Submitted URL: http://oza0s.app.link/
Effective URL: https://cya.nz/
Submission: On December 02 via api from US — Scanned from DE

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 13 HTTP transactions. The main IP is 172.67.163.55, located in United States and belongs to CLOUDFLARENET, US. The main domain is cya.nz.
TLS certificate: Issued by WE1 on November 24th 2024. Valid for: 3 months.
This is the only time cya.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:205... 16509 (AMAZON-02)
2 6 172.67.163.55 13335 (CLOUDFLAR...)
2 104.18.10.207 13335 (CLOUDFLAR...)
2 142.250.185.68 15169 (GOOGLE)
3 188.114.96.3 13335 (CLOUDFLAR...)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 142.250.185.131 15169 (GOOGLE)
13 6
Apex Domain
Subdomains
Transfer
6 cya.nz
cya.nz
11 KB
3 itmate.net
revive.itmate.net
5 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 3
995 B
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1255
43 KB
1 gstatic.com
www.gstatic.com
218 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
7 KB
1 app.link
oza0s.app.link
502 B
13 7
Domain Requested by
6 cya.nz 2 redirects cya.nz
3 revive.itmate.net cya.nz
revive.itmate.net
2 www.google.com cya.nz
www.gstatic.com
2 maxcdn.bootstrapcdn.com cya.nz
1 www.gstatic.com www.google.com
1 cdnjs.cloudflare.com cya.nz
1 oza0s.app.link 1 redirects
13 7

This site contains no links.

Subject Issuer Validity Valid
cya.nz
WE1
2024-11-24 -
2025-02-22
3 months crt.sh
bootstrapcdn.com
WE1
2024-11-18 -
2025-02-16
3 months crt.sh
*.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
itmate.net
WE1
2024-11-21 -
2025-02-19
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 3 frames:

Primary Page: https://cya.nz/
Frame ID: AA49B10A07E1ED2970690270C7D3A57B
Requests: 10 HTTP requests in this frame

Frame: https://cya.nz/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Frame ID: 679C94E4A8A06F11A3C95B16BAA263D5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfbt-ooAAAAAJsBOlEo8Crun0QBAQtF34UDIBMf&co=aHR0cHM6Ly9jeWEubno6NDQz&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=m2b01e97ltul
Frame ID: ED2E38228AE0C5DD7D89570E29F74A21
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Reliable URL Shortening Service - CYA.NZ

Page URL History Show full URLs

  1. http://oza0s.app.link/ HTTP 307
    https://oza0s.app.link/ HTTP 307
    https://cya.nz/4FKD HTTP 302
    https://cya.nz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

13
Requests

92 %
HTTPS

14 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

284 kB
Transfer

805 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://oza0s.app.link/ HTTP 307
    https://oza0s.app.link/ HTTP 307
    https://cya.nz/4FKD HTTP 302
    https://cya.nz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://cya.nz/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://cya.nz/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
cya.nz/
Redirect Chain
  • http://oza0s.app.link/
  • https://oza0s.app.link/
  • https://cya.nz/4FKD
  • https://cya.nz/
4 KB
2 KB
Document
General
Full URL
https://cya.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82de8a39d1f8687e87623afb7508ec1ce0fce372a03a69799f455660cd052047

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ebd6a331cf2dc70-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Mon, 02 Dec 2024 18:35:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ZPiLTkvELiX7Vt8HNc55%2BMtwNdLUxuscR%2BabAHvP02kyNGgj%2F116HtTrGpfDA9GE0fmlMIOzyXnWCdI0IpZQjxBYr1e9h92lCtL9RfDrk8qXqRIgjqtYGM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=27539&min_rtt=26475&rtt_var=5367&sent=17&recv=11&lost=0&retrans=3&sent_bytes=4936&recv_bytes=4861&delivery_rate=19836&cwnd=12000&unsent_bytes=0&cid=97a61a95be0d238b&ts=1245&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding,User-Agent

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ebd6a2d4b62dc70-FRA
content-type
text/html; charset=UTF-8
date
Mon, 02 Dec 2024 18:35:06 GMT
location
https://cya.nz
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Snbc4Z77W%2B5mqF42zgvqPDUcCEydfrrG2759ZB6N7mBTY6Li8KbJmBmvTL6d95Sc00F7qq1SNYtZtkEBV%2BjX3Xo7dJjze01xE0nfKAv9Z9uHO%2F7eUrv3YBU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=27092&min_rtt=26475&rtt_var=5964&sent=15&recv=10&lost=0&retrans=3&sent_bytes=4254&recv_bytes=4480&delivery_rate=752&cwnd=12000&unsent_bytes=0&cid=97a61a95be0d238b&ts=921&x=1" cfHdrFlush;dur=0
vary
User-Agent
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/
157 KB
28 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
Requested by
Host: cya.nz
URL: https://cya.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cya.nz/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
W/"816af0eddd3b4822c2756227c7e7b7ee"
age
2640924
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 18:35:06 GMT
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
05/29/2024 18:09:57
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
12ff60dbf61ae849db4dc6de204d743f
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8ebd6a355fbf1901-FRA
access-control-allow-origin
*
cdn-edgestorageid
865
server
cloudflare
cdn-requestcountrycode
DE
api.js
www.google.com/recaptcha/
1 KB
995 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6Lfbt-ooAAAAAJsBOlEo8Crun0QBAQtF34UDIBMf
Requested by
Host: cya.nz
URL: https://cya.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
ESF /
Resource Hash
0389ad8c121a6aac0f56132169803f06a04b0c4b7d50c055ff1cb494966ad2ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cya.nz/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 02 Dec 2024 18:35:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Mon, 02 Dec 2024 18:35:06 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
asyncjs.php
revive.itmate.net/www/delivery/
4 KB
3 KB
Script
General
Full URL
https://revive.itmate.net/www/delivery/asyncjs.php
Requested by
Host: cya.nz
URL: https://cya.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1092e39d4e9aa86e0dc61bad7b503fab642fc6222df3a2146540f3ba037d6b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cya.nz/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
598d222eec792903f9bcf4468c76c29d
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UXeaarJnTVA5felOzw2DFLIbjitMSiJB8JiiCQITzIblxivAilcW4qZWEqoqNb5zqURVCUsLk%2BGJr9RX%2BaO9MA3fWHmw%2FgOSimp1rSeMWMGQJFX12TsXg%2FKE4EvQuoG6zsJgkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32507&min_rtt=27347&rtt_var=11469&sent=15&recv=12&lost=2&retrans=3&sent_bytes=4348&recv_bytes=4467&delivery_rate=519&cwnd=8400&unsent_bytes=0&cid=01d37c8c9ef6f09b&ts=979&x=1", cfExtPri, cfHdrFlush;dur=0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 02 Dec 2024 18:35:07 GMT
content-type
text/javascript;charset=UTF-8
vary
Accept-Encoding,User-Agent
priority
u=3,i=?0
expire
Mon, 02 Dec 2024 19:35:07 GMT
cache-control
private, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ebd6a367f11dc91-FRA
content-length
1938
server
cloudflare
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/
59 KB
16 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js
Requested by
Host: cya.nz
URL: https://cya.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cya.nz/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"02d223393e00c273efdcb1ade8f4f8b1"
age
233858
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 02 Dec 2024 18:35:06 GMT
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
09/26/2024 10:52:50
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
afa402d18f649b2d6e94a065281bf29c
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8ebd6a355fbe1901-FRA
access-control-allow-origin
*
cdn-edgestorageid
987
server
cloudflare
cdn-requestcountrycode
US
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/
21 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js
Requested by
Host: cya.nz
URL: https://cya.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cya.nz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03fa9-5309"
age
227176
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zkfaqjwh4DjgH%2BBfzgcrYfocoR8QkA7fZ85ueZF8mlTNFxYpmLyOgX6kHkgPc1x%2BU8T2vZIGXXIRfkTy0qvc6ULJFLaHP2BNBdxzpfQXaUuLW%2FBKPbW19pj3LYpFAH6citVUPE83"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 22 Nov 2025 18:35:06 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 02 Dec 2024 18:35:06 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:15:37 GMT
vary
Accept-Encoding
priority
u=1,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8ebd6a355afbdca0-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6696
server
cloudflare
recaptcha__de.js
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/
549 KB
218 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lfbt-ooAAAAAJsBOlEo8Crun0QBAQtF34UDIBMf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://cya.nz
Referer
https://cya.nz/

Response headers

content-encoding
gzip
age
190513
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Sun, 30 Nov 2025 13:39:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 30 Nov 2024 13:39:53 GMT
last-modified
Mon, 11 Nov 2024 05:00:22 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
222835
x-xss-protection
0
server
sffe
main.js
cya.nz/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame 679C
Redirect Chain
  • https://cya.nz/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://cya.nz/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
9 KB
5 KB
Script
General
Full URL
https://cya.nz/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
Requested by
Host: cya.nz
URL: https://cya.nz/
Protocol
H3
Server
172.67.163.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9105485c9d5903d5d2b53ec305bf520e4aade95bfaba21cbf33f6e29bd79826a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fuwBrVRx0R5GJTwgAFQw1TQW3m0GlKOeniMZnanyTnJle%2B25pHX6w1W8iXUnmd8nRY9bPASf18ZJcQfJskV5LptzUNKI17uIFBJ0jf%2F64v6%2F2owuxsBzZkw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8ebd6a365ea5dc70-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28881&min_rtt=26475&rtt_var=4824&sent=24&recv=15&lost=0&retrans=3&sent_bytes=8211&recv_bytes=5492&delivery_rate=17439&cwnd=12000&unsent_bytes=0&cid=97a61a95be0d238b&ts=1484&x=1", cfHdrFlush;dur=0
date
Mon, 02 Dec 2024 18:35:06 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TDGxefI7nYuNq9B3ZKuWrdyVZleswsWP4flQXvjW8eBzEWdSRBddHjbFhC2ddmQR0U3WUIGjfwZH6T9KLaUF4IVUlC8EKcNn8HAwhLpk21SJT95JCxYbA80%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ebd6a361de8dc70-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=27716&min_rtt=26475&rtt_var=3328&sent=22&recv=14&lost=0&retrans=3&sent_bytes=7513&recv_bytes=5210&delivery_rate=8019&cwnd=12000&unsent_bytes=0&cid=97a61a95be0d238b&ts=1447&x=1", cfHdrFlush;dur=0
date
Mon, 02 Dec 2024 18:35:06 GMT
vary
Accept-Encoding
server
cloudflare
8ebd6a331cf2dc70
cya.nz/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 679C
0
1 KB
XHR
General
Full URL
https://cya.nz/cdn-cgi/challenge-platform/h/b/jsd/r/8ebd6a331cf2dc70
Requested by
Host: cya.nz
URL: https://cya.nz/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dYLrWkvI0rJcg%2FuAK8gNUxIPN5Gzcb6H5Wn0EvKTVEQ53U9YgbOgznqsJ4oHJgcisKPIyYr%2Bp3Qkbz5JrHYxRZq2JWb7eo%2FhCu5WZvXi7Dl1UAgMkx8Ziag%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8ebd6a378a2cdc70-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=39025&min_rtt=26475&rtt_var=15498&sent=47&recv=36&lost=4&retrans=8&sent_bytes=18452&recv_bytes=22871&delivery_rate=130956&cwnd=8400&unsent_bytes=0&cid=97a61a95be0d238b&ts=1713&x=1", cfHdrFlush;dur=0
content-length
0
date
Mon, 02 Dec 2024 18:35:06 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
anchor
www.google.com/recaptcha/api2/ Frame ED2E
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfbt-ooAAAAAJsBOlEo8Crun0QBAQtF34UDIBMf&co=aHR0cHM6Ly9jeWEubno6NDQz&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=invisible&cb=m2b01e97ltul
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8kbxKr56m9C2hXYw3x-zsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cya.nz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-8kbxKr56m9C2hXYw3x-zsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Dec 2024 18:35:06 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
asyncspc.php
revive.itmate.net/www/delivery/
391 B
1 KB
XHR
General
Full URL
https://revive.itmate.net/www/delivery/asyncspc.php?zones=3&prefix=revive-0-&target=_blank&loc=https%3A%2F%2Fcya.nz%2F
Requested by
Host: revive.itmate.net
URL: https://revive.itmate.net/www/delivery/asyncjs.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61fa2df29e8e5fe8826239a955d0852fa0bfba75c0adfedf788f944b404b87c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cya.nz/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e3eV8s7ArB6lYTjilgoj2Pyb2ygBGjVN4bmR1Rf%2FpokSCwJo0HnI3J5I3Pv4aFA0LS9ZrxP9pw1I6uADpy9FWVSbaK0TZumHqAu1vVEC2CdHBWVNrr75lbyvmHeiOLUMH0%2F9cg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=31215&min_rtt=26110&rtt_var=8637&sent=20&recv=16&lost=2&retrans=3&sent_bytes=7204&recv_bytes=5270&delivery_rate=107505&cwnd=8400&unsent_bytes=0&cid=01d37c8c9ef6f09b&ts=1428&x=1", cfExtPri, cfHdrFlush;dur=0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 02 Dec 2024 18:35:07 GMT
content-type
application/json
vary
Accept-Encoding,User-Agent
priority
u=1,i
cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8ebd6a3cfc3cdc91-FRA
access-control-allow-origin
https://cya.nz
content-length
282
server
cloudflare
favicon.ico
cya.nz/
1 KB
2 KB
Other
General
Full URL
https://cya.nz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.163.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99964c19a857d64eb7ce86aa47dd04888fb12c12a45cf2d0d85ad448f0b59a97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cya.nz/

Response headers

content-encoding
gzip
cf-cache-status
EXPIRED
etag
"560-57de1f4661e40-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pzw7%2BGlEUXE%2B36zH0mI7gN9hG2yyW24nnDVBL2rJtiTZ0T9c%2FNJJmQ0%2B%2FvoYta5vuhAQOQ6MOu5vHZ0kVWtEphU4X7WTgXhDNmmd47MJ%2BH1NGuR3aWVpQ0o%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=42828&min_rtt=26475&rtt_var=19230&sent=50&recv=38&lost=5&retrans=8&sent_bytes=19637&recv_bytes=23619&delivery_rate=12048&cwnd=8400&unsent_bytes=0&cid=97a61a95be0d238b&ts=3396&x=1", cfHdrFlush;dur=0
date
Mon, 02 Dec 2024 18:35:08 GMT
content-type
image/x-icon
last-modified
Wed, 26 Dec 2018 00:31:45 GMT
vary
Accept-Encoding,User-Agent
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ebd6a3cfb25dc70-FRA
accept-ranges
bytes
content-length
1050
server
cloudflare
lg.php
revive.itmate.net/www/delivery/
43 B
857 B
Image
General
Full URL
https://revive.itmate.net/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=3&loc=https%3A%2F%2Fcya.nz%2F&cb=6ce9d31717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://cya.nz/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPbA1gS9xhIngpuvzgLEZS7pO34aJ4gpgIBQ3%2ByTD2Tbjj4wx26HCT2gbUpE8Yd7UGIAoFBd9lbPLGJ8rjmcNaLo3LvoDE1XDIIEu%2FMTPdye1GfplO8quFxiAYVv2MRtYm%2BySQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30602&min_rtt=26110&rtt_var=7703&sent=23&recv=18&lost=3&retrans=3&sent_bytes=8375&recv_bytes=5732&delivery_rate=4043&cwnd=8400&unsent_bytes=0&cid=01d37c8c9ef6f09b&ts=1764&x=1", cfExtPri, cfHdrFlush;dur=0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 02 Dec 2024 18:35:08 GMT
content-type
image/gif
vary
Accept-Encoding,User-Agent
priority
u=3,i
cache-control
no-cache, no-store, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
8ebd6a3f1acddc91-FRA
access-control-allow-origin
*
content-length
56
server
cloudflare

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| bootstrap function| Popper object| recaptcha object| closure_lm_731078 object| reviveAsync

3 Cookies

Domain/Path Name / Value
.app.link/ Name: _s
Value: TsAf2ZhdpiT810%2F45lUZ%2FP4C7aq1JHVPeAtGFARk3KPK1aNzFQfxeOpyYOEI3HEi
.cya.nz/ Name: cf_clearance
Value: Lng_hHnoICqn.eKcm_CY9QY_Qo1tYNAi7n7ujuRZEmM-1733164506-1.2.1.1-0LxO9.Hr8J.j1IhX8uSSUrQbfwygqXfdasBjmaEouMfAAlYwFl7mf4jsHqLWGIlnnudGZLTTIMaLxMNgUPKWQPex6KxxD39FeivRTQKv3gv2VFMWGtFJBx0on1qZe6KRK2nREzzeUynWb3wN69DRMqpcfpBazYI_SR7nRF11WWNuQseFA81ND_urX_52oSHgUDEOQ9yYNun408gesYXqzUMOjNURuv1PqYuzSOrZ0ZNa_cwjXX5lwZabzffEprtp9Ine.8wbURdbx9ErI0bpFJaQPqmU.9zVidH.k.XfCrdnEJcstpXjttXJeN37WO85aFGw9KDi0krQexdidgGzWnSClyVmgK7vgSTv7Eg4Gl9Y7KJBvhQjhK5WQyJ7W3q7
revive.itmate.net/ Name: OAID
Value: 01000111010001000101000001010010