urlscan.io logo urlscan.io
SecurityTrails logo

kw1tcpfgzndhtidv.docuxceofiles.com Open in urlscan Pro
172.67.155.223  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://u21852888.ct.sendgrid.net/ls/click?upn=u001.FxAvuNMG3o86idXoJiUPvwPTVafVkQ0fOQu9xIRaiT9GUDbevbZ-2Brz-2FdP99b0-2FeJ-2B36VZA...
Effective URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804
Submission: On September 24 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 23 HTTP transactions. The main IP is 172.67.155.223, located in United States and belongs to CLOUDFLARENET, US. The main domain is kw1tcpfgzndhtidv.docuxceofiles.com.
TLS certificate: Issued by WE1 on September 23rd 2024. Valid for: 3 months.
This is the only time kw1tcpfgzndhtidv.docuxceofiles.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.35 11377 (SENDGRID)
2 2 207.211.31.113 14135 (NAVISITE-...)
1 1 142.251.10.103 15169 (GOOGLE)
1 194.11.246.180 215117 (HOSTERDADDY)
13 172.67.155.223 13335 (CLOUDFLAR...)
2 104.18.95.41 13335 (CLOUDFLAR...)
2 104.18.94.41 13335 (CLOUDFLAR...)
23 5
1    167.89.118.35 (Las Vegas, United States)

ASN11377 (SENDGRID, US)
PTR: o16789118x35.outbound-mail.sendgrid.net
u21852888.ct.sendgrid.net
2    207.211.31.113 (St. Cloud, United States)

ASN14135 (NAVISITE-EAST-2, US)
PTR: service165-us.mimecast.com
url.us.m.mimecastprotect.com
1    142.251.10.103 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f103.1e100.net
www.google.com
1    194.11.246.180 (United Kingdom)

ASN215117 (HOSTERDADDY, IN)
PTR: ip-194-11-246-180.hosted-by-hosterdaddy.com
fax-u5.icu
13    172.67.155.223 (United States)

ASN13335 (CLOUDFLARENET, US)
kw1tcpfgzndhtidv.docuxceofiles.com
2    104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
2    104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Apex Domain
Subdomains		 Transfer
13 docuxceofiles.com
kw1tcpfgzndhtidv.docuxceofiles.com
180 KB
4 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3524
16 KB
2 mimecastprotect.com
url.us.m.mimecastprotect.com — Cisco Umbrella Rank: 11002
3 KB
1 fax-u5.icu
fax-u5.icu
1 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
22 B
1 sendgrid.net
u21852888.ct.sendgrid.net
286 B
23 6
Domain Requested by
13 kw1tcpfgzndhtidv.docuxceofiles.com fax-u5.icu
kw1tcpfgzndhtidv.docuxceofiles.com
4 challenges.cloudflare.com kw1tcpfgzndhtidv.docuxceofiles.com
challenges.cloudflare.com
2 url.us.m.mimecastprotect.com 2 redirects
1 fax-u5.icu
1 www.google.com 1 redirects
1 u21852888.ct.sendgrid.net 1 redirects
23 6

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
fax-u5.icu
R11		 2024-09-23 -
2024-12-22		 3 months crt.sh
docuxceofiles.com
WE1		 2024-09-23 -
2024-12-22		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-09-05 -
2024-12-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804
Frame ID: 72E6DD1DF44357F9DC309ACFE3E060C7
Requests: 17 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vbqy0/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: 3B5D5854DAECDD59F54BAD75E7CB8A55
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/3nua5/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Frame ID: 7478C1FE3B87AD049C8C12664EBB624D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://u21852888.ct.sendgrid.net/ls/click?upn=u001.FxAvuNMG3o86idXoJiUPvwPTVafVkQ0fOQu9xIRaiT9GUDbevbZ-2Brz-2... HTTP 302
    https://url.us.m.mimecastprotect.com/s/JRaLCVOq2wUQkA2HGfGCE9B8U?domain=google.com HTTP 307
    https://url.us.m.mimecastprotect.com/r/EnLbZTgPqXKoI89TFEVBo3E3vVTlBAdhMAd0Y4pbfr8fef3VtCMLlzN1bNqeSQw84BNhgmYH15... HTTP 307
    https://www.google.com/url?q=https://fax-u5.icu/?828228288ca82ll&source=gmail&ust=1727220541608000&... HTTP 302
    https://fax-u5.icu/?828228288ca82ll Page URL
  2. https://kw1tcpfgzndhtidv.docuxceofiles.com// Page URL
  3. https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1... Page URL

