2d80df89.cb729a478b9da7dd2342553e.workers.dev Open in urlscan Pro
2606:4700:3034::ac43:8283 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://umpire.baseball.ca/includes/language.php?lang=french&page=%2F%2F%2F%2Fsaudipolycon.com%2F%2Fauth%2FGsec%2Fa2hvbGxhb...
Effective URL:
https://2d80df89.cb729a478b9da7dd2342553e.workers.dev/?qrc=khollandsworth@gsec.coop
Submission: On July 12 via manual (July 12th 2023, 1:01:28 pm UTC) from US — Scanned from CA

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3034::ac43:8283, located in United States and belongs to CLOUDFLARENET, US. The main domain is 2d80df89.cb729a478b9da7dd2342553e.workers.dev.
TLS certificate: Issued by GTS CA 1P5 on July 12th 2023. Valid for: 3 months.

This is the only time 2d80df89.cb729a478b9da7dd2342553e.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.43.225.213 67.43.225.213	36666 (GTCOMM) (GTCOMM)
1	69.174.114.150 69.174.114.150	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2606:4700:303... 2606:4700:3034::ac43:8283	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 8	2606:4700::68... 2606:4700::6811:3b8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	4

1 67.43.225.213 (Canada) 1 redirects

ASN36666 (GTCOMM, CA)
PTR: cloud100834.mywhc.ca

umpire.baseball.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.174.114.150 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

saudipolycon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:8283 (United States)

ASN13335 (CLOUDFLARENET, US)

2d80df89.cb729a478b9da7dd2342553e.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:3b8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 5263	173 KB
1	workers.dev 2d80df89.cb729a478b9da7dd2342553e.workers.dev	2 KB
1	saudipolycon.com saudipolycon.com	141 B
1	baseball.ca 1 redirects umpire.baseball.ca	316 B
11	4

	Domain	Requested by
8	challenges.cloudflare.com	1 redirects 2d80df89.cb729a478b9da7dd2342553e.workers.dev challenges.cloudflare.com
1	2d80df89.cb729a478b9da7dd2342553e.workers.dev
1	saudipolycon.com
1	umpire.baseball.ca	1 redirects
11	4

This site contains no links.

Subject Issuer	Validity	Valid
saudipolycon.com cPanel, Inc. Certification Authority	`2023-06-13` - `2023-09-11`	3 months	crt.sh
cb729a478b9da7dd2342553e.workers.dev GTS CA 1P5	`2023-07-12` - `2023-10-10`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://2d80df89.cb729a478b9da7dd2342553e.workers.dev/?qrc=khollandsworth@gsec.coop
Frame ID: 0813FB81CFE1C4BF0D1F15D616D26CCE
Requests: 3 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/u4i7s/0x4AAAAAAAHRZugNACT7BvsD/auto/normal
Frame ID: 7778C7AD2E7B4E6B4C883B6E27D5FE37
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page Statistics

11
Requests

73 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

174 kB
Transfer

346 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://umpire.baseball.ca/includes/language.php?lang=french&page=%2F%2F%2F%2Fsaudipolycon.com%2F%2Fauth%2FGsec%2Fa2hvbGxhbmRzd29ydGhAZ3NlYy5jb29w HTTP 302
https://saudipolycon.com//auth/Gsec/a2hvbGxhbmRzd29ydGhAZ3NlYy5jb29w

Request Chain 1

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/556d0c9f/api.js?onload=onloadTurnstileCallback

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

a2hvbGxhbmRzd29ydGhAZ3NlYy5jb29w Show response
saudipolycon.com//auth/Gsec/
Redirect Chain

https://umpire.baseball.ca/includes/language.php?lang=french&page=%2F%2F%2F%2Fsaudipolycon.com%2F%2Fauth%2FGsec%2Fa2hvbGxhbmRzd29ydGhAZ3NlYy5jb29w
https://saudipolycon.com//auth/Gsec/a2hvbGxhbmRzd29ydGhAZ3NlYy5jb29w

0
141 B

379ms
191ms

Document
text/html

69.174.114.150
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://saudipolycon.com//auth/Gsec/a2hvbGxhbmRzd29ydGhAZ3NlYy5jb29w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.174.114.150 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 12 Jul 2023 13:01:23 GMT
refresh: 0;url=https://2d80df89.cb729a478b9da7dd2342553e.workers.dev/?qrc=khollandsworth@gsec.coop
server: Apache

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 12 Jul 2023 13:01:22 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: ////saudipolycon.com//auth/Gsec/a2hvbGxhbmRzd29ydGhAZ3NlYy5jb29w
pragma: no-cache
server: Apache
vary: Accept-Encoding,User-Agent

GET
H2 200 Primary Request / Show response
2d80df89.cb729a478b9da7dd2342553e.workers.dev/ 3 KB
2 KB 304ms
199ms Document
text/html 2606:4700:3034::ac43:8283
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2d80df89.cb729a478b9da7dd2342553e.workers.dev/?qrc=khollandsworth@gsec.coop
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:8283 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7122aeab737bde691878cc3f00041d4b1581e20bd0d7a85484265d8277084439

Request headers

Referer: https://saudipolycon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 7e59797e2d6b36c1-YYZ
content-encoding: br
content-type: text/html;charset=UTF-8
date: Wed, 12 Jul 2023 13:01:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQPNxq%2FQQr3Rh5fFs28GokAMJfrJ%2F99i7XGhZuiYRtqolt7LPzW1qXrZjaIw5fq2B2q3nDIUlU8ajCY6GZqN6stryGEQ5H%2FFgQez4a%2FHMdC4lF4%2FDSul5GaV5HEnUEB%2Ff5USZPkcZeIEi2%2Bcs7bgalrbPlVVBzsNwmSKWPvYZHnvyfRLFe1DC%2BFnOcA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/556d0c9f/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
https://challenges.cloudflare.com/turnstile/v0/b/556d0c9f/api.js?onload=onloadTurnstileCallback

19 KB
7 KB

37ms
36ms

Script
application/javascript

2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/556d0c9f/api.js?onload=onloadTurnstileCallback
Requested by: Host: 2d80df89.cb729a478b9da7dd2342553e.workers.dev
URL: https://2d80df89.cb729a478b9da7dd2342553e.workers.dev/?qrc=khollandsworth@gsec.coop
Protocol: H2
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3d5cd569dcc9f9c25e22a1094371fec043d8c4382e46ca3851dcc448c6d1fc1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://2d80df89.cb729a478b9da7dd2342553e.workers.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:01:23 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7e5979800aa67144-YUL
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 12 Jul 2023 13:01:23 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/b/556d0c9f/api.js?onload=onloadTurnstileCallback
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7e59797fda5f7144-YUL
alt-svc: h3=":443"; ma=86400

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/u4i7s/0x4AAAAAAAHRZugNACT7BvsD/auto/ Frame 7778 24 KB
8 KB 26ms
26ms Document
text/html 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/u4i7s/0x4AAAAAAAHRZugNACT7BvsD/auto/normal

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76da4dde8833339c8101095b71354108c53bb88f3d4ab8b636481c63fc2d1f60

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer: https://2d80df89.cb729a478b9da7dd2342553e.workers.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 7e5979805f4e33f5-YUL
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Wed, 12 Jul 2023 13:01:23 GMT
document-policy: js-profiling
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/ Frame 7778 167 KB
57 KB 27ms
26ms Script
application/javascript 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e5979805f4e33f5
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/u4i7s/0x4AAAAAAAHRZugNACT7BvsD/auto/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d72e2d87640e00900e0bd79d3b1863553b896ae60f06872f95423c648056fd4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/u4i7s/0x4AAAAAAAHRZugNACT7BvsD/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:01:23 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 7e597980c81a33f5-YUL
alt-svc: h3=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

GET
BLOB 200
OK b79ffd4e-1a8d-48ff-8018-574cb7fc6755
https://challenges.cloudflare.com/ Frame 7778 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/b79ffd4e-1a8d-48ff-8018-574cb7fc6755
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/u4i7s/0x4AAAAAAAHRZugNACT7BvsD/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

POST
H3 200 6648f87c67305d0 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/771653422:1689164489:xeBzeSNtayuS6a7UrPAxoJNK4dhCfiweQmwylUy1-f0/7e5979805f4e33f5/ Frame 7778 118 KB
89 KB 111ms
110ms XHR
text/plain 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/771653422:1689164489:xeBzeSNtayuS6a7UrPAxoJNK4dhCfiweQmwylUy1-f0/7e5979805f4e33f5/6648f87c67305d0
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e5979805f4e33f5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0429050c2dbd2d9dacf5268ebaff2793150b978c5237c7c983675ac55bb3470

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/u4i7s/0x4AAAAAAAHRZugNACT7BvsD/auto/normal
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: 6648f87c67305d0
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: WGYYaOokbRcuNxrcKWXKqANBZrIN8+0Taj0EA+A/OvXRrOTfmV9AlbSY1gjlXsOL5hC3kOPd/JBxwJ6MjuPZZ0q+E0CjAvT1onRC8vwo+oF1igBjQ6s71RAoIgkfQpdhH83vi4SWSxkw+vjwEgHBTBO+jCXgzuzRd1/JhTl4nLTj1hKoIxK38Q+MiC3RhOlw1R/NaxuWpgwzPRkdiWpqz6bE/B055Rf/Uo2xiNJTv/e2+JVzy+7FUO9tTJcE17MVVb195Plu4Uo70cU14LrypDfFmIr+gwv3ngPtSTqBmBa8SoxFfWFUu3AkFvl4sVaeHQlTrSqILgCW+gsUr50imEBiGXngxp0iYeb6m9gUtO3+gq/f+QflLo4LrzYv5tYfst+YFtHIIk/KgRAYRfvhoUsHxI47jn8sfkBgy5aNqnC4IYvGgw1Jkh9NKQhN3B+uZvmwsQEyJ0YlT2lIsGgNfu5vUQ7ITxhXIAJsZVChq16WeBVgQgXvJcWyRf+8kRL1$IMwGhMFSC8wKot9oY/CRtw==
date: Wed, 12 Jul 2023 13:01:24 GMT
content-encoding: br
server: cloudflare
cf-ray: 7e597981ea4933f5-YUL
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 401 F4exBxUe6k0-Xv9 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7e5979805f4e33f5/1689166884160/234b3d6bc294ef50f9d54fd4b962e5c5da2977a88ec6c022b5f1e1edf1771c14/ Frame 7778 1 B
627 B 20ms
20ms Fetch
text/plain 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7e5979805f4e33f5/1689166884160/234b3d6bc294ef50f9d54fd4b962e5c5da2977a88ec6c022b5f1e1edf1771c14/F4exBxUe6k0-Xv9
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e5979805f4e33f5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/u4i7s/0x4AAAAAAAHRZugNACT7BvsD/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:01:24 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gI0s9a8KU71D51U_UuWLlxdopd6iOxsAitfHh7fF3HBQAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAud1722XPCRhYoOIgf36fG5iXSHxfxHUZKz73wnLpMfitU52MrdnNWcrUVkTbnKzyTm0Eu_xxsnRjrrlfx2IsTXnr-s9e4Pcc4HcvRmkMrw3XF39qe1KQIdVCNdNafkz1J0NrctkXi1FQqBHTVhXwGwC9x1OMaJtOuArK5reikVOEOgLbWuDDVKss9TLXqQd0QKZ3UYgzMOidVGZVWwLRZPtrpaduttH1XIUQsUYGRSQt1IHvLpdLLtAA_pm8eFdjSqYgDy2JHY6bJpQgMP2umteUDyWEme_zpnYdR3fNYKWlOYCDaqI0yUEt8n1t3xi5BDAJ6Negpkd6impWYjHWQQIDAQAB, max-age=20
server: cloudflare
cf-ray: 7e5979872baf33f5-YUL
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
BLOB 200
OK 5b0e234d-d86b-4336-ba69-9f0024a900a2
https://challenges.cloudflare.com/ Frame 7778 99 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://challenges.cloudflare.com/5b0e234d-d86b-4336-ba69-9f0024a900a2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/u4i7s/0x4AAAAAAAHRZugNACT7BvsD/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 99
Content-Type: text/javascript

GET
H3 200 0QsXY609A5LbJEU
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/7e5979805f4e33f5/1689166884163/ Frame 7778 61 B
147 B 21ms
20ms Image
image/png 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/i/7e5979805f4e33f5/1689166884163/0QsXY609A5LbJEU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87bcceb284e9a892d960db3c0697d8dd66eb0525e5d20debe2d1b903c5a5c502

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/u4i7s/0x4AAAAAAAHRZugNACT7BvsD/auto/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 12 Jul 2023 13:01:25 GMT
server: cloudflare
cf-ray: 7e5979896f2e33f5-YUL
alt-svc: h3=":443"; ma=86400
content-type: image/png

POST
H3 200 6648f87c67305d0 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/771653422:1689164489:xeBzeSNtayuS6a7UrPAxoJNK4dhCfiweQmwylUy1-f0/7e5979805f4e33f5/ Frame 7778 14 KB
11 KB 45ms
42ms XHR
text/plain 2606:4700::6811:3b8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/flow/ov1/771653422:1689164489:xeBzeSNtayuS6a7UrPAxoJNK4dhCfiweQmwylUy1-f0/7e5979805f4e33f5/6648f87c67305d0
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_api/v1?ray=7e5979805f4e33f5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aec3472eac74cd2613ac6f1c1195a1597500adad88ac3551315217b11995962

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/u4i7s/0x4AAAAAAAHRZugNACT7BvsD/auto/normal
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge: 6648f87c67305d0
Content-type: application/x-www-form-urlencoded

Response headers

cf-chl-gen: idrwP5ApXaZuat9N4s/x5eo5xXn8UYa4+zkLQ6omhs9VX9YlWxJp4NCNGkhqj4EY$zFSJT1Kq+mQKsVzkTWigbA==
date: Wed, 12 Jul 2023 13:01:25 GMT
content-encoding: br
server: cloudflare
cf-ray: 7e59798aea1133f5-YUL
alt-svc: h3=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			umpire.baseball.ca/	1969-12-31 23:59:59	Name: PHPSESSID Value: 80069d81284ae73d4bd118512c3b4428
			umpire.baseball.ca/	1970-01-20 13:55:58	Name: cookie_language Value: french

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/pat/7e5979805f4e33f5/1689166884160/234b3d6bc294ef50f9d54fd4b962e5c5da2977a88ec6c022b5f1e1edf1771c14/F4exBxUe6k0-Xv9 Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2d80df89.cb729a478b9da7dd2342553e.workers.dev
challenges.cloudflare.com
saudipolycon.com
umpire.baseball.ca
2606:4700:3034::ac43:8283
2606:4700::6811:3b8
67.43.225.213
69.174.114.150
1d72e2d87640e00900e0bd79d3b1863553b896ae60f06872f95423c648056fd4
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7122aeab737bde691878cc3f00041d4b1581e20bd0d7a85484265d8277084439
76da4dde8833339c8101095b71354108c53bb88f3d4ab8b636481c63fc2d1f60
87bcceb284e9a892d960db3c0697d8dd66eb0525e5d20debe2d1b903c5a5c502
8aec3472eac74cd2613ac6f1c1195a1597500adad88ac3551315217b11995962
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194
a0429050c2dbd2d9dacf5268ebaff2793150b978c5237c7c983675ac55bb3470
a3d5cd569dcc9f9c25e22a1094371fec043d8c4382e46ca3851dcc448c6d1fc1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

2d80df89.cb729a478b9da7dd2342553e.workers.dev Open in urlscan Pro 2606:4700:3034::ac43:8283 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

11 Requests

73 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

174 kBTransfer

346 kBSize

2 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

2d80df89.cb729a478b9da7dd2342553e.workers.dev Open in urlscan Pro
2606:4700:3034::ac43:8283 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

73 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

174 kB
Transfer

346 kB
Size

2
Cookies

11 HTTP transactions
0 data transactions