urlscan.io logo urlscan.io
SecurityTrails logo

www.xtremechat.com Open in urlscan Pro
172.64.146.217  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://o4z.thecreativequadrant.com/ga/click/2-53718369-31-248414-1792832-1246299-685d71644d-dl2f3a6bcc
Effective URL: https://www.xtremechat.com/?code=0x2%3A4b9b596478b474cdf732d37b67e79310b05534391597b8f27aa3555e924aabc4d6a2e8f1fb27bda89db1...
Submission: On December 21 via api from BE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 12 HTTP transactions. The main IP is 172.64.146.217, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is www.xtremechat.com.
TLS certificate: Issued by E5 on November 2nd 2024. Valid for: 3 months.
This is the only time www.xtremechat.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.96.3 13335 (CLOUDFLAR...)
2 2 34.107.223.80 396982 (GOOGLE-CL...)
2 172.64.145.148 13335 (CLOUDFLAR...)
1 172.64.152.25 13335 (CLOUDFLAR...)
5 172.64.146.217 13335 (CLOUDFLAR...)
1 104.18.94.41 13335 (CLOUDFLAR...)
1 104.18.95.41 13335 (CLOUDFLAR...)
12 6
1    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
o4z.thecreativequadrant.com
2    34.107.223.80 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.223.107.34.bc.googleusercontent.com
www.fxmnf8trk.com
www.xn3j2k.com
2    172.64.145.148 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
trk.icetraff.com
1    172.64.152.25 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
imedia.servefilesonly.com
5    172.64.146.217 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
www.xtremechat.com
1    104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
1    104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
5 xtremechat.com
www.xtremechat.com
63 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
16 KB
2 icetraff.com
trk.icetraff.com
973 B
1 servefilesonly.com
imedia.servefilesonly.com — Cisco Umbrella Rank: 465668
85 KB
1 xn3j2k.com
www.xn3j2k.com
666 B
1 fxmnf8trk.com
www.fxmnf8trk.com
813 B
1 thecreativequadrant.com
o4z.thecreativequadrant.com
940 B
12 7
Domain Requested by
5 www.xtremechat.com www.xtremechat.com
2 challenges.cloudflare.com www.xtremechat.com
challenges.cloudflare.com
2 trk.icetraff.com
1 imedia.servefilesonly.com trk.icetraff.com
1 www.xn3j2k.com 1 redirects
1 www.fxmnf8trk.com 1 redirects
1 o4z.thecreativequadrant.com 1 redirects
12 7

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
icetraff.com
E5		 2024-11-08 -
2025-02-06		 3 months crt.sh
servefilesonly.com
E5		 2024-12-02 -
2025-03-02		 3 months crt.sh
xtremechat.com
E5		 2024-11-02 -
2025-01-31		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.xtremechat.com/?code=0x2%3A4b9b596478b474cdf732d37b67e79310b05534391597b8f27aa3555e924aabc4d6a2e8f1fb27bda89db1cc2a06d55604633b0fff849777bad43d967b6f7607ea&weblogin=1&src=ra
Frame ID: 4DE5FD4AC32CFB6E4024B795171A372B
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/f5268/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: 8C39A324439BBC3A051361D90F879BEB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Even geduld...

Page URL History Show full URLs

  1. https://o4z.thecreativequadrant.com/ga/click/2-53718369-31-248414-1792832-1246299-685d71644d-dl2f3a6bcc HTTP 302
    https://www.fxmnf8trk.com/cmp/RGN7X8/2XS9PF/?source_id=DR&sub2=BBK&sub3=tau.li%40web.de&sub1=BBK6 HTTP 302
    https://www.xn3j2k.com/cmp/RGN7X8/25D7F3/?__rpt=0&__po=700&__ptid=336247dd7dba41b7a0d850d455912a3e&... HTTP 302
    https://trk.icetraff.com/epassing?tpcampid=2120fa80-9e7a-4437-8506-bb7681cad769&subPublisher=903&el=t... Page URL
  2. https://www.xtremechat.com/?code=0x2%3A4b9b596478b474cdf732d37b67e79310b05534391597b8f27aa3555e924aabc4... Page URL

