urlscan.io logo urlscan.io
SecurityTrails logo

salla.sa Open in urlscan Pro
2606:4700:4400::6812:2660  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://saless.online/
Effective URL: https://salla.sa/saless/redirect
Submission: On November 14 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2606:4700:4400::6812:2660, located in United States and belongs to CLOUDFLARENET, US. The main domain is salla.sa. The Cisco Umbrella rank of the primary domain is 363675.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 13th 2022. Valid for: a year.
This is the only time salla.sa was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 8 2606:4700::68... 13335 (CLOUDFLAR...)
15 4
1    2606:4700:3036::6815:4920 (United States)

ASN13335 (CLOUDFLARENET, US)
saless.online
1    2606:4700:3034::ac43:8b36 (United States)

ASN13335 (CLOUDFLARENET, US)
saless.online
7    2606:4700:4400::6812:2660 (United States)

ASN13335 (CLOUDFLARENET, US)
salla.sa
1    2606:4700::6812:1384 (United States)

ASN13335 (CLOUDFLARENET, US)
cloudflare.hcaptcha.com
8    2606:4700::6812:6b9 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
8 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 28068
104 KB
7 salla.sa
salla.sa — Cisco Umbrella Rank: 363675
401 KB
2 saless.online
saless.online
2 KB
1 hcaptcha.com
cloudflare.hcaptcha.com — Cisco Umbrella Rank: 13447
80 KB
15 4
Domain Requested by
8 challenges.cloudflare.com 1 redirects challenges.cloudflare.com
salla.sa
7 salla.sa salla.sa
2 saless.online 2 redirects
1 cloudflare.hcaptcha.com salla.sa
15 4

This site contains no links.

Subject Issuer Validity Valid
salla.sa
Cloudflare Inc ECC CA-3		 2022-06-13 -
2023-06-12		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-02 -
2023-04-02		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://salla.sa/saless/redirect
Frame ID: EA3E37D36248C1BC4F22C81357C779A8
Requests: 10 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/turnstile/if/ov2/av0/e9x3j/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 9A75C1BCA2D50D54EBF9B63DBEC550D4
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

... لحظات

Page URL History Show full URLs

  1. http://saless.online/ HTTP 301
    https://saless.online/ HTTP 302
    https://salla.sa/saless/redirect Page URL

Page Statistics

15
Requests

93 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

631 kB
Transfer

1661 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://saless.online/ HTTP 301
    https://saless.online/ HTTP 302
    https://salla.sa/saless/redirect Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/bd37fbc5/api.js?onload=_cf_chl_turnstile_l&render=explicit

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request redirect
salla.sa/saless/
Redirect Chain
  • http://saless.online/
  • https://saless.online/
  • https://salla.sa/saless/redirect
952 KB
309 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://salla.sa/saless/redirect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b8733addf1ced352265dede8cec94aa252f474193dfd4acf239df3093fe7210
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-bypass
1
cf-ray
769c342b48ea5c0e-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 14 Nov 2022 02:09:13 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
cf-cache-status
DYNAMIC
cf-ray
769c3429ec8e906a-FRA
content-security-policy
frame-ancestors https://s.salla.sa
content-type
text/html; charset=UTF-8
date
Mon, 14 Nov 2022 02:09:13 GMT
expires
Sun, 02 Jan 1990 00:00:00 GMT
location
https://salla.sa/saless/redirect
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
referrer-policy
origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FOS029TyaBDUuRivRSDCMsLMGC98zZMR79UDL6zNiOTtrYtnIBMPG%2B7oc7A4%2F8NraD32PtXAAPOiAaFlwGOCubKi6UNMfgcV8Uas1rKtgqUb2yOhJTROm6atW0pzNVEQ5abWTm%2BiJc8ZC2B"}],"group":"cf-nel","max_age":604800}
s-is-local
false
s-ray
0
s-session-type
guest
server
cloudflare
x-content-type-options
nosniff
x-download-options
noopen
x-envoy-upstream-service-time
132
x-frame-options
allow-from https://s.salla.sa
x-permitted-cross-domain-policies
none
x-powered-by
Salla
x-xss-protection
1; mode=block
v1
salla.sa/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/ 		53 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://salla.sa/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=769c342b48ea5c0e
Requested by
Host: salla.sa
URL: https://salla.sa/saless/redirect
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9394605fbfbc09639c561e1f31693a86e018fd5841d8895c704584560bd7e0b5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salla.sa/saless/redirect?__cf_chl_rt_tk=5JHYLggu.MSI1FFKn38QkTh_p3QgcGvbyIpwU0Wd8OQ-1668391753-0-gaNycGzNCD0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 02:09:13 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
br
server
cloudflare
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
769c342c6a335c0e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
transparent.gif
salla.sa/cdn-cgi/images/trace/captcha/js/ 		42 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://salla.sa/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=769c342b48ea5c0e
Requested by
Host: salla.sa
URL: https://salla.sa/saless/redirect?__cf_chl_rt_tk=5JHYLggu.MSI1FFKn38QkTh_p3QgcGvbyIpwU0Wd8OQ-1668391753-0-gaNycGzNCD0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salla.sa/saless/redirect?__cf_chl_rt_tk=5JHYLggu.MSI1FFKn38QkTh_p3QgcGvbyIpwU0Wd8OQ-1668391753-0-gaNycGzNCD0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 02:09:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Nov 2022 12:51:41 GMT
server
cloudflare
etag
"636ba25d-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
769c342c6a345c0e-FRA
content-length
42
expires
Mon, 14 Nov 2022 04:09:13 GMT
truncated
/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
566cbe7aac3342ae92796081bf0c8eaf6b6ff1a7a22490cf8a4c0e6176092f06

