qltynw.usadocfiles.com Open in urlscan Pro
2606:4700:3036::ac43:d84e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.clergylaity.org/c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://dragons.partners/system/
Effective URL:
https://qltynw.usadocfiles.com/
Submission: On May 10 via manual (May 10th 2023, 3:43:48 pm UTC) from GB — Scanned from NL

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 12 HTTP transactions. The main IP is 2606:4700:3036::ac43:d84e, located in United States and belongs to CLOUDFLARENET, US. The main domain is qltynw.usadocfiles.com.
TLS certificate: Issued by E1 on May 7th 2023. Valid for: 3 months.

This is the only time qltynw.usadocfiles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	95.216.102.249 95.216.102.249	24940 (HETZNER-AS) (HETZNER-AS)
7	2606:4700:303... 2606:4700:3036::ac43:d84e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6812:7b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	3

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.clergylaity.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.216.102.249 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: wordpress.wp-host.gen.in

dragons.partners	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3036::ac43:d84e (United States)

ASN13335 (CLOUDFLARENET, US)

qltynw.usadocfiles.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:7b9 (United States)

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	usadocfiles.com qltynw.usadocfiles.com	268 KB
4	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 5988	189 KB
1	dragons.partners dragons.partners	285 B
1	clergylaity.org 1 redirects www.clergylaity.org	854 B
12	4

	Domain	Requested by
7	qltynw.usadocfiles.com	dragons.partners qltynw.usadocfiles.com
4	challenges.cloudflare.com	qltynw.usadocfiles.com challenges.cloudflare.com
1	dragons.partners
1	www.clergylaity.org	1 redirects
12	4

This site contains no links.

Subject Issuer	Validity	Valid
dragons.partners R3	`2023-04-27` - `2023-07-26`	3 months	crt.sh
usadocfiles.com E1	`2023-05-07` - `2023-08-05`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://qltynw.usadocfiles.com/
Frame ID: D027C251BDCED180B5298E6E5893E1E3
Requests: 9 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/3sfvs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: FCBDA861D00078AA532E3A9E420011A1
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Loading...

Page URL History Show full URLs

https://www.clergylaity.org/c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://dragons.partners/sys... HTTP 302
https://dragons.partners/system/ Page URL
https://qltynw.usadocfiles.com/ Page URL

Page Statistics

12
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

458 kB
Transfer

784 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.clergylaity.org/c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://dragons.partners/system/ HTTP 302
https://dragons.partners/system/ Page URL
https://qltynw.usadocfiles.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.clergylaity.org/c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://dragons.partners/system/ HTTP 302
https://dragons.partners/system/

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
dragons.partners/system/
Redirect Chain

https://www.clergylaity.org/c/blogs/find_entry?p_1_id=0&noSuchEntryRedirect=https://dragons.partners/system/
https://dragons.partners/system/

146 B
285 B

361ms
73ms

Document
text/html

95.216.102.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://dragons.partners/system/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.216.102.249 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

wordpress.wp-host.gen.in

Software

nginx/1.20.2 / PHP/7.4.33

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 10 May 2023 15:43:43 GMT
server: nginx/1.20.2
strict-transport-security: max-age=31536000;
x-powered-by: PHP/7.4.33

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c534ca59948910a-FRA
content-type: text/html;charset=UTF-8
date: Wed, 10 May 2023 15:43:43 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://dragons.partners/system/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wqj9bai4HbveYWvGjyn1pCbU9ocKOIK780JlEpozll0AmeaXIHEgeI7vgVZtFx0T%2F4BN6UPLpVfOu%2FdAdHlSBqsaStnHn3%2FdF0EPjO2c52q5TEIKjF1RLvZaxcCSY%2BxD%2FqAcDhrD91DHrUivTbaBPu5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1

GET
H2 403 Primary Request / Show response
qltynw.usadocfiles.com/ 7 KB
5 KB 104ms
28ms Document
text/html 2606:4700:3036::ac43:d84e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qltynw.usadocfiles.com/

