censis.careers Open in urlscan Pro
45.92.142.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://msauthsite.pages.dev/verify
Effective URL:
https://censis.careers//msauth.html
Submission: On June 15 via automatic, source openphish (June 15th 2023, 5:18:16 pm UTC) — Scanned from NL

Summary HTTP 14 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 45.92.142.13, located in Los Angeles, United States and belongs to DEDIPATH-LLC, US. The main domain is censis.careers.
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 2nd 2023. Valid for: 3 months.

This is the only time censis.careers was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 7	2606:4700::68... 2606:4700::6812:7b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	152.199.23.37 152.199.23.37	15133 (EDGECAST) (EDGECAST)
1	45.92.142.13 45.92.142.13	35913 (DEDIPATH-LLC) (DEDIPATH-LLC)
14	7

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

msauthsite.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:7b9 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.23.37 (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.92.142.13 (Los Angeles, United States)

ASN35913 (DEDIPATH-LLC, US)

censis.careers	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	cloudflare.com 2 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 5180 cdnjs.cloudflare.com — Cisco Umbrella Rank: 263	291 KB
1	censis.careers censis.careers	31 KB
1	msftauth.net aadcdn.msftauth.net — Cisco Umbrella Rank: 1312	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	1 KB
1	pages.dev msauthsite.pages.dev	7 KB
14	5

	Domain	Requested by
7	challenges.cloudflare.com	2 redirects msauthsite.pages.dev challenges.cloudflare.com
2	cdnjs.cloudflare.com	msauthsite.pages.dev
1	censis.careers	msauthsite.pages.dev
1	aadcdn.msftauth.net	msauthsite.pages.dev
1	fonts.googleapis.com	msauthsite.pages.dev
1	msauthsite.pages.dev
14	6

This site contains links to these domains. Also see Links.

Domain
www.maxlaumeister.com

Subject Issuer	Validity	Valid
msauthsite.pages.dev E1	`2023-06-08` - `2023-09-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2023-01-31` - `2024-01-31`	a year	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh
censis.careers cPanel, Inc. Certification Authority	`2023-06-02` - `2023-08-31`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://censis.careers//msauth.html
Frame ID: C7FE917913B797ECA65037D9CD138551
Requests: 10 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/27nen/0x4AAAAAAAFnbm3eesYt7vH7/auto/normal
Frame ID: F4ACFAC3699E0886D6157793D6C50F84
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Password Protected Page

Page URL History Show full URLs

https://msauthsite.pages.dev/verify Page URL
https://censis.careers//msauth.html Page URL

Detected technologies

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

64 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

347 kB
Transfer

674 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.maxlaumeister.com/pagecrypt/
Title: PageCrypt

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://msauthsite.pages.dev/verify Page URL
https://censis.careers//msauth.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/6cdb09c9/api.js

Request Chain 4

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/6cdb09c9/api.js?render=explicit

14 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 verify Show response
msauthsite.pages.dev/ 15 KB
7 KB 218ms
82ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://msauthsite.pages.dev/verify

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

944746dbe73fc3bdf645394336a7d1f25e9b5225ed9e3e46a587e47f6ca47ce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 7d7c787eeb56b975-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 15 Jun 2023 17:18:09 GMT
etag: W/"a9138bd83c722f6bfb913e4834a83623"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m5tMJ6OFfwdpcUGJAKX3nh00ERXDW9oeWtDvh286DbMf0WKvrbVAP7tkD0Xa%2BvlSqLnxJyBqn%2Fqlxaa5yJRONs3c6t28OEy8zyjl0Y3CdM55iIgOQNnY9yQz%2Fh1LdMavxgnJzu%2BzSJt5aYl%2BHFBnQg29ww%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/6cdb09c9/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js
https://challenges.cloudflare.com/turnstile/v0/g/6cdb09c9/api.js

19 KB
7 KB

66ms
65ms

Script
application/javascript

2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/6cdb09c9/api.js
Requested by: Host: msauthsite.pages.dev
URL: https://msauthsite.pages.dev/verify
Protocol: H2
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 731246a20af28dbfa544bd1b19f2e126b39b2f6277fc5b27ad63c712145f744f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://msauthsite.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:18:10 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7d7c78808b880b56-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 15 Jun 2023 17:18:09 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /turnstile/v0/g/6cdb09c9/api.js
cache-control: max-age=300, public
cf-ray: 7d7c78804b3e0b56-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 156ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: msauthsite.pages.dev
URL: https://msauthsite.pages.dev/verify

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://msauthsite.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:18:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 512246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mR7VO2qdDoxQztvxICKT8lsiSNBINOZFR4AjhoPkk41YzKUeIUBlghzleLdyX3IZPHTrbEzEh4yvHyOcEkP5nHIEIytwV0JfZFDirpiYIn3%2Bc4jjC0EONh2eU1De6ne784f5v55HKHDjBc1TJLB0a9Z3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d7c78804d6db906-AMS
expires: Tue, 04 Jun 2024 17:18:09 GMT

