Submitted URL: https://www.tiktok.com/link/v2?aid=1988&lang=br-PL&scene=bio_url&target=https%3A%2F%2Fwww.google.com.sb%2Furl%3Ffnc%3Da...
Effective URL: https://agnetic-triton.com/?email=martin.hooijmans@flixbus.com
Submission: On December 12 via manual from DE — Scanned from DE

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 172.67.158.3, located in United States and belongs to CLOUDFLARENET, US. The main domain is agnetic-triton.com.
TLS certificate: Issued by WE1 on November 28th 2024. Valid for: 3 months.
This is the only time agnetic-triton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 23.36.163.27 20940 (AKAMAI-AS...)
2 2 172.217.16.195 15169 (GOOGLE)
1 185.55.226.36 201999 (Serverpar...)
1 8 172.67.158.3 13335 (CLOUDFLAR...)
10 3
Apex Domain
Subdomains
Transfer
8 agnetic-triton.com
agnetic-triton.com
17 KB
2 google.com.sb
www.google.com.sb — Cisco Umbrella Rank: 44485
2 KB
1 nasajikavian.com
nasajikavian.com
21 KB
1 tiktok.com
www.tiktok.com — Cisco Umbrella Rank: 4406
4 KB
10 4
Domain Requested by
8 agnetic-triton.com 1 redirects nasajikavian.com
agnetic-triton.com
2 www.google.com.sb 2 redirects
1 nasajikavian.com
1 www.tiktok.com 1 redirects
10 4

This site contains no links.

Subject Issuer Validity Valid
*.nasajikavian.com
R10
2024-10-22 -
2025-01-20
3 months crt.sh
agnetic-triton.com
WE1
2024-11-28 -
2025-02-26
3 months crt.sh

This page contains 3 frames:

Primary Page: https://agnetic-triton.com/?email=martin.hooijmans@flixbus.com
Frame ID: 20ECDAF15298F1B60D227D1079489F54
Requests: 6 HTTP requests in this frame

Frame: https://agnetic-triton.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js
Frame ID: A28648E64E04ABC83A0261BFED6B564F
Requests: 2 HTTP requests in this frame

Frame: https://agnetic-triton.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: 8196CCEE7086E15CAB3D60550D238B94
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

403 Forbidden

Page URL History Show full URLs

  1. https://www.tiktok.com/link/v2?aid=1988&lang=br-PL&scene=bio_url&target=https%3A%2F%2Fwww.google.co... HTTP 302
    https://www.google.com.sb/url?db=oBemf3zEg5VOxgJRxd3H&fg=SSndprYXntqQtLjEHziw&fnc=a9XTEoexMBpyPYn99soX... HTTP 302
    https://www.google.com.sb/amp/nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ== HTTP 302
    http://nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ== HTTP 307
    https://nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ== Page URL
  2. https://agnetic-triton.com/?email=martin.hooijmans@flixbus.com Page URL
  3. https://agnetic-triton.com/?email=martin.hooijmans@flixbus.com Page URL