Requested by

Host: dragons.partners
URL: https://dragons.partners/system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:d84e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4778fe55ea63dd67d6201f52e8a2a7e1bc5c4f8d99fd34fd101767dbd8ba69cd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://dragons.partners/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated: challenge
cf-ray: 7c534cacade59bdd-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Wed, 10 May 2023 15:43:44 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ff%2BtEsU7EQry9CWIuwVnYlhMkhVhQx6ZPyQWX7tRcUfTeidcqqxu6jf%2FsSKqjWu0WEr3lwULR75nUCYZE9shaI7VO7q%2BSPeNklUwf5UbHFwcKJHxqdoE9sQKEPC2mSz4tFXFas8k9ViWeW9hkUs1H9fj6P1V"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

GET
H2 200 v1 Show response
qltynw.usadocfiles.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/ 146 KB
53 KB 32ms
31ms Script
application/javascript 2606:4700:3036::ac43:d84e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltynw.usadocfiles.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7c534cacade59bdd
Requested by: Host: qltynw.usadocfiles.com
URL: https://qltynw.usadocfiles.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:d84e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d330d77092ddc89906548c24b6c0af38cbf7f0b8c4f1798991efa474748ac3a9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://qltynw.usadocfiles.com/?__cf_chl_rt_tk=kFzftH5UaRtUFTXhBvgETEr.Bn0YtTXCuqtWxIsKvBo-1683733424-0-gaNycGzNC6U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 15:43:44 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjZyyO74SCL3acbcvNuiIK0Hf58RxUuj6ya8JOQ2eVvuYVX19GZTO%2FckVqMdKVchfu68AGjIinvtDJFxCjDaxm8ygxClGpfvi%2B3N%2Bpb45Trw70KRlf5sT6U%2F9yL9dyXrfDkWlI1fFuJRr5HtbqIv8uqCsMAq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate
cf-ray: 7c534cad1eb89bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 transparent.gif
qltynw.usadocfiles.com/cdn-cgi/images/trace/managed/js/ 42 B
220 B 23ms
23ms Image
image/gif 2606:4700:3036::ac43:d84e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qltynw.usadocfiles.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7c534cacade59bdd

Requested by

Host: qltynw.usadocfiles.com
URL: https://qltynw.usadocfiles.com/?__cf_chl_rt_tk=kFzftH5UaRtUFTXhBvgETEr.Bn0YtTXCuqtWxIsKvBo-1683733424-0-gaNycGzNC6U

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:d84e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://qltynw.usadocfiles.com/?__cf_chl_rt_tk=kFzftH5UaRtUFTXhBvgETEr.Bn0YtTXCuqtWxIsKvBo-1683733424-0-gaNycGzNC6U
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 15:43:44 GMT
x-content-type-options: nosniff
last-modified: Fri, 28 Apr 2023 14:11:18 GMT
server: cloudflare
etag: "644bd406-2a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 7c534cad1ebb9bdd-FRA
content-length: 42
expires: Wed, 10 May 2023 17:43:44 GMT

GET
H2 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/3ad47aec/ 15 KB
5 KB 89ms
44ms Script
application/javascript 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/3ad47aec/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by: Host: qltynw.usadocfiles.com
URL: https://qltynw.usadocfiles.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7c534cacade59bdd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2bc49dd58e7da098cbc217fa61f96755db19ce582d852d16176b0ae9eec1a65

Request headers

Referer
Origin: https://qltynw.usadocfiles.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 15:43:44 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7c534cadc81f9a17-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 a3ceedea6970442 Show response
qltynw.usadocfiles.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1554461859:1683731334:k-skPOP5l42RXvLhGvkzmbqqzYi3-ibUi5CFQnC9leM/7c534cacade59bdd/ 268 KB
202 KB 197ms
196ms XHR
text/plain 2606:4700:3036::ac43:d84e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltynw.usadocfiles.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1554461859:1683731334:k-skPOP5l42RXvLhGvkzmbqqzYi3-ibUi5CFQnC9leM/7c534cacade59bdd/a3ceedea6970442
Requested by: Host: qltynw.usadocfiles.com
URL: https://qltynw.usadocfiles.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7c534cacade59bdd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d84e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 249595f520f7663cafaa68f801deb0784211e2b67e54a06602a7719c327c563d

Request headers

Referer: https://qltynw.usadocfiles.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
CF-Challenge: a3ceedea6970442
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 10 May 2023 15:43:44 GMT
content-encoding: br
cf_chl_gen: 5K7RS7CjJ5sXrkmB5nFFh1VpyOveKlUFEltbzTgZwSFg5jCf2qhipsGnNdK2Irp/w+XMkZc8XRWuWq2cIoRfjUjba0Do6NSTZ29TItDj1d87O/7nepBlyqlea2gupM6HBIbX3DPU8hoIyDoHObCh2SvbhDQVoTAeSjSfvJZiZrt7HWcmq3+ORGwn+kK9nEeQ+4Jk+yLwg86Qni00BuhqdiUfxr+n4L0/+NpUgj0uKD24SKyxBaqwygiXvrt9GgfTujEryedYg3LMoBJOScYE7Sir3PwZzQUfFtnYUpHXvuGNxlfR8/BXwfbRuLd5fLIklkxB5p1IBOvximdsR8zTywFQqAY6H/QkTXlgMov1CmhEw//01unIy4qPkv8XRGusxMdrGcP0KtnR0MyNDDmHKPuGHG+Z1Uy42WeYgKXDIqi4vRNWla+dRX9jfiqN5mIMuR4KLd5Tkb6TzQIMDkIgNw==$o8BjM1vbVce0LmOai2UMmg==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBkwA5Mb43Dg0JICorHMCRmNdFULjSxjxOXIaCU4axNo88GdZyDFAIw623%2FQ0B59ZdG9m4t%2FKT86zM8pOeYdauP5DI9tpJRJTVoOKJqvb5F4iooG0RFeDM5am1pWy%2FabKUBOlPVRxK1KP3JivhCWJ59Pcifm"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7c534cae2994926b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jCFBvcqJ-R9ZvQ5
qltynw.usadocfiles.com/cdn-cgi/challenge-platform/h/b/img/7c534cacade59bdd/1683733424357/ 61 B
460 B 34ms
33ms Image
image/png 2606:4700:3036::ac43:d84e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qltynw.usadocfiles.com/cdn-cgi/challenge-platform/h/b/img/7c534cacade59bdd/1683733424357/jCFBvcqJ-R9ZvQ5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d84e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84abd8b6662abcd41365ccd5ed0b21d19a09fc619f77797b192a1ac152bfa34f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://qltynw.usadocfiles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 15:43:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7c534cb84e49926b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PSB1dCXQEkKtwlomh%2F%2FnoBwyXP3HwP%2Fdw6S86OBx1epC3z1q2H0MLfa9RTihERYvL%2F5SbxEjvrZoyviGllm%2Fca0PBhOWfc%2FkVUviFYI9WqNotiBXRtntlNSaS4yZJctdNA4Fbl2bRQUSzhXmC1JfqwtK1dL"}],"group":"cf-nel","max_age":604800}
content-type: image/png

GET
H3 401 W8bti4PPnmGhq_2 Show response
qltynw.usadocfiles.com/cdn-cgi/challenge-platform/h/b/pat/7c534cacade59bdd/1683733424360/f62c19fc6d1b714cdd70af3b719c01405414cd0647920ce54ba8e342b2832c72/ 1 B
935 B 31ms
31ms Fetch
text/plain 2606:4700:3036::ac43:d84e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltynw.usadocfiles.com/cdn-cgi/challenge-platform/h/b/pat/7c534cacade59bdd/1683733424360/f62c19fc6d1b714cdd70af3b719c01405414cd0647920ce54ba8e342b2832c72/W8bti4PPnmGhq_2
Requested by: Host: qltynw.usadocfiles.com
URL: https://qltynw.usadocfiles.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7c534cacade59bdd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d84e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://qltynw.usadocfiles.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 15:43:46 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g9iwZ_G0bcUzdcK87cZwBQFQUzQZHkgzlS6jjQrKDLHIAFnFsdHludy51c2Fkb2NmaWxlcy5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA4rsahmFFVx2QGy_ap9QoeqGO_4LxWlFPbUODzU9Bo98w9mAJ4v4SezAZlSzuxZ-whSKnBsLI3W5_Ffqa5QZq-iwBI1406WdT_zTiNPDh2mFkXG_Im_OGmdqx5iLiI7Fuvm_js7sFgoX4L1MP7saxCY9qsWQ9-EaZmth2qzK0kjGxqoLmOUkCHHBEHpL31alMgPXC9Ww_OcA9ZXMUHyOOuAlOKZzqGmlDmPboz3OwCbKYt1cZ1V9FMz6IsOnZQp8OuYjAy44mpD1HmcYG3Zrn5YVxNqabY20_Wq5phFYl1453MSJlA6LedzIL9g40P14VWOgORWCdVGb0V6icMjuT5QIDAQAB, max-age=20
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xP2YqAieZ2AkurKRR60%2FQxwsLR2oxqXnSm9G2qzXLWiY9yVyCEanPaXKCd93mAFQ3ow%2BBkLaNamf36PSuu76yIJWuVU99Uz08MmtN45eAfXd5g%2BjSagHD8aix6wm5jL4ClAGf7N07ya7LBxR3GG%2BKpN1Qiuh"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7c534cb88e99926b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 a3ceedea6970442 Show response
qltynw.usadocfiles.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1554461859:1683731334:k-skPOP5l42RXvLhGvkzmbqqzYi3-ibUi5CFQnC9leM/7c534cacade59bdd/ 8 KB
6 KB 57ms
54ms XHR
text/plain 2606:4700:3036::ac43:d84e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qltynw.usadocfiles.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1554461859:1683731334:k-skPOP5l42RXvLhGvkzmbqqzYi3-ibUi5CFQnC9leM/7c534cacade59bdd/a3ceedea6970442
Requested by: Host: qltynw.usadocfiles.com
URL: https://qltynw.usadocfiles.com/cdn-cgi/challenge-platform/h/b/orchestrate/managed/v1?ray=7c534cacade59bdd
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:d84e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b12544cfa0ee26b1890ee7e589236f720621668ae5ae4935f85d818614979901

Request headers

Referer: https://qltynw.usadocfiles.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
CF-Challenge: a3ceedea6970442
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 10 May 2023 15:43:46 GMT
content-encoding: br
cf_chl_gen: S7NaIZDUq1ucxZqSJPMJCurbtP0rrTQcRwY674Nl8MHAaBlf2fn24dKLIdNwo7p/$prQY84csxJbPukt1Khx9Nw==
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBFfQlMqbcWndwpULipW1OMv7UAzpXwIljEzAsFxHtuENAj8g0iQXN%2BeHQ2o7LXoQ7AmDj9CI8UvrkMHFSey66yV%2FQkRiljFD%2B8aD%2BHZvafIMOIQtuEombPMYardUaO%2Baudu3s%2B1jS%2FGAyFx4gSegbqqJ9%2FV"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 7c534cbc1bd8926b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/3sfvs/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame FCBD 22 KB
7 KB 60ms
34ms Document
text/html 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/3sfvs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/3ad47aec/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a9fddc13eaf7ce77a96d1161f9e0c7db0dcd9ffc33add049c7d0632533c4731

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7c534cbca9603809-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 10 May 2023 15:43:46 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame FCBD 155 KB
56 KB 32ms
31ms Script
application/javascript 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7c534cbca9603809
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/3sfvs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a31d3ddceb6a256877da09551f4d6eddc9f35beff6583d309ad18c68b46fae7d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/3sfvs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 10 May 2023 15:43:46 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7c534cbddb4a3809-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 bc2be7884f4cc75 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/611143738:1683731463:RmZRf79h_wOvg84KBKbcLVWSzWZguSwVNFuW6ivvEjM/7c534cbca9603809/ Frame FCBD 161 KB
121 KB 149ms
148ms XHR
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/611143738:1683731463:RmZRf79h_wOvg84KBKbcLVWSzWZguSwVNFuW6ivvEjM/7c534cbca9603809/bc2be7884f4cc75
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7c534cbca9603809
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e0d50e66edf7b26a36c35e3b415466d1dc2edae56faadf1eda2719265c0776