Page Statistics

23
Requests

78 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

197 kB
Transfer

479 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u21852888.ct.sendgrid.net/ls/click?upn=u001.FxAvuNMG3o86idXoJiUPvwPTVafVkQ0fOQu9xIRaiT9GUDbevbZ-2Brz-2FdP99b0-2FeJ-2B36VZA1UlTz0sbyS4vP6wDVVbNyH3HdiA1aMH6fn8zZeAWR09Zx8G45I0YDxUHSGLNi9_PRmNVhQKCRJAurX1QWv1wgt3ZeohBHm2K1eBWqflTLbzSEo4emOVLJRWTRCY5o6xmfH4wWIhghdyEm-2FmNY1AKbYZeID7yfhy5FzbYqi3aWX87hr51uR9F0HdzRhBlcBTumlbpzX0i3gTUgRdigifXgtRCezUUQwEWe1HZf-2Ff8w8gTXL2DvDcCwZsdPlEmYdmzXniDu5C4iT9ed2beHrMD1n0LDZznXHiByVKrkguw8M-3D HTTP 302
    https://url.us.m.mimecastprotect.com/s/JRaLCVOq2wUQkA2HGfGCE9B8U?domain=google.com HTTP 307
    https://url.us.m.mimecastprotect.com/r/EnLbZTgPqXKoI89TFEVBo3E3vVTlBAdhMAd0Y4pbfr8fef3VtCMLlzN1bNqeSQw84BNhgmYH15Cls4qVz0kg7gxyljzX8ddT_EaYZQnyCeBFshgEy_ien0xRPT9ja2Fxb8E6VCwrgCjCFbxoQb0Fk5fiK3UgrxCV0VEcs3VRRCeGLqNp0Ts4LZW7vSvorOU0-UwYUA_3Sc1JAeaRZNNXIuho5rbkBiHyYNKkQIBKOMHg9XAYkQlEsPutmR3cXM034j3-RML1gamehaSWKy_6YAYLadEusU-3iBhpktez5-RGx0WHsEe4x2kntvGPcqnsLwz9kyLnD1qOPy7voPj3bvbd4QLgO3ZwTIqIFCvdVFJIhGGuA5PN5oyr6WcCyr7FwwPQB-J4_hZZ1-gP7esZ01vMfc7GVblcUpFmD04KYgQCsUp3FLEb8yLyufrXedfsrqqOJuMMnglmSOvRgLftD7Gz-cGsIZexHcVlNmGcdoilZu242ik087X28fMGra0Q1nj_Wpfbc40hHO1JCAenpmcod3tFGZB_85gx5-yTxAUwSYE6mI6gtNpnOYnRoW2QFtLTUJhnlM3absxm08bqCs5wQmLve0e4ldm2w23B_tfUS1HXb4M0maIiKIibfRgWEiy5l3qz71sCPFIeRKXyOJcfIUkwRTkLzq-wNRRxq7BXicNvK0bD3ZNCkPA1h-vYWF70jg5Ann2NCDLbnOSZ8uBS-6PLoVnogjaE_iwTK_LwH5bV6M7JRbqF2yY-_8eKdHyJojF8XgAA4N5Ro_GXusx7YPe2FtW_dCGpz1Ic-nNERCROQfk8Bcg2rcUXL4uC_rN-D5ZNER3oQ0guz7xmwPsf8M9fNJiw72IQTSPbrAzhSd85-aoMMV1hE7wHa8ZC2aKLgBkFyr1C31_7sigN5Wi0AkHbQouc5cka_5Az9W9T_8Xu01ZNVCN4RtUeXXmmrefTZyuLikVJu9Yv1BE3d8PLZbITXhpeb9rcD4iU456ImxIU_b6dyvbIJ1ec6Hi2AskAIP0jjq3DScfX1ALY7qNyHzJXRdqXDLUA25hH5vrj5vzZkYVJxuQ092x88rRCvcLy5kyYoWomhiawEzBYXbxYlKOFrYFnop4XBVD_tEG8u9QU6iMtFG8eR0Qb0MpoTQ7k5hyAs0A2xO-B1LvGeT8QxBhenJFYjTadcZiZdMInTkBk8S00EJYJnlqh9xGsOhZ10qvelMB25DM1V5GFxggNA4dv3Ld6KXkAXIKfF4i08ryaJ2lwOYDXuxe5yQTHpdkhjjqE9JWkxqZqIz16JDehQ7VWO8JSzn3kjh4_g3i9woVJtpom3_KmgnWyJS7sdWpZaiEKZO0c2YYMX1GPM5ISC5kHz4fU5-OepziHczaI_hUrvpDFNrPPV8NVc-IKuF_9I0m96xAfmGXP3h47TzCgBXE_6xTaT0gZvOj8nVCYSTPdTo7PqznA-IgK9Op5YfNLhQzqs_QzetmP1_d2ogwYqD95XNEfb6ZbuL1_iLipMmFD6VUQWhSRexu3n1Mstoy14BcP6Cge1btzvX1TS6KSuItDYCcVZY3dNXfrDBl00JmFjTSC0iYYsf6fFgCzQJiXv-YBWnYT22YQRayV3MvweFUUbOKE5LwHV6dAZjle9stJEcUDhHOBWNYqxuLqq196Sv3n_PafdQSPDY3shxJBXvcNBqaUYCie8GSXcHt2BT4x4GPKGQqNO5EEx2rX9_FeN4nWozPfhgATPPXfO3bhtYrX74LOpx6GL9ZJ4zlePor0v081mHpU24YA1tFf4P71cs5gMenGAJ1ONcwqApb4kg3WH5UZwuZs3IXy9gqq8cwAliWNHcHSTk0TsKpj0-GQPPYToNpFzrVSomHKhYmO1zjRAPjuIGUbZBcHlBEN7eIiTAy6dtZMP0gr3j0bEguYkBdT4DxKuSf7DA2gBqD_7bi_ZtNlJMrkQa8aJZ7oVnVL6jQ6gvckIlpNcTzHFZSfgIG8YZw3BP-zJn97hqT4XJccx5JOGRdrZGgz9XJ47V5ehgNfGn9OUY_1fYAP HTTP 307
    https://www.google.com/url?q=https://fax-u5.icu/?828228288ca82ll&source=gmail&ust=1727220541608000&usg=AOvVaw2r53xr6oGVY8tdceL8uMV1 HTTP 302
    https://fax-u5.icu/?828228288ca82ll Page URL
  2. https://kw1tcpfgzndhtidv.docuxceofiles.com// Page URL
  3. https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://u21852888.ct.sendgrid.net/ls/click?upn=u001.FxAvuNMG3o86idXoJiUPvwPTVafVkQ0fOQu9xIRaiT9GUDbevbZ-2Brz-2FdP99b0-2FeJ-2B36VZA1UlTz0sbyS4vP6wDVVbNyH3HdiA1aMH6fn8zZeAWR09Zx8G45I0YDxUHSGLNi9_PRmNVhQKCRJAurX1QWv1wgt3ZeohBHm2K1eBWqflTLbzSEo4emOVLJRWTRCY5o6xmfH4wWIhghdyEm-2FmNY1AKbYZeID7yfhy5FzbYqi3aWX87hr51uR9F0HdzRhBlcBTumlbpzX0i3gTUgRdigifXgtRCezUUQwEWe1HZf-2Ff8w8gTXL2DvDcCwZsdPlEmYdmzXniDu5C4iT9ed2beHrMD1n0LDZznXHiByVKrkguw8M-3D HTTP 302
  • https://url.us.m.mimecastprotect.com/s/JRaLCVOq2wUQkA2HGfGCE9B8U?domain=google.com HTTP 307
  • https://url.us.m.mimecastprotect.com/r/EnLbZTgPqXKoI89TFEVBo3E3vVTlBAdhMAd0Y4pbfr8fef3VtCMLlzN1bNqeSQw84BNhgmYH15Cls4qVz0kg7gxyljzX8ddT_EaYZQnyCeBFshgEy_ien0xRPT9ja2Fxb8E6VCwrgCjCFbxoQb0Fk5fiK3UgrxCV0VEcs3VRRCeGLqNp0Ts4LZW7vSvorOU0-UwYUA_3Sc1JAeaRZNNXIuho5rbkBiHyYNKkQIBKOMHg9XAYkQlEsPutmR3cXM034j3-RML1gamehaSWKy_6YAYLadEusU-3iBhpktez5-RGx0WHsEe4x2kntvGPcqnsLwz9kyLnD1qOPy7voPj3bvbd4QLgO3ZwTIqIFCvdVFJIhGGuA5PN5oyr6WcCyr7FwwPQB-J4_hZZ1-gP7esZ01vMfc7GVblcUpFmD04KYgQCsUp3FLEb8yLyufrXedfsrqqOJuMMnglmSOvRgLftD7Gz-cGsIZexHcVlNmGcdoilZu242ik087X28fMGra0Q1nj_Wpfbc40hHO1JCAenpmcod3tFGZB_85gx5-yTxAUwSYE6mI6gtNpnOYnRoW2QFtLTUJhnlM3absxm08bqCs5wQmLve0e4ldm2w23B_tfUS1HXb4M0maIiKIibfRgWEiy5l3qz71sCPFIeRKXyOJcfIUkwRTkLzq-wNRRxq7BXicNvK0bD3ZNCkPA1h-vYWF70jg5Ann2NCDLbnOSZ8uBS-6PLoVnogjaE_iwTK_LwH5bV6M7JRbqF2yY-_8eKdHyJojF8XgAA4N5Ro_GXusx7YPe2FtW_dCGpz1Ic-nNERCROQfk8Bcg2rcUXL4uC_rN-D5ZNER3oQ0guz7xmwPsf8M9fNJiw72IQTSPbrAzhSd85-aoMMV1hE7wHa8ZC2aKLgBkFyr1C31_7sigN5Wi0AkHbQouc5cka_5Az9W9T_8Xu01ZNVCN4RtUeXXmmrefTZyuLikVJu9Yv1BE3d8PLZbITXhpeb9rcD4iU456ImxIU_b6dyvbIJ1ec6Hi2AskAIP0jjq3DScfX1ALY7qNyHzJXRdqXDLUA25hH5vrj5vzZkYVJxuQ092x88rRCvcLy5kyYoWomhiawEzBYXbxYlKOFrYFnop4XBVD_tEG8u9QU6iMtFG8eR0Qb0MpoTQ7k5hyAs0A2xO-B1LvGeT8QxBhenJFYjTadcZiZdMInTkBk8S00EJYJnlqh9xGsOhZ10qvelMB25DM1V5GFxggNA4dv3Ld6KXkAXIKfF4i08ryaJ2lwOYDXuxe5yQTHpdkhjjqE9JWkxqZqIz16JDehQ7VWO8JSzn3kjh4_g3i9woVJtpom3_KmgnWyJS7sdWpZaiEKZO0c2YYMX1GPM5ISC5kHz4fU5-OepziHczaI_hUrvpDFNrPPV8NVc-IKuF_9I0m96xAfmGXP3h47TzCgBXE_6xTaT0gZvOj8nVCYSTPdTo7PqznA-IgK9Op5YfNLhQzqs_QzetmP1_d2ogwYqD95XNEfb6ZbuL1_iLipMmFD6VUQWhSRexu3n1Mstoy14BcP6Cge1btzvX1TS6KSuItDYCcVZY3dNXfrDBl00JmFjTSC0iYYsf6fFgCzQJiXv-YBWnYT22YQRayV3MvweFUUbOKE5LwHV6dAZjle9stJEcUDhHOBWNYqxuLqq196Sv3n_PafdQSPDY3shxJBXvcNBqaUYCie8GSXcHt2BT4x4GPKGQqNO5EEx2rX9_FeN4nWozPfhgATPPXfO3bhtYrX74LOpx6GL9ZJ4zlePor0v081mHpU24YA1tFf4P71cs5gMenGAJ1ONcwqApb4kg3WH5UZwuZs3IXy9gqq8cwAliWNHcHSTk0TsKpj0-GQPPYToNpFzrVSomHKhYmO1zjRAPjuIGUbZBcHlBEN7eIiTAy6dtZMP0gr3j0bEguYkBdT4DxKuSf7DA2gBqD_7bi_ZtNlJMrkQa8aJZ7oVnVL6jQ6gvckIlpNcTzHFZSfgIG8YZw3BP-zJn97hqT4XJccx5JOGRdrZGgz9XJ47V5ehgNfGn9OUY_1fYAP HTTP 307
  • https://www.google.com/url?q=https://fax-u5.icu/?828228288ca82ll&source=gmail&ust=1727220541608000&usg=AOvVaw2r53xr6oGVY8tdceL8uMV1 HTTP 302
  • https://fax-u5.icu/?828228288ca82ll

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
fax-u5.icu/
Redirect Chain
  • https://u21852888.ct.sendgrid.net/ls/click?upn=u001.FxAvuNMG3o86idXoJiUPvwPTVafVkQ0fOQu9xIRaiT9GUDbevbZ-2Brz-2FdP99b0-2FeJ-2B36VZA1UlTz0sbyS4vP6wDVVbNyH3HdiA1aMH6fn8zZeAWR09Zx8G45I0YDxUHSGLNi9_PRmN...
  • https://url.us.m.mimecastprotect.com/s/JRaLCVOq2wUQkA2HGfGCE9B8U?domain=google.com
  • https://url.us.m.mimecastprotect.com/r/EnLbZTgPqXKoI89TFEVBo3E3vVTlBAdhMAd0Y4pbfr8fef3VtCMLlzN1bNqeSQw84BNhgmYH15Cls4qVz0kg7gxyljzX8ddT_EaYZQnyCeBFshgEy_ien0xRPT9ja2Fxb8E6VCwrgCjCFbxoQb0Fk5fiK3Ugrx...
  • https://www.google.com/url?q=https://fax-u5.icu/?828228288ca82ll&source=gmail&ust=1727220541608000&usg=AOvVaw2r53xr6oGVY8tdceL8uMV1
  • https://fax-u5.icu/?828228288ca82ll
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fax-u5.icu/?828228288ca82ll
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
194.11.246.180 , United Kingdom, ASN215117 (HOSTERDADDY, IN),
Reverse DNS
ip-194-11-246-180.hosted-by-hosterdaddy.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d12be0aeb4c3abd664e785e4900ce958194e7664bfde55c5ef9823dd05eeac75

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Tue, 24 Sep 2024 09:28:54 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
232
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce--thk4yRyBPfjU8O_9T07oA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
date
Tue, 24 Sep 2024 09:28:53 GMT
location
https://fax-u5.icu/?828228288ca82ll
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0
/
kw1tcpfgzndhtidv.docuxceofiles.com// 		11 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kw1tcpfgzndhtidv.docuxceofiles.com//
Requested by
Host: fax-u5.icu
URL: https://fax-u5.icu/?828228288ca82ll
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
033654bddfb01b4ca71511da7d9b6a1a86c2e3f733637b5f50891cce8fbb6cd7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://fax-u5.icu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
wZL47u1FvA3K0x3TFyg9XRiGdhj+zhuBOG6WVFrDkG9C8O4vWrCqTRgzJeJJGRXKLa1CudW9QEOOTJ5Z5nCZkg36PXkIa1UuJeN+g8oDVxV57ngJ8NXSJhfKyhgwMWY/zBITGSMk5k9FkBbavrtu+A==$KGx3EtQuk0KzBLmJi0r0UQ==
cf-mitigated
challenge
cf-ray
8c81bf3c79c684f3-HKG
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 24 Sep 2024 09:28:54 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=elb3vLGa5NTb%2Frg0lrKB9MaBFcnAYVxLKndJMLujvaNtpmrGJZmsRDTR4W2jacuvORbS0jbnEFzuXe14aQOyuKUf2W98mrGH%2FO3p8o0fzLlpiOI1gtyksmnu%2FPvxsdy2b9k2Q0TGciDUhP%2BF6mIjBzm5%2FHM3"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
favicon.ico
fax-u5.icu/ 		0
0
speculation
kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://kw1tcpfgzndhtidv.docuxceofiles.com
Referer
https://kw1tcpfgzndhtidv.docuxceofiles.com//

