4usave1.one Open in urlscan Pro
2606:4700:3031::ac43:c897  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	403	Primary Request / Show response 4usave1.one/	18 KB 10 KB	39ms 14ms	Document text/html	2606:4700:3031::ac43:c897 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://4usave1.one/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:c897 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f71e76ff8035d1425989e0af740e0fa55122d00630ed01b276f5e21e9b469be Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-chl-out eo8lROSFGsl5DjJ3vDsNSkfGoAaHpWW1RstOihGhfbBxqm7nQAVbfo7RIF5Tqr0mCdaNAEXspH4pEks1odQO9NYfMIJX+4lGWtoeFcCfSTI=$Vxt22D36hd//tuwWNluzpg== cf-mitigated challenge cf-ray 8b98490e1ac530c9-FRA content-encoding br content-type text/html; charset=UTF-8 critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Tue, 27 Aug 2024 01:28:31 GMT expires Thu, 01 Jan 1970 00:00:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZFof%2FixZDTp2ut4IK8RmbP8Hl0H0HTPcm%2BeQE3k5wNrT2SrhmcCpqn23RSKJ7xIbMt1xPioCwtcqaGqHEv%2F63RVE9RscT8EIn4fdHFPJFS%2FTlgjCWfNx%2BD2t8gMtQNof4HpOMxv13Hla%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-content-options nosniff x-frame-options SAMEORIGIN
GET H3	200	v1 Show response 4usave1.one/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/	98 KB 38 KB	16ms 15ms	Script application/javascript	2606:4700:3031::ac43:c897 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://4usave1.one/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8b98490e1ac530c9 Requested by Host: 4usave1.one URL: https://4usave1.one/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:c897 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14f7a52e67d478ca3d1e4d586d13a24f58491dcb075c23963e585b18baef5941 Request headers Referer https://4usave1.one/?__cf_chl_rt_tk=YRFXf4VrMhXPYdv611eY2VuOxOJLT2KNlkeNw7WU7uw-1724722111-0.0.1.1-6890 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 01:28:31 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QjxPSicniYybyVjbfwtxYfgY%2FKhsE6fQ%2Fag1x%2FfiHtbQTeYUUeaMQKN9nvRIfIYE%2BDedgZ4XK9kpSN95nDkUdyfnBRClQ0EIvxI8NrSsFPoK9hWmP1kG19dI2Nau9AOQ1aHKlP7efFsf6w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 8b98490e7b3130c9-FRA alt-svc h3=":443"; ma=86400
GET		6645d048-12ca-4568-b54a-15f505eeb49b https://4usave1.one/ Frame	0 0
GET H3	200	api.js Show response challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/	44 KB 15 KB	38ms 16ms	Script application/javascript	2606:4700::6812:5e29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js?onload=FWtH0&render=explicit Requested by Host: 4usave1.one URL: https://4usave1.one/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8b98490e1ac530c9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7eda47b0c02c44bdaa43a5b14857f1257ddbd620b0397c32aa3ae8baf769ab55 Request headers Referer Origin https://4usave1.one User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 01:28:31 GMT content-encoding br last-modified Thu, 15 Aug 2024 16:28:23 GMT server cloudflare vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public cross-origin-resource-policy cross-origin cf-ray 8b98490edf5f3a88-FRA alt-svc h3=":443"; ma=86400
GET H3	404	favicon.ico 4usave1.one/	2 KB 2 KB	712ms 711ms	Image text/html	2606:4700:3031::ac43:c897 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://4usave1.one/favicon.ico Requested by Host: 4usave1.one URL: https://4usave1.one/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:c897 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc6e21aa51c5d63b0ba8cf24076398d010025da41e9806e99f2a63353b680bac Request headers Referer https://4usave1.one/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 01:28:32 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hlXO%2BaV5byCQFIWFLgqbxbNJUXbizGsp2HPI3ulo60NnuuqS3Ju3P8uBVKgNcZM6HLixDlpFoGOGung9pxFrAdvK4if%2Bb%2BiFhjWwXQ8ytzYzNVw%2BMqgqA9QO8D2mxjmD8L4GLPcCrvqN8w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-cache, private cf-ray 8b98490ecb5630c9-FRA alt-svc h3=":443"; ma=86400
POST H3	200	c385f2a0a7903cc Show response 4usave1.one/cdn-cgi/challenge-platform/h/b/flow/ov1/2012876114:1724718350:pCTBYd_f9OhiMAshiC7SGBEYpmFfrJbxEN-r54EOqdM/8b98490e1ac530c9/	16 KB 13 KB	27ms 25ms	XHR text/plain	2606:4700:3031::ac43:c897 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://4usave1.one/cdn-cgi/challenge-platform/h/b/flow/ov1/2012876114:1724718350:pCTBYd_f9OhiMAshiC7SGBEYpmFfrJbxEN-r54EOqdM/8b98490e1ac530c9/c385f2a0a7903cc Requested by Host: 4usave1.one URL: https://4usave1.one/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8b98490e1ac530c9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:c897 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d6ec29d7db4ccd8619ad0177e35e9ff950c55dc90fc3b330b576040edbf0029 Request headers Referer https://4usave1.one/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 CF-Challenge c385f2a0a7903cc Content-type application/x-www-form-urlencoded Response headers date Tue, 27 Aug 2024 01:28:31 GMT content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EoyETeRi9GBQW0ukVrcRrWEhx3muOkINGeNrdh9XEazZppY5KrFXr7rZ8MOfPgMksB162F5L6sWv9CWTO017YNaeG2wyoaiHAY4v5HhN2VZhNs86NaB9JpC56MEVLG7bmV3ryqwHnm%2BVSA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=UTF-8 cf-ray 8b98490f6bb230c9-FRA alt-svc h3=":443"; ma=86400 cf-chl-gen IXp5BTyKw7B2z7q1t0tm9F3e7ZnXau1TmYvhtgtmdKWI/DSX0DYelkDmBLWORUOjv6fTe5tAXg==$jEU5ShOsXSygyWwa
GET		812ab77c-ab89-4e75-b169-1784fac9ee40 https://4usave1.one/ Frame	0 0
GET H3	200	/ challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2dvm8/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Frame 95A2	0 0	26ms 18ms	Document text/html	2606:4700::6812:5e29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/2dvm8/0x4AAAAAAADnPIDROrmt1Wwj/light/fbE/normal/auto/ Requested by Host: challenges.cloudflare.com URL: https://challenges.cloudflare.com/turnstile/v0/b/6790c32b9fc9/api.js?onload=FWtH0&render=explicit Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self' Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA alt-svc h3=":443"; ma=86400 cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 8b98490fee683a84-FRA content-encoding br content-security-policy frame-src https://challenges.cloudflare.com/; base-uri 'self' content-type text/html; charset=UTF-8 critical-ch Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA cross-origin-embedder-policy require-corp cross-origin-opener-policy same-origin cross-origin-resource-policy cross-origin date Tue, 27 Aug 2024 01:28:32 GMT document-policy js-profiling origin-agent-cluster ?1 permissions-policy accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=() referrer-policy same-origin server cloudflare
GET H3	404	favicon.ico 4usave1.one/	2 KB 1 KB	478ms 478ms	Other text/html	2606:4700:3031::ac43:c897 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://4usave1.one/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:c897 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 69e0d718dc7ddf81d49388dbbee5fd0b5f6e0aeca902ba97d6d8516a5fab46ff Request headers Referer https://4usave1.one/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Response headers date Tue, 27 Aug 2024 01:28:32 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gk7ivFfhtd7T%2FX4FpXByYFj0HCGvzRiNXNMzwATt%2FgCk24yYq2OUDvy9a5biJWYoZ5%2BkVa7kLZNzKC76NhEuQQt8T27MPueqSyNx1Rl3X9LoXefkbX%2BLst%2B8ijsATkF%2FoAeU43TwjAKH1A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-cache, private cf-ray 8b9849133d4430c9-FRA alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