Page Statistics

10
Requests

60 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

37 kB
Transfer

86 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.tiktok.com/link/v2?aid=1988&lang=br-PL&scene=bio_url&target=https%3A%2F%2Fwww.google.com.sb%2Furl%3Ffnc%3Da9XTEoexMBpyPYn99soX%26ndp%3Dm6lKEDZMuBIQeZn7RBkX%26sa%3Dt%26pfuv%3DBY2IJKbokHGBEdfDSRyz%26ncbe%3DtA02sXUJ4dkStFSKl5Bg%26db%3DoBemf3zEg5VOxgJRxd3H%26fg%3DSSndprYXntqQtLjEHziw%26url%3Damp%252F%6E%61%73%61%6A%69%6B%61%76%69%61%6E%2E%63%6F%6D%2F%6A%6A%2FkN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ== HTTP 302
    https://www.google.com.sb/url?db=oBemf3zEg5VOxgJRxd3H&fg=SSndprYXntqQtLjEHziw&fnc=a9XTEoexMBpyPYn99soX&ncbe=tA02sXUJ4dkStFSKl5Bg&ndp=m6lKEDZMuBIQeZn7RBkX&pfuv=BY2IJKbokHGBEdfDSRyz&sa=t&safe=active&url=amp%2Fnasajikavian.com%2Fjj%2FkN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ%3D%3D HTTP 302
    https://www.google.com.sb/amp/nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ== HTTP 302
    http://nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ== HTTP 307
    https://nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ== Page URL
  2. https://agnetic-triton.com/?email=martin.hooijmans@flixbus.com Page URL
  3. https://agnetic-triton.com/?email=martin.hooijmans@flixbus.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.tiktok.com/link/v2?aid=1988&lang=br-PL&scene=bio_url&target=https%3A%2F%2Fwww.google.com.sb%2Furl%3Ffnc%3Da9XTEoexMBpyPYn99soX%26ndp%3Dm6lKEDZMuBIQeZn7RBkX%26sa%3Dt%26pfuv%3DBY2IJKbokHGBEdfDSRyz%26ncbe%3DtA02sXUJ4dkStFSKl5Bg%26db%3DoBemf3zEg5VOxgJRxd3H%26fg%3DSSndprYXntqQtLjEHziw%26url%3Damp%252F%6E%61%73%61%6A%69%6B%61%76%69%61%6E%2E%63%6F%6D%2F%6A%6A%2FkN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ== HTTP 302
  • https://www.google.com.sb/url?db=oBemf3zEg5VOxgJRxd3H&fg=SSndprYXntqQtLjEHziw&fnc=a9XTEoexMBpyPYn99soX&ncbe=tA02sXUJ4dkStFSKl5Bg&ndp=m6lKEDZMuBIQeZn7RBkX&pfuv=BY2IJKbokHGBEdfDSRyz&sa=t&safe=active&url=amp%2Fnasajikavian.com%2Fjj%2FkN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ%3D%3D HTTP 302
  • https://www.google.com.sb/amp/nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ== HTTP 302
  • http://nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ== HTTP 307
  • https://nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ==
Request Chain 3
  • https://agnetic-triton.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://agnetic-triton.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ==
nasajikavian.com/jj/
Redirect Chain
  • https://www.tiktok.com/link/v2?aid=1988&lang=br-PL&scene=bio_url&target=https%3A%2F%2Fwww.google.com.sb%2Furl%3Ffnc%3Da9XTEoexMBpyPYn99soX%26ndp%3Dm6lKEDZMuBIQeZn7RBkX%26sa%3Dt%26pfuv%3DBY2IJKbokHG...
  • https://www.google.com.sb/url?db=oBemf3zEg5VOxgJRxd3H&fg=SSndprYXntqQtLjEHziw&fnc=a9XTEoexMBpyPYn99soX&ncbe=tA02sXUJ4dkStFSKl5Bg&ndp=m6lKEDZMuBIQeZn7RBkX&pfuv=BY2IJKbokHGBEdfDSRyz&sa=t&safe=active&...
  • https://www.google.com.sb/amp/nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ==
  • http://nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ==
  • https://nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ==
60 KB
21 KB
Document
General
Full URL
https://nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.55.226.36 , Iran, Islamic Republic Of, ASN201999 (Serverpars Fanavari Serverpars Argham Gostar Company Ltd., IR),
Reverse DNS
guard.dnswebhost.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 11:01:13 GMT
vary
Accept-Encoding

Redirect headers

Location
https://nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ==
Non-Authoritative-Reason
HttpsUpgrades
/
agnetic-triton.com/
7 KB
8 KB
Document
General
Full URL
https://agnetic-triton.com/?email=martin.hooijmans@flixbus.com
Requested by
Host: nasajikavian.com
URL: https://nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.158.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://nasajikavian.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8f0d374baed8e4ae-OTP
content-type
text/html; charset=utf-8
date
Thu, 12 Dec 2024 11:01:21 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rH%2FLqxzdQjQM%2F%2BBvrPhCNWLuIIG17tzGfSvfwHFStriz2RbaV1V%2F%2BRyw7GE8fJtXj6xMka1zf%2BKhMwvO2bt5qHzY5Vsw0955JO%2F2cYhZfrxpQ5X9gOQETG6C7EwMuRKZ5DPkGao%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=33753&min_rtt=26254&rtt_var=17446&sent=9&recv=10&lost=0&retrans=0&sent_bytes=3935&recv_bytes=2327&delivery_rate=153717&cwnd=254&unsent_bytes=0&cid=f8e2258159ba9503&ts=457&x=0"
x-content-type-options
nosniff nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block 1; mode=block
/
agnetic-triton.com/
0
872 B
XHR
General
Full URL
https://agnetic-triton.com/?email=martin.hooijmans@flixbus.com
Requested by
Host: nasajikavian.com
URL: https://nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.158.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

X-Requested-TimeStamp-Combination
Referer
https://agnetic-triton.com/?email=martin.hooijmans@flixbus.com
DdTimzJVJw6XcTmD1XQefvAj5PE
31363235
X-Requested-TimeStamp
X-Requested-Type-Combination
GET
EW9YoUGKq7o7wzlJyAtWyC6ng4
ITY3RaXgfNcU70yrX5EbBPpafo
X-Requested-with
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-Requested-Type
GET
Content-type
application/x-www-form-urlencoded
X-Requested-TimeStamp-Expire

Response headers

cache-control
public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-server-powered-by
Engintron
cf-cache-status
DYNAMIC
pragma
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=10ag%2FJy4PiTZnXxCHoRs%2BZtByM6yS%2Fo7giQj2Ek94GI26M0CikXWBM%2FYedfBNozxJ4onhLWy71Ii%2BJgSi2uVVDjC%2FTQE63%2BJKv0gdY3Ts%2B3tZrJskMD8956bkzq%2FBYn3poCdeHM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
cf-ray
8f0d374f2cd0e4ae-OTP
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=36911&min_rtt=26065&rtt_var=15326&sent=22&recv=19&lost=0&retrans=0&sent_bytes=13218&recv_bytes=3228&delivery_rate=327641&cwnd=254&unsent_bytes=0&cid=f8e2258159ba9503&ts=977&x=0"
date
Thu, 12 Dec 2024 11:01:22 GMT
x-xss-protection
1; mode=block, 1; mode=block
server
cloudflare
x-frame-options
SAMEORIGIN
main.js
agnetic-triton.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/ Frame A286
Redirect Chain
  • https://agnetic-triton.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://agnetic-triton.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
9 KB
5 KB
Script
General
Full URL
https://agnetic-triton.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
Protocol
H2
Server
172.67.158.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2BajUEN0w0mqSIMRiG%2F79w%2BcONhPv%2BjEEvJsKq%2BTLUQ%2BPWF5nhxXbiuKp6B61dAvP5C5HUc%2FtwcoBAZzSXv%2BdZH8BQE6cRPL2x5iNzJ%2BaGBia0vgsh%2FByEgV%2B2nihlTI%2FI%2Fg%2FTw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f0d374fadd3e4ae-OTP
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=36182&min_rtt=26065&rtt_var=12953&sent=23&recv=20&lost=0&retrans=0&sent_bytes=14112&recv_bytes=3328&delivery_rate=327641&cwnd=254&unsent_bytes=0&cid=f8e2258159ba9503&ts=1016&x=0"
date
Thu, 12 Dec 2024 11:01:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f9063374b04d/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DEIMcuFx%2FhN%2FkXL3D8TEANt%2BBxYT9MI%2BYJl0PlmoGkH1mC%2FiSl9dkjGkmG4XGp9QSqwUgO21xeaPrMRo8TeHzA%2BbAT7biUOmFz8LNcYbjU3rF4nhrM9AXK%2F6xijkxI2ph%2BB%2FGwo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0d374f2cd2e4ae-OTP
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=TCP&rtt=38461&min_rtt=26254&rtt_var=16302&sent=21&recv=17&lost=0&retrans=0&sent_bytes=12639&recv_bytes=3108&delivery_rate=327641&cwnd=254&unsent_bytes=0&cid=f8e2258159ba9503&ts=934&x=0"
date
Thu, 12 Dec 2024 11:01:22 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
agnetic-triton.com/
0
0

Primary Request /
agnetic-triton.com/
1 KB
1 KB
Document
General
Full URL
https://agnetic-triton.com/?email=martin.hooijmans@flixbus.com
Requested by
Host: nasajikavian.com
URL: https://nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.158.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c171e50ee2ab3009cf8a7e799903565ecaa67005680e76dd4946794f34a9e4fd
Security Headers
Name Value
X-Content-Type-Options nosniff nosniff
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://agnetic-triton.com/?email=martin.hooijmans@flixbus.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0d37501e99e4ae-OTP
content-encoding
zstd
content-type
text/html
date
Thu, 12 Dec 2024 11:01:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1fA62J7YFKaLOAVgLctwu4dBvEp8m6r6LxM6vOD8yglerRzjUIzXqrleJyZYojPHy8mifCtOLjb2j0cfcS1S7SvVEarJsqiRVZtB39xhM7uKFoL9p%2FznqEcDzENijGwSnmQxTbg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=31264&min_rtt=26065&rtt_var=6840&sent=41&recv=27&lost=0&retrans=0&sent_bytes=26304&recv_bytes=3615&delivery_rate=409539&cwnd=254&unsent_bytes=0&cid=f8e2258159ba9503&ts=1122&x=0"
vary
Accept-Encoding
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block 1; mode=block
8f0d374baed8e4ae
agnetic-triton.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame A286
0
0

main.js
agnetic-triton.com/cdn-cgi/challenge-platform/scripts/jsd/ Frame 8196
9 KB
0
Script
General
Full URL
https://agnetic-triton.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Requested by
Host: nasajikavian.com
URL: https://nasajikavian.com/jj/kN5soE-SUREJACKbWFydGluLmhvb2lqbWFuc0BmbGl4YnVzLmNvbQ==
Protocol
H2
Server
172.67.158.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf7cdbba2f384c57951a4d867643b96dcbf93084a43af9c3808157b2e756ee6d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2BajUEN0w0mqSIMRiG%2F79w%2BcONhPv%2BjEEvJsKq%2BTLUQ%2BPWF5nhxXbiuKp6B61dAvP5C5HUc%2FtwcoBAZzSXv%2BdZH8BQE6cRPL2x5iNzJ%2BaGBia0vgsh%2FByEgV%2B2nihlTI%2FI%2Fg%2FTw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f0d374fadd3e4ae-OTP
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=36182&min_rtt=26065&rtt_var=12953&sent=23&recv=20&lost=0&retrans=0&sent_bytes=14112&recv_bytes=3328&delivery_rate=327641&cwnd=254&unsent_bytes=0&cid=f8e2258159ba9503&ts=1016&x=0"
date
Thu, 12 Dec 2024 11:01:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
8f0d37501e99e4ae
agnetic-triton.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 8196
0
1013 B
XHR
General
Full URL
https://agnetic-triton.com/cdn-cgi/challenge-platform/h/g/jsd/r/8f0d37501e99e4ae
Requested by
Host: agnetic-triton.com
URL: https://agnetic-triton.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.158.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Qq2HDZgOBX7BnPOajtOGrsETZdSFyUAVtK21JFlm59mc%2BWCVkDqqeauzwARqJza%2BhnQ56GDB3AxeH3n07pj80lfogctRh8PJiwdFsi9ytzxA6pyOea1jPGetaxRgJy2JNntcg4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0d37529adee4ae-OTP
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=33776&min_rtt=26065&rtt_var=9952&sent=57&recv=48&lost=0&retrans=0&sent_bytes=27479&recv_bytes=20251&delivery_rate=409539&cwnd=254&unsent_bytes=0&cid=f8e2258159ba9503&ts=1523&x=0"
content-length
0
date
Thu, 12 Dec 2024 11:01:23 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
favicon.ico
agnetic-triton.com/
548 B
693 B
Other
General
Full URL
https://agnetic-triton.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.158.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fb23868ebf48348f9e438e00cb9b9d9b3a054f32482a781c762cc4f9cc6393
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://agnetic-triton.com/?email=martin.hooijmans@flixbus.com