GET
H2 200 socket.io.min.js Show response
cdnjs.cloudflare.com/ajax/libs/socket.io/4.4.0/ 40 KB
11 KB 163ms
38ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.4.0/socket.io.min.js

Requested by

Host: msauthsite.pages.dev
URL: https://msauthsite.pages.dev/verify

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29ab5ad3b743d5f7f3d87a618f471df31500f5c9e56c98bc0aba135d14c4c038

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://msauthsite.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:18:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 247848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11295
last-modified: Thu, 18 Nov 2021 13:34:12 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61965654-2c1f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biS373mmXqj7gWTNQpupNVlbeqLjDda%2FG1Ik4Ow%2Fxstd8Qv4aRU2VUD9CKWHICEOnHwzTX%2BB2415vMiXEAJnJMqrjXZfWFlVDlJcF%2BHG%2FRUOShDc%2BqwxlBU%2BtKfEYvfuwVsVaKC0ky1Qaqxe%2BhIxkaWA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7d7c78804d6eb906-AMS
expires: Tue, 04 Jun 2024 17:18:09 GMT

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/6cdb09c9/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?render=explicit
https://challenges.cloudflare.com/turnstile/v0/g/6cdb09c9/api.js?render=explicit

19 KB
7 KB

52ms
51ms

Script
application/javascript

2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/6cdb09c9/api.js?render=explicit
Requested by: Host: msauthsite.pages.dev
URL: https://msauthsite.pages.dev/verify
Protocol: H2
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 731246a20af28dbfa544bd1b19f2e126b39b2f6277fc5b27ad63c712145f744f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://msauthsite.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:18:10 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7d7c78808b7f0b56-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 15 Jun 2023 17:18:09 GMT
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /turnstile/v0/g/6cdb09c9/api.js?render=explicit
cache-control: max-age=300, public
cf-ray: 7d7c78804b3c0b56-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 188ms
60ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: msauthsite.pages.dev
URL: https://msauthsite.pages.dev/verify

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a021e5ef7022a556c759cca4e248f10383d65a1cd4df600dae57ea37ca481073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://msauthsite.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Jun 2023 17:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 15 Jun 2023 17:10:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Jun 2023 17:18:09 GMT

GET
H2 200 favicon_a_eupayfgghqiai7k9sol6lg2.ico
aadcdn.msftauth.net/shared/1.0/content/images/ 17 KB
17 KB 272ms
0ms Image
image/x-icon 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
Requested by: Host: msauthsite.pages.dev
URL: https://msauthsite.pages.dev/verify
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48B2) /
Resource Hash: 90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://msauthsite.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 15 Jun 2023 17:18:10 GMT
content-md5: EuPayFgGHQiAI7K9SOL6lg==
age: 16300043
x-cache: HIT
content-length: 17174
x-ms-lease-status: unlocked
last-modified: Sun, 18 Oct 2020 03:02:30 GMT
server: ECAcc (ama/48B2)
etag: 0x8D8731240E548EB
content-type: image/x-icon
access-control-allow-origin: *
x-ms-request-id: edfe405c-701e-0036-556d-0bf93d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 586 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/27nen/0x4AAAAAAAFnbm3eesYt7vH7/auto/ Frame F4AC 24 KB
8 KB 136ms
69ms Document
text/html 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/27nen/0x4AAAAAAAFnbm3eesYt7vH7/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4d4c59ddc4922132dc84d3dab5a894d001d89af5abbf7b26f0bb8ec4ca1dfd3

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://msauthsite.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7d7c78831a9eb8bb-AMS
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Thu, 15 Jun 2023 17:18:10 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
DATA 200
OK truncated
/ 187 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame F4AC 177 KB
62 KB 58ms
48ms Script
application/javascript 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7d7c78831a9eb8bb
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/27nen/0x4AAAAAAAFnbm3eesYt7vH7/auto/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 337cb298c2836fc239bb7940dd7721f4847f9bbf2a552faf43bb798b1a2a598a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/27nen/0x4AAAAAAAFnbm3eesYt7vH7/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 17:18:10 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7d7c7884ad52b8bb-AMS
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 900332cd7574889
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/905368611:1686845177:OIJUf51i_R9JOrKrApLrFfLONJAmPjlVuqUcKZKWgOE/7d7c78831a9eb8bb/ Frame F4AC 224 KB
169 KB 166ms
165ms XHR
text/plain 2606:4700::6812:7b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/905368611:1686845177:OIJUf51i_R9JOrKrApLrFfLONJAmPjlVuqUcKZKWgOE/7d7c78831a9eb8bb/900332cd7574889
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7d7c78831a9eb8bb
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:7b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/27nen/0x4AAAAAAAFnbm3eesYt7vH7/auto/normal
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
CF-Challenge: 900332cd7574889
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: TAIamQAGMMFSdC64Go7Jtbf58MUNGHZnlNHjUnhzoUEL5s0wdT0GghqDeth3oyVxufOZ/4opDFo/pjNZHz5Zo8mXyxHH86Z8skSHLchJiQwzehB6YB2wn/2qRkxx0ukKIL/N7fScmghPjpKdmPt9F55B8eoFZgbqWmqiwcny78SKq8TV0SNegxHkG8Rb+P9HN8lJzqQ/I2ozOs1kpAROPM6Bqy3QvJdbPrsU3Ye99SugGXbiXXdeh+aIDGX2E05AAJj/GxD1c5IEB95+QLlDAMT4HMgq2k+LT5OQtuqKj/YHRk3XK7wvNHUh1TTHEH0ZJphQuoY/1tjSpPJGlvLpW33iNx3HyNFcEulfTbtoQP++dbpFmHw5F3sw8ci68+NErdcMxxXjzkonS1GB3KvnTBxNiIpNqKKSICjORZ+gMyrSjA1rImV/yGjgaEcKH2I4PA3gFQ6GLYQ+08Ru0xN+Chx+I8DiO70VyZzBzese/j51peKp54Nn3ACC5LiqlWcrf7KbrX887SzF30OrQIfFYg==$9N7ov2OFM2Ju443f+Gb/DQ==
date: Thu, 15 Jun 2023 17:18:11 GMT
content-encoding: br
server: cloudflare
cf-ray: 7d7c78898d46b8bb-AMS
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
BLOB 200
OK 49098adf-2200-481f-a0a5-2b4f064a0d67
https://challenges.cloudflare.com/ Frame F4AC 220 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/49098adf-2200-481f-a0a5-2b4f064a0d67
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/27nen/0x4AAAAAAAFnbm3eesYt7vH7/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length: 220
Content-Type: application/javascript

GET
H/1.1 200
OK Primary Request msauth.html Show response
censis.careers// 31 KB
31 KB 1344ms
166ms Document
text/html 45.92.142.13
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://censis.careers//msauth.html
Requested by: Host: msauthsite.pages.dev
URL: https://msauthsite.pages.dev/verify
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.92.142.13 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 69c17b54ff912bbdd1ec5536921468fdb99f38bd4258442f4cb3d9cd833194af

Request headers

Referer: https://msauthsite.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Length: 31339
Content-Type: text/html
Date: Thu, 15 Jun 2023 17:18:14 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Thu, 08 Jun 2023 20:34:50 GMT
Server: Apache

GET
BLOB 200
OK ba4c5b93-6c61-481e-af2c-b3ac74ce9c9f
https://challenges.cloudflare.com/ Frame F4AC 99 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/ba4c5b93-6c61-481e-af2c-b3ac74ce9c9f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/27nen/0x4AAAAAAAFnbm3eesYt7vH7/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Length: 99
Content-Type: text/javascript

GET 2OJ7MEn0htkQZ1e
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7d7c78831a9eb8bb/1686849491453/ Frame F4AC 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7d7c78831a9eb8bb/1686849491453/2OJ7MEn0htkQZ1e

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
cdnjs.cloudflare.com
censis.careers
challenges.cloudflare.com
fonts.googleapis.com
msauthsite.pages.dev
challenges.cloudflare.com
152.199.23.37
2606:4700::6811:190e
2606:4700::6812:7b9
2a00:1450:4001:82f::200a
2a06:98c1:3120::3
45.92.142.13
29ab5ad3b743d5f7f3d87a618f471df31500f5c9e56c98bc0aba135d14c4c038
337cb298c2836fc239bb7940dd7721f4847f9bbf2a552faf43bb798b1a2a598a
4ddc1e33de02a96249bf85fc7b16e669317a81d8e2fc403ddb1ded6c465dd578
69c17b54ff912bbdd1ec5536921468fdb99f38bd4258442f4cb3d9cd833194af
731246a20af28dbfa544bd1b19f2e126b39b2f6277fc5b27ad63c712145f744f
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
944746dbe73fc3bdf645394336a7d1f25e9b5225ed9e3e46a587e47f6ca47ce4
a021e5ef7022a556c759cca4e248f10383d65a1cd4df600dae57ea37ca481073
d4d4c59ddc4922132dc84d3dab5a894d001d89af5abbf7b26f0bb8ec4ca1dfd3
fc95732d9ff3b17fcb3e64fd12c0d451c38e64e1a4b420c556a7feb756a0a3fa
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

censis.careers Open in urlscan Pro 45.92.142.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

64 %HTTPS

67 %IPv6

5 Domains

6 Subdomains

7 IPs

2 Countries

347 kBTransfer

674 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

censis.careers Open in urlscan Pro
45.92.142.13 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

64 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

347 kB
Transfer

674 kB
Size

0
Cookies

14 HTTP transactions
2 data transactions