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wkBAf0D73HvyY9Dyju9N%2FtZPZNwmRi2W4RaI9BT%2BUlisPssp4PnuDntWPlM80P1TvEWMZPD1RB6nlC0CXNSaYPpyA9AzUIl3ivJeWY50AvL7NfJbsmttz0qNZ6Okv6bYiQYAa7RWhW2%2Bq3OnK9rBzV7mlD%2F9"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Tue, 24 Sep 2024 09:28:54 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
ivhAfqsivBjmTSRBnVLZ+PlnmRgfb2U8XrV01Qypem6xKGdSEodkAxPQ5bXn1eR/LGqNSHixplQDul05ynt5EJKAOwFNjUx+hui20Osjm7vbOGJupf1CAGPeHFB7GAhxHipkZeqtrv6AsTBfaymM9g==$DEYiIW31iKHBSemUIFQh+w==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
speculation-rules
"/cdn-cgi/speculation"
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8c81bf3cea4784f3-HKG
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
v1
kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		152 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c81bf3c79c684f3
Requested by
Host: kw1tcpfgzndhtidv.docuxceofiles.com
URL: https://kw1tcpfgzndhtidv.docuxceofiles.com//
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45c4164846a8ac60ed914b0208e412545106bb2b567b11364c4b87edcf90c7d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x4GVOzTvQQ0QqekdGbiq%2Fu01xnQ9K5xjtDFqGV%2BODYqyJtAW%2BkSUK%2FBo4BCXtpB82t2UI02FhxGm3AI4S4sssvJH%2FNRLuHgRQ6BbVcCV%2B%2B5SbtMVa1GW3yxI9dB51XgT0nn1Hj2CKFVsGU9Vvf6tBIM8pyCq"}],"group":"cf-nel","max_age":604800}
cf-ray
8c81bf3d0a7484f3-HKG
date
Tue, 24 Sep 2024 09:28:54 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
fff796c6-c507-491e-829d-bfc419328cd7
https://kw1tcpfgzndhtidv.docuxceofiles.com/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
Requested by
Host: kw1tcpfgzndhtidv.docuxceofiles.com
URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c81bf3c79c684f3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96bd1c81d59d6ac2ec9f8ebe4937a315e85443667c5728a7cd9053848dd8d3d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://kw1tcpfgzndhtidv.docuxceofiles.com
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8c81bf3e4b41dd4d-HKG
access-control-allow-origin
*
date
Tue, 24 Sep 2024 09:28:54 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 17 Sep 2024 16:06:37 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
kw1tcpfgzndhtidv.docuxceofiles.com/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kw1tcpfgzndhtidv.docuxceofiles.com/favicon.ico
Requested by
Host: kw1tcpfgzndhtidv.docuxceofiles.com
URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc389fc4005ca176e02dded76f795d58217682463da743c73207ad5d3d70d35d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hQqBlnxOzw16IWHpUOFI31md9pZ6OL6VVieTRfgoRFwizVkeS4lcLX%2FTK7ZUIp3X3e2g2oQKP43Wz0RTP9x2%2BzMJucGSGD7SYU2E2yfeWkv0NStTguNMgREenx0EcYHR6FKSRWpxCPRRDREKzgAgT1pcm8V0"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Tue, 24 Sep 2024 09:28:54 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
CxcuShI2Z8+G12NsQvnv+zee5oggcx6gLf6pIg0dA7W1Bj2cDsUywCtX0QOFziAfY1hDbCRgXj2aHEzOIp7Ys1PrmYzQ/zUm8k0uhnyGXTo+7GK0n7ZMJgLcmmy6ET9a9vhRg9HHSgr0WroUBxq9iw==$zzHnsCAGr1yXiJHEB/+WBA==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
speculation-rules
"/cdn-cgi/speculation"
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8c81bf3e0be984f3-HKG
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
managed
kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/challenge-platform/h/g/beacon/ov1/180266066:1727169219:ra1mC0np6dMCEZnNwEj0iiGwYApQT7ISbB8NqMq14rc/8c81bf3c79c684f3/1d18c57562d1e2e/ 		2 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/challenge-platform/h/g/beacon/ov1/180266066:1727169219:ra1mC0np6dMCEZnNwEj0iiGwYApQT7ISbB8NqMq14rc/8c81bf3c79c684f3/1d18c57562d1e2e/managed
Requested by
Host: kw1tcpfgzndhtidv.docuxceofiles.com
URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c81bf3c79c684f3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
Referer
https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804

