preview-secure.go-tma.co.uk Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://preview-secure.go-tma.co.uk/
Effective URL:
https://preview-secure.go-tma.co.uk/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On November 08 via api (November 8th 2024, 3:57:54 pm UTC) from IT — Scanned from NL

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 24 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is preview-secure.go-tma.co.uk.
TLS certificate: Issued by WE1 on October 20th 2024. Valid for: 3 months.

This is the only time preview-secure.go-tma.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.94.41 104.18.94.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.95.41 104.18.95.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	4

9 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

preview-secure.go-tma.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.94.41 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.95.41 (None, )

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	go-tma.co.uk preview-secure.go-tma.co.uk	550 KB
4	cloudflare.com challenges.cloudflare.com — Cisco Umbrella Rank: 3443	16 KB
0	talent-boxoffice.co.uk Failed cdn.talent-boxoffice.co.uk Failed
24	3

	Domain	Requested by
9	preview-secure.go-tma.co.uk	preview-secure.go-tma.co.uk
4	challenges.cloudflare.com	preview-secure.go-tma.co.uk challenges.cloudflare.com
0	cdn.talent-boxoffice.co.uk Failed	preview-secure.go-tma.co.uk
24	3

This site contains no links.

Subject Issuer	Validity	Valid
go-tma.co.uk WE1	`2024-10-20` - `2025-01-18`	3 months	crt.sh
challenges.cloudflare.com WE1	`2024-11-03` - `2025-02-01`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://preview-secure.go-tma.co.uk/
Frame ID: 4617AAA41B1E4B317F938B0D51A5B579
Requests: 22 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/10us3/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: 059023A033098EAB90B685597160FA74
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/whhqp/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: E6FC5CF0AF7B541E538D920259D16EBD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Just a moment...

Page URL History Show full URLs

http://preview-secure.go-tma.co.uk/ HTTP 307
https://preview-secure.go-tma.co.uk/ Page URL
https://preview-secure.go-tma.co.uk/ Page URL

Page Statistics

24
Requests

54 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

584 kB
Transfer

949 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://preview-secure.go-tma.co.uk/ HTTP 307
https://preview-secure.go-tma.co.uk/ Page URL
https://preview-secure.go-tma.co.uk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://preview-secure.go-tma.co.uk/ HTTP 307
https://preview-secure.go-tma.co.uk/

24 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

403

/ Show response
preview-secure.go-tma.co.uk/
Redirect Chain

http://preview-secure.go-tma.co.uk/
https://preview-secure.go-tma.co.uk/

154 KB
113 KB

259ms
221ms

Document
text/html

188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://preview-secure.go-tma.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32ba319b3f0ef5112640f4ace38e8a4264d002ce102dff10cda73827ba8eb78d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: I1Nu44zAOxOah99UDqGLnr8apQrPhZYqfnSJmDY+q52bdJgGLCH3I6nL67YXqx+l/r3hsTz8Zu8I3NfT4AH1ioQzZ76pMF61SfcKGw8+EiMC7aTGmCfcQ7FEsWDtkXk7Ozs1iCmyaswqQ39N06SwNA==$eUKpbLpH3eGyA59z7PR+BA==
cf-mitigated: challenge
cf-ray: 8df6c2d529c8d276-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 08 Nov 2024 15:57:50 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x37hXvwwRsBnjNOMkeRSaBxR5AqQ4Wj94D8Ukr17t1FjS1s4dYio2iGh8ir0NW4j%2Bjproa33o6O2iZShveR7DDas9yfncij%2BCXD%2FVnuWMBYlr2Kj3SEtP9Ns8w5twgRg7d5ryfessA3hmVlxZ8w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=18435&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4183&recv_bytes=4415&delivery_rate=1517&cwnd=12000&unsent_bytes=0&cid=9f52939509406f29&ts=226&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-options: nosniff
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Location: https://preview-secure.go-tma.co.uk/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 v1 Show response
preview-secure.go-tma.co.uk/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 102 KB
41 KB 25ms
24ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://preview-secure.go-tma.co.uk/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8df6c2d529c8d276

Requested by

Host: preview-secure.go-tma.co.uk
URL: https://preview-secure.go-tma.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af0632328d0ebc9c85d9846f12fa314992c34cec16c96bd49a2a31450bbf3d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://preview-secure.go-tma.co.uk/?__cf_chl_rt_tk=fyn6dmrOU_rIZ7NsPr0vW9gTKyagHS912jkeGxTixaY-1731081470-1.0.1.1-3NtLz0LIu17WFNOTyuikx2WAnP1S5cF7gRS9WkO4iI8

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7qCDdFVKzShC%2FP4dYy6zQDCHX6ZXGlyBI86LO16J%2BvSikZpadEWrIpwApAuaEjeEJ6ib9Z2DqSJIPe11j2eu1XhLWw%2F6QTQQXO98tPpK4mxceMOpO3sop5XcPu%2FwYGtMKVsJV%2F7O0vpwi44okSM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8df6c2d76f8ad276-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19282&sent=118&recv=26&lost=0&retrans=1&sent_bytes=123961&recv_bytes=5573&delivery_rate=606921&cwnd=81000&unsent_bytes=0&cid=9f52939509406f29&ts=422&x=1", cfHdrFlush;dur=0
date: Fri, 08 Nov 2024 15:57:50 GMT
content-type: application/javascript; charset=UTF-8
server: cloudflare

GET style.css
cdn.talent-boxoffice.co.uk/cloudflare/Default/ 0
0

GET logo.png
cdn.talent-boxoffice.co.uk/cloudflare/Default/ 0
0

GET image.jpg
cdn.talent-boxoffice.co.uk/cloudflare/Default/ 0
0

GET
DATA 200
OK truncated
/ 77 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0187dd019e40237e4668950adea24b7f06bb79dd10aff940bef24fadcdc0ef7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://preview-secure.go-tma.co.uk
Referer

Response headers

Content-Type: font/woff2

GET 14e27b03-cdaf-4605-8ebd-90272d3475b6
https://preview-secure.go-tma.co.uk/ Frame 0
0

GET
H3 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/ 47 KB
16 KB 70ms
31ms Script
application/javascript 104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js?onload=clJo2&render=explicit
Requested by: Host: preview-secure.go-tma.co.uk
URL: https://preview-secure.go-tma.co.uk/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8df6c2d529c8d276
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7595c3d2e94df7416308fa2ccf5ae8832137c76d2e9a8b02e6ed2cb2d92e2f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://preview-secure.go-tma.co.uk
Referer

Response headers

cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding: br
cross-origin-resource-policy: cross-origin
cf-ray: 8df6c2d7e9e21979-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 08 Nov 2024 15:57:50 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 28 Oct 2024 19:08:47 GMT
server: cloudflare
vary: Accept-Encoding

POST
H3 200 NpjAQm8ZhuyaKPGP.zkuXw0CrrZBIiPeVD3tT3FFfs4-1731081470-1.2.1.1-kNHOPFOky_NTNnJ5NcuTHBWJ.nsOYizxUONXPkwNUEOTk7Czm0itAsHOS54L8Pzo Show response
preview-secure.go-tma.co.uk/cdn-cgi/challenge-platform/h/b/flow/ov1/10734739:1731079698:Py53KVsg826e_QC8kM9_xDtUXZ8DGtFGivX6XpXKQRE/8df6c2d529c8d276/ 13 KB
9 KB 49ms
48ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://preview-secure.go-tma.co.uk/cdn-cgi/challenge-platform/h/b/flow/ov1/10734739:1731079698:Py53KVsg826e_QC8kM9_xDtUXZ8DGtFGivX6XpXKQRE/8df6c2d529c8d276/NpjAQm8ZhuyaKPGP.zkuXw0CrrZBIiPeVD3tT3FFfs4-1731081470-1.2.1.1-kNHOPFOky_NTNnJ5NcuTHBWJ.nsOYizxUONXPkwNUEOTk7Czm0itAsHOS54L8Pzo

Requested by

Host: preview-secure.go-tma.co.uk
URL: https://preview-secure.go-tma.co.uk/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8df6c2d529c8d276

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

526a236ff2613dc711200aadfc9edaaf5237f0ebe35aebe516d01ecffb506836

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://preview-secure.go-tma.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
CF-Challenge: NpjAQm8ZhuyaKPGP.zkuXw0CrrZBIiPeVD3tT3FFfs4-1731081470-1.2.1.1-kNHOPFOky_NTNnJ5NcuTHBWJ.nsOYizxUONXPkwNUEOTk7Czm0itAsHOS54L8Pzo

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LF7LSBfBLduRYku8tnIYuSfUHulxcPSBq2m89X8hIgI7XJKQuPUD0XUqol0GumBnUizBzZ4qshbiBsWA2wjke1nB6l4dWtq3%2BbYWik1pSbMgZDfTVRyhLP%2F3eEP%2BJ2Q30HJI1RomqaKmKnwbyEc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8df6c2d87a3bd276-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19335&sent=228&recv=34&lost=0&retrans=1&sent_bytes=248200&recv_bytes=10118&delivery_rate=1806181&cwnd=81000&unsent_bytes=0&cid=9f52939509406f29&ts=614&x=1", cfHdrFlush;dur=5
date: Fri, 08 Nov 2024 15:57:50 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: kdZMs309q6w/nAYunW61YnF8ThGxqslMnJKQ78ltkyh426XmbeoU5yHWjubCR6vCllauLpwzFsU=$kBf2WS613QtlFTm3
server: cloudflare

GET
H3 403 favicon.ico
preview-secure.go-tma.co.uk/ 151 KB
111 KB 29ms
29ms Other
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://preview-secure.go-tma.co.uk/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a468c8f455127f7728161defd19c135793133b5a189d9663750eec543330cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://preview-secure.go-tma.co.uk/

Response headers

content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=57dacHF2y6XfDaPAgs7%2B%2F6hPunBDC%2BGhPlpC8HzKhqaqnHZgQc2D%2BrS8QGCztMW17U0vx0aI4wCarswuPOdXAsYYmpwvzDCddZUMkWd24BHO%2F5Fqa72aFV58VOVAL7ggxv%2ByWRNEzB7O6LAsphc%3D"}],"group":"cf-nel","max_age":604800}
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19335&sent=159&recv=34&lost=0&retrans=1&sent_bytes=167200&recv_bytes=10118&delivery_rate=1806181&cwnd=81000&unsent_bytes=0&cid=9f52939509406f29&ts=599&x=1", cfHdrFlush;dur=0
x-content-options: nosniff
date: Fri, 08 Nov 2024 15:57:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: p/rsj9i6SRWvmxuaT5up+66RgWYL2zc0W4SFrZyppA0PmeZ61b5gjswYQwvqvrzXxaL+YgJGx+zPKOM1T+dzIhBuYHaXDG8aJEAPildRZcjtO7z1veZjuWn6nIjn/4KyK2oaPpWFs/j0TiBpYT0GBA==$ptmvPzc9kEt07hN/RmF/fA==
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8df6c2d87a40d276-FRA
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

GET 602a21d1-e4c7-4251-8b2d-b6c0545bab79
https://preview-secure.go-tma.co.uk/ Frame 0
0

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/10us3/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame 0590 0
0 56ms
31ms Document
text/html 104.18.95.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/10us3/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js?onload=clJo2&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8df6c2d91cde2bee-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 08 Nov 2024 15:57:50 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST
H3 200 NpjAQm8ZhuyaKPGP.zkuXw0CrrZBIiPeVD3tT3FFfs4-1731081470-1.2.1.1-kNHOPFOky_NTNnJ5NcuTHBWJ.nsOYizxUONXPkwNUEOTk7Czm0itAsHOS54L8Pzo Show response
preview-secure.go-tma.co.uk/cdn-cgi/challenge-platform/h/b/flow/ov1/10734739:1731079698:Py53KVsg826e_QC8kM9_xDtUXZ8DGtFGivX6XpXKQRE/8df6c2d529c8d276/ 2 KB
3 KB 33ms
31ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: preview-secure.go-tma.co.uk
URL: https://preview-secure.go-tma.co.uk/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8df6c2d529c8d276

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

516c2cc6e4d4baa3b6c3894502010b6977b1122ceb4d4278b13278ecd511f2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://preview-secure.go-tma.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
CF-Challenge: NpjAQm8ZhuyaKPGP.zkuXw0CrrZBIiPeVD3tT3FFfs4-1731081470-1.2.1.1-kNHOPFOky_NTNnJ5NcuTHBWJ.nsOYizxUONXPkwNUEOTk7Czm0itAsHOS54L8Pzo

Response headers

cf-chl-out: PgV+1z4b8ZchgBylrL0wnIGDVpOz2w4t266VcHW85jJoH0xL7kKjc/yRPX9ZtWFsyml2U5Dgn16Z4HmBY+j/PbhH9AAv+DO9k3W0uV9ZHH22qY4PgEtywKQ=$UTis9QpyaX+R5f1X
strict-transport-security: max-age=15552000; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2BGcWfoQdbjRfs1t974kfuV00g9Kc2D3IhoiecLxqBPFCWw0WZr468x%2BpfQFkp3LiUuoqfhG%2BIbi0RwLPv7K%2FRI1c5q%2FuqzNm9Yih2XgMCw3PIvBY1KKo%2FKIMY7IXnPMJ5yhbTTB9kb%2F5ZJUVfY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8df6c2ddffe3d276-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19260&sent=272&recv=46&lost=0&retrans=2&sent_bytes=294812&recv_bytes=15254&delivery_rate=75703&cwnd=112800&unsent_bytes=0&cid=9f52939509406f29&ts=1485&x=1", cfHdrFlush;dur=0
cf-chl-out-s: IUNpL52QW1yhWd3b/qpQwAfv2otTpMNcmULT8TldSA81iW5An5lk3KX/AK3jnspwvECx1lWnBay9ie7rBAXyQHKO019UwKt6DuXN0w9ho3u8m5FOEWVuqGHL+1gGyr2M724esHovwTy8wHi25AIiOn+y74xkNw6F4syjS5Ab1eqoP4um7ULPqLfr3IvsFNAOAh7q6GZLwNSWZoGuB5xBqkGFXpff/zbmcLH5gOtar6K/bCZECz3p9hYcT62w2jeCiZW2ZTOEgQhn9rpLUk0equ8ATPitItY=$jkZSA5psAuTb8e13
date: Fri, 08 Nov 2024 15:57:51 GMT
content-type: text/html; charset=UTF-8
server: cloudflare

GET
H3 403 Primary Request / Show response
preview-secure.go-tma.co.uk/ 151 KB
111 KB 26ms
25ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://preview-secure.go-tma.co.uk/

Requested by

Host: preview-secure.go-tma.co.uk
URL: https://preview-secure.go-tma.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccdbf5fd42d79cc1ff9ea10d63ad18d414284c3b1a5f9fe099fa22c81fc8da1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://preview-secure.go-tma.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out: XhudkuEC0Kc3lCpMplQheHS6RNsPdxC0VyZmLkzfjmO8QyFAbDzNVYpTFfiKDcRwVPZp/BYvc/5udTwKjNhjfKBWHx0tK2qmRHbEeHGdYkME7FhMMS4r3mUklk8PoiuGm3rV2st82c1q8LlCrUJ96w==$+HHNNnHcrwqOiaqstFa7yA==
cf-mitigated: challenge
cf-ray: 8df6c2eabf4ad276-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Fri, 08 Nov 2024 15:57:53 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=idCQYIeout%2BV6KGUg3e9inr8z9IBlTq8jNo2u%2BfRg0kFb1QidmdcAyp8oI9eQJNSzI%2BqvkO1TRhIjndI4fuHt2zbYH2QS7yxhQyR47Wb2E1eJNisAY46onfkBdJQDX%2B6Z4aMDtnVSZmMJuDA28k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=19794&sent=276&recv=48&lost=0&retrans=2&sent_bytes=297626&recv_bytes=15722&delivery_rate=77230&cwnd=112800&unsent_bytes=0&cid=9f52939509406f29&ts=3518&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-options: nosniff
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H3 200 v1 Show response
preview-secure.go-tma.co.uk/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ 100 KB
41 KB 26ms
26ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://preview-secure.go-tma.co.uk/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8df6c2eabf4ad276

Requested by

Host: preview-secure.go-tma.co.uk
URL: https://preview-secure.go-tma.co.uk/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5dbcde23f0845dd77348970a34a3c6a06804cd59513bef33aaa455956916cf42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://preview-secure.go-tma.co.uk/?__cf_chl_rt_tk=jAd3pRddFA39h3F3x1J1n9Ek_FGsJY2lcGduFc7ren4-1731081473-1.0.1.1-FnVQG7c9HuYj1X_IusC.AttsQO8Pc_.ijBd7EQaPoPg

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cjJKpfgTM4YWrURYUbTjI17%2FVrt19rTkdYlz03buddvMmSqrhHWWG2TR06X8Z2m7hEcnrPTU58fG19adRCoh%2Fnrze%2BCAPJzbUvd37t5lIeJjrpaVA0XjfNQOGHS5BR6rvgffgBAJ2M2IY6LqDZc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8df6c2eb18b2d276-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21273&sent=376&recv=58&lost=0&retrans=2&sent_bytes=414310&recv_bytes=16557&delivery_rate=3516172&cwnd=132300&unsent_bytes=0&cid=9f52939509406f29&ts=3575&x=1", cfHdrFlush;dur=0
date: Fri, 08 Nov 2024 15:57:53 GMT
content-type: application/javascript; charset=UTF-8
server: cloudflare

GET style.css
cdn.talent-boxoffice.co.uk/cloudflare/Default/ 0
0

GET logo.png
cdn.talent-boxoffice.co.uk/cloudflare/Default/ 0
0

GET image.jpg
cdn.talent-boxoffice.co.uk/cloudflare/Default/ 0
0

GET
DATA 200
OK truncated
/ 77 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0187dd019e40237e4668950adea24b7f06bb79dd10aff940bef24fadcdc0ef7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://preview-secure.go-tma.co.uk
Referer

Response headers

Content-Type: font/woff2

GET 6aa979b9-e6e6-4a13-890c-7106997de820
https://preview-secure.go-tma.co.uk/ Frame 0
0

GET
H3 200 api.js Show response
challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/ 47 KB
0 0ms
0ms Script
application/javascript 104.18.94.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js?onload=clJo2&render=explicit
Requested by: Host: preview-secure.go-tma.co.uk
URL: https://preview-secure.go-tma.co.uk/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8df6c2eabf4ad276
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7595c3d2e94df7416308fa2ccf5ae8832137c76d2e9a8b02e6ed2cb2d92e2f7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://preview-secure.go-tma.co.uk
Referer

Response headers

cache-control: max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding: br
cross-origin-resource-policy: cross-origin
cf-ray: 8df6c2d7e9e21979-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Fri, 08 Nov 2024 15:57:50 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 28 Oct 2024 19:08:47 GMT
server: cloudflare
vary: Accept-Encoding

GET
H3 403 favicon.ico
preview-secure.go-tma.co.uk/ 151 KB
111 KB 27ms
27ms Other
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://preview-secure.go-tma.co.uk/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fff00b9045563a6547957da284a33a7e0bc49fc3addabf46756e513ebbe52d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://preview-secure.go-tma.co.uk/

Response headers

content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v3J6ujkw5t5nbGvX98MAtKD1UXXTBYXsyoyUZ9gSLNuwNFytnA6uEoHgxwqMqtokU%2BPiFrAM3kfy4Xj%2FhJIS8mRgN%2F1KZnlIhK%2Fri%2BzAcgNPeZBUwIgOWMJzXrAtBwCHZixn6MKyBJrjMA2n9L8%3D"}],"group":"cf-nel","max_age":604800}
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20359&sent=415&recv=63&lost=0&retrans=2&sent_bytes=456795&recv_bytes=17109&delivery_rate=1645973&cwnd=132300&unsent_bytes=0&cid=9f52939509406f29&ts=3668&x=1", cfHdrFlush;dur=0
x-content-options: nosniff
date: Fri, 08 Nov 2024 15:57:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: h+Rq7rq694uZkuIDsWXd6bb0jKUhJ5yVi5xhcyPUjqTE54ZEkoYSEk7daaioHLMpRlfOhAy01fpEzYLlAIuRZQaUFBt++xCEbyL9E/i3AxWwXq0pdMMwr9F6LmhYqBbu4LB3xhAA6YzNAyw23wKFgQ==$CMWfeea80d5fuHxKiUgK/A==
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
referrer-policy: same-origin
cf-ray: 8df6c2ebaad7d276-FRA
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster: ?1
server: cloudflare

POST
H3 200 qQKh1dzW7XPrDqLCXZVZqF_amMX3YK.Rj2Q61XLIyaY-1731081473-1.2.1.1-EEvXtCRryxlomkwDG72b.skOUGhTmV5290fDhL5UrJHhcU83odHW42GtnJXQ3usp Show response
preview-secure.go-tma.co.uk/cdn-cgi/challenge-platform/h/b/flow/ov1/691581593:1731079708:f5hEBl5w-zvVqR_zLWrxHzsq7a9XP-2CYua7S8QQXGg/8df6c2eabf4ad276/ 13 KB
9 KB 41ms
39ms XHR
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://preview-secure.go-tma.co.uk/cdn-cgi/challenge-platform/h/b/flow/ov1/691581593:1731079708:f5hEBl5w-zvVqR_zLWrxHzsq7a9XP-2CYua7S8QQXGg/8df6c2eabf4ad276/qQKh1dzW7XPrDqLCXZVZqF_amMX3YK.Rj2Q61XLIyaY-1731081473-1.2.1.1-EEvXtCRryxlomkwDG72b.skOUGhTmV5290fDhL5UrJHhcU83odHW42GtnJXQ3usp

Requested by

Host: preview-secure.go-tma.co.uk
URL: https://preview-secure.go-tma.co.uk/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/v1?ray=8df6c2eabf4ad276

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80151f197cbefd966f394df68b229761e476b82e56320e16781f6160502e6814

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://preview-secure.go-tma.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
CF-Challenge: qQKh1dzW7XPrDqLCXZVZqF_amMX3YK.Rj2Q61XLIyaY-1731081473-1.2.1.1-EEvXtCRryxlomkwDG72b.skOUGhTmV5290fDhL5UrJHhcU83odHW42GtnJXQ3usp

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Wv5kjSurv9fMW5k5AIGEddnK2VVpecqK76D3gDWG%2F4oqYB%2BJ1%2FITsabXxRg%2BPjKAc9xXwry%2BCSCPAyFZlgCzQad2Y9zrVerdp9JZ%2FKS5ohFZS6XqP0iWyoANBTKsgLzkrvcLE8T63iHZNxdz58%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8df6c2ec1c70d276-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20906&sent=518&recv=71&lost=0&retrans=3&sent_bytes=574719&recv_bytes=21339&delivery_rate=381458&cwnd=132300&unsent_bytes=0&cid=9f52939509406f29&ts=3754&x=1", cfHdrFlush;dur=0
date: Fri, 08 Nov 2024 15:57:53 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: JXFoZRl3Lx3uQwiA7SUcQr7S+xkhzYcg3EUdf1+mGbs/+/bXxMO/7td9cA1gZmpt2Lhf5gp0Pek=$nPjjRy2g857rFG9a
server: cloudflare

GET d122a144-6131-4a65-b92b-5108b4e8d7e5
https://preview-secure.go-tma.co.uk/ Frame 0
0

GET
H3 200 /
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/whhqp/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame E6FC 0
0 28ms
28ms Document
text/html 104.18.95.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/whhqp/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/

Requested by

Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js?onload=clJo2&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8df6c2ecaf072bee-FRA
content-encoding: br
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type: text/html; charset=UTF-8
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Fri, 08 Nov 2024 15:57:54 GMT
document-policy: js-profiling
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

POST qQKh1dzW7XPrDqLCXZVZqF_amMX3YK.Rj2Q61XLIyaY-1731081473-1.2.1.1-EEvXtCRryxlomkwDG72b.skOUGhTmV5290fDhL5UrJHhcU83odHW42GtnJXQ3usp
preview-secure.go-tma.co.uk/cdn-cgi/challenge-platform/h/b/flow/ov1/691581593:1731079708:f5hEBl5w-zvVqR_zLWrxHzsq7a9XP-2CYua7S8QQXGg/8df6c2eabf4ad276/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.talent-boxoffice.co.uk
URL: https://cdn.talent-boxoffice.co.uk/cloudflare/Default/style.css

Domain: cdn.talent-boxoffice.co.uk
URL: https://cdn.talent-boxoffice.co.uk/cloudflare/Default/logo.png

Domain: cdn.talent-boxoffice.co.uk
URL: https://cdn.talent-boxoffice.co.uk/cloudflare/Default/image.jpg

Domain: preview-secure.go-tma.co.uk
URL: blob:https://preview-secure.go-tma.co.uk/14e27b03-cdaf-4605-8ebd-90272d3475b6

Domain: preview-secure.go-tma.co.uk
URL: blob:https://preview-secure.go-tma.co.uk/602a21d1-e4c7-4251-8b2d-b6c0545bab79

Domain: cdn.talent-boxoffice.co.uk
URL: https://cdn.talent-boxoffice.co.uk/cloudflare/Default/style.css

Domain: cdn.talent-boxoffice.co.uk
URL: https://cdn.talent-boxoffice.co.uk/cloudflare/Default/logo.png

Domain: cdn.talent-boxoffice.co.uk
URL: https://cdn.talent-boxoffice.co.uk/cloudflare/Default/image.jpg

Domain: preview-secure.go-tma.co.uk
URL: blob:https://preview-secure.go-tma.co.uk/6aa979b9-e6e6-4a13-890c-7106997de820

Domain: preview-secure.go-tma.co.uk
URL: blob:https://preview-secure.go-tma.co.uk/d122a144-6131-4a65-b92b-5108b4e8d7e5

Domain: preview-secure.go-tma.co.uk
URL: https://preview-secure.go-tma.co.uk/cdn-cgi/challenge-platform/h/b/flow/ov1/691581593:1731079708:f5hEBl5w-zvVqR_zLWrxHzsq7a9XP-2CYua7S8QQXGg/8df6c2eabf4ad276/qQKh1dzW7XPrDqLCXZVZqF_amMX3YK.Rj2Q61XLIyaY-1731081473-1.2.1.1-EEvXtCRryxlomkwDG72b.skOUGhTmV5290fDhL5UrJHhcU83odHW42GtnJXQ3usp

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			preview-secure.go-tma.co.uk/	1970-01-21 00:51:25	Name: cf_chl_rc_ni Value: 1

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://preview-secure.go-tma.co.uk/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cdn.talent-boxoffice.co.uk/cloudflare/Default/style.css Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://cdn.talent-boxoffice.co.uk/cloudflare/Default/image.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://cdn.talent-boxoffice.co.uk/cloudflare/Default/logo.png Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://preview-secure.go-tma.co.uk/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://preview-secure.go-tma.co.uk/ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cdn.talent-boxoffice.co.uk/cloudflare/Default/logo.png Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://cdn.talent-boxoffice.co.uk/cloudflare/Default/style.css Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://cdn.talent-boxoffice.co.uk/cloudflare/Default/image.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOriginAfterDefaultedToSameOriginByCoep
network	error	URL: https://preview-secure.go-tma.co.uk/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.talent-boxoffice.co.uk
challenges.cloudflare.com
preview-secure.go-tma.co.uk
cdn.talent-boxoffice.co.uk
preview-secure.go-tma.co.uk
104.18.94.41
104.18.95.41
188.114.97.3
32ba319b3f0ef5112640f4ace38e8a4264d002ce102dff10cda73827ba8eb78d
516c2cc6e4d4baa3b6c3894502010b6977b1122ceb4d4278b13278ecd511f2a5
526a236ff2613dc711200aadfc9edaaf5237f0ebe35aebe516d01ecffb506836
5dbcde23f0845dd77348970a34a3c6a06804cd59513bef33aaa455956916cf42
6a468c8f455127f7728161defd19c135793133b5a189d9663750eec543330cbd
80151f197cbefd966f394df68b229761e476b82e56320e16781f6160502e6814
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
a0187dd019e40237e4668950adea24b7f06bb79dd10aff940bef24fadcdc0ef7
af0632328d0ebc9c85d9846f12fa314992c34cec16c96bd49a2a31450bbf3d5c
b7595c3d2e94df7416308fa2ccf5ae8832137c76d2e9a8b02e6ed2cb2d92e2f7
ccdbf5fd42d79cc1ff9ea10d63ad18d414284c3b1a5f9fe099fa22c81fc8da1f
fff00b9045563a6547957da284a33a7e0bc49fc3addabf46756e513ebbe52d67

preview-secure.go-tma.co.uk Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

24 Requests

54 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

4 IPs

2 Countries

584 kBTransfer

949 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

1 Cookies

10 Console Messages

Security Headers

Indicators

preview-secure.go-tma.co.uk Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

54 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

584 kB
Transfer

949 kB
Size

1
Cookies

24 HTTP transactions
4 data transactions