urlscan.io logo urlscan.io
SecurityTrails logo

secure-paste-bot.chal.hitconctf.com Open in urlscan Pro
34.80.75.17  Public Scan

Go To Rescan Add Verdict Report
URL: https://secure-paste-bot.chal.hitconctf.com/
Submission: On November 18 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 8 HTTP transactions. The main IP is 34.80.75.17, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is secure-paste-bot.chal.hitconctf.com.
TLS certificate: Issued by R3 on November 18th 2022. Valid for: 3 months.
This is the only time secure-paste-bot.chal.hitconctf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.80.75.17 396982 (GOOGLE-CL...)
1 2a05:d014:275... 16509 (AMAZON-02)
6 104.16.169.131 13335 (CLOUDFLAR...)
8 4
Apex Domain
Subdomains		 Transfer
6 hcaptcha.com
js.hcaptcha.com — Cisco Umbrella Rank: 16677
newassets.hcaptcha.com — Cisco Umbrella Rank: 12044
hcaptcha.com — Cisco Umbrella Rank: 6554
241 KB
1 simplecss.org
cdn.simplecss.org
4 KB
1 hitconctf.com
secure-paste-bot.chal.hitconctf.com
840 B
8 3
Domain Requested by
4 newassets.hcaptcha.com js.hcaptcha.com
newassets.hcaptcha.com
1 hcaptcha.com newassets.hcaptcha.com
1 js.hcaptcha.com secure-paste-bot.chal.hitconctf.com
1 cdn.simplecss.org secure-paste-bot.chal.hitconctf.com
1 secure-paste-bot.chal.hitconctf.com
8 5

This site contains no links.

Subject Issuer Validity Valid
secure-paste-bot.chal.hitconctf.com
R3		 2022-11-18 -
2023-02-16		 3 months crt.sh
cdn.simplecss.org
R3		 2022-09-27 -
2022-12-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-15 -
2023-05-15		 a year crt.sh

This page contains 3 frames:

Primary Page: https://secure-paste-bot.chal.hitconctf.com/
Frame ID: EC89E1C9316AD3CC0BAD501DDAC65F6F
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/0abd424/static/hcaptcha.html
Frame ID: 069EBE4E852026F6B8F48A74863CB12B
Requests: 2 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/0abd424/static/hcaptcha.html
Frame ID: C1FB3CE66CACEA9D61C900F8FE957084
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Admin Bot for Secure Paste

Page Statistics

8
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

5
Subdomains

4
IPs

3
Countries

245 kB
Transfer

863 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secure-paste-bot.chal.hitconctf.com/ 		689 B
840 B 		Document
General
Check archive.org
Download Go to
Full URL
https://secure-paste-bot.chal.hitconctf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.80.75.17 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.75.80.34.bc.googleusercontent.com
Software
Caddy / Express
Resource Hash
832df89e2a8c4afbd69bfbd224785ebc81e0564c6274aa349ec9c72b64fe0896

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000
content-length
689
content-type
text/html; charset=utf-8
date
Fri, 18 Nov 2022 15:06:48 GMT
etag
W/"2b1-xWiK441VmEyl9RNXrn98HgYbPvU"
server
Caddy
x-powered-by
Express
simple.css
cdn.simplecss.org/ 		11 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.simplecss.org/simple.css
Requested by
Host: secure-paste-bot.chal.hitconctf.com
URL: https://secure-paste-bot.chal.hitconctf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a05:d014:275:cb00:ec0d:12e2:df27:aa60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Netlify /
Resource Hash
d0b5b1fcf8e8eb3e52f6ae665266d8734486b82a3c12ed8f58077db558693921
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-paste-bot.chal.hitconctf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-nf-request-id
01GJ5MEBGDKZQVF559RJTX6QP3
date
Thu, 17 Nov 2022 14:56:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
Netlify
age
87022
etag
"e0012bc0609600637da8229b43cae616-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
content-length
3393
api.js
js.hcaptcha.com/1/ 		282 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hcaptcha.com/1/api.js
Requested by
Host: secure-paste-bot.chal.hitconctf.com
URL: https://secure-paste-bot.chal.hitconctf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae1c9f90ed9742db748171f206278cfd92a4ce3e8a6ff6ac5f8214aa75d9fae1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure-paste-bot.chal.hitconctf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:06:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
x-content-type-options
nosniff
age
0
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 09 Nov 2022 04:14:07 GMT
server
cloudflare
etag
W/"cba895d710939d3f383adf1461af832f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=120
cf-ray
76c19cb60dca9b9e-FRA
x-amz-cf-id
5ggxZdgncR_hdDkoYrZtUOobNJZNhIpmlRjbksFBH8GnyjZLZLMPoA==
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/0abd424/static/ Frame 069E 		2 KB
1010 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/0abd424/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca99e61e08662eee7cff36e455426b3251e617fc2ad84c771759faca665f3603
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure-paste-bot.chal.hitconctf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
780972
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
76c19cb66eaa9b9e-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 18 Nov 2022 15:06:48 GMT
last-modified
Wed, 09 Nov 2022 04:14:07 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
x-amz-cf-id
4R3Dc4ma4WgLcNSB4Sbv8LG5iggTk4f29J777fuK32_EVdH2VWk9Lw==
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.html
newassets.hcaptcha.com/captcha/v1/0abd424/static/ Frame C1FB 		2 KB
897 B 		Document
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/0abd424/static/hcaptcha.html
Requested by
Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca99e61e08662eee7cff36e455426b3251e617fc2ad84c771759faca665f3603
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure-paste-bot.chal.hitconctf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
age
780972
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=1209600
cf-cache-status
HIT
cf-ray
76c19cb66eae9b9e-FRA
content-encoding
gzip
content-type
text/html
date
Fri, 18 Nov 2022 15:06:48 GMT
last-modified
Wed, 09 Nov 2022 04:14:07 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
x-amz-cf-id
4R3Dc4ma4WgLcNSB4Sbv8LG5iggTk4f29J777fuK32_EVdH2VWk9Lw==
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/0abd424/ Frame 069E 		282 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/0abd424/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/0abd424/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae1c9f90ed9742db748171f206278cfd92a4ce3e8a6ff6ac5f8214aa75d9fae1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/0abd424/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:06:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
x-content-type-options
nosniff
age
780993
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 09 Nov 2022 04:14:07 GMT
server
cloudflare
etag
W/"cba895d710939d3f383adf1461af832f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
76c19cb6bf4a9b9e-FRA
x-amz-cf-id
5ggxZdgncR_hdDkoYrZtUOobNJZNhIpmlRjbksFBH8GnyjZLZLMPoA==
hcaptcha.js
newassets.hcaptcha.com/captcha/v1/0abd424/ Frame C1FB 		282 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newassets.hcaptcha.com/captcha/v1/0abd424/hcaptcha.js
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/0abd424/static/hcaptcha.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae1c9f90ed9742db748171f206278cfd92a4ce3e8a6ff6ac5f8214aa75d9fae1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newassets.hcaptcha.com/captcha/v1/0abd424/static/hcaptcha.html
Origin
https://newassets.hcaptcha.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:06:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
gzip
x-content-type-options
nosniff
age
780993
x-amz-cf-pop
FRA56-P4
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 09 Nov 2022 04:14:07 GMT
server
cloudflare
etag
W/"cba895d710939d3f383adf1461af832f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
cf-ray
76c19cb6bf519b9e-FRA
x-amz-cf-id
5ggxZdgncR_hdDkoYrZtUOobNJZNhIpmlRjbksFBH8GnyjZLZLMPoA==
truncated
/ Frame C1FB 		798 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
checksiteconfig
hcaptcha.com/ Frame C1FB 		27 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hcaptcha.com/checksiteconfig?v=0abd424&host=secure-paste-bot.chal.hitconctf.com&sitekey=10000000-ffff-ffff-ffff-000000000001&sc=1&swa=1
Requested by
Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/0abd424/hcaptcha.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.169.131 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da2d0f552254de26e3a849c48c45ea2b6b509eea38892e09fd80618d9371a4b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://newassets.hcaptcha.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Nov 2022 15:06:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://newassets.hcaptcha.com
access-control-allow-credentials
true
cf-ray
76c19cb768a79b9e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-headers
Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
content-length
27
cf-chl-bypass
2

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| Raven object| hcaptcha object| grecaptcha

0 Cookies