4usave1.one

URL

blob:https://4usave1.one/6645d048-12ca-4568-b54a-15f505eeb49b

Domain

4usave1.one

URL

blob:https://4usave1.one/812ab77c-ab89-4e75-b169-1784fac9ee40

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| nMYjh2 function| aFNi0 function| iQQUo8 function| FWtH0 boolean| Wglfs7 function| aIHeB3 function| kiQcC5 function| RlyNT8 object| ScCr4 object| VRCR7 object| jopu8 number| wqXrO5 object| angular object| turnstile boolean| NVwJR5 string| eYgKi3 boolean| bMPsx2

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://4usave1.one/#ce Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://4usave1.one/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://4usave1.one/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4usave1.one
challenges.cloudflare.com
4usave1.one
2606:4700:3031::ac43:c897
2606:4700::6812:5e29
14f7a52e67d478ca3d1e4d586d13a24f58491dcb075c23963e585b18baef5941
4f71e76ff8035d1425989e0af740e0fa55122d00630ed01b276f5e21e9b469be
5d6ec29d7db4ccd8619ad0177e35e9ff950c55dc90fc3b330b576040edbf0029
69e0d718dc7ddf81d49388dbbee5fd0b5f6e0aeca902ba97d6d8516a5fab46ff
7eda47b0c02c44bdaa43a5b14857f1257ddbd620b0397c32aa3ae8baf769ab55
cc6e21aa51c5d63b0ba8cf24076398d010025da41e9806e99f2a63353b680bac