Request headers

Referer
Origin
https://salla.sa
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
application/octet-stream
api.js
cloudflare.hcaptcha.com/1/ 		282 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
Requested by
Host: salla.sa
URL: https://salla.sa/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=769c342b48ea5c0e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1384 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae1c9f90ed9742db748171f206278cfd92a4ce3e8a6ff6ac5f8214aa75d9fae1
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 02:09:13 GMT
strict-transport-security
max-age=0
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-amz-cf-pop
FRA56-P4
x-cache
Miss from cloudfront
last-modified
Wed, 09 Nov 2022 04:14:07 GMT
server
cloudflare
etag
W/"cba895d710939d3f383adf1461af832f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=120
cf-ray
769c342d085e903d-FRA
x-amz-cf-id
EUq2MB35UbvXlCTGzykT-11Eu3KwFF8XuV8fjEBnMHo3Mg8y6OgaQw==
717a5e38ff7262d
salla.sa/cdn-cgi/challenge-platform/h/b/flow/ov1/0.4910463492071364:1668389090:PAtHX7o8f3FI7kvihUnCZ2ug0Zq2bsjV-2g2J56uU6M/769c342b48ea5c0e/ 		121 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://salla.sa/cdn-cgi/challenge-platform/h/b/flow/ov1/0.4910463492071364:1668389090:PAtHX7o8f3FI7kvihUnCZ2ug0Zq2bsjV-2g2J56uU6M/769c342b48ea5c0e/717a5e38ff7262d
Requested by
Host: salla.sa
URL: https://salla.sa/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=769c342b48ea5c0e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ce402e5acbf0ae16e4d967b8d5ab43102904d28752bb434b51119f397f5e072
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://salla.sa/saless/redirect
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
CF-Challenge
717a5e38ff7262d
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 14 Nov 2022 02:09:13 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf_chl_gen
k3ihUUSd2kIGQk9G+BgItfSqGA2CBT1kqvwZOLZSorLKVWY5BxscVrljsBXvaFXfURprDelJfeMpx4qaKi24glZdhPGMx6L5LRiQXT4TByP5mHOh5hgz+Tg5VE381BTnPOrsF3Usd/bzQiBLDVeLcxSbq5o76qAlRO83BzO8BOZX/CjprzWrpXWD64pgUIb7O9LDRBI4qstkFy4Lpbc1wU0DM32i9kHi6UPejDAnunxYmFL/WYr80NJvqgokrLTmau7QogzsEMgtNdkzDAlZA+hdqTOhg1mMcZpnb48gESW/PDd/94raS8NUHgaDe618NoHjhA8luAaLEawqqTHy/oFRtlrQX7uirFxRTnmEMsibK2pDlVZ3ve8GVA8KocpOryUeXd5uoiqxL87W6UMCiw==$auwNhfj4DiqC5epn96CoaA==
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
769c342d5e92914c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
2nAVbfoNcl4aZe8
salla.sa/cdn-cgi/challenge-platform/h/b/pat/769c342b48ea5c0e/1668391753837/eeccb4d9f5f67f7ff61b35a10d510d8e20e371a49a5971320d9cc2f4d6476aca/ 		1 B
664 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://salla.sa/cdn-cgi/challenge-platform/h/b/pat/769c342b48ea5c0e/1668391753837/eeccb4d9f5f67f7ff61b35a10d510d8e20e371a49a5971320d9cc2f4d6476aca/2nAVbfoNcl4aZe8
Requested by
Host: salla.sa
URL: https://salla.sa/saless/redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salla.sa/saless/redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 02:09:14 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g7sy02fX2f3_2GzWhDVENjiDjcaSaWXEyDZzC9NZHasoACHNhbGxhLnNh, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAkDDHAv0_hfC3lSkTsrb8nKfmRubZWxNV158qn5dYLebX6g0Vy8HVSi78-dHicrpAj4Ojwz4z19QVOy8VfaOcDf6lmUrpYDNz4yxc9H_rxIVPtMjzKsxfM92BuSEurGp5Fw_sIPmErg0iZL6EAvF9gs6cHBIRjm0FvVl4z0FEl2xAzCAjqUDnimdoA--s0mIRRwB7ocpQiMIJf4GyBgUA0BtKxK8B2gyJx1T_rWUkXa31bgrck3XU37ykv4-ZBku4rJmALCSKkfFSRnQ1JBoROBrIHvFIwxFOEgXpNBAJHhmGw12fshzkTuvD1LCphjFqvKPADnBoaVY4VDMk4z5LxQIDAQAB, max-age=15
x-content-type-options
nosniff
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
769c34331df7914c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i_vyY31DjHFpFnT
salla.sa/cdn-cgi/challenge-platform/h/b/img/769c342b48ea5c0e/1668391753840/ 		61 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://salla.sa/cdn-cgi/challenge-platform/h/b/img/769c342b48ea5c0e/1668391753840/i_vyY31DjHFpFnT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84037a060f168f740be099ae8caae4913ddb1bb1887515b0dc447dc0eabf13da
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salla.sa/saless/redirect
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 02:09:15 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
769c3436ca9c914c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
717a5e38ff7262d
salla.sa/cdn-cgi/challenge-platform/h/b/flow/ov1/0.4910463492071364:1668389090:PAtHX7o8f3FI7kvihUnCZ2ug0Zq2bsjV-2g2J56uU6M/769c342b48ea5c0e/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://salla.sa/cdn-cgi/challenge-platform/h/b/flow/ov1/0.4910463492071364:1668389090:PAtHX7o8f3FI7kvihUnCZ2ug0Zq2bsjV-2g2J56uU6M/769c342b48ea5c0e/717a5e38ff7262d
Requested by
Host: salla.sa
URL: https://salla.sa/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=769c342b48ea5c0e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::6812:2660 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
816566850acbd46a03c9b4d6376492e6cbc1fc0773c8c2914f21da748fcbd978
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://salla.sa/saless/redirect
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
CF-Challenge
717a5e38ff7262d
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 14 Nov 2022 02:09:15 GMT
strict-transport-security
max-age=2592000; includeSubDomains; preload
x-content-type-options
nosniff
cf_chl_gen
f/qFmdHAwNIwXjhpXEg+FFhPs13YV/NBYGGeDjeUV+w=$vnkXmRkCOZnoO0yys9I6yg==
content-encoding
br
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
769c34374b3a914c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
api.js
challenges.cloudflare.com/turnstile/v0/bd37fbc5/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
  • https://challenges.cloudflare.com/turnstile/v0/bd37fbc5/api.js?onload=_cf_chl_turnstile_l&render=explicit
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/bd37fbc5/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65cf0421c1ac721ccf5a22efbcace614b66457485f0711e36790c0e2c8131459

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 02:09:15 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000
cf-ray
769c34384cfd9b1c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 14 Nov 2022 02:09:15 GMT
server
cloudflare
vary
Accept-Encoding
location
/turnstile/v0/bd37fbc5/api.js?onload=_cf_chl_turnstile_l&render=explicit
cache-control
max-age: 300
cf-ray
769c3437edc1bbe5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/turnstile/if/ov2/av0/e9x3j/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 9A75 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/turnstile/if/ov2/av0/e9x3j/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
458183cf7e46bc1e089f7c50b41d9e20caf920d621bad227450acf235928f23e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
769c3438ad5d9b1c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
credentialless
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 14 Nov 2022 02:09:15 GMT
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 9A75 		54 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=769c3438ad5d9b1c
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/turnstile/if/ov2/av0/e9x3j/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0a2abd4a8940f38bbfdddc9c6d378531a082f1660b3e15f99d081a1e6179fae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/turnstile/if/ov2/av0/e9x3j/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 02:09:15 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
769c3438dda09b1c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
a0f616079277bfe
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8032462739373349:1668389098:_sdtbu9S5Lqi7eOpjEQyxrefEYz03-JU7g8qVIOzBo8/769c3438ad5d9b1c/ Frame 9A75 		112 KB
62 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8032462739373349:1668389098:_sdtbu9S5Lqi7eOpjEQyxrefEYz03-JU7g8qVIOzBo8/769c3438ad5d9b1c/a0f616079277bfe
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=769c3438ad5d9b1c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b909919edf848a5f9654c784202804625ba4b216a40796a839860419ae124889

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/turnstile/if/ov2/av0/e9x3j/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
CF-Challenge
a0f616079277bfe
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 14 Nov 2022 02:09:15 GMT
content-encoding
br
cf_chl_gen
zRd0WMDO4laZmtCq4Ecf8hOGL5dnkYPe7wdxrbTizW72g17D2SFBZ6VE8Mq6qAjoleOZY7WT77cZMr5ffrtfe9dYGhUhud43kJFgItaJ+xbEYNz8KDhwwb6DYkTM9VIZ6nSxqJxx8ortfHfHsW5QTx8z8nzMjhgTEPmfWH0LbY7Bhoa91uiRz3sNk2CacA4hfhEk34s7MYDT3kGjUZjsg2miKv2BRBuhVoJUodVbWB7O0fT5X1F+E8DW9qIdjgtrRggrYSxUMoChwGJT82Qt7syHL2VCJpnLVIQQAJPwnbhaUwQg6w6Id2jF9gMBoDnN6+EK+bO7Qb0V1OfEXGBg67Vp2Wgc/Um/czcTnQWa+6+pKWcjMxtisaCRs77CiG3dDzf6G9B15exOQwZdFDrxhHck7dvtUqGCUlBXZY7ZfpY=$20gqnjy2gMSzearfqt4/bA==
server
cloudflare
cf-ray
769c3439deea9b1c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
A_Dzb_TkqhW2dDj
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/769c3438ad5d9b1c/1668391755822/fd562ff5c9e7b93f82273416ef090853a51b8b6c1f5e29356650ab9c3f15d914/ Frame 9A75 		1 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/769c3438ad5d9b1c/1668391755822/fd562ff5c9e7b93f82273416ef090853a51b8b6c1f5e29356650ab9c3f15d914/A_Dzb_TkqhW2dDj
Requested by
Host: salla.sa
URL: https://salla.sa/saless/redirect
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/turnstile/if/ov2/av0/e9x3j/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 02:09:15 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g_VYv9cnnuT-CJzQW7wkIU6Ubi2wfXik1ZlCrnD8V2RQAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAkDDHAv0_hfC3lSkTsrb8nKfmRubZWxNV158qn5dYLebX6g0Vy8HVSi78-dHicrpAj4Ojwz4z19QVOy8VfaOcDf6lmUrpYDNz4yxc9H_rxIVPtMjzKsxfM92BuSEurGp5Fw_sIPmErg0iZL6EAvF9gs6cHBIRjm0FvVl4z0FEl2xAzCAjqUDnimdoA--s0mIRRwB7ocpQiMIJf4GyBgUA0BtKxK8B2gyJx1T_rWUkXa31bgrck3XU37ykv4-ZBku4rJmALCSKkfFSRnQ1JBoROBrIHvFIwxFOEgXpNBAJHhmGw12fshzkTuvD1LCphjFqvKPADnBoaVY4VDMk4z5LxQIDAQAB, max-age=15
server
cloudflare
cf-ray
769c343ab8149b1c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
OHYwzzU8TRaP4wk
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/769c3438ad5d9b1c/1668391755826/ Frame 9A75 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/img/769c3438ad5d9b1c/1668391755826/OHYwzzU8TRaP4wk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc1402ddccd268c9ddc11cfb79449242e0fd51dad149e09bb309838c479c60d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/turnstile/if/ov2/av0/e9x3j/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 02:09:16 GMT
server
cloudflare
cf-ray
769c343b89399b1c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
a0f616079277bfe
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8032462739373349:1668389098:_sdtbu9S5Lqi7eOpjEQyxrefEYz03-JU7g8qVIOzBo8/769c3438ad5d9b1c/ Frame 9A75 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.8032462739373349:1668389098:_sdtbu9S5Lqi7eOpjEQyxrefEYz03-JU7g8qVIOzBo8/769c3438ad5d9b1c/a0f616079277bfe
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=769c3438ad5d9b1c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
947d1044fe780e127ec7a01a3e7fa83fc5e82c86f87eea308793ac4eeee58647

