www.cyberghostvpn.com Open in urlscan Pro
104.20.175.46 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://olgasidin.digital/rd/c37605JLvVc30478721mtjA175Aqi19566hWOn2477
Effective URL:
https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
Submission: On September 17 via api (September 17th 2021, 3:53:09 pm UTC) from BE — Scanned from DE

Summary HTTP 18 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 4 IPs in 5 countries across 6 domains to perform 18 HTTP transactions. The main IP is 104.20.175.46, located in and belongs to CLOUDFLARENET, US. The main domain is www.cyberghostvpn.com.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on January 26th 2021. Valid for: a year.

This is the only time www.cyberghostvpn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	185.234.114.57 185.234.114.57	211971 (GOODHOSTK...) (GOODHOSTKZ Goodhost.KZ - Hosting provider of Kazakhstan. Dedicated and VDSVPS hosting)
2 2	209.236.123.240 209.236.123.240	393398 (ASN-DIS) (ASN-DIS)
1 1	52.210.2.133 52.210.2.133	16509 (AMAZON-02) (AMAZON-02)
1 1	212.32.252.83 212.32.252.83	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
9	104.20.175.46 104.20.175.46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	104.16.169.131 104.16.169.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	4

2 185.234.114.57 (Kazakhstan) 1 redirects

ASN211971 (GOODHOSTKZ Goodhost.KZ - Hosting provider of Kazakhstan. Dedicated and VDSVPS hosting, KZ)
PTR: army-shortness.tookweb.com

olgasidin.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.236.123.240 (United States) 2 redirects

ASN393398 (ASN-DIS, US)
PTR: 209.236.123.240

www.crackedjiggle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.2.133 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com

tracking.1arthe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.252.83 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

www.2021tracknow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.20.175.46 (None, )

ASN13335 (CLOUDFLARENET, US)

www.cyberghostvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.16.169.131 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	hcaptcha.com 1 redirects hcaptcha.com newassets.hcaptcha.com	136 KB
9	cyberghostvpn.com www.cyberghostvpn.com	64 KB
2	crackedjiggle.com 2 redirects www.crackedjiggle.com	1 KB
2	olgasidin.digital 1 redirects olgasidin.digital	577 B
1	2021tracknow.com 1 redirects www.2021tracknow.com	312 B
1	1arthe.com 1 redirects tracking.1arthe.com	2 KB
18	6

	Domain	Requested by
9	www.cyberghostvpn.com	olgasidin.digital www.cyberghostvpn.com
6	newassets.hcaptcha.com	hcaptcha.com newassets.hcaptcha.com
3	hcaptcha.com	1 redirects newassets.hcaptcha.com
2	www.crackedjiggle.com	2 redirects
2	olgasidin.digital	1 redirects
1	www.2021tracknow.com	1 redirects
1	tracking.1arthe.com	1 redirects
18	7

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
www.cloudflare.com

Subject Issuer	Validity	Valid
www.cyberghostvpn.com Sectigo RSA Extended Validation Secure Server CA	`2021-01-26` - `2022-01-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
Frame ID: CF7C0C01A9DADC94884C7FA7FCD521CD
Requests: 11 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-challenge.html
Frame ID: 263B942DD3C8EFD87C129844A2F62B60
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-checkbox.html
Frame ID: 5C24DE34401C226D024A2BC996C68ED2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Attention Required! | Cloudflare

Page URL History Show full URLs

http://olgasidin.digital/rd/c37605JLvVc30478721mtjA175Aqi19566hWOn2477 Page URL
http://olgasidin.digital/track/c37605JLvVc30478721mtjA175Aqi19566hWOn2477 HTTP 302
https://www.crackedjiggle.com/59QC8Z/BPLM6LG/?sub1=12&sub2=2477-37605&sub3=30478721-175-19566 HTTP 302
https://www.crackedjiggle.com/59QC8Z/CWFZ1SD/?__ptid=5825e24fca354de6b2f57faf7149f3d5&sub1=12&sub2=2477-37... HTTP 302
http://tracking.1arthe.com/aff_c?offer_id=5739&aff_id=1941&aff_sub1=95&aff_sub2=12&aff_sub3=8a0a7a46b5e... HTTP 302
https://www.2021tracknow.com/click?pid=17&offer_id=21&sub1=10292a3fd5e60192efcb41c8297c5d&sub2=1941 HTTP 302
https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub... Page URL

Detected technologies

hCaptcha (Security) Expand

Overall confidence: 100%
Detected patterns

<style[^>]+[^<]+#cf-hcaptcha-container[^<]+</style>

Page Statistics

18
Requests

94 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

4
IPs

5
Countries

200 kB
Transfer

578 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://chrome.google.com/webstore/detail/privacy-pass/ajhmfdgkijocedmfjonnpjfojldioehi
Title: Chrome Web Store

Search URL Search Domain Scan URL

URL: https://www.cloudflare.com/5xx-error-landing
Title: Cloudflare

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://olgasidin.digital/rd/c37605JLvVc30478721mtjA175Aqi19566hWOn2477 Page URL
http://olgasidin.digital/track/c37605JLvVc30478721mtjA175Aqi19566hWOn2477 HTTP 302
https://www.crackedjiggle.com/59QC8Z/BPLM6LG/?sub1=12&sub2=2477-37605&sub3=30478721-175-19566 HTTP 302
https://www.crackedjiggle.com/59QC8Z/CWFZ1SD/?__ptid=5825e24fca354de6b2f57faf7149f3d5&sub1=12&sub2=2477-37605&sub3=30478721-175-19566&sub4=&sub5=&source_id= HTTP 302
http://tracking.1arthe.com/aff_c?offer_id=5739&aff_id=1941&aff_sub1=95&aff_sub2=12&aff_sub3=8a0a7a46b5e54bacab8d3851d65a8f8b HTTP 302
https://www.2021tracknow.com/click?pid=17&offer_id=21&sub1=10292a3fd5e60192efcb41c8297c5d&sub2=1941 HTTP 302
https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP 302
https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha.js

18 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK c37605JLvVc30478721mtjA175Aqi19566hWOn2477
olgasidin.digital/rd/ 235 B
352 B 249ms
117ms Document
text/html 185.234.114.57
Hosting provider ...

General

Check archive.org

Show headers Download Go to

Full URL: http://olgasidin.digital/rd/c37605JLvVc30478721mtjA175Aqi19566hWOn2477
Protocol: HTTP/1.1
Server: 185.234.114.57 , Kazakhstan, ASN211971 (GOODHOSTKZ Goodhost.KZ - Hosting provider of Kazakhstan. Dedicated and VDSVPS hosting, KZ),
Reverse DNS: army-shortness.tookweb.com
Software: /
Resource Hash

Request headers

Host: olgasidin.digital
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html; charset=utf-8
Date: Fri, 17 Sep 2021 15:53:02 GMT
Content-Length: 235

GET
H2

403

Primary Request gen_fg7ijyyg9 Show response
www.cyberghostvpn.com/offer/
Redirect Chain

http://olgasidin.digital/track/c37605JLvVc30478721mtjA175Aqi19566hWOn2477
https://www.crackedjiggle.com/59QC8Z/BPLM6LG/?sub1=12&sub2=2477-37605&sub3=30478721-175-19566
https://www.crackedjiggle.com/59QC8Z/CWFZ1SD/?__ptid=5825e24fca354de6b2f57faf7149f3d5&sub1=12&sub2=2477-37605&sub3=30478721-175-19566&sub4=&sub5=&source_id=
http://tracking.1arthe.com/aff_c?offer_id=5739&aff_id=1941&aff_sub1=95&aff_sub2=12&aff_sub3=8a0a7a46b5e54bacab8d3851d65a8f8b
https://www.2021tracknow.com/click?pid=17&offer_id=21&sub1=10292a3fd5e60192efcb41c8297c5d&sub2=1941
https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941

13 KB
7 KB

165ms
22ms

Document
text/html

104.20.175.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941

Requested by

Host: olgasidin.digital
URL: http://olgasidin.digital/rd/c37605JLvVc30478721mtjA175Aqi19566hWOn2477

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.175.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c058ce9e1eeab534f3aff06ee11e1b2e6901c38f27d7857ff9758ec0432d78f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.cyberghostvpn.com
:scheme: https
:path: /offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://olgasidin.digital/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://olgasidin.digital/rd/c37605JLvVc30478721mtjA175Aqi19566hWOn2477

Response headers

date: Fri, 17 Sep 2021 15:53:04 GMT
content-type: text/html; charset=UTF-8
cf-chl-bypass: 1
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 69038158584ef9de-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

server: nginx
date: Fri, 17 Sep 2021 15:53:03 GMT
content-length: 0
location: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
set-cookie: afclick=6144b9df7d6592000168bb21; expires=Sat, 17 Sep 2022 15:53:03 GMT; secure; SameSite=None afoffers={"21":1631893983}; expires=Sat, 17 Sep 2022 15:53:03 GMT; secure; SameSite=None
access-control-allow-origin: *

GET
H2 200 cf.errors.css
www.cyberghostvpn.com/cdn-cgi/styles/ 23 KB
4 KB 17ms
15ms Stylesheet
text/css 104.20.175.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberghostvpn.com/cdn-cgi/styles/cf.errors.css

Requested by

Host: www.cyberghostvpn.com
URL: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.175.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16fd28061d42cf29268600418d5aa26b585435027ca599a42141cbc820f2547c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/styles/cf.errors.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberghostvpn.com
referer: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 15:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 16:30:06 GMT
server: cloudflare
etag: W/"61421f8e-5c88"
x-frame-options: DENY
content-type: text/css
cache-control: max-age=7200 public
cf-ray: 6903815898a1f9de-PRG
vary: Accept-Encoding
expires: Fri, 17 Sep 2021 17:53:04 GMT

GET
H2 200 transparent.gif
www.cyberghostvpn.com/cdn-cgi/images/trace/captcha/nojs/h/ 42 B
128 B 18ms
18ms Image
image/gif 104.20.175.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberghostvpn.com/cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=69038158584ef9de

Requested by

Host: www.cyberghostvpn.com
URL: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.175.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/captcha/nojs/h/transparent.gif?ray=69038158584ef9de
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberghostvpn.com
referer: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 15:53:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 16:30:06 GMT
server: cloudflare
etag: "61421f8e-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 69038158b8bff9de-PRG
vary: Accept-Encoding
content-length: 42
expires: Fri, 17 Sep 2021 17:53:04 GMT

GET
H2 200 v1 Show response
www.cyberghostvpn.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/ 35 KB
12 KB 62ms
61ms Script
text/javascript 104.20.175.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberghostvpn.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=69038158584ef9de
Requested by: Host: www.cyberghostvpn.com
URL: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.175.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 722eeeecd5dc85dc0381d8a6cbc24fe1a4d3b03fc2aa95d25f1f21eb1af09748

Request headers

:path: /cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=69038158584ef9de
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberghostvpn.com
referer: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 15:53:04 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=0, must-revalidate
cf-ray: 69038158d8faf9de-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 transparent.gif
www.cyberghostvpn.com/cdn-cgi/images/trace/captcha/js/ 42 B
101 B 18ms
17ms Image
image/gif 104.20.175.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberghostvpn.com/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=69038158584ef9de

Requested by

Host: www.cyberghostvpn.com
URL: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.175.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/trace/captcha/js/transparent.gif?ray=69038158584ef9de
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberghostvpn.com
referer: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 15:53:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 16:30:06 GMT
server: cloudflare
etag: "61421f8e-2a"
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 69038158d8fcf9de-PRG
vary: Accept-Encoding
content-length: 42
expires: Fri, 17 Sep 2021 17:53:04 GMT

GET
H2 200 browser-bar.png
www.cyberghostvpn.com/cdn-cgi/images/ 715 B
790 B 19ms
19ms Image
image/png 104.20.175.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberghostvpn.com/cdn-cgi/images/browser-bar.png?1376755637

Requested by

Host: www.cyberghostvpn.com
URL: https://www.cyberghostvpn.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.175.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/browser-bar.png?1376755637
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberghostvpn.com
referer: https://www.cyberghostvpn.com/cdn-cgi/styles/cf.errors.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberghostvpn.com/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 15:53:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 16:30:06 GMT
server: cloudflare
etag: "61421f8e-2cb"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 69038158d901f9de-PRG
vary: Accept-Encoding
content-length: 715
expires: Fri, 17 Sep 2021 17:53:04 GMT

GET
H2 200 cf-no-screenshot-warn.png
www.cyberghostvpn.com/cdn-cgi/images/ 3 KB
3 KB 18ms
18ms Image
image/png 104.20.175.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cyberghostvpn.com/cdn-cgi/images/cf-no-screenshot-warn.png

Requested by

Host: www.cyberghostvpn.com
URL: https://www.cyberghostvpn.com/cdn-cgi/styles/cf.errors.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.175.46 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/images/cf-no-screenshot-warn.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberghostvpn.com
referer: https://www.cyberghostvpn.com/cdn-cgi/styles/cf.errors.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberghostvpn.com/cdn-cgi/styles/cf.errors.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 15:53:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Sep 2021 16:30:06 GMT
server: cloudflare
etag: "61421f8e-a20"
x-frame-options: DENY
content-type: image/png
cache-control: max-age=7200 public
accept-ranges: bytes
cf-ray: 69038158d903f9de-PRG
vary: Accept-Encoding
content-length: 2592
expires: Fri, 17 Sep 2021 17:53:04 GMT

GET
H2

200

hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/2ebd8c0/
Redirect Chain

https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload
https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha.js

84 KB
27 KB

30ms
30ms

Script
application/javascript

104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d85d63b65c54797ae0d01e6c4118cfc89bf38d03feae40eae319f8c6951d5a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberghostvpn.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 15:53:04 GMT
via: 1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 164926
cf-polished: origSize=86505
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 15 Sep 2021 18:03:43 GMT
server: cloudflare
etag: W/"0b1744fbfa0727636ebe11666fed1e39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: PRG50-C1
cf-ray: 69038159be002798-PRG
x-amz-cf-id: ixnrRG45BY0itpGEHxGywgdaN_0MF3sJQTtGOmDSJto6Plzm_lnQcg==
cf-bgj: minify

Redirect headers

date: Fri, 17 Sep 2021 15:53:04 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 690381598dac2798-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3 200 4c9d5d0905cebca Show response
www.cyberghostvpn.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.2885661935151836:1631891418:c1809e99db4c9cfa1c653ea42cc716d7c2d44c85344c9c9753bbeb7ea9f60a24/69038158584ef9de/ 61 KB
33 KB 105ms
105ms XHR
text/plain 104.20.175.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberghostvpn.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.2885661935151836:1631891418:c1809e99db4c9cfa1c653ea42cc716d7c2d44c85344c9c9753bbeb7ea9f60a24/69038158584ef9de/4c9d5d0905cebca
Requested by: Host: www.cyberghostvpn.com
URL: https://www.cyberghostvpn.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=69038158584ef9de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.20.175.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 896762e66e1d4a9ab9c2ef756c9d026ef21d2c744cbdd8ae2df0b5025528ff7e

Request headers

sec-fetch-mode: cors
origin: https://www.cyberghostvpn.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: cf_chl_2=4c9d5d0905cebca; cf_chl_prog=e
content-length: 1995
:path: /cdn-cgi/challenge-platform/h/b/flow/ov1/0.2885661935151836:1631891418:c1809e99db4c9cfa1c653ea42cc716d7c2d44c85344c9c9753bbeb7ea9f60a24/69038158584ef9de/4c9d5d0905cebca
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.cyberghostvpn.com
referer: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 4c9d5d0905cebca
:method: POST
Referer: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
CF-Challenge: 4c9d5d0905cebca
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Sep 2021 15:53:04 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_4c9d5d0905cebca=8f645b74149c017;SameSite=Strict;Secure;HttpOnly
cf-ray: 6903815968e7411f-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 4c9d5d0905cebca Show response
www.cyberghostvpn.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.2885661935151836:1631891418:c1809e99db4c9cfa1c653ea42cc716d7c2d44c85344c9c9753bbeb7ea9f60a24/69038158584ef9de/ 5 KB
4 KB 122ms
122ms XHR
text/plain 104.20.175.46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberghostvpn.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.2885661935151836:1631891418:c1809e99db4c9cfa1c653ea42cc716d7c2d44c85344c9c9753bbeb7ea9f60a24/69038158584ef9de/4c9d5d0905cebca
Requested by: Host: www.cyberghostvpn.com
URL: https://www.cyberghostvpn.com/cdn-cgi/challenge-platform/h/b/orchestrate/captcha/v1?ray=69038158584ef9de
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.20.175.46 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c0682c8c6b7c67214c687fee4fc8b773f2e504237e3ba15be82b902c98dced

Request headers

sec-fetch-mode: cors
origin: https://www.cyberghostvpn.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: cf_chl_seq_4c9d5d0905cebca=8f645b74149c017; cf_chl_2=4c9d5d0905cebca; cf_chl_prog=a5
content-length: 19276
:path: /cdn-cgi/challenge-platform/h/b/flow/ov1/0.2885661935151836:1631891418:c1809e99db4c9cfa1c653ea42cc716d7c2d44c85344c9c9753bbeb7ea9f60a24/69038158584ef9de/4c9d5d0905cebca
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type: application/x-www-form-urlencoded
accept: */*
cache-control: no-cache
:authority: www.cyberghostvpn.com
referer: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
:scheme: https
sec-fetch-site: same-origin
cf-challenge: 4c9d5d0905cebca
:method: POST
Referer: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
CF-Challenge: 4c9d5d0905cebca
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 17 Sep 2021 15:53:05 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
set-cookie: cf_chl_seq_4c9d5d0905cebca=c2bb919d753bdad;SameSite=Strict;Secure;HttpOnly
cf-ray: 6903815de93c411f-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 hcaptcha-challenge.html Show response
newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/ Frame 263B 2 KB
1 KB 37ms
20ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-challenge.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abc74097189feb2901ef6d2e9a24098ea132ae0c35ea2ded270f96b0458868ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: newassets.hcaptcha.com
:scheme: https
:path: /captcha/v1/2ebd8c0/static/hcaptcha-challenge.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberghostvpn.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberghostvpn.com/

Response headers

date: Fri, 17 Sep 2021 15:53:05 GMT
content-type: text/html
last-modified: Wed, 15 Sep 2021 18:03:43 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: DO8XeguFz0txxL2CeZhFCmEgyMrlVSqlvgWvIZ4gSBd3ORdfIrcBKA==
age: 164928
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6903815edc9c4137-PRG
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 hcaptcha-checkbox.html Show response
newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/ Frame 5C24 2 KB
1 KB 39ms
23ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-checkbox.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js?render=explicit&recaptchacompat=off&onload=_cf_chl_hload

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab55f777b7aeb2a5b0014ab2fd080d58e85ef4a7be872e6726990ccae56b9564

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: newassets.hcaptcha.com
:scheme: https
:path: /captcha/v1/2ebd8c0/static/hcaptcha-checkbox.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberghostvpn.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cyberghostvpn.com/

Response headers

date: Fri, 17 Sep 2021 15:53:05 GMT
content-type: text/html
last-modified: Wed, 15 Sep 2021 18:03:43 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: RyD5GBsOgGabaGBe7zLlKHwmKRivOlSSl2Epxi0fXFCgfxWiV4KW0g==
age: 164928
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6903815edc9a4137-PRG
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 hcaptcha-challenge.js Show response
newassets.hcaptcha.com/captcha/v1/2ebd8c0/ Frame 263B 211 KB
60 KB 26ms
26ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha-challenge.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-challenge.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be1e03fe7d3a2c872ad403c2355b799b848d97bb797e2f65a781fd578b4ded0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 15:53:05 GMT
via: 1.1 d05dc840d6cf3901928326ad8b6d38c3.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 164921
cf-polished: origSize=215884
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 15 Sep 2021 18:03:42 GMT
server: cloudflare
etag: W/"3a8986c606b9363d57bc6aba265fbbf3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: PRG50-C1
cf-ray: 6903815f1d0d4137-PRG
x-amz-cf-id: vMV4GmwaXlE27u0R4nWINUVjrB-aS2-aQ9K_BM12NJ7QZoFH0NveEw==
cf-bgj: minify

GET
H3 200 hcaptcha-checkbox.js Show response
newassets.hcaptcha.com/captcha/v1/2ebd8c0/ Frame 5C24 134 KB
43 KB 54ms
54ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha-checkbox.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-checkbox.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75540136f3178e826aecc065866107906b4292df41c28aeac20aab00a0dba7b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-checkbox.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 15:53:05 GMT
via: 1.1 f631e696fd022598ec39e248ac48b193.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 164921
cf-polished: origSize=137703
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 15 Sep 2021 18:03:43 GMT
server: cloudflare
etag: W/"ff2aeb8b9ea0448859e308590c020b8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: PRG50-C1
cf-ray: 6903815f1d104137-PRG
x-amz-cf-id: xKVgsmpVMFELbxMENby5-OKWtun5yEoACgryL5XAIfhWsoNlHBLDWA==
cf-bgj: minify

GET
DATA 200
OK truncated
/ Frame 5C24 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 checksiteconfig Show response
hcaptcha.com/ Frame 5C24 508 B
901 B 30ms
29ms XHR
application/json 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?host=www.cyberghostvpn.com&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&sc=1&swa=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha-checkbox.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2156c26e6f526ff8d53039efa63f2bee63b50b87803af725e67feba9bb8b9cee

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://newassets.hcaptcha.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 17 Sep 2021 15:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
cf-chl-bypass: 2
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-credentials: true
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 690381601ead4137-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

OPTIONS
H3 200 checksiteconfig
hcaptcha.com/ Frame 0
0 47ms
27ms Preflight 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?host=www.cyberghostvpn.com&sitekey=33f96e6a-38cd-421b-bb68-7806e1764460&sc=1&swa=1

Protocol

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,content-type
Origin: https://newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 17 Sep 2021 15:53:05 GMT
content-length: 0
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6903815fed7327c0-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 hsl.js Show response
newassets.hcaptcha.com/c/30d7592d/ Frame 263B 3 KB
2 KB 22ms
22ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/30d7592d/hsl.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/hcaptcha-challenge.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7538483e5bd500db5964e3a6ee8837cf7f51ad2ab3a3cf3140c6f489ddf3979d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/2ebd8c0/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 15:53:05 GMT
via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 193758
cf-polished: origSize=3577
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 15 Sep 2021 10:01:41 GMT
server: cloudflare
etag: W/"a01b80d5b75b082c8f8bcacbf4254200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: PRG50-C1
cf-ray: 690381605f114137-PRG
x-amz-cf-id: eg_Ityq9KmLTjTrN8HMcU5MWK6ZlKrZ62qnKhxmO5v8drHpHcbdXVA==
cf-bgj: minify

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.cyberghostvpn.com/cdn-cgi/challenge-platform/h/b/flow/ov1/0.2885661935151836:1631891418:c1809e99db4c9cfa1c653ea42cc716d7c2d44c85344c9c9753bbeb7ea9f60a24/69038158584ef9de	1969-12-31 23:59:59	Name: cf_chl_seq_4c9d5d0905cebca Value: c2bb919d753bdad
www.2021tracknow.com/	1970-01-20 06:03:49	Name: afclick Value: 6144b9df7d6592000168bb21
www.2021tracknow.com/	1970-01-20 06:03:49	Name: afoffers Value: {"21":1631893983}
www.cyberghostvpn.com/	1970-01-19 21:18:17	Name: cf_chl_2 Value: 4c9d5d0905cebca
www.cyberghostvpn.com/	1970-01-19 21:18:17	Name: cf_chl_prog Value: b

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network	error	URL: https://www.cyberghostvpn.com/offer/gen_fg7ijyyg9?aff_click_id=6144b9df7d6592000168bb21&aff_sub=17&aff_sub2=1941 Message: Failed to load resource: the server responded with a status of 403 ()
deprecation	warning	(Line 4) Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hcaptcha.com
newassets.hcaptcha.com
olgasidin.digital
tracking.1arthe.com
www.2021tracknow.com
www.crackedjiggle.com
www.cyberghostvpn.com
104.16.169.131
104.20.175.46
185.234.114.57
209.236.123.240
212.32.252.83
52.210.2.133
16fd28061d42cf29268600418d5aa26b585435027ca599a42141cbc820f2547c
2156c26e6f526ff8d53039efa63f2bee63b50b87803af725e67feba9bb8b9cee
27c0682c8c6b7c67214c687fee4fc8b773f2e504237e3ba15be82b902c98dced
2d85d63b65c54797ae0d01e6c4118cfc89bf38d03feae40eae319f8c6951d5a4
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5be1e03fe7d3a2c872ad403c2355b799b848d97bb797e2f65a781fd578b4ded0
722eeeecd5dc85dc0381d8a6cbc24fe1a4d3b03fc2aa95d25f1f21eb1af09748
7538483e5bd500db5964e3a6ee8837cf7f51ad2ab3a3cf3140c6f489ddf3979d
75540136f3178e826aecc065866107906b4292df41c28aeac20aab00a0dba7b0
7c058ce9e1eeab534f3aff06ee11e1b2e6901c38f27d7857ff9758ec0432d78f
896762e66e1d4a9ab9c2ef756c9d026ef21d2c744cbdd8ae2df0b5025528ff7e
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
ab55f777b7aeb2a5b0014ab2fd080d58e85ef4a7be872e6726990ccae56b9564
abc74097189feb2901ef6d2e9a24098ea132ae0c35ea2ded270f96b0458868ac
d4eb829b9da3417d1cde6b2f3cbf24cd125fb6805adc22b37191e7a1bf0a543b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.cyberghostvpn.com Open in urlscan Pro 104.20.175.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

94 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

4 IPs

5 Countries

200 kBTransfer

578 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

5 Cookies

3 Console Messages

Indicators

www.cyberghostvpn.com Open in urlscan Pro
104.20.175.46 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

94 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

4
IPs

5
Countries

200 kB
Transfer

578 kB
Size

5
Cookies

18 HTTP transactions
1 data transactions