urlscan.io logo urlscan.io
SecurityTrails logo

nlhlt.kool-goop2024.blog Open in urlscan Pro
2606:4700:3033::6815:413d  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nlhlt.kool-goop2024.blog/
Effective URL: https://nlhlt.kool-goop2024.blog/
Submission: On December 10 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3033::6815:413d, located in United States and belongs to CLOUDFLARENET, US. The main domain is nlhlt.kool-goop2024.blog.
TLS certificate: Issued by WE1 on December 3rd 2024. Valid for: 3 months.
This is the only time nlhlt.kool-goop2024.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
20 3
Apex Domain
Subdomains		 Transfer
12 kool-goop2024.blog
nlhlt.kool-goop2024.blog
145 KB
4 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
16 KB
20 2
Domain Requested by
12 nlhlt.kool-goop2024.blog nlhlt.kool-goop2024.blog
4 challenges.cloudflare.com nlhlt.kool-goop2024.blog
challenges.cloudflare.com
20 2

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
kool-goop2024.blog
WE1		 2024-12-03 -
2025-03-03		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://nlhlt.kool-goop2024.blog/
Frame ID: 0814837B0D0ABF6ABC7F736D2C5682F2
Requests: 14 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nk1cm/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: 721CE1156B6907A321C71A4ED8B3B6F8
Requests: 1 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/2wfhg/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: 105A637EB1A6207D15065D979101CC01
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. http://nlhlt.kool-goop2024.blog/ HTTP 307
    https://nlhlt.kool-goop2024.blog/ Page URL
  2. https://nlhlt.kool-goop2024.blog/ Page URL

Page Statistics

20
Requests

80 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

161 kB
Transfer

364 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nlhlt.kool-goop2024.blog/ HTTP 307
    https://nlhlt.kool-goop2024.blog/ Page URL
  2. https://nlhlt.kool-goop2024.blog/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://nlhlt.kool-goop2024.blog/ HTTP 307
  • https://nlhlt.kool-goop2024.blog/

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
nlhlt.kool-goop2024.blog/
Redirect Chain
  • http://nlhlt.kool-goop2024.blog/
  • https://nlhlt.kool-goop2024.blog/
10 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nlhlt.kool-goop2024.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:413d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5ab20f386c789ef0eeef6c249297e9cd9f6069db6fe8f0964aa5f6d10d4cdfc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
4KilfnbJ1TG6AsAZKaZzfYeitgLJHtaR/gJrOI3twswdEO0COaz8x0FWfUZnWhUkx2YATrzYqcayw/Pc9VPX/OTsGufOJCCWr7QTieSLjpsKnFmsbAx2Cw6N376OK0P9WaezL0zWkJE9kzgQINqVuA==$Y+zDF3pJBvm5K92RtrvVNg==
cf-mitigated
challenge
cf-ray
8efe8fd6ef6319bf-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 10 Dec 2024 16:20:22 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=okLs1nl7dhiJC05T%2BUmXCZLXUE4wrScYW1b%2FV0lXDFFYM9E6C1noGKfaiTh3AlK9iPvGdLNRhMmAILX1sffI%2F3njiBHuuGbkFdfGSu0jaxQie6SHLLm5iaanzjnwRNro%2FBR4uQJ%2BfSaK6GQw63WjQqGgEEJ9ixk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=5556&min_rtt=5330&rtt_var=1441&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4244&recv_bytes=5665&delivery_rate=99206&cwnd=12000&unsent_bytes=0&cid=84e97ea35155ab00&ts=102&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

Location
https://nlhlt.kool-goop2024.blog/
Non-Authoritative-Reason
HttpsUpgrades
v1
nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8efe8fd6ef6319bf
Requested by
Host: nlhlt.kool-goop2024.blog
URL: https://nlhlt.kool-goop2024.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:413d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
793f1ee73fad1346f60b87234bbe8272f88d7a61ffde530031429275582f7846