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/turnstile/if/ov2/av0/e9x3j/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
CF-Challenge
a0f616079277bfe
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 14 Nov 2022 02:09:16 GMT
content-encoding
br
cf_chl_gen
ojIcyrZX0gY2PlPpZkSOJFQ6cWlkDTMxC3ytHguijrY=$z0CeRj0UKlhUxS5zK3G4Hg==
server
cloudflare
cf-ray
769c34401e5d9b1c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _cf_chl_opt function| sendRequest function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| SHA256 function| _cf_chl_hload object| _cf_chl_ctx string| prefix string| _cf_chl_hlep object| Raven object| hcaptcha boolean| _cf_chl_hloaded object| _ undefined| _cf_gcr function| _cf_chl_turnstile_l object| cfChallengeAPI object| turnstile

7 Cookies

Domain/Path Name / Value
saless.online/ Name: XSRF-TOKEN
Value: eyJpdiI6IkZlS3JGejFVb1hDL0NXMWhyTU9aUGc9PSIsInZhbHVlIjoiNTNtd0RXcFdLSmZkcmFPMDlhZnE4OGxjWXBUYnBtSHRONXg3VlFWTjJzdlFGR2tzb2tTZEpRNklMRjY3L2hPSkpOYjBpNXh2UUVjVElTMjNPSVhScDZsL1RDeWgyQXFnUXRYNVVQaGF3eEpBS0VNZUVSWmw4dk83Z0hUUGdXd1YiLCJtYWMiOiJhOGIwMjZhNTk5NzYwZWE3ZmE3ZDY5YWE4OGI4YzVlMTkyMmYwNzRlNzFhZjNmNmJlMmFiYTk0Y2QzMDA1OGEwIiwidGFnIjoiIn0%3D
saless.online/ Name: sss
Value: eyJpdiI6ImphQi9yUFUrWnRxOUxiOWRuVGRidGc9PSIsInZhbHVlIjoiZU1LZ2hYbVRzRkNsbGpYcjVRUW0yN01tY0pibWJhTmJCTHFpVis3cEwwcXV4S2VFWFlSMjN0OGVaNGpkbGt2Q1I2M3d3R0lFeHlpb3VjdHFlNHEwMVdsQzY3eDJoMGdORG1DVVlvbWdoWVhtcm56L3EvMG5UeHlZYUN6cmZFMTIiLCJtYWMiOiI4NDZmMTE5MmY3Zjg5Mzk4N2FhMmNlYjQzNjU0NjI2ZjkyMjllNDllNWE2MDQyZGFmYjFjNjA4NzA5NjIxZGM2IiwidGFnIjoiIn0%3D
saless.online/ Name: __cflb
Value: 02DiuD4eCte36DECkBWv6qFYeGjShuduqUvcvZbcBFusr
.salla.sa/ Name: __cf_bm
Value: DobqhMOdNE3CcWt1DmEauIQps762DoijP0o.hslPmgM-1668391753-0-Adp23OGHPfQao4eIOMcCCdJToM3jvjYX0fcQGip9iNgeFS3Bc1DOHczwI3f1GoWFJ0u3qN2zlAda4BdJ6n9V//Y=
salla.sa/ Name: cf_chl_2
Value: 717a5e38ff7262d
salla.sa/ Name: cf_chl_prog
Value: b
challenges.cloudflare.com/ Name: cf_chl_prog
Value: b

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://salla.sa/saless/redirect
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://salla.sa/cdn-cgi/challenge-platform/h/b/pat/769c342b48ea5c0e/1668391753837/eeccb4d9f5f67f7ff61b35a10d510d8e20e371a49a5971320d9cc2f4d6476aca/2nAVbfoNcl4aZe8
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/769c3438ad5d9b1c/1668391755822/fd562ff5c9e7b93f82273416ef090853a51b8b6c1f5e29356650ab9c3f15d914/A_Dzb_TkqhW2dDj
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN