urlscan.io logo urlscan.io
SecurityTrails logo

notification.haidak.website Open in urlscan Pro
172.67.220.119  Public Scan

Go To Rescan Add Verdict Report
URL: https://notification.haidak.website/ufyURszd
Submission Tags: falconsandbox
Submission: On December 09 via api from US — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 172.67.220.119, located in United States and belongs to CLOUDFLARENET, US. The main domain is notification.haidak.website.
TLS certificate: Issued by WE1 on December 6th 2024. Valid for: 3 months.
This is the only time notification.haidak.website was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 172.67.220.119 13335 (CLOUDFLAR...)
1 3 104.18.95.41 13335 (CLOUDFLAR...)
1 142.250.184.228 15169 (GOOGLE)
6 3
Apex Domain
Subdomains		 Transfer
5 haidak.website
notification.haidak.website
9 KB
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
16 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
6 3
Domain Requested by
5 notification.haidak.website 2 redirects notification.haidak.website
3 challenges.cloudflare.com 1 redirects notification.haidak.website
challenges.cloudflare.com
1 www.google.com
6 3

This site contains no links.

Subject Issuer Validity Valid
haidak.website
WE1		 2024-12-06 -
2025-03-06		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://notification.haidak.website/ufyURszd
Frame ID: 6504C6DE8BDFA8147F52C27E4D1F8318
Requests: 3 HTTP requests in this frame

Frame: https://notification.haidak.website/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: 29D0CAEEE5A8807CA65906CCF35ED4B0
Requests: 2 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/kaxg1/0x4AAAAAAA1oXsuUJ2GmgcmI/auto/fbE/normal/auto/
Frame ID: 6A43A0F6E2C9127B7A74BB27C107A148
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to your Outloo...

Page Statistics

6
Requests

50 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

25 kB
Transfer

62 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js
Request Chain 1
  • https://notification.haidak.website/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://notification.haidak.website/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Request Chain 4
  • https://notification.haidak.website/favicon.ico HTTP 302
  • https://www.google.com/favicon.ico

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ufyURszd
notification.haidak.website/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://notification.haidak.website/ufyURszd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0cd1f705314bad93c6b2556c1fcd47e85170f3b2ec4cd387c110da30d017bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ef46fdd7efbb1d9-WAW
content-encoding
zstd
content-komtol
752
content-type
text/html
date
Mon, 09 Dec 2024 10:50:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Z2plNmaTsxbHdsVDPEUe5nz09%2FCsXob4kly%2BGVE0BzvSKBIjJIxBK%2BoLE0U3mCoM6B933wjtSCEBOyUdMfjCUleixdtINzK5uDEahp6%2BqisiUn2QLByRtVKRi9S2vXeDrcpWhw5DHAaBwYzkMo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=29739&min_rtt=25732&rtt_var=11188&sent=12&recv=11&lost=0&retrans=0&sent_bytes=4193&recv_bytes=4551&delivery_rate=551&cwnd=12000&unsent_bytes=0&cid=47048565d67970b1&ts=607&x=1" cfExtPri cfHdrFlush;dur=0
api.js
challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js
47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js
Requested by
Host: notification.haidak.website
URL: https://notification.haidak.website/ufyURszd
Protocol
H3
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://notification.haidak.website/