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nlhlt.kool-goop2024.blog/?__cf_chl_rt_tk=yl3ML8NbaYX6kTU2ErX8KwM7Ye.PxIuWrKsacDT1zqw-1733847622-1.0.1.1-ulR_7GWlYA3WCt89dnvpzc6qvLgjhj5mo7Nzs_7Q8wc

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ovvU5gxGXson4CBmbF6Vg5ViB0avSVbnehZMKl7L0bn25%2Bkqmf1hvE4UHWWUMasYd%2BGIWXma0IIeFEz%2BPdi44jR67mYyVnutPJM%2BwKa8fr4qYOTH1ps5vmOE4m%2F%2FY4zVV3r2PbjZsLfVZ7Bk4SFhjLvL2DGGito%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8efe8fd838de19bf-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6444&min_rtt=5330&rtt_var=1428&sent=22&recv=17&lost=0&retrans=0&sent_bytes=13164&recv_bytes=6298&delivery_rate=1242480&cwnd=12000&unsent_bytes=0&cid=84e97ea35155ab00&ts=313&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 16:20:22 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
priority
u=3,i=?0
api.js
challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js?onload=fjGVd3&render=explicit
Requested by
Host: nlhlt.kool-goop2024.blog
URL: https://nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8efe8fd6ef6319bf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://nlhlt.kool-goop2024.blog
Referer

Response headers

server
cloudflare
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8efe8fd8d9948cdc-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 10 Dec 2024 16:20:22 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 03 Dec 2024 18:31:41 GMT
vary
Accept-Encoding
priority
u=3,i=?0
favicon.ico
nlhlt.kool-goop2024.blog/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nlhlt.kool-goop2024.blog/favicon.ico
Requested by
Host: nlhlt.kool-goop2024.blog
URL: https://nlhlt.kool-goop2024.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:413d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71dacc2141d502bece27269c117e1c7b155d834f7b0b698018c22d38207a4893
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nlhlt.kool-goop2024.blog/

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L1HK2l%2BCKYLguDdrLz1CUJgVznpPSa2DlY6MlAMhpy%2BA%2FyDvlFclA76RzdZdI1XCvGbmHvmMIpCTqPrx%2BvyPUmpVwd0r95HBRkY%2FatZ9ogRuGlFdvxYaUZXh5lDmBf0sRBqLHbQvhekd9YkyH68V8albyzXloTA%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3580&min_rtt=2803&rtt_var=716&sent=59&recv=36&lost=0&retrans=0&sent_bytes=53745&recv_bytes=7419&delivery_rate=5660949&cwnd=34800&unsent_bytes=0&cid=84e97ea35155ab00&ts=387&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options
nosniff
date
Tue, 10 Dec 2024 16:20:22 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
s5CXSuU8ZUVEbFmfLSPBujg+YCKMTS4q4yjZ9b4vC4Bg8Gh1l+PB2U+vGLXZYVrImr5rmesBXHvCC2EV3UBgyIWL9kOf6Ahw8BksamOa5iCts2y3o/Mqh+Jq/Yl0IcqHPK78tdiIcyH0BMP+Ow8PtQ==$yrNbjVLI76BJmOTI6UQagQ==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8efe8fd8a94c19bf-EWR
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
f5deff78-4baf-4ac7-9c48-618812ba52dd
https://nlhlt.kool-goop2024.blog/ Frame 		0
0
favicon.ico
nlhlt.kool-goop2024.blog/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nlhlt.kool-goop2024.blog/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:413d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d51da8ebb4f697c777dfcf69fa1460ad090e592a61c039b2e53d24a716b289f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nlhlt.kool-goop2024.blog/

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ibUKji5LuFzT17lKx0cwwa89WjQXpm6L44bjYeH4sKXVHi2ASWVZHsMy08G6XNhXrq6DZ6etHtc1YvBEl7LhzNe2NU5zMkPgTMOzD9DIH5wpL0wzEUKJT5b3jr1rOM9S65vL9w8HyDURp2WYNGKNKrll2aMYEzw%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3854&min_rtt=2803&rtt_var=727&sent=67&recv=41&lost=0&retrans=0&sent_bytes=60858&recv_bytes=7948&delivery_rate=781015&cwnd=34800&unsent_bytes=0&cid=84e97ea35155ab00&ts=481&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options
nosniff
date
Tue, 10 Dec 2024 16:20:22 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
Tiq+Tde/ogI3fgWZIU9sTJHv9Mlh7/CSHGqlkTdwTE/Nh17YEfS5tVRCZZ+TPYzGVRlQM2fW/S2XWkHJPwM12ci3YnOahQH46eLksmR+DE/0l9abXUPFihCBy71DatUOnu0BUoPrEkIuP+g3M+FPGA==$kdQTs+JXLXIIYnIo6DqxHQ==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8efe8fd949d619bf-EWR
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
segaO_JqYw6yO3EUVydYY0G.TgtqVb6jnK7Gj5_9Ujc-1733847622-1.2.1.1-ErZqs8YndxfO65dy7kQAcInRBeEBR3k7dj6AH80Mil0iLz8dCaSVAZetgxvW7.tv
nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/flow/ov1/202918682:1733843671:XXuSV6MyaJX2hAFa7nGPz16FeVrNl-Qm4fgtnZJ1OdY/8efe8fd6ef6319bf/ 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/flow/ov1/202918682:1733843671:XXuSV6MyaJX2hAFa7nGPz16FeVrNl-Qm4fgtnZJ1OdY/8efe8fd6ef6319bf/segaO_JqYw6yO3EUVydYY0G.TgtqVb6jnK7Gj5_9Ujc-1733847622-1.2.1.1-ErZqs8YndxfO65dy7kQAcInRBeEBR3k7dj6AH80Mil0iLz8dCaSVAZetgxvW7.tv
Requested by
Host: nlhlt.kool-goop2024.blog
URL: https://nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8efe8fd6ef6319bf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:413d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e4565d5f2814c06079d407c9cf5b2f1e5b7bb033a092b2415f27f84b49006bb

Request headers

Referer
https://nlhlt.kool-goop2024.blog/
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
segaO_JqYw6yO3EUVydYY0G.TgtqVb6jnK7Gj5_9Ujc-1733847622-1.2.1.1-ErZqs8YndxfO65dy7kQAcInRBeEBR3k7dj6AH80Mil0iLz8dCaSVAZetgxvW7.tv

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPzgeZpPE4dX9gAG04v0%2FRBORGkB%2FkiSMLPHbKMtz%2FJAd6kUeWoSJ5lCcdDl8hpQ9cSv%2B0ealS9SlGh84ewnNeQhsZ8CpRHpIn4Um0DAiu%2Bl2m%2BYgdbXukJs56nxufILTh8pXOaBbZVQTBmDULCnLLi02hGsPL8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8efe8fd969f819bf-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3584&min_rtt=2803&rtt_var=586&sent=75&recv=48&lost=0&retrans=0&sent_bytes=67944&recv_bytes=12150&delivery_rate=731058&cwnd=34800&unsent_bytes=0&cid=84e97ea35155ab00&ts=513&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 16:20:22 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
trb98g8l5ObUJQAd8CwogJ/7G9ukVQsMC+WIQ8gHg4Duvfzcm28M5EOR3cQZ9wxJhxoHHZbnReY=$6s51RapsNzvRueB6
server
cloudflare
priority
u=1,i
f457b25e-cde3-41ed-a3b0-4ec3229bbf30
https://nlhlt.kool-goop2024.blog/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nk1cm/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame 721C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/nk1cm/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js?onload=fjGVd3&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8efe8fd9be5b4378-EWR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 10 Dec 2024 16:20:22 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri
segaO_JqYw6yO3EUVydYY0G.TgtqVb6jnK7Gj5_9Ujc-1733847622-1.2.1.1-ErZqs8YndxfO65dy7kQAcInRBeEBR3k7dj6AH80Mil0iLz8dCaSVAZetgxvW7.tv
nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/flow/ov1/202918682:1733843671:XXuSV6MyaJX2hAFa7nGPz16FeVrNl-Qm4fgtnZJ1OdY/8efe8fd6ef6319bf/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/flow/ov1/202918682:1733843671:XXuSV6MyaJX2hAFa7nGPz16FeVrNl-Qm4fgtnZJ1OdY/8efe8fd6ef6319bf/segaO_JqYw6yO3EUVydYY0G.TgtqVb6jnK7Gj5_9Ujc-1733847622-1.2.1.1-ErZqs8YndxfO65dy7kQAcInRBeEBR3k7dj6AH80Mil0iLz8dCaSVAZetgxvW7.tv
Requested by
Host: nlhlt.kool-goop2024.blog
URL: https://nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8efe8fd6ef6319bf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:413d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e7f1f1bebc61d714a7b4fb5089dabcd7b365767570b6f2821db0eb64063261f

Request headers

Referer
https://nlhlt.kool-goop2024.blog/
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
segaO_JqYw6yO3EUVydYY0G.TgtqVb6jnK7Gj5_9Ujc-1733847622-1.2.1.1-ErZqs8YndxfO65dy7kQAcInRBeEBR3k7dj6AH80Mil0iLz8dCaSVAZetgxvW7.tv

Response headers

cf-chl-out
G1LZkqwELdkHK8ECnckzpmUBDBWuFUlQ3zMyFf5m3dYBpBrUl8TsPTSKm1MI7gcfT4z9178l+s8d2QejhRFxqApinvm15Mw3RjHmpsfcGh16VE9+7AG2PEg=$vTHym3+K9SOXBTBi
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8QATZW8MF0P5Cqy22B1hz%2BIuBSbxbeCHEX9a2%2FK2%2BQfOH%2FRfFiUZy%2FapwYubiQ4ZQmkXYJ2UGDv93Hc627T4fOHJEsxjIQeBKgthImVL2fu5T%2BOH8HlhaCHrH%2FnyxKwZ%2FpfPNNu6aExSROPZnsflOeTICesqCeM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8efe8fde988519bf-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3276&min_rtt=2744&rtt_var=520&sent=87&recv=58&lost=0&retrans=0&sent_bytes=77814&recv_bytes=17220&delivery_rate=465260&cwnd=34800&unsent_bytes=0&cid=84e97ea35155ab00&ts=1347&x=1", cfExtPri, cfHdrFlush;dur=0
cf-chl-out-s
LF7X3h/+GdWxVYeyAmVJIWbHK4VWxkpiwUlQxOoP0NaNxUkZ3wwRazzvF/mLng5Uukx7vyJq6iIDbuKbjUU34MR/FwvTWq9K3VKcne9UPNlBC/LjXmTpP3jS0RrLVyQXt//mnkO/1r2jdtpyiUhh70o6O0YEt9EzVTX5ELR+PAcqjXqx25hQIJsQgF6LgPKsKG3A/C0azExRyXC0U9wuW62a3K0ZoJ0wRZXv9B1HG9AF4Dv9C7m8fin7aus5W6VCkhVw/m6C+1/l4gmHIHTzHAgehijF98TeWKqREVVdbXr7Yq4BgL4/h8HuPMMXRZmSsjuVLRyO3+6xdViGRnuTIDIZ3imequAfUnSlsiXgDkDdvJTCOry1vVqXwiGhpyFsuKi4Z01qagaykIHrd7xPJNcW9EqctupEhUsXbidMTuFBT85yvPEYwOJA1L7cxJuTHuqGDtlErkh57j5ncQUvEU8bkhsILjRUmDeBK10rGlYjVwdFmHsZubtqJyhRrMHQdq/RsA==$zy6x/TBkjhHGjkBI
date
Tue, 10 Dec 2024 16:20:23 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=1,i
Primary Request /
nlhlt.kool-goop2024.blog/ 		8 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nlhlt.kool-goop2024.blog/
Requested by
Host: nlhlt.kool-goop2024.blog
URL: https://nlhlt.kool-goop2024.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:413d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b34d2ef53eada68edbb5a343948bc48c1130dc2f363c4faec82efb8195244db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nlhlt.kool-goop2024.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
m6diZfu4qBqSiuqyYUKKurrdtp9z4UCYJtaMQU2FHLcd0XddgAqQ5RvAWeje9fKgkFrXBEGHREOeec9aMgrclw87jKUFu0dnIA9+KhRCW3TmV02cBiON301Ws2xDBb28eiHOqrY/d6qPIHp0uloTcA==$0GjBgo5OUeajyKVQ9kxR/A==
cf-mitigated
challenge
cf-ray
8efe8feb6fa919bf-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 10 Dec 2024 16:20:25 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RNqFcsQVqcYRH5j4meXvhSMQTjtbMvcXEN1rTtZm4nrIufhJuUFjOay3kjm6eJZ5KTmZWBQI7nX%2FM80Pqzz239KW2WxypgjZnhurvyCinyqKH6YIF3RehQZfust0IoepABJ1qeRRKOwm2MuXOtZaYOWnz6PH5aU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=3439&min_rtt=2744&rtt_var=750&sent=91&recv=61&lost=0&retrans=0&sent_bytes=80821&recv_bytes=17726&delivery_rate=113795&cwnd=34800&unsent_bytes=0&cid=84e97ea35155ab00&ts=3387&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN
v1
nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8efe8feb6fa919bf
Requested by
Host: nlhlt.kool-goop2024.blog
URL: https://nlhlt.kool-goop2024.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:413d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c51791286eb347259a8cc7390aadb94d6dd36ac1a934d75b118785bd399272b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nlhlt.kool-goop2024.blog/?__cf_chl_rt_tk=7FGDSbLBtSvPhW6ll0cOVQcnGww.e4QDUIuORCwWXPU-1733847625-1.0.1.1-7LRgsPa1gjJGGQkzV_4uB8_vv7RNSqlcDCkNb5VeA00

Response headers

cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fE3ESA8BaUqpxBhW5WtQgMGqRiKCL7VIBUdr7nhVDl6lh3EMr0sT8M0ERh2xxQ8c9Y5zKGhQn9zw%2BeqbqVYKqUojE5mIDF8Og6IrpSqhys308diTAt6N6DXdUZFImaxGkZdFQUHX1G9lGiO1LksHhYMtauhxwgw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8efe8febf82619bf-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11006&min_rtt=2744&rtt_var=10063&sent=99&recv=66&lost=0&retrans=0&sent_bytes=87985&recv_bytes=18333&delivery_rate=249706&cwnd=34800&unsent_bytes=0&cid=84e97ea35155ab00&ts=3473&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 16:20:25 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
priority
u=3,i=?0
051354de-493f-4a72-9426-e8ca49e67dda
https://nlhlt.kool-goop2024.blog/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/ 		47 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js?onload=fjGVd3&render=explicit
Requested by
Host: nlhlt.kool-goop2024.blog
URL: https://nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8efe8feb6fa919bf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://nlhlt.kool-goop2024.blog
Referer

Response headers

server
cloudflare
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8efe8fd8d9948cdc-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 10 Dec 2024 16:20:22 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 03 Dec 2024 18:31:41 GMT
vary
Accept-Encoding
priority
u=3,i=?0
favicon.ico
nlhlt.kool-goop2024.blog/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nlhlt.kool-goop2024.blog/favicon.ico
Requested by
Host: nlhlt.kool-goop2024.blog
URL: https://nlhlt.kool-goop2024.blog/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:413d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0075ed16afca9e9004c67a5134928afe2b06408abaaa3efd25343b12099ef857
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nlhlt.kool-goop2024.blog/

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kalku78v80pBMhw2uOQVbIjrjeDAUiHZYcGJpXBs399SDg9%2BsVc%2BYUbP8IPxzmWEcET6pXyT%2FQdnHJUBVAEWLLxEzEcwa8EnyB0Z12jCV8nO72VeSMGXC6%2F%2BZPmfLp7twTW2cJ96tj6QlFvtgwT1h%2Bu1A566rl0%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6208&min_rtt=2744&rtt_var=4509&sent=136&recv=75&lost=0&retrans=0&sent_bytes=128566&recv_bytes=19047&delivery_rate=3506833&cwnd=39600&unsent_bytes=0&cid=84e97ea35155ab00&ts=3613&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options
nosniff
date
Tue, 10 Dec 2024 16:20:25 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=3,i
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
7xBX2I/K0k+kuitjJkyRXKNItvcZKqaeJ25y2nr+YuCLxqW4ba70aVZOH4zPdrvzgabdk+kPsn9id+qjbjzPkHlk1m4SDGxQgCftzh/LLt7vuGVU3H9fuOWdziloN/LpBQrCBG9u0MxxbwX0OsCuVw==$QXlJ+oxCYA9O7Gjn+cD7Hg==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8efe8fecd98819bf-EWR
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
z_Iu2gB37D.tc1n31IYPRpB_OfCiVM6OP7C2ef0vov0-1733847625-1.2.1.1-khuWVVBwAfC2WH1hUUWZM1bN4BCRkvXHRN0sf7ZR1JKuA82VpcQRrcxkQiCTz5Ms
nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/flow/ov1/202918682:1733843671:XXuSV6MyaJX2hAFa7nGPz16FeVrNl-Qm4fgtnZJ1OdY/8efe8feb6fa919bf/ 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/flow/ov1/202918682:1733843671:XXuSV6MyaJX2hAFa7nGPz16FeVrNl-Qm4fgtnZJ1OdY/8efe8feb6fa919bf/z_Iu2gB37D.tc1n31IYPRpB_OfCiVM6OP7C2ef0vov0-1733847625-1.2.1.1-khuWVVBwAfC2WH1hUUWZM1bN4BCRkvXHRN0sf7ZR1JKuA82VpcQRrcxkQiCTz5Ms
Requested by
Host: nlhlt.kool-goop2024.blog
URL: https://nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8efe8feb6fa919bf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:413d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9347c608a1cc71d0eeb3654a5a009051cf96859ccf348152523338550887037c

Request headers

Referer
https://nlhlt.kool-goop2024.blog/
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
z_Iu2gB37D.tc1n31IYPRpB_OfCiVM6OP7C2ef0vov0-1733847625-1.2.1.1-khuWVVBwAfC2WH1hUUWZM1bN4BCRkvXHRN0sf7ZR1JKuA82VpcQRrcxkQiCTz5Ms

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eOp9dS%2BC5KUGXyqsqGRZJx1dW8jtyOICK91V2EwsvnMeOBw%2BbG3nU6ruGxKX%2BW%2Bs4p6zSGZ5Mx1aZMxI17Q45l%2FmafzkKn4Dp5hr0a%2Bt89dNS905vedKZHNCkP3PsEjnQ%2BSnboZciL0laE1nYY5ZykHf%2BcRBdS0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8efe8fed8a5819bf-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=5660&min_rtt=2744&rtt_var=3512&sent=146&recv=81&lost=0&retrans=0&sent_bytes=135754&recv_bytes=23234&delivery_rate=491971&cwnd=39600&unsent_bytes=0&cid=84e97ea35155ab00&ts=3761&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 10 Dec 2024 16:20:25 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
ipi4eBdm4coa1cI8G+GfiJBiNe1nyxw2gsqM8TZreI5woJtLMF+SCIVWJeVkoEcX/lzpFFaU7GI=$uj7K6pBEAHwlDs/r
server
cloudflare
priority
u=1,i
favicon.ico
nlhlt.kool-goop2024.blog/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nlhlt.kool-goop2024.blog/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:413d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96db73ad8fd68ec636e0dde03ce94d1564af49265955910ed0ca64e469967feb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://nlhlt.kool-goop2024.blog/

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hokkuBq1T3z0TH4qouJjQDunU%2FSN5Q4Cfa1j5A9EECAmAPrpKxAW1QyAe5FeVpxHx2f4%2BQ5OB3T6AHNBL8oMpaB7VvNDAtVhvk7yaEjYfmv%2BtT%2Bj2%2BmluvnvpoHKKhK6ue%2FS4wqaVQ%2BE7twrUo4rDvmalT3rLXY%3D"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=5811&min_rtt=2744&rtt_var=2937&sent=156&recv=83&lost=0&retrans=0&sent_bytes=145526&recv_bytes=23648&delivery_rate=188275&cwnd=39600&unsent_bytes=0&cid=84e97ea35155ab00&ts=3810&x=1", cfExtPri, cfHdrFlush;dur=0
x-content-options
nosniff
date
Tue, 10 Dec 2024 16:20:25 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
priority
u=1,i
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
4rLKxWsC4YKy4hDPKpTzhrpMGXzHeF44jS6pJp8jRRh233wd2FQAha6Scz91DSJl55K477Sc/+umKb9F69mfxYcduM0FOG7LT2+OGqvypEdIeFljSfYXUyXzXh+FZ6ym4plBJbrrX8BR9ug1B7KLpg==$dCTMsthqciIroXMNNmS9Dw==
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8efe8fee1b1b19bf-EWR
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
80ae0000-96bb-449f-9207-60de17b4ec28
https://nlhlt.kool-goop2024.blog/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/2wfhg/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame 105A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/2wfhg/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js?onload=fjGVd3&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5f29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8efe8fee6fa94378-EWR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Tue, 10 Dec 2024 16:20:25 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri
z_Iu2gB37D.tc1n31IYPRpB_OfCiVM6OP7C2ef0vov0-1733847625-1.2.1.1-khuWVVBwAfC2WH1hUUWZM1bN4BCRkvXHRN0sf7ZR1JKuA82VpcQRrcxkQiCTz5Ms
nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/flow/ov1/202918682:1733843671:XXuSV6MyaJX2hAFa7nGPz16FeVrNl-Qm4fgtnZJ1OdY/8efe8feb6fa919bf/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/flow/ov1/202918682:1733843671:XXuSV6MyaJX2hAFa7nGPz16FeVrNl-Qm4fgtnZJ1OdY/8efe8feb6fa919bf/z_Iu2gB37D.tc1n31IYPRpB_OfCiVM6OP7C2ef0vov0-1733847625-1.2.1.1-khuWVVBwAfC2WH1hUUWZM1bN4BCRkvXHRN0sf7ZR1JKuA82VpcQRrcxkQiCTz5Ms
Requested by
Host: nlhlt.kool-goop2024.blog
URL: https://nlhlt.kool-goop2024.blog/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8efe8feb6fa919bf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:413d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe22cc4c1e5a79bd03fc10db3e630d28268d7b1f0aed929e403ad6bde666180

Request headers

Referer
https://nlhlt.kool-goop2024.blog/
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
z_Iu2gB37D.tc1n31IYPRpB_OfCiVM6OP7C2ef0vov0-1733847625-1.2.1.1-khuWVVBwAfC2WH1hUUWZM1bN4BCRkvXHRN0sf7ZR1JKuA82VpcQRrcxkQiCTz5Ms

Response headers

cf-chl-out
NC11jiF/Ce5FHrOEUwTHTMkkdDnEfIMRcPKnjsM63gDL1BBYLSSjFhsaAr/P61yRnzgMYaiuFRbnCnd8537CECE8jnC1AB9qUuOi5ABSGR4Qcr8rSyN0t1o=$secteyZ1fwGFG4Ic
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJKOvm9dRRabeNMK5aPPFyNHo8ghUaSalg7qi5yxhOcmNcUvnbsLI9eH31vYX%2FKtVk1uqL89lxATr21n%2Ba1Rcngamjf%2F1N%2Fg%2FyLG8Pngr2lAkgyKIMnGK3AE7gIW9D%2Bn8yJG8zbJZJeQENe6LyrgmynFtejkRrI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8efe8ff76daa19bf-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=6334&min_rtt=2744&rtt_var=3248&sent=166&recv=89&lost=0&retrans=0&sent_bytes=152726&recv_bytes=28595&delivery_rate=310203&cwnd=39600&unsent_bytes=0&cid=84e97ea35155ab00&ts=5326&x=1", cfExtPri, cfHdrFlush;dur=0
cf-chl-out-s
d83kJRfkqu5oJBLUDevucoY8kuDjB2K+/y+E0yGtOeHf++/Mad4QQIu13hQdkBbOQnLEoZBiTM/zTU8TmJGcS3T4mgNV3Brgigj2eYYSM1L76kMyF7mn2L2zzhW/DEdndZNQzgEvR9z+os4s0/QNKErZV+MzznOM/d0ryQNME5kQcTwU1mEWn1rITv3V7V3km4fHq9kJf5GdorREKy04OIWyTGvrOIQJJzY4kKYL/c25B7ZUHcQmj+FZ6BnFzGytkXRdiZgR4q55Gtz5Kx4w0emeUlpYGQE9mFy0mhzWRKu2imdTdoXqWdho0dn5fwuHQ+EMA3OALxnZK19152nzY9S6gfiHLZbpZTskdMiG/vsbbWs/B6Y=$W+rzDAU7aKq22D5O
date
Tue, 10 Dec 2024 16:20:27 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nlhlt.kool-goop2024.blog
URL
blob:https://nlhlt.kool-goop2024.blog/f5deff78-4baf-4ac7-9c48-618812ba52dd
Domain
nlhlt.kool-goop2024.blog
URL
blob:https://nlhlt.kool-goop2024.blog/f457b25e-cde3-41ed-a3b0-4ec3229bbf30
Domain
nlhlt.kool-goop2024.blog
URL
blob:https://nlhlt.kool-goop2024.blog/051354de-493f-4a72-9426-e8ca49e67dda
Domain
nlhlt.kool-goop2024.blog
URL
blob:https://nlhlt.kool-goop2024.blog/80ae0000-96bb-449f-9207-60de17b4ec28

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| huBu8 function| HCGH4 function| roxIF0 object| uBNhi5 object| vEte4 function| jWrr7 function| nWsSX2 function| fjGVd3 function| spwE7 function| INuv4 object| ZUPr1 number| OCenw1 object| angular object| hfdFG3 object| turnstile boolean| RtWm0 function| _ string| DSJv8 boolean| aumSQ3

1 Cookies

Domain/Path Name / Value
nlhlt.kool-goop2024.blog/ Name: cf_chl_rc_ni
Value: 1

6 Console Messages

Source Level URL
Text
network error URL: https://nlhlt.kool-goop2024.blog/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://nlhlt.kool-goop2024.blog/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://nlhlt.kool-goop2024.blog/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://nlhlt.kool-goop2024.blog/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://nlhlt.kool-goop2024.blog/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://nlhlt.kool-goop2024.blog/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN