Submitted URL: https://kra3.cool/
Effective URL: https://captcha.kra18.lat/
Submission: On November 27 via api from US — Scanned from CA

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 172.67.163.202, located in United States and belongs to CLOUDFLARENET, US. The main domain is captcha.kra18.lat.
TLS certificate: Issued by WE1 on November 17th 2024. Valid for: 3 months.
This is the only time captcha.kra18.lat was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.130.188 13335 (CLOUDFLAR...)
2 13 172.67.163.202 13335 (CLOUDFLAR...)
12 2
Apex Domain
Subdomains
Transfer
13 kra18.lat
kra18.lat
captcha.kra18.lat
23 KB
1 kra3.cool
kra3.cool
684 B
12 2
Domain Requested by
9 kra18.lat 2 redirects kra18.lat
4 captcha.kra18.lat kra18.lat
captcha.kra18.lat
1 kra3.cool 1 redirects
12 3

This site contains no links.

Subject Issuer Validity Valid
kra18.lat
WE1
2024-11-17 -
2025-02-15
3 months crt.sh

This page contains 1 frames:

Frame: https://captcha.kra18.lat/
Frame ID: BFCED67914EEC3199AA2A2F815011C86
Requests: 13 HTTP requests in this frame

Screenshot

Page Title

KRAKEN

Page URL History Show full URLs

  1. https://kra3.cool/ HTTP 302
    https://kra18.lat/ Page URL
  2. https://kra18.lat/ HTTP 302
    https://kra18.lat/ Page URL
  3. https://kra18.lat/?cf_captcha_success=1 HTTP 302
    https://captcha.kra18.lat/ Page URL

Page Statistics

12
Requests

92 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

2
IPs

1
Countries

21 kB
Transfer

40 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kra3.cool/ HTTP 302
    https://kra18.lat/ Page URL
  2. https://kra18.lat/ HTTP 302
    https://kra18.lat/ Page URL
  3. https://kra18.lat/?cf_captcha_success=1 HTTP 302
    https://captcha.kra18.lat/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://kra3.cool/ HTTP 302
  • https://kra18.lat/
Request Chain 4
  • https://kra18.lat/ HTTP 302
  • https://kra18.lat/
Request Chain 11
  • https://captcha.kra18.lat/ HTTP 302
  • https://captcha.kra18.lat/ HTTP 302
  • https://captcha.kra18.lat/

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
kra18.lat/
Redirect Chain
  • https://kra3.cool/
  • https://kra18.lat/
718 B
1 KB
Document
General
Full URL
https://kra18.lat/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85018d7c7027dc4181e0fee07d363010e8862c44a4e0968021bf3be8d6d6c216

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e90f6ecdce7a24c-YYZ
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2024 09:06:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dwy6wRojS8o6wnwGOfVrlDWBxgVBVzKg4CbOqsj556uS3Rz5euqkgRQBEChob2mMWfTK10P1oRg2Qe8oZe5aTldxoaZJpV4SCTGSX2G0JiU9es71xyp2T6qeQyM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=22961&min_rtt=22529&rtt_var=3946&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4234&recv_bytes=4476&delivery_rate=577&cwnd=12000&unsent_bytes=0&cid=4932b292b39c7240&ts=245&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e90f6e92e91ab48-YYZ
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2024 09:06:50 GMT
location
https://kra18.lat
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yN6l2yZxkTA0AkvLT135I0NA%2BrGfp57RJaRYqgLmLtrCDgoV085tA%2FnAQsXjhsCcgNwUkRjM%2BpxBD%2FE53B15DKOM1ZKhlZesUPaxjSVUiahkltxRI9b%2FAaq4pqQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=23317&min_rtt=22751&rtt_var=4013&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4196&recv_bytes=4482&delivery_rate=573&cwnd=12000&unsent_bytes=0&cid=af5c18ef56bea6cd&ts=550&x=1" cfHdrFlush;dur=0
connect.min.js
kra18.lat/js/
11 KB
4 KB
Script
General
Full URL
https://kra18.lat/js/connect.min.js?1
Requested by
Host: kra18.lat
URL: https://kra18.lat/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa0fd5b129cc1062500cf31c6be66f6617d829c3e4ccf0dc7cdba46f992632e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kra18.lat/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"2c0a-6243578862419-gzip"
age
1035
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hOsq%2B4lSZeLIKwj1t7c17xBPftCkCrYawz3DJa8TJTtYiXxEvk4An0cfZGZm5aYBNi9%2B2%2BFSMIyNwKYN%2Bg9qKcUtmX6wp3bZddYfczlJ5SucgbxkPuC0csDeYbI%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22909&min_rtt=22529&rtt_var=3063&sent=15&recv=13&lost=0&retrans=0&sent_bytes=5696&recv_bytes=4942&delivery_rate=63463&cwnd=12000&unsent_bytes=0&cid=4932b292b39c7240&ts=566&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 09:06:51 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 15:52:14 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e90f6f02f2ea24c-YYZ
accept-ranges
bytes
content-length
2923
server
cloudflare
take_server.php
kra18.lat/modules/onion_servers/
0
695 B
XHR
General
Full URL
https://kra18.lat/modules/onion_servers/take_server.php
Requested by
Host: kra18.lat
URL: https://kra18.lat/js/connect.min.js?1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
X-Requested-With
XMLHttpRequest

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rAAnGXO8QZP7Zs2CqBMNZklu4IuLfqciPiFQ78%2BrMTzK3K8fCZEOuk47A%2F2dKzvG1D8Fi1%2F2tR6Y1G9MDLZRMrynMIYIVadefP4SzvPDg6lheFUvDvc6gKvaDXs%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e90f6f16fd4a24c-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27431&min_rtt=22529&rtt_var=9104&sent=24&recv=21&lost=1&retrans=1&sent_bytes=11994&recv_bytes=6097&delivery_rate=28979&cwnd=8400&unsent_bytes=0&cid=4932b292b39c7240&ts=875&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 09:06:51 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=1,i
favicon.ico
kra18.lat/
598 B
1 KB
Other
General
Full URL
https://kra18.lat/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0b7e5217318eedc1b42ca1ce5e128c649c97082912f1d800eec1325207ad96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"256-624357819dd6a"
age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TXMy%2FZSPA1AFbV%2FmosUBv05W5W5HzgC8I3hv%2FCd984bRLpO6ZcOAgxB7GbsQRpOLcQv3tqOM0EWjr4E6Vvu%2FHYihQg5MrTqkHZ%2F%2BGzz%2B6%2Baza20l5Ac5BuvP6p0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24676&min_rtt=22529&rtt_var=4792&sent=22&recv=20&lost=1&retrans=1&sent_bytes=10640&recv_bytes=6054&delivery_rate=64783&cwnd=8400&unsent_bytes=0&cid=4932b292b39c7240&ts=786&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 09:06:51 GMT
content-type
image/vnd.microsoft.icon
last-modified
Fri, 11 Oct 2024 15:52:07 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e90f6f17fe4a24c-YYZ
server
cloudflare
/
kra18.lat/
Redirect Chain
  • https://kra18.lat/
  • https://kra18.lat/
14 KB
7 KB
Document
General
Full URL
https://kra18.lat/
Requested by
Host: kra18.lat
URL: https://kra18.lat/js/connect.min.js?1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75f2049273dec0d153e97ce7fa7b63a3c2fff714789bb60f6e72c535780dc080

Request headers

Referer
https://kra18.lat/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e90f6f3997ba24c-YYZ
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2024 09:06:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2FPtLquSUWzuWKknkbDHQttQKkcW%2FDBOY589u5pALV6rUKNdMMCoVKzWJQ0hkGYM3dF1UKBtneHZ%2F740YnvP5kgAO2%2BQu2Z%2B5VOziIESq9GnW04dYmAOdNzYfYM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=30734&min_rtt=22529&rtt_var=11525&sent=28&recv=25&lost=1&retrans=1&sent_bytes=13521&recv_bytes=7224&delivery_rate=4230&cwnd=8400&unsent_bytes=0&cid=4932b292b39c7240&ts=1220&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e90f6f27862a24c-YYZ
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2024 09:06:52 GMT
location
/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3iV9ACDz0zXvFBcd6fklXNFJAKrnxWEhEWUtI1xStkWZk3ievrIOCCcJYjWim4ZzMFxFvxy5hgNGkCSBEvxFr0NO1ksEF2AaztLgc9GgLpvCjkoZnGv9zktbL2o%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=27832&min_rtt=22529&rtt_var=7630&sent=26&recv=23&lost=1&retrans=1&sent_bytes=12736&recv_bytes=6652&delivery_rate=12903&cwnd=8400&unsent_bytes=0&cid=4932b292b39c7240&ts=1036&x=1" cfExtPri cfHdrFlush;dur=0
truncated
/
586 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
transparent.gif
kra18.lat/cdn-cgi/images/trace/managed/nojs/
553 B
553 B
Image
General
Full URL
https://kra18.lat/cdn-cgi/images/trace/managed/nojs/transparent.gif?ray=794d630be9c098f7
Requested by
Host: kra18.lat
URL: https://kra18.lat/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fc8caf11b83feb15665491d9f3d0d788299fa8a94adc7adbc256acc0917f5cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kra18.lat/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8e90f6f4fa5ca24c-YYZ
date
Wed, 27 Nov 2024 09:06:52 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
x-frame-options
DENY
favicon.ico
kra18.lat/
598 B
0
Other
General
Full URL
https://kra18.lat/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0b7e5217318eedc1b42ca1ce5e128c649c97082912f1d800eec1325207ad96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://kra18.lat/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"256-624357819dd6a"
age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TXMy%2FZSPA1AFbV%2FmosUBv05W5W5HzgC8I3hv%2FCd984bRLpO6ZcOAgxB7GbsQRpOLcQv3tqOM0EWjr4E6Vvu%2FHYihQg5MrTqkHZ%2F%2BGzz%2B6%2Baza20l5Ac5BuvP6p0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24676&min_rtt=22529&rtt_var=4792&sent=22&recv=20&lost=1&retrans=1&sent_bytes=10640&recv_bytes=6054&delivery_rate=64783&cwnd=8400&unsent_bytes=0&cid=4932b292b39c7240&ts=786&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 09:06:51 GMT
content-type
image/vnd.microsoft.icon
last-modified
Fri, 11 Oct 2024 15:52:07 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e90f6f17fe4a24c-YYZ
server
cloudflare
Primary Request /
captcha.kra18.lat/
Redirect Chain
  • https://kra18.lat/?cf_captcha_success=1
  • https://captcha.kra18.lat/
718 B
1 KB
Document
General
Full URL
https://captcha.kra18.lat/
Requested by
Host: kra18.lat
URL: https://kra18.lat/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85018d7c7027dc4181e0fee07d363010e8862c44a4e0968021bf3be8d6d6c216

Request headers

Referer
https://kra18.lat/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e90f7032a7aa24c-YYZ
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2024 09:06:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zcu%2B3Dx0siHR7145ETwGD3WpUvxPmNtA4nthZdM1gbIl88Z1HdzNJpxikXrzJ553QDTpMlHVcduZwPQEv7FbG6EyPC%2BVjvkiFUO2YWAyQVseBr9KXDvC3c1fgnMX1Ym643a0Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=31349&min_rtt=22529&rtt_var=8211&sent=40&recv=36&lost=1&retrans=1&sent_bytes=22108&recv_bytes=9051&delivery_rate=4114&cwnd=8400&unsent_bytes=0&cid=4932b292b39c7240&ts=3793&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e90f70209f5a24c-YYZ
content-type
text/html; charset=UTF-8
date
Wed, 27 Nov 2024 09:06:54 GMT
location
https://captcha.kra18.lat
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2imDHzeZ9Qt5nOCbp8BE8ZWoZF%2FjGJm9iH9qstDePisDovaO235yIQi%2BmSx9ofE9v4hIZ5f7nLgl93vbObY3y0jt1ludHooF2%2F96EMrGkQAEFU3gM%2FLJII%2BN5o%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=29316&min_rtt=22529&rtt_var=5528&sent=38&recv=34&lost=1&retrans=1&sent_bytes=21366&recv_bytes=8621&delivery_rate=5345&cwnd=8400&unsent_bytes=0&cid=4932b292b39c7240&ts=3523&x=1" cfExtPri cfHdrFlush;dur=0
connect.min.js
captcha.kra18.lat/js/
11 KB
4 KB
Script
General
Full URL
https://captcha.kra18.lat/js/connect.min.js?1
Requested by
Host: captcha.kra18.lat
URL: https://captcha.kra18.lat/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa0fd5b129cc1062500cf31c6be66f6617d829c3e4ccf0dc7cdba46f992632e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://captcha.kra18.lat/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"2c0a-6243578862419-gzip"
age
2182
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gHXpVjJXYJ5cMGkFROkENEKUsdgNXcmQlg0BZsh6ml893rHPiMm5ctCEQx9VhHNZ614HwPIq7ezuu5HsPJqWjpi2dXiUQ5xGZalGwAwPSK4h7DsLQO5fqm2t%2BvZ470ZqxPTRxg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30286&min_rtt=22529&rtt_var=6447&sent=44&recv=39&lost=1&retrans=1&sent_bytes=23574&recv_bytes=9535&delivery_rate=6500&cwnd=8400&unsent_bytes=0&cid=4932b292b39c7240&ts=3838&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 09:06:54 GMT
content-type
application/javascript
last-modified
Fri, 11 Oct 2024 15:52:14 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e90f7049b13a24c-YYZ
accept-ranges
bytes
content-length
2923
server
cloudflare
take_server.php
captcha.kra18.lat/modules/onion_servers/
0
707 B
XHR
General
Full URL
https://captcha.kra18.lat/modules/onion_servers/take_server.php
Requested by
Host: captcha.kra18.lat
URL: https://captcha.kra18.lat/js/connect.min.js?1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
X-Requested-With
XMLHttpRequest

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AvLRniVVUkaahblYXVaIit6fz3hAA6gpoTxOdtMgSck9dnXmea9HpPUu%2BEwpXMKzPXAPXT1%2FoP2giYUgBKaYK879Ui9r17rYN76lEbZOwq%2F1nsDEvun%2BaHNA7sHiOjbt4u6UMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e90f704eb3da24c-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32482&min_rtt=22529&rtt_var=7683&sent=52&recv=46&lost=1&retrans=1&sent_bytes=28692&recv_bytes=10657&delivery_rate=31593&cwnd=8400&unsent_bytes=0&cid=4932b292b39c7240&ts=3982&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 09:06:54 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=1,i
favicon.ico
captcha.kra18.lat/
598 B
1 KB
Other
General
Full URL
https://captcha.kra18.lat/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.202 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f0b7e5217318eedc1b42ca1ce5e128c649c97082912f1d800eec1325207ad96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"256-624357819dd6a"
age
2984
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=phQCvyFhWOqsD9xEjnP7%2FDopTYRjM0QGbM5Dxd1pzW33hddOwdmlTd4N0DuOwnI5R76uQovqFLPvdHmq7LKCWuqywX%2F2tKrLM8kEh4GjP6UMmNt%2F390AgEUj5%2BjAGMSdCQ0k8g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30956&min_rtt=22529&rtt_var=6175&sent=50&recv=45&lost=1&retrans=1&sent_bytes=27328&recv_bytes=10614&delivery_rate=103924&cwnd=8400&unsent_bytes=0&cid=4932b292b39c7240&ts=3903&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 27 Nov 2024 09:06:54 GMT
content-type
image/vnd.microsoft.icon
last-modified
Fri, 11 Oct 2024 15:52:07 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e90f704fb42a24c-YYZ
server
cloudflare
/
captcha.kra18.lat/
Redirect Chain
  • https://captcha.kra18.lat/
  • https://captcha.kra18.lat/
  • https://captcha.kra18.lat/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
captcha.kra18.lat
URL
https://captcha.kra18.lat/

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| connecting_hash function| _0x145c93 function| MD5 function| M function| X function| V function| Y function| md5_cmn function| _0x4989 function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| safe_add function| bit_rol object| date function| _0x18d8 function| takeOnionServer function| httpGetAsync function| connectingStrHandler

17 Cookies

Domain/Path Name / Value
kra3.cool/ Name: go
Value: 1
kra18.lat/ Name: tor_scheme_id
Value: 1732880645
kra18.lat/ Name: tor_port
Value: 9179
kra18.lat/ Name: session_id
Value: 1f3d5bad683e847f6b76b40079f41550
kra18.lat/ Name: connecting_hash_lite_version
Value: 1732698411
kra18.lat/ Name: connecting_hash
Value: 3ea09d7607c3c14a8670ef27b7f24274
kra18.lat/ Name: onion_server_id
Value: 6
kra18.lat/ Name: session_temp_active
Value: 1
kra18.lat/ Name: cf_check_x0_cptch
Value: 1
captcha.kra18.lat/ Name: tor_scheme_id
Value: 1733447992
captcha.kra18.lat/ Name: tor_port
Value: 9328
captcha.kra18.lat/ Name: session_id
Value: bb518764b9043b0dbc002bbe7aaa6bd8
captcha.kra18.lat/ Name: connecting_hash_lite_version
Value: 1732698414
captcha.kra18.lat/ Name: connecting_hash
Value: de006322255f4952113c5ac4c7174f53
captcha.kra18.lat/ Name: onion_server_id
Value: 7
captcha.kra18.lat/ Name: session_temp_active
Value: 1
captcha.kra18.lat/ Name: proxy_cf_session_id
Value: 2326660

1 Console Messages

Source Level URL
Text
network error URL: https://kra18.lat/cdn-cgi/images/trace/managed/nojs/transparent.gif?ray=794d630be9c098f7
Message:
Failed to load resource: the server responded with a status of 404 ()