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/3sfvs/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
CF-Challenge: bc2be7884f4cc75
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 10 May 2023 15:43:47 GMT
content-encoding: br
cf_chl_gen: Ty/JNh1U0BvQKW2CtlRLlDb11eh6Bfv80OIRVGnceWhz7vAtrU3X6R+CBJWMpYLQhECUyuBr6KmUEy1HIzTFdrwdlpMUKS6Ne9eFUkQURSMpIeJilSHpT+NK5b/axhT9gKzDvQY0r28K/9INOuWGTXZAD8nC3DcrD00KIkOt4stx2yjUjo4DkKpLLftsj5cx4qr/tcL6aqAE5yqOn6XH5OH8pj39jpOWLVfRmiVNKjn75WzRqNClaVXiu/1SgLWBDtdSOMhoF1iTDPDBMXAT+Tf2RAAfQ9vyOjU6BpitXF/aw8TNgw2lddvdocGT//HQOhiuahnSlSLR0m6wVoQhKkMo8axC+iKkcN+o0A4yebKLdcufs54nG3xcBdUp8GQH9Ja3xLWnjPR+I1NjuEUwquxQNN+wDKh5/BuNirgOu+rTQK0V65DvlRgq0WGbMlWQW5wSiV2c3E9w9urA1PbIw7yWc9jnOpcWv1/JacOqQRk=$+4oABPqJSrMYHgqBn/Xg2w==
server: cloudflare
cf-ray: 7c534cbf0d233809-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.clergylaity.org/	1969-12-31 23:59:59	Name: JSESSIONID Value: ED556AB548FCA79985CE952F49E016B3
www.clergylaity.org/	1970-01-20 20:27:49	Name: COOKIE_SUPPORT Value: true
www.clergylaity.org/	1970-01-20 20:27:49	Name: GUEST_LANGUAGE_ID Value: en_US

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://qltynw.usadocfiles.com/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://qltynw.usadocfiles.com/cdn-cgi/challenge-platform/h/b/pat/7c534cacade59bdd/1683733424360/f62c19fc6d1b714cdd70af3b719c01405414cd0647920ce54ba8e342b2832c72/W8bti4PPnmGhq_2 Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
dragons.partners
qltynw.usadocfiles.com
www.clergylaity.org
2606:4700:3036::ac43:d84e
2606:4700::6812:7b9
2a06:98c1:3121::3
95.216.102.249
249595f520f7663cafaa68f801deb0784211e2b67e54a06602a7719c327c563d
44e0d50e66edf7b26a36c35e3b415466d1dc2edae56faadf1eda2719265c0776
4778fe55ea63dd67d6201f52e8a2a7e1bc5c4f8d99fd34fd101767dbd8ba69cd
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7a9fddc13eaf7ce77a96d1161f9e0c7db0dcd9ffc33add049c7d0632533c4731
84abd8b6662abcd41365ccd5ed0b21d19a09fc619f77797b192a1ac152bfa34f
a31d3ddceb6a256877da09551f4d6eddc9f35beff6583d309ad18c68b46fae7d
b12544cfa0ee26b1890ee7e589236f720621668ae5ae4935f85d818614979901
d330d77092ddc89906548c24b6c0af38cbf7f0b8c4f1798991efa474748ac3a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2bc49dd58e7da098cbc217fa61f96755db19ce582d852d16176b0ae9eec1a65

qltynw.usadocfiles.com Open in urlscan Pro 2606:4700:3036::ac43:d84e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

12 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

3 IPs

2 Countries

458 kBTransfer

784 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

3 Cookies

4 Console Messages

Security Headers

Indicators

qltynw.usadocfiles.com Open in urlscan Pro
2606:4700:3036::ac43:d84e Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

458 kB
Transfer

784 kB
Size

3
Cookies

12 HTTP transactions
0 data transactions