urlscan.io logo urlscan.io
SecurityTrails logo

udf.landding.live Open in urlscan Pro
86.38.218.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link.mail.beehiiv.com/ss/c/u001.ZvTG2W7nMfRmSIeewleFjmjc0aCqXdYwQLv-ylyycUQcxE3F5NZMtSB5IlvYjsWztjcPfL34exehnTMT8T4kn9...
Effective URL: https://udf.landding.live/prDOkuet
Submission Tags: falconsandbox
Submission: On June 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 8 domains to perform 7 HTTP transactions. The main IP is 86.38.218.74, located in Phoenix, United States and belongs to AS-HOSTINGER, CY. The main domain is udf.landding.live.
TLS certificate: Issued by E5 on June 20th 2024. Valid for: 3 months.
This is the only time udf.landding.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2600:9000:239... 16509 (AMAZON-02)
1 162.240.230.203 46606 (UNIFIEDLA...)
1 104.17.25.14 13335 (CLOUDFLAR...)
1 86.38.218.74 47583 (AS-HOSTINGER)
1 240d:c000:201... 132203 (TENCENT-N...)
1 43.152.26.221 139341 (ACE-AS-AP...)
1 162.19.61.80 16276 (OVH)
1 43.152.26.197 139341 (ACE-AS-AP...)
7 7
1    2606:4700::6812:4428 (United States)

ASN13335 (CLOUDFLARENET, US)
link.mail.beehiiv.com
1    2600:9000:2394:fa00:9:ec94:b800:93a1 (United States)

ASN16509 (AMAZON-02, US)
trk.klclick3.com
1    162.240.230.203 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps-11551973.cyberserver1.com.br
qualitymanager.com.br
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    86.38.218.74 (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)
PTR: srv548058.hstgr.cloud
udf.landding.live
1    240d:c000:2010:1808:0:97de:1846:937e (Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
ca.turing.captcha.qcloud.com
1    43.152.26.221 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
global.turing.captcha.gtimg.com
1    162.19.61.80 (France)

ASN16276 (OVH, FR)
PTR: ns3094918.ip-162-19-61.eu
i.postimg.cc
1    43.152.26.197 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
global.turing.captcha.gtimg.com
Apex Domain
Subdomains		 Transfer
2 gtimg.com
global.turing.captcha.gtimg.com — Cisco Umbrella Rank: 599373
65 KB
1 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 18042
386 KB
1 qcloud.com
ca.turing.captcha.qcloud.com — Cisco Umbrella Rank: 560180
33 KB
1 landding.live
udf.landding.live
5 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
14 KB
1 qualitymanager.com.br
qualitymanager.com.br
758 B
1 klclick3.com
trk.klclick3.com — Cisco Umbrella Rank: 56569
329 B
1 beehiiv.com
link.mail.beehiiv.com — Cisco Umbrella Rank: 60182
1 KB
7 8
Domain Requested by
2 global.turing.captcha.gtimg.com ca.turing.captcha.qcloud.com
global.turing.captcha.gtimg.com
1 i.postimg.cc udf.landding.live
1 ca.turing.captcha.qcloud.com udf.landding.live
1 udf.landding.live qualitymanager.com.br
1 cdnjs.cloudflare.com qualitymanager.com.br
1 qualitymanager.com.br
1 trk.klclick3.com 1 redirects
1 link.mail.beehiiv.com 1 redirects
7 8

This site contains no links.

Subject Issuer Validity Valid
qualitymanager.com.br
cPanel, Inc. Certification Authority		 2024-04-26 -
2024-07-25		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
udf.landding.live
E5		 2024-06-20 -
2024-09-18		 3 months crt.sh
*.turing.captcha.qcloud.com
DigiCert Secure Site CN CA G3		 2024-03-27 -
2025-04-27		 a year crt.sh
*.turing.captcha.gtimg.com
DigiCert Secure Site CN CA G3		 2024-02-20 -
2025-03-22		 a year crt.sh
postimg.cc
R11		 2024-06-21 -
2024-09-19		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://udf.landding.live/prDOkuet
Frame ID: 81E9360B8882AEEAF79F09888C814BAA
Requests: 6 HTTP requests in this frame

Frame: https://global.turing.captcha.gtimg.com/template/drag_ele_global.html
Frame ID: 8EE63307EF7D73841B3EDB7C7E32D397
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft Authentication Captcha

Page URL History Show full URLs

  1. https://link.mail.beehiiv.com/ss/c/u001.ZvTG2W7nMfRmSIeewleFjmjc0aCqXdYwQLv-ylyycUQcxE3F5NZMtSB5IlvYjsWztj... HTTP 302
    https://trk.klclick3.com/ls/click?upn=u001.sYzgCzFbwRTlhjECxFrGHSriWWgeB7fp-2BvvIakib8UEQnrvjqYPeMs0o... HTTP 302
    https://qualitymanager.com.br/sdf/?_kx=x_vffdc7NziBTXq6l6GNqHEUXGVZLfXTjLh9B1YGNnw.SwdC7C Page URL
  2. https://udf.landding.live/prDOkuet Page URL

Page Statistics

7
Requests

100 %
HTTPS

33 %
IPv6

8
Domains

8
Subdomains

7
IPs

5
Countries

504 kB
Transfer

746 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.mail.beehiiv.com/ss/c/u001.ZvTG2W7nMfRmSIeewleFjmjc0aCqXdYwQLv-ylyycUQcxE3F5NZMtSB5IlvYjsWztjcPfL34exehnTMT8T4kn9aOKh30MH-0M6RuJgvvck72hwwDOVT2dug3G3B_YRjbR2yIsAGFn5GBZf6DY4W9mtHG5bpySTIwFh8tXok3sdHx4mX4tK_Tt5MZ8nxbe5ERvcme3_CHigo8YkgZivVA3mehjIdU-lRh4hwTxWcVxWVPCXiVyVtN0XjNrVatnKT99SErthMQ7tOK7AyS9XC4sJ_aRb0QbCr_0jdmqLtOLdQJg-ykDdH_EffnFbf1mXfZsJ6SDP0aCWIr6eozxb3rd71pyEcKhMq2fDfX8W81D185FhvkIfAkfOE3415wrc9biP9VHB5uLD0IywVZHQL260Dl1m7LqhO6geMr3Pa4yHQ970ZgCBbZeOpoBbiDaHryP1rVL9BBZnjRL1xcAPA5r1zNKK2cGoD3KFebCLYHO6MxZSyThGAC8sZRvmuOo3-HxUvvBauPM1h0Hhnbu5ryn_ZLXk1zq-fJZDC12SNWs9UumiFQG7G1na06GCYxh3Tn4be1v8FGlhPjqpp6pf7jveZOnoAfNkRzLFYAsKFcCnoUwApwZHOzzN-wMxJSnJQd0nKosHvpqSN34FVN9sq3xcJ1JWVlxIKdMiPUJq88kPHCRVQ6h1JLBFbQtk2ze82kum6qMFOD3BZQY_-mc6LTpj9FTEn_-wmBx8rJNkAwZoFXOaJGqzcprxHpTXaw4bVn_WjbuL1ag6G6Cu4S58EK8S4lf9rDUD840DwWa2oxpfilXQm6mEM98WwIO4YwQ9EvzU3iDBOks3EgYi6rrJX9gnaUQZi6Zudy8ZQR6NLdbFDO_IQ5hqnsaIY2w3hlcKUbS15KfMHPKwDp03q3ooAGEF3YCiiLxVl_Wge3NR-TNped22kZrAN4zlb6ygFNGa7-Hc-x2-GFkZM_1G9ZzEUd6l4rdz5OZxm0hLb4GkyJWGzDk8MaxViZdKNrPaJ4tajUoxS53wXvS9A-VsIphtr-tx09JpRFplqKAXhdHuRo3lS-WXByUzHQIQa9bCTTST50DCEoMMrstoGxMlLORcm0JXWlVZQHiqpk-X4FNZ01Wt40bIWdQlCfOQtngLYxT-JVpwuONo8CHkJrSmxiDIPhQb-33I4pL5_LbY4ZImwB0QA/47e/8nkHuFCDRkyWRb2UpNOlvw/h4/h001.EJ9fe4sT-Qygq06uqzefBkoOps9KzVZeHwYqgcXoS7Y HTTP 302
    https://trk.klclick3.com/ls/click?upn=u001.sYzgCzFbwRTlhjECxFrGHSriWWgeB7fp-2BvvIakib8UEQnrvjqYPeMs0oDZdX0YPXroj-2FmjPUNgo4QV9GS3wMhdjPvWP-2Fnl7wsDU0GickwVoBtQx2tG0UHuFPD83LUIKFUaa58BK-2Fv3a6TlWIJsn2bQ-3D-3DvPW0_vru9Yam-2FFcqy-2BTYfsrA8SU6-2BS1gnXOELJ9U4-2Bw1PPP12OlmmLRA-2B3ACi7IFY1-2FU3AF-2B4FbAYyzINt50ex2qMoA6EktJ6HQqPYbUJpJHKgMUX-2Fx785-2FYx0GLPGH66R1E-2FTEJ198ig-2BraZrUNr4LlSdZRX6gkgaJ8bMkV2cimRoEEj06zs71MrxsHdk1gkz-2BWBrebTxC5kn4u8PsHHvL9yX8ESq6bGZLhiEr-2FRUAcpyj172p4PhzED0YEF8rh6i4guVjpeMJdfkhZbcQcFbeNkMQrLVwtH7Fmky5CKRWTkZ3xX1gZX5W7EbIS-2Fgc-2Fu-2Ba0Dl-2Bu-2B8xI5Bbe22lpS9t3-2BkRxQalRakMuWgUNk4Soa1qAyg0G-2F2LtFXBs6kVC-2B-2Fw4y67XP8X8EfXqe5Xmp2f2x9clWeN8Ab4RmRCTxQDtCIlIDUAKjspC6-2FRdj0w-2BDeHbuIqY4uvxvim3Be4z-2Bi06rKay1sEskm-2B4MwrTJ0LCjpR-2By8aOGtKPj5ThVyCJ-2B8iH-2F&utm_source=lorelles-newsletter-067d59.beehiiv.com&utm_medium=newsletter&utm_campaign=fujitsu HTTP 302
    https://qualitymanager.com.br/sdf/?_kx=x_vffdc7NziBTXq6l6GNqHEUXGVZLfXTjLh9B1YGNnw.SwdC7C Page URL
  2. https://udf.landding.live/prDOkuet Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://link.mail.beehiiv.com/ss/c/u001.ZvTG2W7nMfRmSIeewleFjmjc0aCqXdYwQLv-ylyycUQcxE3F5NZMtSB5IlvYjsWztjcPfL34exehnTMT8T4kn9aOKh30MH-0M6RuJgvvck72hwwDOVT2dug3G3B_YRjbR2yIsAGFn5GBZf6DY4W9mtHG5bpySTIwFh8tXok3sdHx4mX4tK_Tt5MZ8nxbe5ERvcme3_CHigo8YkgZivVA3mehjIdU-lRh4hwTxWcVxWVPCXiVyVtN0XjNrVatnKT99SErthMQ7tOK7AyS9XC4sJ_aRb0QbCr_0jdmqLtOLdQJg-ykDdH_EffnFbf1mXfZsJ6SDP0aCWIr6eozxb3rd71pyEcKhMq2fDfX8W81D185FhvkIfAkfOE3415wrc9biP9VHB5uLD0IywVZHQL260Dl1m7LqhO6geMr3Pa4yHQ970ZgCBbZeOpoBbiDaHryP1rVL9BBZnjRL1xcAPA5r1zNKK2cGoD3KFebCLYHO6MxZSyThGAC8sZRvmuOo3-HxUvvBauPM1h0Hhnbu5ryn_ZLXk1zq-fJZDC12SNWs9UumiFQG7G1na06GCYxh3Tn4be1v8FGlhPjqpp6pf7jveZOnoAfNkRzLFYAsKFcCnoUwApwZHOzzN-wMxJSnJQd0nKosHvpqSN34FVN9sq3xcJ1JWVlxIKdMiPUJq88kPHCRVQ6h1JLBFbQtk2ze82kum6qMFOD3BZQY_-mc6LTpj9FTEn_-wmBx8rJNkAwZoFXOaJGqzcprxHpTXaw4bVn_WjbuL1ag6G6Cu4S58EK8S4lf9rDUD840DwWa2oxpfilXQm6mEM98WwIO4YwQ9EvzU3iDBOks3EgYi6rrJX9gnaUQZi6Zudy8ZQR6NLdbFDO_IQ5hqnsaIY2w3hlcKUbS15KfMHPKwDp03q3ooAGEF3YCiiLxVl_Wge3NR-TNped22kZrAN4zlb6ygFNGa7-Hc-x2-GFkZM_1G9ZzEUd6l4rdz5OZxm0hLb4GkyJWGzDk8MaxViZdKNrPaJ4tajUoxS53wXvS9A-VsIphtr-tx09JpRFplqKAXhdHuRo3lS-WXByUzHQIQa9bCTTST50DCEoMMrstoGxMlLORcm0JXWlVZQHiqpk-X4FNZ01Wt40bIWdQlCfOQtngLYxT-JVpwuONo8CHkJrSmxiDIPhQb-33I4pL5_LbY4ZImwB0QA/47e/8nkHuFCDRkyWRb2UpNOlvw/h4/h001.EJ9fe4sT-Qygq06uqzefBkoOps9KzVZeHwYqgcXoS7Y HTTP 302
  • https://trk.klclick3.com/ls/click?upn=u001.sYzgCzFbwRTlhjECxFrGHSriWWgeB7fp-2BvvIakib8UEQnrvjqYPeMs0oDZdX0YPXroj-2FmjPUNgo4QV9GS3wMhdjPvWP-2Fnl7wsDU0GickwVoBtQx2tG0UHuFPD83LUIKFUaa58BK-2Fv3a6TlWIJsn2bQ-3D-3DvPW0_vru9Yam-2FFcqy-2BTYfsrA8SU6-2BS1gnXOELJ9U4-2Bw1PPP12OlmmLRA-2B3ACi7IFY1-2FU3AF-2B4FbAYyzINt50ex2qMoA6EktJ6HQqPYbUJpJHKgMUX-2Fx785-2FYx0GLPGH66R1E-2FTEJ198ig-2BraZrUNr4LlSdZRX6gkgaJ8bMkV2cimRoEEj06zs71MrxsHdk1gkz-2BWBrebTxC5kn4u8PsHHvL9yX8ESq6bGZLhiEr-2FRUAcpyj172p4PhzED0YEF8rh6i4guVjpeMJdfkhZbcQcFbeNkMQrLVwtH7Fmky5CKRWTkZ3xX1gZX5W7EbIS-2Fgc-2Fu-2Ba0Dl-2Bu-2B8xI5Bbe22lpS9t3-2BkRxQalRakMuWgUNk4Soa1qAyg0G-2F2LtFXBs6kVC-2B-2Fw4y67XP8X8EfXqe5Xmp2f2x9clWeN8Ab4RmRCTxQDtCIlIDUAKjspC6-2FRdj0w-2BDeHbuIqY4uvxvim3Be4z-2Bi06rKay1sEskm-2B4MwrTJ0LCjpR-2By8aOGtKPj5ThVyCJ-2B8iH-2F&utm_source=lorelles-newsletter-067d59.beehiiv.com&utm_medium=newsletter&utm_campaign=fujitsu HTTP 302
  • https://qualitymanager.com.br/sdf/?_kx=x_vffdc7NziBTXq6l6GNqHEUXGVZLfXTjLh9B1YGNnw.SwdC7C

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
qualitymanager.com.br/sdf/
Redirect Chain
  • https://link.mail.beehiiv.com/ss/c/u001.ZvTG2W7nMfRmSIeewleFjmjc0aCqXdYwQLv-ylyycUQcxE3F5NZMtSB5IlvYjsWztjcPfL34exehnTMT8T4kn9aOKh30MH-0M6RuJgvvck72hwwDOVT2dug3G3B_YRjbR2yIsAGFn5GBZf6DY4W9mtHG5bpyS...
  • https://trk.klclick3.com/ls/click?upn=u001.sYzgCzFbwRTlhjECxFrGHSriWWgeB7fp-2BvvIakib8UEQnrvjqYPeMs0oDZdX0YPXroj-2FmjPUNgo4QV9GS3wMhdjPvWP-2Fnl7wsDU0GickwVoBtQx2tG0UHuFPD83LUIKFUaa58BK-2Fv3a6TlWIJs...
  • https://qualitymanager.com.br/sdf/?_kx=x_vffdc7NziBTXq6l6GNqHEUXGVZLfXTjLh9B1YGNnw.SwdC7C
1 KB
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://qualitymanager.com.br/sdf/?_kx=x_vffdc7NziBTXq6l6GNqHEUXGVZLfXTjLh9B1YGNnw.SwdC7C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.240.230.203 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
vps-11551973.cyberserver1.com.br
Software
nginx /
Resource Hash
b52687bf10b8c1fce9876353b4bdc824440939b6ca0d0a4bdc30b560fc83c182

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 21 Jun 2024 12:39:49 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

content-length
112
content-type
text/html; charset=utf-8
date
Fri, 21 Jun 2024 12:39:47 GMT
location
https://qualitymanager.com.br/sdf/?_kx=x_vffdc7NziBTXq6l6GNqHEUXGVZLfXTjLh9B1YGNnw.SwdC7C
server
nginx
via
1.1 fabf8b14862325981b1496bd502a7818.cloudfront.net (CloudFront)
x-amz-cf-id
FusWfgAVFDf36ZNyIfGQjGpvfD0ct1pHCGUYb4vRinaoseSRyR7aTg==
x-amz-cf-pop
AMS1-P2
x-cache
Miss from cloudfront
x-robots-tag
noindex, nofollow
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
Requested by
Host: qualitymanager.com.br
URL: https://qualitymanager.com.br/sdf/?_kx=x_vffdc7NziBTXq6l6GNqHEUXGVZLfXTjLh9B1YGNnw.SwdC7C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://qualitymanager.com.br/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:39:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1021332
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13972
last-modified
Sat, 14 Aug 2021 20:33:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61182885-3694"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCN5eHkKZeL0acdKGzYtL02PQ1LyBlqgsOY5Sm0Ht5Oi4I7OyMdP4btqi7esWSnoaQM1BjgvtSnT9s6wV7fup4HCWAaP1yepsH4sFMG4MCPGPOQFpnkuL9VxElqHWCkmhnv%2FoyYH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
897410474d062baf-FRA
expires
Wed, 11 Jun 2025 12:39:49 GMT
Primary Request prDOkuet
udf.landding.live/ 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://udf.landding.live/prDOkuet
Requested by
Host: qualitymanager.com.br
URL: https://qualitymanager.com.br/sdf/?_kx=x_vffdc7NziBTXq6l6GNqHEUXGVZLfXTjLh9B1YGNnw.SwdC7C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
86.38.218.74 Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv548058.hstgr.cloud
Software
/
Resource Hash
5b29d2480ebd78331c6488861489a765a298131fd992e3f0d268aa8bf18ae2be

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://qualitymanager.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
close
Content-Type
text/html
Transfer-Encoding
chunked
TCaptcha-global.js
ca.turing.captcha.qcloud.com/ 		106 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.turing.captcha.qcloud.com/TCaptcha-global.js
Requested by
Host: udf.landding.live
URL: https://udf.landding.live/prDOkuet
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240d:c000:2010:1808:0:97de:1846:937e , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Trpc httpd, tencent http server /
Resource Hash
6559626cd526808f1c69e884c35f72d998e2e57ca780f8489c54671569e5d12c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://udf.landding.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 21 Jun 2024 12:39:51 GMT
Content-Encoding
gzip
Server
Trpc httpd, tencent http server
Transfer-Encoding
chunked
P3P
CP=CAO PSA OUR
Content-Type
text/javascript
Cache-Control
max-age=600
Connection
keep-alive
tcaptcha-frame.306b02df.js
global.turing.captcha.gtimg.com/ 		202 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.turing.captcha.gtimg.com/tcaptcha-frame.306b02df.js
Requested by
Host: ca.turing.captcha.qcloud.com
URL: https://ca.turing.captcha.qcloud.com/TCaptcha-global.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.221 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
tencent-cos /
Resource Hash
e08c95696f60e28b4f18a24b29d31bdf042bc8a4b40b799b5aa3f7ce11126f52

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://udf.landding.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 07:50:29 GMT
Content-Encoding
gzip
x-cos-hash-crc64ecma
9194155020814409306
Last-Modified
Mon, 29 Apr 2024 02:30:47 GMT
Server
tencent-cos
X-Cache-Lookup
Cache Hit
Etag
"cda3575e58a713e98b593bc298ed4fd6"
Content-Type
application/javascript
x-cos-request-id
NjY3MTNjNDVfMmE1NzA2MDlfNzc3MF8xZjk4MTk5
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
X-NWS-LOG-UUID
5739166213031520788
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66386
Untitled-design-5.png
i.postimg.cc/DzpHM6v4/ 		386 KB
386 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/DzpHM6v4/Untitled-design-5.png
Requested by
Host: udf.landding.live
URL: https://udf.landding.live/prDOkuet
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.61.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3094918.ip-162-19-61.eu
Software
nginx /
Resource Hash
fd683568ee95faadf8a13408b809e11ebd79b48a2a35341eed6ad6b505cf5719

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://udf.landding.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 21 Jun 2024 12:39:51 GMT
last-modified
Mon, 25 Mar 2024 22:38:31 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
394831
expires
Thu, 31 Dec 2037 23:55:55 GMT
drag_ele_global.html
global.turing.captcha.gtimg.com/template/ Frame 8EE6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://global.turing.captcha.gtimg.com/template/drag_ele_global.html
Requested by
Host: global.turing.captcha.gtimg.com
URL: https://global.turing.captcha.gtimg.com/tcaptcha-frame.306b02df.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.197 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Trpc httpd tencent http server /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://udf.landding.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Connection
keep-alive
Content-Encoding
gzip
Content-Length
34044
Content-Type
text/html
Date
Tue, 18 Jun 2024 13:02:02 GMT
P3P
CP=CAO PSA OUR
Pragma
No-cache
Server
Trpc httpd tencent http server
X-Cache-Lookup
Cache Hit
X-NWS-LOG-UUID
12187594529093457889

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage boolean| __TencentCaptchaExists__ boolean| TCaptchaGlobal string| AqSCodeCapDomain string| AqSCodeCdnDomain boolean| TCaptchaPreload function| TencentCaptcha function| callback function| loadErrorCallback function| TCapMsg function| AqSCode

2 Cookies

Domain/Path Name / Value
.beehiiv.com/ Name: __cf_bm
Value: E_dkAkpkmXCSTmBUTvNmlBPi6rwWrgMdmprJmhfVp6o-1718973587-1.0.1.1-EjtwuLCWjbwuIMB5ObMX5xgmbQzkoLhULXyTW1dQnsZBqfc.BFdVOU3J4_DfERH8cF1T9kacRno4zHgZGh7kHQ
.landding.live/ Name: fb46-2761
Value: 608acc2a3be257be189d9e1a477d6be35b2a26113ead1db61d0adfba26974b80