Response headers

server
cloudflare
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8ef46fe1ac5fbf29-WAW
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 09 Dec 2024 10:50:55 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 03 Dec 2024 18:31:41 GMT
vary
Accept-Encoding
priority
u=1,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location
/turnstile/v0/g/f9063374b04d/api.js
cross-origin-resource-policy
cross-origin
cf-ray
8ef46fe16c0ebf29-WAW
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfExtPri
date
Mon, 09 Dec 2024 10:50:55 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=1,i=?0
main.js
notification.haidak.website/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame 29D0
Redirect Chain
  • https://notification.haidak.website/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://notification.haidak.website/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://notification.haidak.website/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
Requested by
Host: notification.haidak.website
URL: https://notification.haidak.website/ufyURszd
Protocol
H3
Server
172.67.220.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f707107e0af976730ca90dcbcbb02134699079f32f1979d2d91400165b1f19a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m3mGKBcnzUbCQ1aikvCDPjGB1IHnDIP%2BQLRjK5LPiG3t9EP1gsnJCXKi%2B42u1kSyzKkun%2BGRz8D3pNZ7nxgk8jhIPfZ4gbU%2BLUQsebhFuDARmv5IxETgdDQoMHd3gp0t3jAtlUQNmuJnvMroRYQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8ef46fe25c19b1d9-WAW
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30226&min_rtt=25732&rtt_var=8832&sent=17&recv=14&lost=0&retrans=0&sent_bytes=6708&recv_bytes=5273&delivery_rate=18922&cwnd=12000&unsent_bytes=0&cid=47048565d67970b1&ts=859&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 09 Dec 2024 10:50:55 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r0j73Q2pqalyq7mVB200MInmV%2FyWKScTwF0N97lfWrJ3L7slqDZQEzO0Zvd2K4xyktWF4obfb7LErY0q%2BFqLAZJHYheLmzTsh3IcTOVHXisAkzmGuiWipz2Yv4BqFL0U5XUbDCdvs1CqpZZfQ5E%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ef46fe21bd5b1d9-WAW
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=29292&min_rtt=25732&rtt_var=9286&sent=15&recv=13&lost=0&retrans=0&sent_bytes=5952&recv_bytes=4924&delivery_rate=66300&cwnd=12000&unsent_bytes=0&cid=47048565d67970b1&ts=823&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 09 Dec 2024 10:50:55 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/kaxg1/0x4AAAAAAA1oXsuUJ2GmgcmI/auto/fbE/normal/auto/ Frame 6A43 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/kaxg1/0x4AAAAAAA1oXsuUJ2GmgcmI/auto/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://notification.haidak.website/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8ef46fe24e1feec9-WAW
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 09 Dec 2024 10:50:55 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri
8ef46fdd7efbb1d9
notification.haidak.website/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 29D0 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://notification.haidak.website/cdn-cgi/challenge-platform/h/g/jsd/r/8ef46fdd7efbb1d9
Requested by
Host: notification.haidak.website
URL: https://notification.haidak.website/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HzBBRoTQZ5fLIQeU5%2Bul1dAzKeWobiFLmzjApMeTueyJA0A4cSjbnNO%2FGtcOx83HZlA8A4fHtOdejewNgXrjlui%2BTbnRqZEzs3PCFRc79vDr0BbX7rx7I%2BJDHDIjT5A1maNBMn5ZiA2ul63tAZg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ef46fe2dc5eb1d9-WAW
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31091&min_rtt=25732&rtt_var=5082&sent=27&recv=32&lost=0&retrans=0&sent_bytes=11837&recv_bytes=22685&delivery_rate=154300&cwnd=12000&unsent_bytes=0&cid=47048565d67970b1&ts=942&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Mon, 09 Dec 2024 10:50:55 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
favicon.ico
www.google.com/
Redirect Chain
  • https://notification.haidak.website/favicon.ico
  • https://www.google.com/favicon.ico
5 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/favicon.ico
Protocol
H3
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
sffe /
Resource Hash
6da5620880159634213e197fafca1dde0272153be3e4590818533fab8d040770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://notification.haidak.website/

Response headers

content-encoding
gzip
age
426
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 10:43:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 10:43:50 GMT
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
content-type
image/x-icon
vary
Accept-Encoding
cache-control
public, max-age=691200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
1494
x-xss-protection
0
server
sffe

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
location
https://www.google.com/favicon.ico
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cf-ray
8ef46fe33ca5b1d9-WAW
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
server-timing
cfL4;desc="?proto=QUIC&rtt=32334&min_rtt=25732&rtt_var=6298&sent=29&recv=33&lost=0&retrans=0&sent_bytes=13060&recv_bytes=23478&delivery_rate=19867&cwnd=12000&unsent_bytes=0&cid=47048565d67970b1&ts=1587&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 09 Dec 2024 10:50:56 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| turnstile

2 Cookies

Domain/Path Name / Value
.haidak.website/ Name: mMPO
Value: 68d914c2656fb729515cfc9d54b3a70b753837ec6038c483a2a4288439bbc7db
.haidak.website/ Name: cf_clearance
Value: vU072Gf3DkARoJV5IZbFAWAh1V0TSZ_OJRzdP8S1pRY-1733741455-1.2.1.1-Xe8Z0oI3IbTa2LPVWf2moNbaS5B47_Rhv0bNrAT3CiwwJg1yMeeGsvBPxFbcGKjg.sY7N8.lSuaTUY3m4fWOanSI9vyii.gotyM45yuM4h1rR_jRdCxRzrOISauUATuATs2EXhLF_txkmAZWlT0im8ARi0Oy9n8I.tfYWtPnf.7PcX.J.5cMNnzXMWZI5IA_zCvh0JFeGI1XjvNHKl_MP5e_u1CaLnI.gLZZkP53t8CiSDZiuZdYP2JKzFiMWzd2Lrz0.6tjq9x76qvyW3.PFPxXoFfJEvSn9sdI2F.SJY6spZvawK3oAUhiqJYRmmBuWuzCtQSQm1XB2QwpqdNA6JSefutfAQA3BzHpsb_nVfa.qbF6Mih9Bq4YtmBiWWGg