server: cloudflare
cf-ray: 7e8f7e2c7e79fb98-AKL
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 kq6bZuvMlvQ-hz9
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/7e8f7e21df65fb98/1689733305322/ Frame ABD0 61 B
147 B 182ms
181ms Image
image/png 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/7e8f7e21df65fb98/1689733305322/kq6bZuvMlvQ-hz9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24c42dce56067cc495ac510ea8ce1f7f3d9181c24fb2e3183beca03e0af5c3e0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/871l6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 02:21:46 GMT
server: cloudflare
cf-ray: 7e8f7e2da87ffb98-AKL
alt-svc: h3=":443"; ma=86400
content-type: image/png

GET
BLOB 200
OK 8c70ca20-8329-402a-8e83-dd2e5d04f59f
https://challenges.cloudflare.com/ Frame ABD0 99 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/8c70ca20-8329-402a-8e83-dd2e5d04f59f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/871l6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 99
Content-Type: text/javascript

POST
H3 200 34fb6cd63a64031 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1199996511:1689730081:nDkoD_SxW_v7LJgXrLkbuVFqdLK6wZf_R6OLudHqMAA/7e8f7e21df65fb98/ Frame ABD0 14 KB
11 KB 187ms
168ms XHR
text/plain 2606:4700::6811:2b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1199996511:1689730081:nDkoD_SxW_v7LJgXrLkbuVFqdLK6wZf_R6OLudHqMAA/7e8f7e21df65fb98/34fb6cd63a64031
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e8f7e21df65fb98
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:2b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec3d3c1eb92ac1eeb42f1de134630addaf686c36621edca68d6cd405e5132bf4

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/871l6/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: 34fb6cd63a64031
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: 1gfeYiT5Av7l0sCwuZAJGGUiPRWL4cDlk/nyJelS1xbM5rOI688C6Ef5RQWIVK7o$iBzIDMUo3rcJKnueCcaAoQ==
date: Wed, 19 Jul 2023 02:21:47 GMT
content-encoding: br
server: cloudflare
cf-ray: 7e8f7e324819fb98-AKL
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://gaminqarts.com/Cdavidh@easy2c.co.nz Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://gaminqarts.com/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7e8f7e21df65fb98/1689733305316/cb3e4a9eb63cecf04f04054f246d19d73dcf4a9c3f249114446233dce04a12ef/vfA1ay4rltKNzSB Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
eatuitivenutrition.com
gaminqarts.com
r20.rs6.net
173.209.54.232
208.75.122.11
2606:4700:3037::ac43:9393
2606:4700::6811:2b8
043abb5ec79f905da3ee0a05121910b4542137bb7e4bb949e63b11b57286b988
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8
24c42dce56067cc495ac510ea8ce1f7f3d9181c24fb2e3183beca03e0af5c3e0
2b0bd09c1cc7119d27e45353a59bf6c2721563e1689853ff704057a7439508d2
636c7962d8156122ff2f7b8956ac7e547fc506510a3897e9f9a05fbae060f48e
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
73a2eb5d37143f148f999a14effaaba0e4814e62aba1ab19fc497bc6d4b7cf70
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194
9f4685cf425003eb2308d4cb4d3535493ba2537870c62dc0913b2693d2041f1e
a3d5cd569dcc9f9c25e22a1094371fec043d8c4382e46ca3851dcc448c6d1fc1
a89001ff3f9da2b08cdf2cf02783c48a6e9aa8f2994fd0a3f66d9a3be7eb0261
ae031e53d7ad7e65488ce52adc9f275147e1ea13e3da2eaad1d32d952c30c00e
b316e150cd2a180e016b387a6a4588298d300fe0d2b19bc764195fa1ac419a38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec3d3c1eb92ac1eeb42f1de134630addaf686c36621edca68d6cd405e5132bf4
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

gaminqarts.com Open in urlscan Pro 2606:4700:3037::ac43:9393 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

17 Requests

76 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

311 kBTransfer

616 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

0 Cookies

5 Console Messages

Indicators

gaminqarts.com Open in urlscan Pro
2606:4700:3037::ac43:9393 Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

76 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

311 kB
Transfer

616 kB
Size

0
Cookies

17 HTTP transactions
1 data transactions