Submitted URL: https://client.rootprivacy.ch/
Effective URL: https://client.rootprivacy.ch/auth/login
Submission: On April 29 via automatic, source certstream-suspicious

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3032::681b:9b12, located in United States and belongs to CLOUDFLARENET, US. The main domain is client.rootprivacy.ch.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 28th 2020. Valid for: 5 months.
This is the only time client.rootprivacy.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
17 5
Apex Domain
Subdomains
Transfer
11 rootprivacy.ch
client.rootprivacy.ch
84 KB
3 google.com
www.google.com
545 B
3 cloudflare.com
cdnjs.cloudflare.com
90 KB
1 gstatic.com
www.gstatic.com
121 KB
17 4
Domain Requested by
11 client.rootprivacy.ch 1 redirects client.rootprivacy.ch
3 www.google.com client.rootprivacy.ch
www.gstatic.com
3 cdnjs.cloudflare.com client.rootprivacy.ch
1 www.gstatic.com www.google.com
17 4

This site contains links to these domains. Also see Links.

Domain
pterodactyl.io
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2
2020-04-28 -
2020-10-09
5 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2
2020-01-07 -
2020-10-09
9 months crt.sh
www.google.com
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-04-07 -
2020-06-30
3 months crt.sh

This page contains 3 frames:

Primary Page: https://client.rootprivacy.ch/auth/login
Frame ID: 044C27A921176DE38CDFC498776EC160
Requests: 15 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJcjwUAAAAAO_Xqjrtj9wWufUpYRnK6BW8lnfn&co=aHR0cHM6Ly9jbGllbnQucm9vdHByaXZhY3kuY2g6NDQz&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=invisible&cb=bjllmeltjjf6
Frame ID: 60E36DF5F311DBEAEA93313DFB1FD3AD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6LcJcjwUAAAAAO_Xqjrtj9wWufUpYRnK6BW8lnfn&cb=h7w6vxty9nle
Frame ID: F726BAEE844C9F1354AAA438A724871F
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://client.rootprivacy.ch/ HTTP 302
    https://client.rootprivacy.ch/auth/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/particles(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+ionicons(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /\/recaptcha\/api\.js/i

Page Statistics

17
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

295 kB
Transfer

845 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://client.rootprivacy.ch/ HTTP 302
    https://client.rootprivacy.ch/auth/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
client.rootprivacy.ch/auth/
Redirect Chain
  • https://client.rootprivacy.ch/
  • https://client.rootprivacy.ch/auth/login
5 KB
2 KB
Document
General
Full URL
https://client.rootprivacy.ch/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9b12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f463b5727b6bc87ea1aa0a2d38599a50497a6de1377701425a2551d30b93730

Request headers

:method
GET
:authority
client.rootprivacy.ch
:scheme
https
:path
/auth/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=da5c61ed4d83deea7223531024173b2641588189029; pterodactyl_session=eyJpdiI6IlJxaWMzR1F0WlR6KzIzcjBmN3lcL0VBPT0iLCJ2YWx1ZSI6Img1V2UwMGFIc3IxUXhqcWk2VkNUQVphUjlGYkYrY0hKMTNkcEU3dVptQ1JHXC9wRnBudmtXUGVZbWxrYjhXQUxBIiwibWFjIjoiZWIzMjFiNGQ3NTJkNjE3NTYxNmM5NGRjMjdlOWJiNzQ5YzUzN2I0NGZhZDM5NTczNWQyNjlkM2Y4MWUyNjBlZCJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 29 Apr 2020 19:37:09 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache, private
set-cookie
XSRF-TOKEN=eyJpdiI6IlwvcjJ4VElwanJYUkMxMjlHM3lSamlnPT0iLCJ2YWx1ZSI6IlQwOWFVM2hXYjNKMXFhTDZhWVBuMUlXaXFBdHY1SmRFeHMrZ05OVUNyQzd2KzB3ZUxCd1FGY050S2IrZHJGWHYiLCJtYWMiOiIyNmY0OWQ4YmExN2UzOWM2NjlhNzI4YTAyMmQ0NjRjZDZkYWQzNDhmMzYwZTI4ZTc1Mzc5NTFlODU5MDZjMzQxIn0%3D; expires=Wed, 06-May-2020 19:37:09 GMT; Max-Age=604800; path=/ pterodactyl_session=eyJpdiI6IlRzdzlSQ0pxUmVIK2xTeHRZS2Vob3c9PSIsInZhbHVlIjoicHI0dmhjMmxkcjVOK05ub21yaVVhZTN3N3hMRVp4ZXhCOEt0bDBUM0oxSE9TY3NnOXVUZ1F1eTBoMHVIdnVsYyIsIm1hYyI6IjUwZTE5MDA3MTc2MjZhYTZhNTUzOTIwNDI4ZWNhYTg2ZjVlZTRkZTYxMGE2OWZkMTZlMWQxOGI3ZWU4MWI1MWUifQ%3D%3D; expires=Wed, 06-May-2020 19:37:09 GMT; Max-Age=604800; path=/; httponly
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
58bb79d8ac24c26d-FRA
content-encoding
br
cf-request-id
02690a7b640000c26db41b4200000001

Redirect headers

status
302
date
Wed, 29 Apr 2020 19:37:09 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=da5c61ed4d83deea7223531024173b2641588189029; expires=Fri, 29-May-20 19:37:09 GMT; path=/; domain=.rootprivacy.ch; HttpOnly; SameSite=Lax; Secure pterodactyl_session=eyJpdiI6IlJxaWMzR1F0WlR6KzIzcjBmN3lcL0VBPT0iLCJ2YWx1ZSI6Img1V2UwMGFIc3IxUXhqcWk2VkNUQVphUjlGYkYrY0hKMTNkcEU3dVptQ1JHXC9wRnBudmtXUGVZbWxrYjhXQUxBIiwibWFjIjoiZWIzMjFiNGQ3NTJkNjE3NTYxNmM5NGRjMjdlOWJiNzQ5YzUzN2I0NGZhZDM5NTczNWQyNjlkM2Y4MWUyNjBlZCJ9; expires=Wed, 06-May-2020 19:37:09 GMT; Max-Age=604800; path=/; httponly
cache-control
no-cache, private
location
https://client.rootprivacy.ch/auth/login
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
58bb79d80a79c26d-FRA
cf-request-id
02690a7b080000c26db41af200000001
bootstrap.min.css
client.rootprivacy.ch/themes/pterodactyl/vendor/bootstrap/
118 KB
18 KB
Stylesheet
General
Full URL
https://client.rootprivacy.ch/themes/pterodactyl/vendor/bootstrap/bootstrap.min.css?t=8ec4eb32bb6bc92c5398fa3d150ddf8a
Requested by
Host: client.rootprivacy.ch
URL: https://client.rootprivacy.ch/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9b12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer
https://client.rootprivacy.ch/auth/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 19:37:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 16 Mar 2020 00:21:01 GMT
server
cloudflare
etag
W/"5e6ec66d-1d970"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
58bb79d90d1bc26d-FRA
cf-request-id
02690a7ba80000c26db41ba200000001
admin.min.css
client.rootprivacy.ch/themes/pterodactyl/vendor/adminlte/
104 KB
14 KB
Stylesheet
General
Full URL
https://client.rootprivacy.ch/themes/pterodactyl/vendor/adminlte/admin.min.css?t=8ec4eb32bb6bc92c5398fa3d150ddf8a
Requested by
Host: client.rootprivacy.ch
URL: https://client.rootprivacy.ch/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9b12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1954c423926d07a3ad0d0f35783add0e4c100aed471aaa440ec4b9134fdde44

Request headers

Referer
https://client.rootprivacy.ch/auth/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 19:37:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 16 Mar 2020 00:21:01 GMT
server
cloudflare
etag
W/"5e6ec66d-19f68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
58bb79d90d22c26d-FRA
cf-request-id
02690a7ba80000c26db41bb200000001
pterodactyl.css
client.rootprivacy.ch/themes/pterodactyl/css/
10 KB
3 KB
Stylesheet
General
Full URL
https://client.rootprivacy.ch/themes/pterodactyl/css/pterodactyl.css?t=8ec4eb32bb6bc92c5398fa3d150ddf8a
Requested by
Host: client.rootprivacy.ch
URL: https://client.rootprivacy.ch/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9b12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72168c212652d9f648f068f4d03dfe21b2ca171c69c571423b43ccf5c98fa508

Request headers

Referer
https://client.rootprivacy.ch/auth/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 19:37:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 16 Mar 2020 00:21:01 GMT
server
cloudflare
etag
W/"5e6ec66d-26bc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
58bb79d90d24c26d-FRA
cf-request-id
02690a7ba80000c26db41bc200000001
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: client.rootprivacy.ch
URL: https://client.rootprivacy.ch/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://client.rootprivacy.ch/auth/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 19:37:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
7128640
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02690a7ba900000609808a1200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:19:12 GMT
server
cloudflare
etag
W/"5afd4910-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
58bb79d90fef0609-FRA
expires
Mon, 19 Apr 2021 19:37:09 GMT
ionicons.min.css
cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/
50 KB
7 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: client.rootprivacy.ch
URL: https://client.rootprivacy.ch/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://client.rootprivacy.ch/auth/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 19:37:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
15683255
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id
02690a7ba900000609808a2200000001
served-in-seconds
0.002
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:20:52 GMT
server
cloudflare
etag
W/"5afd4974-c854"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
58bb79d90ff10609-FRA
expires
Mon, 19 Apr 2021 19:37:09 GMT
api.js
www.google.com/recaptcha/
674 B
545 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: client.rootprivacy.ch
URL: https://client.rootprivacy.ch/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
eff1e369cf0b3ccaf06a247ad118d31ddb4dee8c19ae178d2f7bd6f4043a2d6c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://client.rootprivacy.ch/auth/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 19:37:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
445
x-xss-protection
1; mode=block
expires
Wed, 29 Apr 2020 19:37:09 GMT
jquery.min.js
client.rootprivacy.ch/themes/pterodactyl/vendor/jquery/
85 KB
29 KB
Script
General
Full URL
https://client.rootprivacy.ch/themes/pterodactyl/vendor/jquery/jquery.min.js?t=8ec4eb32bb6bc92c5398fa3d150ddf8a
Requested by
Host: client.rootprivacy.ch
URL: https://client.rootprivacy.ch/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9b12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer
https://client.rootprivacy.ch/auth/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 19:37:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 16 Mar 2020 00:21:01 GMT
server
cloudflare
etag
W/"5e6ec66d-152b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
58bb79d91d25c26d-FRA
cf-request-id
02690a7baa0000c26db41bd200000001
bootstrap.min.js
client.rootprivacy.ch/themes/pterodactyl/vendor/bootstrap/
36 KB
9 KB
Script
General
Full URL
https://client.rootprivacy.ch/themes/pterodactyl/vendor/bootstrap/bootstrap.min.js?t=8ec4eb32bb6bc92c5398fa3d150ddf8a
Requested by
Host: client.rootprivacy.ch
URL: https://client.rootprivacy.ch/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9b12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer
https://client.rootprivacy.ch/auth/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 19:37:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 16 Mar 2020 00:21:01 GMT
server
cloudflare
etag
W/"5e6ec66d-90b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
58bb79d91d27c26d-FRA
cf-request-id
02690a7baa0000c26db41be200000001
autocomplete.js
client.rootprivacy.ch/js/
211 B
287 B
Script
General
Full URL
https://client.rootprivacy.ch/js/autocomplete.js?t=8ec4eb32bb6bc92c5398fa3d150ddf8a
Requested by
Host: client.rootprivacy.ch
URL: https://client.rootprivacy.ch/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9b12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22ee97e752528854eb86c24a122911c2bc3911c239d68c073880acc57253ce6e

Request headers

Referer
https://client.rootprivacy.ch/auth/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 19:37:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 16 Mar 2020 00:21:01 GMT
server
cloudflare
etag
W/"5e6ec66d-d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
58bb79d91d28c26d-FRA
cf-request-id
02690a7baa0000c26db41bf200000001
particles.min.js
client.rootprivacy.ch/themes/pterodactyl/vendor/particlesjs/
23 KB
6 KB
Script
General
Full URL
https://client.rootprivacy.ch/themes/pterodactyl/vendor/particlesjs/particles.min.js?t=8ec4eb32bb6bc92c5398fa3d150ddf8a
Requested by
Host: client.rootprivacy.ch
URL: https://client.rootprivacy.ch/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9b12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
549608a12ab72fa4a4ba0b80a89a85f7239f246de476d69a810c623201787c42

Request headers

Referer
https://client.rootprivacy.ch/auth/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 19:37:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 16 Mar 2020 00:21:01 GMT
server
cloudflare
etag
W/"5e6ec66d-5b45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
58bb79d91d2cc26d-FRA
cf-request-id
02690a7baa0000c26db41c0200000001
checkbox.css
client.rootprivacy.ch/themes/pterodactyl/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://client.rootprivacy.ch/themes/pterodactyl/css/checkbox.css
Requested by
Host: client.rootprivacy.ch
URL: https://client.rootprivacy.ch/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9b12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e245b3dd83c98658ea61b47e86d00d02d39340497a0d0b124b38da1f41e16d4

Request headers

Referer
https://client.rootprivacy.ch/auth/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 19:37:09 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 16 Mar 2020 00:21:01 GMT
server
cloudflare
etag
W/"5e6ec66d-1ad7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
58bb79d96df5c26d-FRA
cf-request-id
02690a7be20000c26db41c2200000001
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: client.rootprivacy.ch
URL: https://client.rootprivacy.ch/auth/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://client.rootprivacy.ch

Response headers

date
Wed, 29 Apr 2020 19:37:09 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
7851204
status
200
alt-svc
h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length
77160
cf-request-id
02690a7c7b000005e40cb3a200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:19:53 GMT
server
cloudflare
etag
"5afd4939-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
58bb79da5ff805e4-FRA
expires
Mon, 19 Apr 2021 19:37:09 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/
299 KB
121 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3f949c5fa5809887926e9351f3d35a72b6c9b542bcbfffbc41e0fd87424ae71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://client.rootprivacy.ch/auth/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 20 Apr 2020 16:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 20 Apr 2020 04:05:48 GMT
server
sffe
age
787090
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124243
x-xss-protection
0
expires
Tue, 20 Apr 2021 16:58:59 GMT
particles.json
client.rootprivacy.ch/themes/pterodactyl/vendor/particlesjs/
2 KB
656 B
XHR
General
Full URL
https://client.rootprivacy.ch/themes/pterodactyl/vendor/particlesjs/particles.json?t=8ec4eb32bb6bc92c5398fa3d150ddf8a
Requested by
Host: client.rootprivacy.ch
URL: https://client.rootprivacy.ch/themes/pterodactyl/vendor/particlesjs/particles.min.js?t=8ec4eb32bb6bc92c5398fa3d150ddf8a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681b:9b12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55a7426912cfea5aeb826fe6dafa3765044841dbfb2487d9d7608209a6ab109e

Request headers

Referer
https://client.rootprivacy.ch/auth/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 29 Apr 2020 19:37:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 16 Mar 2020 00:21:01 GMT
server
cloudflare
etag
W/"5e6ec66d-7c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
status
200
cf-ray
58bb79da3844c26d-FRA
cf-request-id
02690a7c660000c26db41ca200000001
anchor
www.google.com/recaptcha/api2/ Frame 60E3
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJcjwUAAAAAO_Xqjrtj9wWufUpYRnK6BW8lnfn&co=aHR0cHM6Ly9jbGllbnQucm9vdHByaXZhY3kuY2g6NDQz&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=invisible&cb=bjllmeltjjf6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tulXPogYro3ydl5C6djNnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LcJcjwUAAAAAO_Xqjrtj9wWufUpYRnK6BW8lnfn&co=aHR0cHM6Ly9jbGllbnQucm9vdHByaXZhY3kuY2g6NDQz&hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&size=invisible&cb=bjllmeltjjf6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://client.rootprivacy.ch/auth/login
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://client.rootprivacy.ch/auth/login

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 29 Apr 2020 19:37:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-tulXPogYro3ydl5C6djNnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10045
server
GSE
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bframe
www.google.com/recaptcha/api2/ Frame F726
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6LcJcjwUAAAAAO_Xqjrtj9wWufUpYRnK6BW8lnfn&cb=h7w6vxty9nle
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wk6lx42JIeYmEAQSHndnyT8Q/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CKOMQozP3FwOeCwGtUwJag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=wk6lx42JIeYmEAQSHndnyT8Q&k=6LcJcjwUAAAAAO_Xqjrtj9wWufUpYRnK6BW8lnfn&cb=h7w6vxty9nle
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://client.rootprivacy.ch/auth/login
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://client.rootprivacy.ch/auth/login

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 29 Apr 2020 19:37:09 GMT
content-security-policy
script-src 'report-sample' 'nonce-CKOMQozP3FwOeCwGtUwJag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1180
server
GSE
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| onSubmit function| $ function| jQuery function| hexToRgb function| clamp function| isInArray function| pJS function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| recaptcha object| closure_lm_568025

3 Cookies

Domain/Path Name / Value
client.rootprivacy.ch/ Name: pterodactyl_session
Value: eyJpdiI6IlRzdzlSQ0pxUmVIK2xTeHRZS2Vob3c9PSIsInZhbHVlIjoicHI0dmhjMmxkcjVOK05ub21yaVVhZTN3N3hMRVp4ZXhCOEt0bDBUM0oxSE9TY3NnOXVUZ1F1eTBoMHVIdnVsYyIsIm1hYyI6IjUwZTE5MDA3MTc2MjZhYTZhNTUzOTIwNDI4ZWNhYTg2ZjVlZTRkZTYxMGE2OWZkMTZlMWQxOGI3ZWU4MWI1MWUifQ%3D%3D
client.rootprivacy.ch/ Name: XSRF-TOKEN
Value: eyJpdiI6IlwvcjJ4VElwanJYUkMxMjlHM3lSamlnPT0iLCJ2YWx1ZSI6IlQwOWFVM2hXYjNKMXFhTDZhWVBuMUlXaXFBdHY1SmRFeHMrZ05OVUNyQzd2KzB3ZUxCd1FGY050S2IrZHJGWHYiLCJtYWMiOiIyNmY0OWQ4YmExN2UzOWM2NjlhNzI4YTAyMmQ0NjRjZDZkYWQzNDhmMzYwZTI4ZTc1Mzc5NTFlODU5MDZjMzQxIn0%3D
.rootprivacy.ch/ Name: __cfduid
Value: da5c61ed4d83deea7223531024173b2641588189029