80ab910b.2bc3493b616168448d112e82.workers.dev Open in urlscan Pro
172.67.190.32  Public Scan

Submitted URL: https://shoutout.wix.com/so/99P5CK52z/c?w=WEGDFWdNyLunFBmXl5Kp35fyoD484HlqnJp_SpaA62U.eyJ1IjoiaHR0cHM6Ly9hY3RjYXBpdGFsYWR...
Effective URL: https://80ab910b.2bc3493b616168448d112e82.workers.dev/
Submission: On August 16 via manual from NZ — Scanned from NZ

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 5 HTTP transactions. The main IP is 172.67.190.32, located in United States and belongs to CLOUDFLARENET, US. The main domain is 80ab910b.2bc3493b616168448d112e82.workers.dev.
TLS certificate: Issued by WE1 on August 7th 2024. Valid for: 3 months.
This is the only time 80ab910b.2bc3493b616168448d112e82.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.149.206.255 15169 (GOOGLE)
1 2 185.103.10.2 201011 (CORE-BACK...)
2 172.67.190.32 13335 (CLOUDFLAR...)
1 3 104.18.95.41 13335 (CLOUDFLAR...)
5 3
Apex Domain
Subdomains
Transfer
3 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3877
15 KB
2 workers.dev
80ab910b.2bc3493b616168448d112e82.workers.dev
6 KB
2 mx-router-ii.com
actcapitaladvisors.mx-router-ii.com
2 KB
1 wix.com
shoutout.wix.com — Cisco Umbrella Rank: 187530
561 B
5 4
Domain Requested by
3 challenges.cloudflare.com 1 redirects 80ab910b.2bc3493b616168448d112e82.workers.dev
challenges.cloudflare.com
2 80ab910b.2bc3493b616168448d112e82.workers.dev
2 actcapitaladvisors.mx-router-ii.com 1 redirects
1 shoutout.wix.com 1 redirects
5 4

This site contains no links.

Subject Issuer Validity Valid
*.mx-router-ii.com
R11
2024-07-19 -
2024-10-17
3 months crt.sh
2bc3493b616168448d112e82.workers.dev
WE1
2024-08-07 -
2024-11-05
3 months crt.sh
challenges.cloudflare.com
E5
2024-07-17 -
2024-10-15
3 months crt.sh

This page contains 2 frames:

Primary Page: https://80ab910b.2bc3493b616168448d112e82.workers.dev/
Frame ID: 6B121A29F9123C11DC98085193E000DF
Requests: 4 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xkc5x/0x4AAAAAAAg2C-vgWQ_gGBOS/auto/fbE/normal/auto/
Frame ID: 055EF3AF3621B6C2878D1A7785DED7D3
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://shoutout.wix.com/so/99P5CK52z/c?w=WEGDFWdNyLunFBmXl5Kp35fyoD484HlqnJp_SpaA62U.eyJ1IjoiaHR0cHM... HTTP 302
    https://actcapitaladvisors.mx-router-ii.com/c/q71q/ejqgadps/buiuzm4cmik Page URL
  2. https://actcapitaladvisors.mx-router-ii.com/c/q71q/ejqgadps/buiuzm4cmik HTTP 302
    https://80ab910b.2bc3493b616168448d112e82.workers.dev/ Page URL

Page Statistics

5
Requests

80 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

22 kB
Transfer

57 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://shoutout.wix.com/so/99P5CK52z/c?w=WEGDFWdNyLunFBmXl5Kp35fyoD484HlqnJp_SpaA62U.eyJ1IjoiaHR0cHM6Ly9hY3RjYXBpdGFsYWR2aXNvcnMubXgtcm91dGVyLWlpLmNvbS9jL3E3MXEvZWpxZ2FkcHMvYnVpdXptNGNtaWsiLCJyIjoiN2I5ZGY3ZGEtNDU2NC00MGRlLTk3MzMtMTlmZTNhMGU0YjBmIiwibSI6Im1haWwiLCJjIjoiMzUwZWI5MGItODJmZC00NzY1LThkNzQtYTg4YWEwOGU2YTFhIn0 HTTP 302
    https://actcapitaladvisors.mx-router-ii.com/c/q71q/ejqgadps/buiuzm4cmik Page URL
  2. https://actcapitaladvisors.mx-router-ii.com/c/q71q/ejqgadps/buiuzm4cmik HTTP 302
    https://80ab910b.2bc3493b616168448d112e82.workers.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://shoutout.wix.com/so/99P5CK52z/c?w=WEGDFWdNyLunFBmXl5Kp35fyoD484HlqnJp_SpaA62U.eyJ1IjoiaHR0cHM6Ly9hY3RjYXBpdGFsYWR2aXNvcnMubXgtcm91dGVyLWlpLmNvbS9jL3E3MXEvZWpxZ2FkcHMvYnVpdXptNGNtaWsiLCJyIjoiN2I5ZGY3ZGEtNDU2NC00MGRlLTk3MzMtMTlmZTNhMGU0YjBmIiwibSI6Im1haWwiLCJjIjoiMzUwZWI5MGItODJmZC00NzY1LThkNzQtYTg4YWEwOGU2YTFhIn0 HTTP 302
  • https://actcapitaladvisors.mx-router-ii.com/c/q71q/ejqgadps/buiuzm4cmik
Request Chain 1
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/ba7376691753/api.js

5 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
buiuzm4cmik
actcapitaladvisors.mx-router-ii.com/c/q71q/ejqgadps/
Redirect Chain
  • https://shoutout.wix.com/so/99P5CK52z/c?w=WEGDFWdNyLunFBmXl5Kp35fyoD484HlqnJp_SpaA62U.eyJ1IjoiaHR0cHM6Ly9hY3RjYXBpdGFsYWR2aXNvcnMubXgtcm91dGVyLWlpLmNvbS9jL3E3MXEvZWpxZ2FkcHMvYnVpdXptNGNtaWsiLCJyIjo...
  • https://actcapitaladvisors.mx-router-ii.com/c/q71q/ejqgadps/buiuzm4cmik
2 KB
1 KB
Document
General
Full URL
https://actcapitaladvisors.mx-router-ii.com/c/q71q/ejqgadps/buiuzm4cmik
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.103.10.2 , Spain, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
arrakis.r.mrelayip.com
Software
nginx /
Resource Hash
7862fa0dc52e005c4f8b094a0d18b3b6c70af6f0e70d1b582ef122f95076e3a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
no-store
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 16 Aug 2024 01:41:59 GMT
expires
-1
last-modified
Fri, 16 Aug 2024 01:41:59 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
0855fe2d-536a-4838-8803-1d07e137c265
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-runtime
0.013457
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 16 Aug 2024 01:41:58 GMT
glb-x-seen-by
wMMTADooq5AJ3cFomJ/MuXOQWGce7NCZXKms1ErOpBs=
location
https://actcapitaladvisors.mx-router-ii.com/c/q71q/ejqgadps/buiuzm4cmik
server
Pepyaka
strict-transport-security
max-age=120 ; includeSubDomains
via
1.1 google
x-content-type-options
nosniff
x-seen-by
dwc60INy8NFddnU/0WdlOB9slopJdhD+WySraMrpIY8=,m0j2EEknGIVUW/liY8BLLmw80oqXEnIRSWAs1KNm/JmWWveFEnegpnkLxzZh8fhS,S30xPaDk5EmV5qZoDf/jyvpXKovfn6RBmr8MuDi82CmqIXnHwzry/fRu1OrE4paFmMiO/zDlnJWuLtO3enCNmg==,r6yY0ta7bIKrqK70x072lTtFHq9u3oFeDSf3rlTldH4=
x-wix-request-id
1723772518.3064891978659198951
Primary Request /
80ab910b.2bc3493b616168448d112e82.workers.dev/
Redirect Chain
  • https://actcapitaladvisors.mx-router-ii.com/c/q71q/ejqgadps/buiuzm4cmik
  • https://80ab910b.2bc3493b616168448d112e82.workers.dev/
6 KB
3 KB
Document
General
Full URL
https://80ab910b.2bc3493b616168448d112e82.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
237a5dd702f5a0a2fdef7c3241d02f27920fea77eea2339aa8b163c34a5cb0a3

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://actcapitaladvisors.mx-router-ii.com
Referer
https://actcapitaladvisors.mx-router-ii.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8b3db9ab4f466aed-BUF
content-encoding
br
content-type
text/html
date
Fri, 16 Aug 2024 01:42:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=muMTF4fk7UGMSeW2N9JW%2FA7ZjX%2F2C4C66s19UgZFB9LBKH4mzDIKKPODDHKigR%2F7zp9ktJE2KlXcGycx0naF%2F8fXhynINHWrkYgb1IvI%2BP38DL2JR%2BqyZfcZuxwb3HUALDPIRYVm91slllPuo18Xp%2BF3LAw6PEEYVciVRumstSw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-store
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 16 Aug 2024 01:41:59 GMT
expires
-1
last-modified
Fri, 16 Aug 2024 01:41:59 GMT
location
https://80ab910b.2bc3493b616168448d112e82.workers.dev
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
5a3f72bc-42f0-4994-8a79-b4694011b678
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-runtime
0.019206
x-xss-protection
0
api.js
challenges.cloudflare.com/turnstile/v0/g/ba7376691753/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
  • https://challenges.cloudflare.com/turnstile/v0/g/ba7376691753/api.js
44 KB
15 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/ba7376691753/api.js
Requested by
Host: 80ab910b.2bc3493b616168448d112e82.workers.dev
URL: https://80ab910b.2bc3493b616168448d112e82.workers.dev/
Protocol
H3
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c378a64a8916499372b3021c07797d63fc3914efd9ec6ab15ba69e6fc5c1efd

Request headers

Referer
https://80ab910b.2bc3493b616168448d112e82.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 01:42:00 GMT
content-encoding
br
last-modified
Tue, 13 Aug 2024 23:33:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
cross-origin-resource-policy
cross-origin
cf-ray
8b3db9ad1edd1c58-AKL
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 16 Aug 2024 01:42:00 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/g/ba7376691753/api.js
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
cross-origin-resource-policy
cross-origin
cf-ray
8b3db9acae0d1c58-AKL
alt-svc
h3=":443"; ma=86400
content-length
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xkc5x/0x4AAAAAAAg2C-vgWQ_gGBOS/auto/fbE/normal/auto/ Frame 055E
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/xkc5x/0x4AAAAAAAg2C-vgWQ_gGBOS/auto/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://80ab910b.2bc3493b616168448d112e82.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8b3db9add8a71c5d-AKL
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 16 Aug 2024 01:42:00 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
favicon.ico
80ab910b.2bc3493b616168448d112e82.workers.dev/
6 KB
3 KB
Other
General
Full URL
https://80ab910b.2bc3493b616168448d112e82.workers.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.190.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
237a5dd702f5a0a2fdef7c3241d02f27920fea77eea2339aa8b163c34a5cb0a3

Request headers

Referer
https://80ab910b.2bc3493b616168448d112e82.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 16 Aug 2024 01:42:00 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4nDC4jxrn6lVhmVihDJdy9GkF3DQo6IRqkHR9FM7%2BLANk65KHBtiRarl3c1ICpi9p1jYZ7qAT8aGRxBU0FvnI%2FAduXuoyuvyZ4vJEobDShlHMZuPMaSPaa28lEiBVOQnZyxQq7IwMDrJPYhsic2ro2IDWxFHXiUD60q3zZmJeOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
8b3db9af8ac26aed-BUF
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| verifyCallback_CF function| hh2 function| Encrypt function| sendRequest function| onloadTurnstileCallback object| turnstile

1 Cookies

Domain/Path Name / Value
.wix.com/ Name: XSRF-TOKEN
Value: 1723772518|u-irb8RvosS2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0