Response headers

cf-ray
8c81bf3e2c1784f3-HKG
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
2
date
Tue, 24 Sep 2024 09:28:54 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vzWzLX8cU4BBucFwQwELoVjeH0cVfovH8Lta0SWpi0DnM1lL0xEiI27xCe0a0aCQCEmF%2FQcpyuTeRAOMnZYiq%2BMiagMDK%2BpcH%2BNQJFetgflbxI%2FAd5m0mUwfMor7xT2M6BMmZmzJ4Qp1VPf7VIpj4i5n9EAO"}],"group":"cf-nel","max_age":604800}
1d18c57562d1e2e
kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/challenge-platform/h/g/flow/ov1/180266066:1727169219:ra1mC0np6dMCEZnNwEj0iiGwYApQT7ISbB8NqMq14rc/8c81bf3c79c684f3/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/challenge-platform/h/g/flow/ov1/180266066:1727169219:ra1mC0np6dMCEZnNwEj0iiGwYApQT7ISbB8NqMq14rc/8c81bf3c79c684f3/1d18c57562d1e2e
Requested by
Host: kw1tcpfgzndhtidv.docuxceofiles.com
URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c81bf3c79c684f3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae7d1ef47fd3c3000f72edf7c95897ff6e33e7948b9961cfd640da63e3450f41

Request headers

Referer
https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
1d18c57562d1e2e

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MlFsRHurPvila%2BVQQ88a%2Faoj%2BXNEPcTcCXwrdE46O1Fw%2BKTVEqrJ%2BBiCcZ7fyYohkPLmbirCz6QsaAdztq1XRIiNu%2BIIiWCUzkdWrD3ggqOJdqu2uuw3ZZUa6JpAHemaW30s5LQSG1NS%2Fes3Gv2zmZjp2c6v"}],"group":"cf-nel","max_age":604800}
cf-ray
8c81bf3ebcf884f3-HKG
date
Tue, 24 Sep 2024 09:28:54 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
Nzlfc8tIoD8lggK3WDWxQqS+54yP0a8OoIgLHM0hsTbfVCHc22P69YPM38Gvpdpdgu7O3UsIbw==$37rFczQWLhRkXGZK
server
cloudflare
favicon.ico
kw1tcpfgzndhtidv.docuxceofiles.com/ 		9 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://kw1tcpfgzndhtidv.docuxceofiles.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d76baca49cf241714df718fe42e8366e04bb81f7f529a511ca461a79d0772ff
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VH3555YsWIyptl1uyvBPSOgy5MpHcUCPyimXIdhRdAC1sVaDr94hlFGkIsPomfz3JgYrgrfQAtJvOrQZFhteR1twsR4acAAZr8mg6eLUNIk%2FXbevoqWoc8ogsdYRop8K6ua2a%2B%2BrORGsKduSHyZz3oTnokAl"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Tue, 24 Sep 2024 09:28:54 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
rMttw4UbvnsaRcVyFJrnaZN/J2xI5e1WqJJvdlVydjxp71cdlJruWWNRAm+w4q+pfj/5RmMKihHOWsSkxgzwG8NRr4jcDu0J9CkR8t8x2QyhssKfLHLQnFD9OKDi2//AAUMJ6Pqngt82Q9BI8NmFNA==$vRlaGB0BQHnA2HygI7YP/w==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
speculation-rules
"/cdn-cgi/speculation"
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8c81bf3edd2084f3-HKG
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
a93817b8-06f4-45bc-a6ea-fa52dbdb943b
https://kw1tcpfgzndhtidv.docuxceofiles.com/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vbqy0/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame 3B5D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/vbqy0/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8c81bf3fbccedd9d-HKG
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 24 Sep 2024 09:28:55 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
Primary Request /
kw1tcpfgzndhtidv.docuxceofiles.com/ 		9 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804
Requested by
Host: kw1tcpfgzndhtidv.docuxceofiles.com
URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c81bf3c79c684f3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfa6849663c845cb62a927811b9e9fe87bdcea72801ca3ee795710c4d97f6dc4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
O4SJEGC1kCBzjTBlcfJJ1KUwK3gf6/RZFEyD+h6e3rfy2MX4Vx+UVStzXq7l8Fh/IBUo5zEnS6Bm1x755vOYufkr6YRER7SnAmSOPwNObFwQdXg+ZZ3cMmYrBkDHMJkJaz7Q0ccOtVUMJaubO/DTlw==$bX3Fo1nWx2QdGZmqAHjMLw==
cf-mitigated
challenge
cf-ray
8c81bf50bddc84f3-HKG
content-encoding
br
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 24 Sep 2024 09:28:57 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OYdsPNaNUxr6pt61vpIPGzfkpHnmr9OMvReSVFJizcwK6cRat3Dd6f2wJY0MPcfrFoZv5NVLHXZxIMqanP4FDPB%2BmeS3hRpXgBqLM0vW28QM%2FL1Ki8%2BZtmsrZ%2Bgi8Wte6jlz%2BCZR9LFULDBcfPuU6uE9od89"}],"group":"cf-nel","max_age":604800}
server
cloudflare
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
speculation
kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://kw1tcpfgzndhtidv.docuxceofiles.com
Referer
https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aMc%2FzHDx7zDZyN%2F%2F0l8QHz%2F9IyoNC668tKXwsCPJRJOoJaZw3DlPXrechD1yCKfi8wEFs10AoyeGpfPoMxWMTXJwMAMDvl8pZx4MUjblvy96%2F9lDIuZucwgE4hns9DP2Qht25OpffYCRLhcyKYJMVcE1I2TK"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Tue, 24 Sep 2024 09:28:57 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
kO5F4pA50tE8kfZBwYA5v9PfM005XXh+8BmOz6q9Q/VHT0KL7cDnQZycOdd9CQOrtlyYo/8i468I0sXniAnSGu8Y86hRkavNC25kNVy2QfXTYiMCYx4bzJBlRqlBdt0VIl/SCpA92pnfMtKcr9ZbAA==$39U+GdNcvyepcFUESQSEhw==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
speculation-rules
"/cdn-cgi/speculation"
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8c81bf513e8484f3-HKG
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
v1
kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		149 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c81bf50bddc84f3
Requested by
Host: kw1tcpfgzndhtidv.docuxceofiles.com
URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86032e12e028ef84248eff4f9f0a0256d983e73fc9c1d3a481080067b12b86d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=vkWytppr9lZEXKfJ0gT0esnMzo_7gH5b8_47tEsC_rM-1727170137-0.0.1.1-4649

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=99yd2221BS9bhzDvdnGf5aerkwIjcEMfBpVEv7mAhTLSXD9TDG7F%2FlyAybydHSHS3Ro%2BbKLg2bRPpaY%2BUR7I89yD1VKDFThZVWn02ECeVMP0oq9jgJ90O%2FJfBcVOlIKMcqtX5DButK1nmPi7djNcLVI2WpEu"}],"group":"cf-nel","max_age":604800}
cf-ray
8c81bf515eb184f3-HKG
date
Tue, 24 Sep 2024 09:28:57 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
47111e38-c016-4ac3-a3c2-5f3d1da888b1
https://kw1tcpfgzndhtidv.docuxceofiles.com/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/ 		46 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
Requested by
Host: kw1tcpfgzndhtidv.docuxceofiles.com
URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c81bf50bddc84f3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96bd1c81d59d6ac2ec9f8ebe4937a315e85443667c5728a7cd9053848dd8d3d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://kw1tcpfgzndhtidv.docuxceofiles.com
Referer

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8c81bf3e4b41dd4d-HKG
access-control-allow-origin
*
date
Tue, 24 Sep 2024 09:28:54 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 17 Sep 2024 16:06:37 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
kw1tcpfgzndhtidv.docuxceofiles.com/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kw1tcpfgzndhtidv.docuxceofiles.com/favicon.ico
Requested by
Host: kw1tcpfgzndhtidv.docuxceofiles.com
URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d098fc892375e612ea1aecd4d593308ee99a1ccf67c542efc99b166432a00617
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3aWKn9XlXYXchl6isrUg87U8og7zLzArhqrs0sfzQq3jsiXyQAc7B%2FpSIwScSf3gVY9YOsXS1xAHlzqomhX2zfN%2BPKQ9IJCbLaRBEEzm0XlsxHpHg4glRPpX2VgUlFGhHxrjMCyHUYU0z%2FR4aI7BsYUuQGid"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Tue, 24 Sep 2024 09:28:57 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
ICNaU998K8HlwiwDfpxq6d3HXLrx6UZTitduePbV6FaM9if10VbD+l8YE3nvh/124Y3K08R5In7sYCwCMeeiYHvxLD9C4Y7xAb62XksitUa5+lghOiEBr05iGUus9QCfdulRy9zooKsyUy6cCje7jw==$3IvYznO2IVxkVFLWuRGCdw==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
speculation-rules
"/cdn-cgi/speculation"
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8c81bf52080084f3-HKG
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
favicon.ico
kw1tcpfgzndhtidv.docuxceofiles.com/ 		9 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://kw1tcpfgzndhtidv.docuxceofiles.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35ae466ba0e03bd5211d89b976197f11b2bd4448edb0656e01017c6441e1d600
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804

Response headers

content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TbvPmpokftQevMbFH9%2B4BMBCLYREHgbC48ceuN8BgW1dEmYTBI5csJ9PJOvB4WmPOgPfEEu64C%2ByErNDur%2FjSyJqOZsTo%2FD6rvIuZVS4asNxp2B029XkrGjK8e4mxl9NdM6EjSKncy4XNvYPAO5EntsUZiMy"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
x-content-options
nosniff
date
Tue, 24 Sep 2024 09:28:57 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
78yfiTWWSIKXati0pSRIsuaxY6PxO3y/CaIiDUVYnVioSubJqgUf2yyIWNOrIXFltIj76pmGhe+YFjtGy7YwwlbLAFPLzxqdxqdUo0NPoB1wqOMAkDchR8jPb8jfW/9HtVusPn44x2TjrKBF5RHtXA==$opfCtBCZeDcOmUAzA1nxHQ==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
speculation-rules
"/cdn-cgi/speculation"
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8c81bf5268a984f3-HKG
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
e1e9accc4e8b2b6
kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1236571358:1727169129:MUsU1qiT1vDj4bbv4SfkwdaBBr7AdDqM1GaQfbvi1Pk/8c81bf50bddc84f3/ 		16 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1236571358:1727169129:MUsU1qiT1vDj4bbv4SfkwdaBBr7AdDqM1GaQfbvi1Pk/8c81bf50bddc84f3/e1e9accc4e8b2b6
Requested by
Host: kw1tcpfgzndhtidv.docuxceofiles.com
URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8c81bf50bddc84f3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fcd781afdeb05cefd6c677e05d778797c6361650af7dff1bd8080007a29391b

Request headers

Referer
https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
e1e9accc4e8b2b6

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ej6kxXwEdqOqajd3nY5SE43iIEXhI4Y3Ckoi0og5aWpSXOmRqN11vERj1fHXmCy3Mios%2Bu%2FW4MqVkg%2BmG2wZqjFblCRWPOTf1TojyaAJn6ZombqwLo5ZrAI6WTefn0yqAJBtdKdrp%2FQDY15n1uP%2Fl68pj7iJ"}],"group":"cf-nel","max_age":604800}
cf-ray
8c81bf52b95784f3-HKG
date
Tue, 24 Sep 2024 09:28:58 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
MrrvV1jm+6MXoDeSNsZhEFQzxWwzBbB1kOmI+1h05xkKds9Ct+S69stfKki86qIe4k20MlYN5A==$K0UtLqy9dpS6ui+a
server
cloudflare
7daa83b9-7e95-4275-812e-8a01e8e6568f
https://kw1tcpfgzndhtidv.docuxceofiles.com/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/3nua5/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame 7478 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/3nua5/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/ec4b873d446c/api.js?onload=Jeuhg1&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8c81bf537f4cdd9d-HKG
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/ blob:; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 24 Sep 2024 09:28:58 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fax-u5.icu
URL
https://fax-u5.icu/favicon.ico
Domain
kw1tcpfgzndhtidv.docuxceofiles.com
URL
blob:https://kw1tcpfgzndhtidv.docuxceofiles.com/fff796c6-c507-491e-829d-bfc419328cd7
Domain
kw1tcpfgzndhtidv.docuxceofiles.com
URL
blob:https://kw1tcpfgzndhtidv.docuxceofiles.com/a93817b8-06f4-45bc-a6ea-fa52dbdb943b
Domain
kw1tcpfgzndhtidv.docuxceofiles.com
URL
blob:https://kw1tcpfgzndhtidv.docuxceofiles.com/47111e38-c016-4ac3-a3c2-5f3d1da888b1
Domain
kw1tcpfgzndhtidv.docuxceofiles.com
URL
blob:https://kw1tcpfgzndhtidv.docuxceofiles.com/7daa83b9-7e95-4275-812e-8a01e8e6568f

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| TMMx5 function| Jeuhg1 function| KUjIx3 function| mpUaL2 function| FxOnr3 object| eXDlL4 object| YvPd6 function| Vguy6 function| Hvmr3 object| iHwxM3 number| OuWT7 object| angular object| ohry1 object| turnstile boolean| FrNBi5 string| HcTEI3 boolean| aFyRe6

2 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 517=vJ3ByPQvFx9BDZbzLfqQ9v4VRLAFYrOrv1zC7EBPftD-Qp60W0c_OMv2_SSxeAcuPMAMIDy4ch9ODwgHeFNqprUxefNf-eJW4UxzDgM7qUBbs4QSbvLYP7F_3uhOatSpjz1G9SgTfaDYAfP9MKqBepUcrZOQYFHcnfMwnzT7_Ya_HzgwNnAvrTanWsqOT4HO
kw1tcpfgzndhtidv.docuxceofiles.com/ Name: cf_chl_rc_m
Value: 1

10 Console Messages

Source Level URL
Text
network error URL: https://kw1tcpfgzndhtidv.docuxceofiles.com//
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/speculation
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804
Message:
Load failed or canceled (net::ERR_ABORTED; HTTP status 403) for rule set requested from "https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/speculation" found in Speculation-Rules header.
network error URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=G4fbNmvLzQwEr8LF1JVvaqIczSmGBtb9M8uriR6I7Gs-1727170134-0.0.1.1-6804
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/speculation
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/?__cf_chl_rt_tk=vkWytppr9lZEXKfJ0gT0esnMzo_7gH5b8_47tEsC_rM-1727170137-0.0.1.1-4649
Message:
Load failed or canceled (net::ERR_ABORTED; HTTP status 403) for rule set requested from "https://kw1tcpfgzndhtidv.docuxceofiles.com/cdn-cgi/speculation" found in Speculation-Rules header.
network error URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://kw1tcpfgzndhtidv.docuxceofiles.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()