Page Statistics

12
Requests

83 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

165 kB
Transfer

265 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://o4z.thecreativequadrant.com/ga/click/2-53718369-31-248414-1792832-1246299-685d71644d-dl2f3a6bcc HTTP 302
    https://www.fxmnf8trk.com/cmp/RGN7X8/2XS9PF/?source_id=DR&sub2=BBK&sub3=tau.li%40web.de&sub1=BBK6 HTTP 302
    https://www.xn3j2k.com/cmp/RGN7X8/25D7F3/?__rpt=0&__po=700&__ptid=336247dd7dba41b7a0d850d455912a3e&__rpa=1&__rc=1&sub1=BBK6&sub2=BBK&sub3=tau.li%40web.de&sub4=&sub5=&source_id=DR&__pcd=1 HTTP 302
    https://trk.icetraff.com/epassing?tpcampid=2120fa80-9e7a-4437-8506-bb7681cad769&subPublisher=903&el=tau.li%40web.de&loading=1 Page URL
  2. https://www.xtremechat.com/?code=0x2%3A4b9b596478b474cdf732d37b67e79310b05534391597b8f27aa3555e924aabc4d6a2e8f1fb27bda89db1cc2a06d55604633b0fff849777bad43d967b6f7607ea&weblogin=1&src=ra Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://o4z.thecreativequadrant.com/ga/click/2-53718369-31-248414-1792832-1246299-685d71644d-dl2f3a6bcc HTTP 302
  • https://www.fxmnf8trk.com/cmp/RGN7X8/2XS9PF/?source_id=DR&sub2=BBK&sub3=tau.li%40web.de&sub1=BBK6 HTTP 302
  • https://www.xn3j2k.com/cmp/RGN7X8/25D7F3/?__rpt=0&__po=700&__ptid=336247dd7dba41b7a0d850d455912a3e&__rpa=1&__rc=1&sub1=BBK6&sub2=BBK&sub3=tau.li%40web.de&sub4=&sub5=&source_id=DR&__pcd=1 HTTP 302
  • https://trk.icetraff.com/epassing?tpcampid=2120fa80-9e7a-4437-8506-bb7681cad769&subPublisher=903&el=tau.li%40web.de&loading=1

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
epassing
trk.icetraff.com/
Redirect Chain
  • https://o4z.thecreativequadrant.com/ga/click/2-53718369-31-248414-1792832-1246299-685d71644d-dl2f3a6bcc
  • https://www.fxmnf8trk.com/cmp/RGN7X8/2XS9PF/?source_id=DR&sub2=BBK&sub3=tau.li%40web.de&sub1=BBK6
  • https://www.xn3j2k.com/cmp/RGN7X8/25D7F3/?__rpt=0&__po=700&__ptid=336247dd7dba41b7a0d850d455912a3e&__rpa=1&__rc=1&sub1=BBK6&sub2=BBK&sub3=tau.li%40web.de&sub4=&sub5=&source_id=DR&__pcd=1
  • https://trk.icetraff.com/epassing?tpcampid=2120fa80-9e7a-4437-8506-bb7681cad769&subPublisher=903&el=tau.li%40web.de&loading=1
1 KB
784 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trk.icetraff.com/epassing?tpcampid=2120fa80-9e7a-4437-8506-bb7681cad769&subPublisher=903&el=tau.li%40web.de&loading=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.148 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d0083d4f099d06ed66e7dd251edfdde586624afc3067e2e4937256e5068f24a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cf-ray
8f55d892ba8bdbb5-FRA
content-encoding
br
content-type
text/html
date
Sat, 21 Dec 2024 06:34:24 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
160
content-type
text/html; charset=utf-8
date
Sat, 21 Dec 2024 06:34:22 GMT
location
https://trk.icetraff.com/epassing?tpcampid=2120fa80-9e7a-4437-8506-bb7681cad769&subPublisher=903&el=tau.li%40web.de&loading=1
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
baa984ea-965d-4ed7-97ba-aecfaf297cc2
e6fb957c-3af2-41e6-9ce2-6d3114f8b8c8.gif
imedia.servefilesonly.com/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imedia.servefilesonly.com/e6fb957c-3af2-41e6-9ce2-6d3114f8b8c8.gif
Requested by
Host: trk.icetraff.com
URL: https://trk.icetraff.com/epassing?tpcampid=2120fa80-9e7a-4437-8506-bb7681cad769&subPublisher=903&el=tau.li%40web.de&loading=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.25 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49ad40864d85d905b89218a290ec3639308089c74dc584b7e6a8e360a3bb4308

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://trk.icetraff.com/

Response headers

cf-cache-status
HIT
etag
"9ea22800efe4c281b773b3570a9fcb3e"
age
362269
expires
Sun, 29 Dec 2024 06:34:24 GMT
x-cache
RefreshHit from cloudfront
x-amz-cf-id
2DE-hZEtr_5d-Ja0bfNTT5O9iVVpY7fRAPpQ0-3pnAUucuJwTyoJ8g==
date
Sat, 21 Dec 2024 06:34:24 GMT
content-type
image/gif
last-modified
Wed, 28 Sep 2022 04:09:36 GMT
vary
accept-encoding
cache-control
public, max-age=691200
via
1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront)
cf-ray
8f55d89f38432baf-FRA
accept-ranges
bytes
content-length
86669
x-amz-cf-pop
FRA56-P8
server
cloudflare
favicon.ico
trk.icetraff.com/ 		0
189 B 		Other
General
Check archive.org
Download Go to
Full URL
https://trk.icetraff.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.145.148 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://trk.icetraff.com/epassing?tpcampid=2120fa80-9e7a-4437-8506-bb7681cad769&subPublisher=903&el=tau.li%40web.de&loading=1

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=14400
cf-cache-status
HIT
age
267
x-trace-id
33dda0536ebc6469c3ffb21bc8ca19e0
cf-ray
8f55d89f9d25dbb5-FRA
expires
Sat, 21 Dec 2024 10:34:24 GMT
accept-ranges
bytes
content-length
0
date
Sat, 21 Dec 2024 06:34:24 GMT
last-modified
Sat, 21 Dec 2024 06:29:57 GMT
vary
Accept-Encoding
server
cloudflare
Primary Request /
www.xtremechat.com/ 		12 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.xtremechat.com/?code=0x2%3A4b9b596478b474cdf732d37b67e79310b05534391597b8f27aa3555e924aabc4d6a2e8f1fb27bda89db1cc2a06d55604633b0fff849777bad43d967b6f7607ea&weblogin=1&src=ra
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.217 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f7494e0348bd5860ed1fda8fa77a91543b83f6f5e4b11593dc41939382a888
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://trk.icetraff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
BIyVDq/jr5f/6mG/N5T8tWF3EC3eMcN35udhhm6v6Xux4XwfKZaS/mvxsxsX5QXpX1bpiO9E8RO0GMfDPXr4dlmuC2fniStzUS7AvDDm+KYmlB1uhbypU2Rdqb84cfboZrusPkcERPxtqfhQH8w/aw==$InKbbxVnUaIDxWuYOiNLEw==
cf-mitigated
challenge
cf-ray
8f55d8a80cc2371a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sat, 21 Dec 2024 06:34:25 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
v1
www.xtremechat.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		96 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.xtremechat.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f55d8a80cc2371a
Requested by
Host: www.xtremechat.com
URL: https://www.xtremechat.com/?code=0x2%3A4b9b596478b474cdf732d37b67e79310b05534391597b8f27aa3555e924aabc4d6a2e8f1fb27bda89db1cc2a06d55604633b0fff849777bad43d967b6f7607ea&weblogin=1&src=ra
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.217 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d185baa7d954ac07e852281341400ada69de370ea2fb5d9fb08c258d7dee7b8f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xtremechat.com/?code=0x2%3A4b9b596478b474cdf732d37b67e79310b05534391597b8f27aa3555e924aabc4d6a2e8f1fb27bda89db1cc2a06d55604633b0fff849777bad43d967b6f7607ea&weblogin=1&src=ra&__cf_chl_rt_tk=g8i1L29uPttGsYOAVItTr.slXEXb_yAk1ClaJUQWHP0-1734762865-1.0.1.1-SYxk88_Mm5XSfh46B5ahJrD1Ok4CRSyCNmW19z0ncFk

Response headers

strict-transport-security
max-age=15552000
cf-ray
8f55d8a85ce0371a-FRA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
br
date
Sat, 21 Dec 2024 06:34:25 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
96ac7266-dadc-4dca-b6fb-b31ebcb41539
https://www.xtremechat.com/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js?onload=WXqDk4&render=explicit
Requested by
Host: www.xtremechat.com
URL: https://www.xtremechat.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f55d8a80cc2371a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aac9e52f80011983676c03ad8120e0369e651e6357d0b05054026a3bc8ec32d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.xtremechat.com
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8f55d8aabc802c29-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 21 Dec 2024 06:34:26 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Dec 2024 17:31:41 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
www.xtremechat.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xtremechat.com/favicon.ico
Requested by
Host: www.xtremechat.com
URL: https://www.xtremechat.com/?code=0x2%3A4b9b596478b474cdf732d37b67e79310b05534391597b8f27aa3555e924aabc4d6a2e8f1fb27bda89db1cc2a06d55604633b0fff849777bad43d967b6f7607ea&weblogin=1&src=ra
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.217 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e82696882c7b2953776c0ae824fa1a7cc1ccd1a79bf35111e20268f8204a60b9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xtremechat.com/?code=0x2%3A4b9b596478b474cdf732d37b67e79310b05534391597b8f27aa3555e924aabc4d6a2e8f1fb27bda89db1cc2a06d55604633b0fff849777bad43d967b6f7607ea&weblogin=1&src=ra

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Sat, 21 Dec 2024 06:34:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
zDTyWd3EakMatss2on6ZnspqskiyrWm69YgurSozoLwRALhK0cit+rz4Vg+X5dM46I3puXkH52p0v/kRa5c5AqfyyWo71Uqn0gqO4eEzg9blJwLqJ+VcHgftB1lY5VPIxydfF6wZ7cBBn8x604+ENA==$02m5o9nG1X3ReJ3OyT1ZBQ==
strict-transport-security
max-age=15552000
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8f55d8a89d04371a-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
7Li7pzKinNJW9jW0nb0SgadzvE5nBCtJeEGp7SV2HB4-1734762865-1.2.1.1-nUyNjE_Sx7wyqtzL9HmujyVPEsqNfexrUoKVnn2HOzvL3zZRyGP2f3cTqkuMgHkT
www.xtremechat.com/cdn-cgi/challenge-platform/h/b/flow/ov1/724000001:1734761534:VAI3piFDXjAueAyDy-7Iz-eQQua9dB1M-WErSFRanRU/8f55d8a80cc2371a/ 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.xtremechat.com/cdn-cgi/challenge-platform/h/b/flow/ov1/724000001:1734761534:VAI3piFDXjAueAyDy-7Iz-eQQua9dB1M-WErSFRanRU/8f55d8a80cc2371a/7Li7pzKinNJW9jW0nb0SgadzvE5nBCtJeEGp7SV2HB4-1734762865-1.2.1.1-nUyNjE_Sx7wyqtzL9HmujyVPEsqNfexrUoKVnn2HOzvL3zZRyGP2f3cTqkuMgHkT
Requested by
Host: www.xtremechat.com
URL: https://www.xtremechat.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f55d8a80cc2371a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.217 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f4a814ba1738bd8ae96728cc2f561b20eae6e7f5eaf59591c24ba3d52e0c68b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.xtremechat.com/?code=0x2%3A4b9b596478b474cdf732d37b67e79310b05534391597b8f27aa3555e924aabc4d6a2e8f1fb27bda89db1cc2a06d55604633b0fff849777bad43d967b6f7607ea&weblogin=1&src=ra
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
7Li7pzKinNJW9jW0nb0SgadzvE5nBCtJeEGp7SV2HB4-1734762865-1.2.1.1-nUyNjE_Sx7wyqtzL9HmujyVPEsqNfexrUoKVnn2HOzvL3zZRyGP2f3cTqkuMgHkT

Response headers

strict-transport-security
max-age=15552000
cf-ray
8f55d8a94d57371a-FRA
content-encoding
br
date
Sat, 21 Dec 2024 06:34:26 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
7SU/NHFWzdYJDGWmHgrU34Bbc7z1wX6HJ1aTyjPVh6lZ7JBgCYtdfy5Du+IhxaRQNA7xKk3fyps=$di/qyhI1RSgp1F51
server
cloudflare
f6e8db11-a61f-4774-a1ec-e379ecac0c07
https://www.xtremechat.com/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/f5268/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame 8C39 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/f5268/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js?onload=WXqDk4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8f55d8ab19de9225-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sat, 21 Dec 2024 06:34:26 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri
favicon.ico
www.xtremechat.com/ 		9 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.xtremechat.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.217 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3815d9dc2ef0b46b3167ab304e3990b010c255feb7428a34c39f82e613cb495
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.xtremechat.com/?code=0x2%3A4b9b596478b474cdf732d37b67e79310b05534391597b8f27aa3555e924aabc4d6a2e8f1fb27bda89db1cc2a06d55604633b0fff849777bad43d967b6f7607ea&weblogin=1&src=ra

Response headers

content-encoding
br
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Sat, 21 Dec 2024 06:34:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
KpkRwesvKV3FwP50dUkEITH0i8waaR7o4ZpaYWLWCbZ2EfdBcPCOWyvz+olTcqYBcO6bzpzz6fEFXTB9JVoYRcThKlDzLADJ+8g43utb60WBKfUp9kAXhH4a/3k2dkSJpvWB0PD7SdythhR2TgPlaA==$CPzh+z2ZIl00hqQp29k6UA==
strict-transport-security
max-age=15552000
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8f55d8abbee5371a-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.xtremechat.com
URL
blob:https://www.xtremechat.com/96ac7266-dadc-4dca-b6fb-b31ebcb41539
Domain
www.xtremechat.com
URL
blob:https://www.xtremechat.com/f6e8db11-a61f-4774-a1ec-e379ecac0c07

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| WXqDk4 boolean| abyo7 function| PmhRk7 function| GVOAr6 function| CScbg6 function| omQod3 function| YHws6 function| Whin0 function| domE8 object| hephn8 object| bOVG4 object| cVGi2 number| VaUI1 object| angular object| qHqZf6 function| _ string| wpvie3 object| turnstile boolean| aRcx2 boolean| nSSnK5

7 Cookies

Domain/Path Name / Value
www.fxmnf8trk.com/ Name: uniqueClick_2XS9PF
Value: f4fb749c-d26c-46e1-980b-d70b916c3039:1734762861
www.fxmnf8trk.com/ Name: transaction_id
Value: 336247dd7dba41b7a0d850d455912a3e
www.xn3j2k.com/ Name: uniqueClick_25D7F3
Value: b6c783ab-1737-4a27-8fd9-6698ecd16ecd:1734762862
www.xn3j2k.com/ Name: transaction_id
Value: 33ba71d103e14320998d564bbbae211a
.icetraff.com/ Name: __cf_bm
Value: 0_ca5HnabCmfatm9cfKqTBLpKkT6jNCQbZdFYYZyWow-1734762864-1.0.1.1-ZTE.dHzpG9TjCawXx73gbub2f6ZfCpylYpdFtKsF21utpi1OPcwGQx5OehuFlJ5QRk1aUWx5SYAjDtXF11qMDQ
.servefilesonly.com/ Name: __cf_bm
Value: DCsa21gu.0RXAaQYxXCO0pZnYQg2UrlFp6T_jPxgo0Y-1734762864-1.0.1.1-.YfD_5X.IWQ29vmT.Sk6TDAlGrvdsmwqmxOCm6sXTEj8EdQGawDwubrliCXXZJLWX9dkS2ReP5g.07pTzeEuvQ
.xtremechat.com/ Name: __cf_bm
Value: L4_ezTSDH5dqL_iz9Uk8bhOQRjVWPrW1fWHT.S8Sh6I-1734762865-1.0.1.1-LQkXMEK_zDgL.LY8DT.f1jxQf8ioRZHtW.NPILIVQWBLwECFyZYqJxDxWdwsZmZuuJu1l4ouvHvssnjyZVZhmw

3 Console Messages

Source Level URL
Text
network error URL: https://www.xtremechat.com/?code=0x2%3A4b9b596478b474cdf732d37b67e79310b05534391597b8f27aa3555e924aabc4d6a2e8f1fb27bda89db1cc2a06d55604633b0fff849777bad43d967b6f7607ea&weblogin=1&src=ra
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.xtremechat.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.xtremechat.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()