Response headers

cache-control
public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
pragma
public
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t5HxTEG%2BRhgTiNUqub7jKQZNa0SvRRrfkZfM52qcxHnKmhAgG2XGwADcav4VJYk82JpmqnAQUxn1YdjExL4pEqS4dSC8bhMMECghM9n3GEDYbGobafmuEWJYYgUjGTBzZUh5%2FGc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff, nosniff
cf-ray
8f0d3752aae8e4ae-OTP
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=33776&min_rtt=26065&rtt_var=9952&sent=58&recv=48&lost=0&retrans=0&sent_bytes=28514&recv_bytes=20251&delivery_rate=409539&cwnd=254&unsent_bytes=0&cid=f8e2258159ba9503&ts=1528&x=0"
date
Thu, 12 Dec 2024 11:01:23 GMT
x-xss-protection
1; mode=block, 1; mode=block
content-type
text/html
vary
Accept-Encoding
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
agnetic-triton.com
URL
https://agnetic-triton.com/favicon.ico
Domain
agnetic-triton.com
URL
https://agnetic-triton.com/cdn-cgi/challenge-platform/h/g/jsd/r/8f0d374baed8e4ae

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

12 Cookies

Domain/Path Name / Value
.google.com.sb/ Name: NID
Value: 519=zo_IiJdrrLAWlBPYUYoLWJ4WzTh2PICGSI_nWBMo5WYOKyYYJdesbwnvHLMk801fb3EIytkn5MIA5wd1UpgUmUU2TP8f6tCsJvpnqWKXtnYIZpeXdThnKG1uTyr-2AIaNWzC1YaaFL3dF9t1MzZdW5OB65ucwy4INcTMlo2rlZX34ESI3oEJsu9_bhKfIGn1AnCD
agnetic-triton.com/ Name: -tyWmXmfZtmWZ_AX6zTUO-L7kvE
Value: X2yVTCpJ9IoHp9WGSfb9YXkNcRY
agnetic-triton.com/ Name: 2dG2q-vPf84ykxpJ-rQJstJh0ZU
Value: 1734001279
agnetic-triton.com/ Name: TknfbIiwF_AdohEyBH_gxjosnIQ
Value: 1734087679
agnetic-triton.com/ Name: DKPDIjxK7YpgFqXVJRpBGyMDHSE
Value: Ym397RkVpdFaVjuNHoaStWqdPf4
agnetic-triton.com/ Name: 1GxV6k5wrUxF7WZwyZD1uZMyaRk
Value: w0vP-xb6EB5JDbVmJdKM2NCanC0
agnetic-triton.com/ Name: Kw84NwaeZbd4uM5JYkAQgRv2sYM
Value: rYzEj72XKDHumYph2ZmFUvaOiMQ
agnetic-triton.com/ Name: FJsSeccUxs6UooWKxbgLq-j2wto
Value: 1734001280
agnetic-triton.com/ Name: JIhTRmG7seqAKlxrWxyyR4fIc3Q
Value: 1734087680
agnetic-triton.com/ Name: p2yFsTQwYrT-ZZhrtrzZeSc_uyg
Value: IyasbNfrVxHpZw_JK7_uIkI1xwQ
agnetic-triton.com/ Name: L-m3Os5EgqBZHpaZYDNpj9xk23s
Value: jghQGBj2LgKyxHxVir7NxWQ1dhs
.agnetic-triton.com/ Name: cf_clearance
Value: VU_NFucqQXap68yGoBovDd3o0rb9D_cgJlvIl1OhEbY-1734001283-1.2.1.1-Y0HvtNo.SR.ksVTlBudqg_vuPnOx.0hL7ZpzlJlF0BuDnkco1FbizaQOTYwZOewns9dIcpbcbufDgJVISLG._MBGJTmSmvTs5Jrl2DnJQe1LdGhSaIlQgIovVq2kKxPbYJ2Q.ax6d7yq1A3PQXpBj22lNXfLIwVAlcQlBmq9e2_lefwodtbXXqquqK26bEAzQVFwLLN4CFHkl16QkSq8SkYcZ5KNXkoX1FJCErUsgS_TywqH1Kxn7EApsZddHuM4Xo7PLzyQjz9P84V6wKZ6tFYratiQtjem7aQXuvLJ1Gz9xoqNM8hU4Extwtklj1LhIEZJnfkVQFyJ4okvnLAW9bNkHT2llgeITDQZgkl0.odURWY_is8vS0zAYBljfik0

3 Console Messages

Source Level URL
Text
network error URL: https://agnetic-triton.com/?email=martin.hooijmans@flixbus.com
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://agnetic-triton.com/?email=martin.hooijmans@flixbus.com
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://agnetic-triton.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()