urlscan.io logo urlscan.io
SecurityTrails logo

go.andiim3.com Open in urlscan Pro
188.114.97.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://go.andiim3.com/yz/
Effective URL: https://go.andiim3.com/yz/
Submission: On December 27 via api from BY — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 19 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is go.andiim3.com.
TLS certificate: Issued by WE1 on December 20th 2024. Valid for: 3 months.
This is the only time go.andiim3.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 188.114.97.3 13335 (CLOUDFLAR...)
4 104.18.94.41 13335 (CLOUDFLAR...)
19 3
Apex Domain
Subdomains		 Transfer
11 andiim3.com
go.andiim3.com
144 KB
4 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
16 KB
19 2
Domain Requested by
11 go.andiim3.com go.andiim3.com
4 challenges.cloudflare.com go.andiim3.com
challenges.cloudflare.com
19 2

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
andiim3.com
WE1		 2024-12-20 -
2025-03-20		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://go.andiim3.com/yz/
Frame ID: BB8CC7A433CA6A15EB5D30BB86E76782
Requests: 13 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/qc8gd/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: 6E74066A8ADD98285381ADA89009874D
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jrnrj/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: 0EB839C2488EA49487BA1E795C741198
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Even geduld...

Page URL History Show full URLs

  1. http://go.andiim3.com/yz/ HTTP 307
    https://go.andiim3.com/yz/ Page URL
  2. https://go.andiim3.com/yz/ Page URL

Page Statistics

19
Requests

79 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

160 kB
Transfer

365 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://go.andiim3.com/yz/ HTTP 307
    https://go.andiim3.com/yz/ Page URL
  2. https://go.andiim3.com/yz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://go.andiim3.com/yz/ HTTP 307
  • https://go.andiim3.com/yz/

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
go.andiim3.com/yz/
Redirect Chain
  • http://go.andiim3.com/yz/
  • https://go.andiim3.com/yz/
10 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.andiim3.com/yz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3380d34df51799769b911de898dc97e75ae02e9f8915ae47cc548124b27ff595
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
fOErx+OKv2HrSYmZXigFXelP6TZnRzHNbxZwXfPGT9JzgT2ZbNK5wcyjID7urntUQJKaUq0q/EQwgiDjO24rNpNIHAlloqL4hL96oYg/gGFR1aIzUzoGSn9dWWlW8vXSn+LiLRLUpaq2G0k/ShHvrw==$xWEuVeThICQ0PqLE7K+TPQ==
cf-mitigated
challenge
cf-ray
8f8b0e353bb8d2be-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 27 Dec 2024 17:33:24 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QoRnrFNmfSjAGOx7%2FS1hK%2FnROvj4UZbIvdEYz0bPW1IyAEbkM5TOZccWN50XTxXDWFyTh8ehnTMTm1LO1V3AuwhbBbX8EzXERpSAo3jwFFV9Cu3RHhHV8dzom37z05Q2bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=17949&min_rtt=17942&rtt_var=6742&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4130&recv_bytes=4352&delivery_rate=165518&cwnd=12000&unsent_bytes=0&cid=89b4686cce066a3c&ts=31&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://go.andiim3.com/yz/
Non-Authoritative-Reason
HttpsUpgrades
v1
go.andiim3.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		98 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.andiim3.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f8b0e353bb8d2be
Requested by
Host: go.andiim3.com
URL: https://go.andiim3.com/yz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d08c5898b860e9394a95369444f8e5a9ca97a50cb9515392d43e06309508a415

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go.andiim3.com/yz/?__cf_chl_rt_tk=fWB7LsnZEkG9psHTtK922sotGHKsE1H213JhlWMb5oA-1735320804-1.0.1.1-6Ge48r.fL4pP_SjHrUOEPLKJTMqeAInYG71eBSDGa58

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bMMZFXWfj%2FudZIsPtddGtIjE5bnJcm9r%2FhAmvA0kd8HTR0DuZSCLLYqdTXBBo1TmcomNFF2pnzvvXEZPlJolp7CTRe19kkJRl6QJtgcq%2FQ3ivY4PTu%2FVxiUVZauQg0VRjw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f8b0e358c75d2be-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23705&min_rtt=17942&rtt_var=6585&sent=21&recv=14&lost=0&retrans=0&sent_bytes=12991&recv_bytes=5025&delivery_rate=314261&cwnd=12000&unsent_bytes=0&cid=89b4686cce066a3c&ts=79&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 27 Dec 2024 17:33:24 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
priority
u=3,i=?0
c34afed7-31b2-4019-8d7d-207845d67ec2
https://go.andiim3.com/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js?onload=WXqDk4&render=explicit
Requested by
Host: go.andiim3.com
URL: https://go.andiim3.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f8b0e353bb8d2be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aac9e52f80011983676c03ad8120e0369e651e6357d0b05054026a3bc8ec32d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://go.andiim3.com
Referer

Response headers

server
cloudflare
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8f8b0e36287edc84-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 27 Dec 2024 17:33:24 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Dec 2024 17:31:41 GMT
vary
Accept-Encoding
priority
u=3,i=?0
favicon.ico
go.andiim3.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.andiim3.com/favicon.ico
Requested by
Host: go.andiim3.com
URL: https://go.andiim3.com/yz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26f75e0db94acae8416541d9d0e6c57cfd4576c12f7cd70c0ef8caf57e0747f4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go.andiim3.com/yz/

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UyuHNFyZgCgSxsy9j4NEfeECvGzW9bvh0iqjatHhmQDBTOGtcHT1Y1UfCb%2FbXvAjG9Cg%2BHCwvxywVGwfqg6lICQ0ysvnw0iDfrc44X7ONqrW3Y221oFdLHmkS8yRSKvxwA%3D%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=19596&min_rtt=17788&rtt_var=2227&sent=59&recv=34&lost=0&retrans=0&sent_bytes=54691&recv_bytes=6180&delivery_rate=1154616&cwnd=31200&unsent_bytes=0&cid=89b4686cce066a3c&ts=149&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options
nosniff
date
Fri, 27 Dec 2024 17:33:24 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
o3eedUXdK9WN0kwyqo1svteWi+29f+1iAHKA6A/u/NqdSUph3O9oOK/s7EHKeD6kY/4T6t1PyIvpysEin/jfoYIrp6LxsAcvLeye7fH0STF1PULtufousQzDKnVEOTe3Tq3cYbfBlur+RP99uzdXnw==$q7qgG4CGQPI9UkbP80HP0w==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8f8b0e35fdb4d2be-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
favicon.ico
go.andiim3.com/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://go.andiim3.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcd87470d3c242ed3481ac59268cea48683ac1fa0be2f3dd62cf67d74de1d105
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go.andiim3.com/yz/

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uMytOqW%2FCL5g132kCCQ80eFPS%2FKZdP9H%2B2SpQ%2BllxhDjhE89MCk3DybmjyBCqjoNl8dvW3izmtKDfc7Qbv1D7pwQiHpP77FGHzmP7bD2QASUYmmqfvojTSII1FgQddWfEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21941&min_rtt=17788&rtt_var=3845&sent=67&recv=39&lost=0&retrans=0&sent_bytes=61704&recv_bytes=6698&delivery_rate=279834&cwnd=31200&unsent_bytes=0&cid=89b4686cce066a3c&ts=229&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options
nosniff
date
Fri, 27 Dec 2024 17:33:24 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
D/mPPUeRY8CxFJBv/pS3MwqgFWkTJlwIXyIrEiAYTpS34LvmoOccW5aAZskdh2D/u6IGxX0Des+14UzmLyP8RVn74ak2Sy+hRE2zYpQxmM1wBX87oTsYuJVGBxVkmCpaOQLoLW2GhWuiXEktQ9XRLA==$+gOxEkXzErbeyP8CJuR9JQ==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8f8b0e367ed1d2be-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
bRQFaznWkwtQtVZaWsEzgQdVPFvyMWhdjEqsxyGhr1Q-1735320804-1.2.1.1-57jfMlXIFQixEEP05OLsfsgS3LV2n2shpA4bL3tCbuzLisd16Y6kF9eItoYomcbD
go.andiim3.com/cdn-cgi/challenge-platform/h/b/flow/ov1/834753697:1735319584:2U0l0uMKWR36hGWdKJCalGKZWA7DG82l46VE5jNFXKY/8f8b0e353bb8d2be/ 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.andiim3.com/cdn-cgi/challenge-platform/h/b/flow/ov1/834753697:1735319584:2U0l0uMKWR36hGWdKJCalGKZWA7DG82l46VE5jNFXKY/8f8b0e353bb8d2be/bRQFaznWkwtQtVZaWsEzgQdVPFvyMWhdjEqsxyGhr1Q-1735320804-1.2.1.1-57jfMlXIFQixEEP05OLsfsgS3LV2n2shpA4bL3tCbuzLisd16Y6kF9eItoYomcbD
Requested by
Host: go.andiim3.com
URL: https://go.andiim3.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f8b0e353bb8d2be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5126043e3bec213447fff777bb1c2b93ee61fe15844c3fede40af74605560c9a

Request headers

Referer
https://go.andiim3.com/yz/
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
bRQFaznWkwtQtVZaWsEzgQdVPFvyMWhdjEqsxyGhr1Q-1735320804-1.2.1.1-57jfMlXIFQixEEP05OLsfsgS3LV2n2shpA4bL3tCbuzLisd16Y6kF9eItoYomcbD

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xSjvVLR6rdh5TBxpsJ4TZRMCznQaycnFkyORxSLDMmg%2BcZdVh8tp00jGteWSOEsRT7W7iuhk1sEnDotsqp8FFuRPGWMvfZ379wCqdkhaEl2sbzM071%2B7MI3UZLKHp1LIZw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f8b0e36af55d2be-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22585&min_rtt=17788&rtt_var=2083&sent=76&recv=46&lost=0&retrans=0&sent_bytes=68747&recv_bytes=10852&delivery_rate=299971&cwnd=31200&unsent_bytes=0&cid=89b4686cce066a3c&ts=264&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 27 Dec 2024 17:33:24 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
9AtbCgkiTdydg1IXBGOY/JRISsqnq/6bwZwGpLWI8tJlzGRc3MUIy0mDZAZZ7qX21n5bERrdmug=$GBAAuzu4ObxRrOd8
server
cloudflare
priority
u=1,i
ada0be23-d54e-456a-87d2-6b6dee2d8929
https://go.andiim3.com/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/qc8gd/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame 6E74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/qc8gd/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js?onload=WXqDk4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8f8b0e370d4a1da2-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 27 Dec 2024 17:33:24 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri
bRQFaznWkwtQtVZaWsEzgQdVPFvyMWhdjEqsxyGhr1Q-1735320804-1.2.1.1-57jfMlXIFQixEEP05OLsfsgS3LV2n2shpA4bL3tCbuzLisd16Y6kF9eItoYomcbD
go.andiim3.com/cdn-cgi/challenge-platform/h/b/flow/ov1/834753697:1735319584:2U0l0uMKWR36hGWdKJCalGKZWA7DG82l46VE5jNFXKY/8f8b0e353bb8d2be/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.andiim3.com/cdn-cgi/challenge-platform/h/b/flow/ov1/834753697:1735319584:2U0l0uMKWR36hGWdKJCalGKZWA7DG82l46VE5jNFXKY/8f8b0e353bb8d2be/bRQFaznWkwtQtVZaWsEzgQdVPFvyMWhdjEqsxyGhr1Q-1735320804-1.2.1.1-57jfMlXIFQixEEP05OLsfsgS3LV2n2shpA4bL3tCbuzLisd16Y6kF9eItoYomcbD
Requested by
Host: go.andiim3.com
URL: https://go.andiim3.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f8b0e353bb8d2be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bade06ce72504c1700e433c17139000c3f231befa177724278cd694c13aa14d8

Request headers

Referer
https://go.andiim3.com/yz/
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
bRQFaznWkwtQtVZaWsEzgQdVPFvyMWhdjEqsxyGhr1Q-1735320804-1.2.1.1-57jfMlXIFQixEEP05OLsfsgS3LV2n2shpA4bL3tCbuzLisd16Y6kF9eItoYomcbD

Response headers

cf-chl-out
fennFqaVz874ejM3n/1gFC1Xd+pf08/PGxm0/4XMDzOJbflnCulcSjGCNRZ5StWJ0ST+XoHVaR+OhVzwUuCb463jinqbKG003om3FMMr1B0U2PkNxlWGnKs=$8xoENSIMYhqNjsVS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OehAUfZs0jUzQULMu2VXvjwX9UpuaGPxoY7xo%2FJkEVhEvSVLMti1lpJpy2Zd6ue23RyvfgsH3y67%2BKBBwj433Nwo6VLgoq29j3zlcKGxLD43xsZVBUqf0BaLwXAtCQVDtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f8b0e3ac9c1d2be-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20529&min_rtt=17788&rtt_var=2704&sent=88&recv=56&lost=0&retrans=0&sent_bytes=78537&recv_bytes=15867&delivery_rate=325792&cwnd=31200&unsent_bytes=0&cid=89b4686cce066a3c&ts=922&x=1", cfExtPri, cfHdrFlush;dur=0
cf-chl-out-s
l/bWQgpeF5tpw1wW3Rj3motazZltTQ+JD4XFq3vbFn2QRvs/osGVm+PODCwwMv5YU0paOGpwjzTyl12NjCIx4Na6u62tWlJ9u/6qQ6iPh2pdJfVKqQ2WBk80r798Z+AXSIbXecsNL6Fv0Aec4mw1zBPLkihLefh9lK8Nn1b6Dlkau6SkDdFF4JpaCNJYoGx5IjPYia8DpDqCcJZh801v5+x1/8zACoXZXZAVI4WxQhTEz0ctQtmVeXqjl1EBXrhHs1wkbrfqQheDcmVCwZFSozwTQ4DHV4D+XeuGA90WtUwTnwOGn1Al12ezC3ew1CVNcXtR+91jbt7QBi9zEupc6pyIDlZOzuwpkxdkklV71jgXArwV3n5gMyHjP5demeqRotlJEdDr9/QOrTnpzMUE5wbgpO/GNRFqnKudxflOemgquP57STc3N1seEMzj$zofMMLauijsQDJ3F
date
Fri, 27 Dec 2024 17:33:25 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=1,i
Primary Request /
go.andiim3.com/yz/ 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.andiim3.com/yz/
Requested by
Host: go.andiim3.com
URL: https://go.andiim3.com/yz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
785bfcb0b9d17ac5137c1c03c1be4bfae3789588bf38512a7ed043e099f1ae81
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://go.andiim3.com/yz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
MxhWvJ0sbY9MApLmlDSMcX5flriJRXHf89ofG39yqm4Y5zw3b4D++nWS9BCymvLCcEkPW8EJNcrrsUKO7baYn29ZZ28tedzHdZFDDNTaj4EMyXK9ktQq8msJi2knDtK2tGIPKFYVHBqa1EPj8RX4Tg==$YUe6jF69IEhzpDxnUcxHOw==
cf-mitigated
challenge
cf-ray
8f8b0e48bc08d2be-FRA
content-encoding
zstd
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Fri, 27 Dec 2024 17:33:27 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=04vO0OE8goWUxNxfrKNFLBOUamq%2BFKnpzRkIjufiAoNyMsMQ5BbqCA9pJJtsJ%2FlXhg2G9Vw5n50CkUm10Km%2BrZkqUHbff6lu68TYlJlO%2F%2BVdL3bsPR%2Bg9LS3537%2F5JlwZA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=24332&min_rtt=17788&rtt_var=8126&sent=92&recv=59&lost=0&retrans=0&sent_bytes=81448&recv_bytes=16367&delivery_rate=55516&cwnd=31200&unsent_bytes=0&cid=89b4686cce066a3c&ts=3148&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
v1
go.andiim3.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 		99 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.andiim3.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f8b0e48bc08d2be
Requested by
Host: go.andiim3.com
URL: https://go.andiim3.com/yz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1abf27a66ec31c3f894f79ed0598aef05c35f8984913af046274f1f4d23b656

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go.andiim3.com/yz/?__cf_chl_rt_tk=TOBfSpaaGpEMEiK47rCSmFaG5ke3n48C9KEjGV8z5D0-1735320807-1.0.1.1-HPS5y4qxoyc68T_i7rnVFQYKmMCcitYcZrp1nRUVsd0

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0l%2B6Gv6L1CDZdnXH7qFrTHfhdIUPbMHX9GD%2FS4bEz2eq7EI%2FrLWIVB4XTe3U7yUkOs7sDq33vhT4oUd9rEDHuhypOSnrpyx1I7u10pygf%2F%2F3O9eqP8N0rO%2BE2xvxyXTQFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f8b0e48fcc2d2be-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=24459&min_rtt=17788&rtt_var=3522&sent=100&recv=63&lost=0&retrans=0&sent_bytes=88537&recv_bytes=16923&delivery_rate=318149&cwnd=31200&unsent_bytes=0&cid=89b4686cce066a3c&ts=3186&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 27 Dec 2024 17:33:27 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
priority
u=3,i=?0
02ee5bdb-9ede-4084-9d26-a74f71526c6f
https://go.andiim3.com/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/ 		47 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js?onload=WXqDk4&render=explicit
Requested by
Host: go.andiim3.com
URL: https://go.andiim3.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f8b0e48bc08d2be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aac9e52f80011983676c03ad8120e0369e651e6357d0b05054026a3bc8ec32d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://go.andiim3.com
Referer

Response headers

server
cloudflare
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8f8b0e36287edc84-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 27 Dec 2024 17:33:24 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 10 Dec 2024 17:31:41 GMT
vary
Accept-Encoding
priority
u=3,i=?0
favicon.ico
go.andiim3.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.andiim3.com/favicon.ico
Requested by
Host: go.andiim3.com
URL: https://go.andiim3.com/yz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad3116376aafc321d869a6478d27a061f9876e6782eee61574abe81bb8c9a137
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go.andiim3.com/yz/

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JR63WdmyzQR5eCEOahLm0kqSSCmvZfvH9Z8eSeOpYqi7PSIIRgMruvCQ5o9tOewqL8O1ztJadOLb0rrAvokPBgL%2FtYzz%2F%2F%2BKtOG2UCcKX4WBWA4NA0hZrXP459td8TkvZw%3D%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25235&min_rtt=17788&rtt_var=3978&sent=138&recv=71&lost=0&retrans=0&sent_bytes=130111&recv_bytes=17582&delivery_rate=1288466&cwnd=37200&unsent_bytes=0&cid=89b4686cce066a3c&ts=3243&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options
nosniff
date
Fri, 27 Dec 2024 17:33:27 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
cmw0yvuUVfdRGUeOwpq70ZM2wCe24FmyQlTWQSj5PHzIIRzdBO+fhnAZ7BdX2NOBD1qsf6yfvxKv5ucpbiutXWRTe5J/8u0L4ormD84BeTNUfMtUhjKth0Ry8ZlMyapzrPR81v/CKVJBQblMNbgAew==$QcF8KlLvFMZh/sV1HV+A1w==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8f8b0e495daad2be-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
favicon.ico
go.andiim3.com/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://go.andiim3.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c234d61ef290ff585fa935fa188567d653d2552df3edd2789f3b2627b87fc1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://go.andiim3.com/yz/

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2FSwJ4anrhDe767h4vIBtIIXgKLWzXP%2FeF6VCRMbOxLqe4e6CIL8vp%2F%2B3uHccm2rUtF9%2BzBAwV1tAJ6GDELxJmJfsLeEbiLzLPLcZWcrjR0HJ6LSJeHysgt8M4ZoM5eA%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25288&min_rtt=17788&rtt_var=3089&sent=146&recv=72&lost=0&retrans=0&sent_bytes=137164&recv_bytes=17947&delivery_rate=239990&cwnd=37200&unsent_bytes=0&cid=89b4686cce066a3c&ts=3271&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options
nosniff
date
Fri, 27 Dec 2024 17:33:27 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
hDWuMLxvWXix7J+KHpnxi4IkwTw+anmiA/nyt6jmz6pR4dAqWywf66Vfmz7Ros3RvD4WKn41trY1Ht2+Qn9MdMNPiu/NdRWiQ2+w6g8mTrTmBOOdHovLloz6Gu9HHzqPH5b0sXeXrvcNxpQwD1z4hg==$r4kdN17AV9zB23P8DSwIKw==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8f8b0e498e61d2be-FRA
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
ILbKtrIq.qgbaredSxzbSLmVKgzLkJKl0tur_cAXeQ0-1735320807-1.2.1.1-7s9IpUpIbhpvhRPo.B8ATASFqA7UIMCrxTl3NGbeBp5sQYtFR4ydbwEK.qY1lwaO
go.andiim3.com/cdn-cgi/challenge-platform/h/b/flow/ov1/647803889:1735319628:qH9SzFmd-xRoi_DGw7F5DdHGFUi4HyrIM14vpF_umgs/8f8b0e48bc08d2be/ 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.andiim3.com/cdn-cgi/challenge-platform/h/b/flow/ov1/647803889:1735319628:qH9SzFmd-xRoi_DGw7F5DdHGFUi4HyrIM14vpF_umgs/8f8b0e48bc08d2be/ILbKtrIq.qgbaredSxzbSLmVKgzLkJKl0tur_cAXeQ0-1735320807-1.2.1.1-7s9IpUpIbhpvhRPo.B8ATASFqA7UIMCrxTl3NGbeBp5sQYtFR4ydbwEK.qY1lwaO
Requested by
Host: go.andiim3.com
URL: https://go.andiim3.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8f8b0e48bc08d2be
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84881239c6ec252e35d0f208c7e51791492073d36d3f983910ad865397885c09

Request headers

Referer
https://go.andiim3.com/yz/
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
ILbKtrIq.qgbaredSxzbSLmVKgzLkJKl0tur_cAXeQ0-1735320807-1.2.1.1-7s9IpUpIbhpvhRPo.B8ATASFqA7UIMCrxTl3NGbeBp5sQYtFR4ydbwEK.qY1lwaO

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jty6wKo%2B%2FEj1WWsqBzRXoeEtaD1FIKp%2FNXNJ5Z2S9Zld87aiH7Tb9FO%2FO0AQsbXbByBC0PpL8f2vEMRoPYE%2BqIGmZ7BykITvVphjjGUZJqHY1P5spNRR4kZwvWK4FUjgoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f8b0e49ff4fd2be-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=25301&min_rtt=17788&rtt_var=2342&sent=155&recv=77&lost=0&retrans=0&sent_bytes=144239&recv_bytes=22005&delivery_rate=237083&cwnd=37200&unsent_bytes=0&cid=89b4686cce066a3c&ts=3354&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 27 Dec 2024 17:33:28 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
x2o7UILHMUky9BQiHl1lv2tJKw0jWNORJs9day/tVMY75V37ktf5LFNmUjcTCmD5Bkajin/7V14=$gaiS6peZZi0nf8l3
server
cloudflare
priority
u=1,i
9b330ed6-33aa-43e1-a609-83c365b9dcfb
https://go.andiim3.com/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jrnrj/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame 0EB8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv/jrnrj/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/787bc399e22f/api.js?onload=WXqDk4&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8f8b0e4a383f1da2-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 27 Dec 2024 17:33:28 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
go.andiim3.com
URL
blob:https://go.andiim3.com/c34afed7-31b2-4019-8d7d-207845d67ec2
Domain
go.andiim3.com
URL
blob:https://go.andiim3.com/ada0be23-d54e-456a-87d2-6b6dee2d8929
Domain
go.andiim3.com
URL
blob:https://go.andiim3.com/02ee5bdb-9ede-4084-9d26-a74f71526c6f
Domain
go.andiim3.com
URL
blob:https://go.andiim3.com/9b330ed6-33aa-43e1-a609-83c365b9dcfb

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| GVOAr6 function| YHws6 function| Whin0 function| domE8 object| hephn8 object| bOVG4 function| CScbg6 function| omQod3 function| WXqDk4 function| PmhRk7 object| cVGi2 number| VaUI1 object| angular object| qHqZf6 object| turnstile boolean| aRcx2 function| _ string| wpvie3 boolean| nSSnK5

1 Cookies

Domain/Path Name / Value
go.andiim3.com/ Name: cf_chl_rc_ni
Value: 1

6 Console Messages

Source Level URL
Text
network error URL: https://go.andiim3.com/yz/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://go.andiim3.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://go.andiim3.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://go.andiim3.com/yz/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://go.andiim3.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://go.andiim3.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN