urlscan.io logo urlscan.io
SecurityTrails logo

r3a3.cfd Open in urlscan Pro
172.67.207.16  Public Scan

Go To Rescan Add Verdict Report
URL: https://r3a3.cfd/?nNS1
Submission: On May 30 via api from CH — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 8 HTTP transactions. The main IP is 172.67.207.16, located in United States and belongs to CLOUDFLARENET, US. The main domain is r3a3.cfd.
TLS certificate: Issued by GTS CA 1P5 on May 12th 2024. Valid for: 3 months.
This is the only time r3a3.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.207.16 13335 (CLOUDFLAR...)
3 142.250.185.132 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
1 172.67.75.199 13335 (CLOUDFLAR...)
8 4
Apex Domain
Subdomains		 Transfer
3 google.com
www.google.com — Cisco Umbrella Rank: 2
575 B
3 r3a3.cfd
r3a3.cfd
51 KB
1 country.is
api.country.is — Cisco Umbrella Rank: 63774
482 B
1 gstatic.com
www.gstatic.com
210 KB
8 4
Domain Requested by
3 www.google.com r3a3.cfd
www.gstatic.com
3 r3a3.cfd r3a3.cfd
1 api.country.is r3a3.cfd
1 www.gstatic.com www.google.com
8 4

This site contains no links.

Subject Issuer Validity Valid
r3a3.cfd
GTS CA 1P5		 2024-05-12 -
2024-08-10		 3 months crt.sh
*.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
country.is
GTS CA 1P5		 2024-04-16 -
2024-07-15		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://r3a3.cfd/?nNS1
Frame ID: 78EF1BE67625C0147A2DAFE1F371DCE3
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYaksjAAAAADj4FkvzXQogXqieHi72fbj-tV3E&co=aHR0cHM6Ly9yM2EzLmNmZDo0NDM.&hl=pl&v=DH3nyJMamEclyfe-nztbfV8S&size=normal&cb=y0sibfm0kqlr
Frame ID: DD2AC2A100BBB5E2726CBFC1B0D053BF
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=pl&v=DH3nyJMamEclyfe-nztbfV8S&k=6LdYaksjAAAAADj4FkvzXQogXqieHi72fbj-tV3E
Frame ID: 1A498BF7DFB850595DD6D28EF01BD467
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <div[^>]+class="g-recaptcha"
  • /recaptcha/api\.js

Page Statistics

8
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

262 kB
Transfer

667 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
r3a3.cfd/ 		13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r3a3.cfd/?nNS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.33
Resource Hash
51580f7f6434638a1733641ce49364f7fe39400236f225309bf0463fb2020426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
88c04b951dfb5ad7-VIE
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 30 May 2024 17:03:01 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2BRtFbIPhSFNGCm0rDYRtjcZwjwX6LQY9EQzrhKtGZYBEy1KJAWPjfMETrUSpsgORUoHWKsD5NI60cRrGOwbC31ztI0ri%2BrFIlkpgCI3a6%2FScPXB8WoehjfUYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.3.33
api.js
www.google.com/recaptcha/ 		850 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: r3a3.cfd
URL: https://r3a3.cfd/?nNS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
1277fbdad2d2012f0b5120bbacbb619df3bbd7725f5804410127382d8b9e6abe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
https://r3a3.cfd/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 30 May 2024 17:03:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 30 May 2024 17:03:02 GMT
mobile-detect.min.js
r3a3.cfd/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r3a3.cfd/js/mobile-detect.min.js
Requested by
Host: r3a3.cfd
URL: https://r3a3.cfd/?nNS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
https://r3a3.cfd/?nNS1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 30 May 2024 17:03:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 19 May 2024 08:54:23 GMT
server
cloudflare
etag
W/"6649be3f-981e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vswb8ehDBs2uxhLWL5Oq6jKIdemvE%2FkdlPS75MzAQCqm2O7Y1ddZn0F91Kao11VDy6nAAkgy2JD0cmznuK6LNw1au8Ic8g1NTMPFit07ecEkmD3%2BojlYBM1tZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
timing-allow-origin
*
cf-ray
88c04b95cf4b5ad7-VIE
expires
Fri, 31 May 2024 17:03:02 GMT
jquery-3.6.0.min.js
r3a3.cfd/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://r3a3.cfd/js/jquery-3.6.0.min.js
Requested by
Host: r3a3.cfd
URL: https://r3a3.cfd/?nNS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.207.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
https://r3a3.cfd/?nNS1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 30 May 2024 17:03:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 19 May 2024 08:54:23 GMT
server
cloudflare
etag
W/"6649be3f-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G6bpr581EbVIcOuf9SUVx3Pg8O6Zzcxqovh4ouAbVfFRgEzPUW%2F5JRsiq32%2ByQNmwm0OBfsMWksRFQVS%2F54LS89tAbE6aFFYCGqIx8jNzYVEGvDvNuwziaEzQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
timing-allow-origin
*
cf-ray
88c04b95cf505ad7-VIE
expires
Fri, 31 May 2024 17:03:02 GMT
recaptcha__pl.js
www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/ 		527 KB
210 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__pl.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
f2a7a9db0b14db7072b0195ac6cfed0ad9cce14d1dd0243fc7b16764ff6a82cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://r3a3.cfd/
Origin
https://r3a3.cfd
Accept-Language
pl-PL,pl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 29 May 2024 04:48:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
213997
x-xss-protection
0
last-modified
Mon, 27 May 2024 02:00:43 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 May 2025 04:48:58 GMT
/
api.country.is/ 		37 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.country.is/
Requested by
Host: r3a3.cfd
URL: https://r3a3.cfd/js/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.199 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
385fcb5c470d8bef9620969018c07d5cd869c0d5a4e10c60050674413a5a525c

Request headers

Accept
*/*
Referer
https://r3a3.cfd/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 30 May 2024 17:03:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"25-uTyQNbu4Vhn00cdZy03rwa/xtwg"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4QW9IVlQkfgHb6JqqBWM3j7aL4Q7ykHIikXGdruDO9Ax1Kp6r2Yl%2FQoL7QjwVFULR5po0dACrGvQjCcV%2Flc%2FHWUVZC2yCS9Bp7YrEulMC2Y7Xzva7L9XyyGry8GNtAgO"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
88c04b99687f3bc5-WAW
content-length
37
anchor
www.google.com/recaptcha/api2/ Frame DD2A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdYaksjAAAAADj4FkvzXQogXqieHi72fbj-tV3E&co=aHR0cHM6Ly9yM2EzLmNmZDo0NDM.&hl=pl&v=DH3nyJMamEclyfe-nztbfV8S&size=normal&cb=y0sibfm0kqlr
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__pl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-wE6MXI6_kISAWEwPjG_BjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
https://r3a3.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'nonce-wE6MXI6_kISAWEwPjG_BjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 30 May 2024 17:03:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame 1A49 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=pl&v=DH3nyJMamEclyfe-nztbfV8S&k=6LdYaksjAAAAADj4FkvzXQogXqieHi72fbj-tV3E
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/DH3nyJMamEclyfe-nztbfV8S/recaptcha__pl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-wM6GfJYFw3ehij2HpOxZsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
https://r3a3.cfd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'nonce-wM6GfJYFw3ehij2HpOxZsg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 30 May 2024 17:03:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| MobileDetect function| $ function| jQuery function| setCookie function| requestAjax object| recaptcha object| closure_lm_150724

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN