s2dfree.to Open in urlscan Pro
104.31.16.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://s2dfree.to/
Effective URL:
https://s2dfree.to/enter.html
Submission: On February 06 via manual (February 6th 2023, 11:40:18 am UTC) from DK — Scanned from DK

Summary HTTP 18 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 104.31.16.4, located in United States and belongs to CLOUDFLARENET, US. The main domain is s2dfree.to. The Cisco Umbrella rank of the primary domain is 613597.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 15th 2022. Valid for: a year.

This is the only time s2dfree.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.31.16.125 104.31.16.125	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	104.31.16.4 104.31.16.4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:805::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
18	4

1 104.31.16.125 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

s2dfree.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.31.16.4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

s2dfree.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	s2dfree.to 2 redirects s2dfree.to — Cisco Umbrella Rank: 613597	95 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	380 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	42 KB
18	3

	Domain	Requested by
10	s2dfree.to	2 redirects s2dfree.to
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	s2dfree.to www.gstatic.com www.google.com
2	fonts.gstatic.com	www.google.com
18	4

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-15` - `2023-08-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://s2dfree.to/enter.html
Frame ID: 0706E32356BEDE7B620D344B67B2FA62
Requests: 7 HTTP requests in this frame

Frame: https://s2dfree.to/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675670400
Frame ID: 44482B78CB3B8C6DE51396B5BD7A6D23
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeZmQ4bAAAAAKWwg8de7v8YVKEYz3mpEUS34feD&co=aHR0cHM6Ly9zMmRmcmVlLnRvOjQ0Mw..&hl=da&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=9mr1swmgnrp
Frame ID: F180A9B228F0E5F9AF3287143BA925DD
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SOAP2DAY.com

Page URL History Show full URLs

http://s2dfree.to/ HTTP 301
https://s2dfree.to/ HTTP 302
https://s2dfree.to/enter.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

18
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

515 kB
Transfer

1312 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://s2dfree.to/ HTTP 301
https://s2dfree.to/ HTTP 302
https://s2dfree.to/enter.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request enter.html Show response
s2dfree.to/
Redirect Chain

http://s2dfree.to/
https://s2dfree.to/
https://s2dfree.to/enter.html

10 KB
5 KB

49ms
49ms

Document
text/html

104.31.16.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s2dfree.to/enter.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.31.16.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21671adb52028aa2719df70d9c3d3b99a6dba2ba07eca70e6741412f22b9a0f0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: da-DK,da;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79539c16981f90be-FRA
content-encoding: br
content-type: text/html
date: Mon, 06 Feb 2023 11:40:13 GMT
last-modified: Wed, 09 Mar 2022 01:39:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2N5slF86F2wv4zAXY87P337yzSfOz1iD8Rru01HAq%2Bld9wICI1YTtzrRXm0q9y08ubQG3Zhwql1bKur%2FRzCQnQF%2FmN3j4mxjt86jHKwEn757QOtfr9idSQ6jPhFx"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79539c161fc190be-FRA
content-type: text/html
date: Mon, 06 Feb 2023 11:40:13 GMT
location: https://s2dfree.to/enter.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JI9I89Ip4ze8jJKDzrsfL6Aue%2BObqhQ7vRxMGoETM6D9%2FVwPXx7yDN%2BZDvpYg52HrXmc0gOQMfJ0xgY9JfmHuOOxOfxGrOTwz0e2balKavjA97gfDU1RVNSHeOwc"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 bootstrap.css
s2dfree.to/static/style/home/css/ 139 KB
22 KB 40ms
39ms Stylesheet
text/css 104.31.16.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s2dfree.to/static/style/home/css/bootstrap.css
Requested by: Host: s2dfree.to
URL: https://s2dfree.to/enter.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.31.16.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 326cde9bc63afa37b8bd3b92b3e256286d9974ebbd97cd584964af8adde74417

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://s2dfree.to/enter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:40:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 11 Mar 2019 07:34:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 30779
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvdG%2F9z8if3cQAJzU2FFpxB3Ec7%2B3z8JIN8oMS7pZaLi9iS59xQZsWSjVzBRA32c8nmMz%2BhIoped%2BHsv1zmywiSsaIUN%2BuUloZBbBe5PaZyTkx7JNzJp4iyncVq0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 79539c16fa1b2bb4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Feb 2023 15:07:14 GMT

GET
H3 200 font-awesome.css
s2dfree.to/static/style/home/css/ 28 KB
6 KB 37ms
36ms Stylesheet
text/css 104.31.16.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s2dfree.to/static/style/home/css/font-awesome.css
Requested by: Host: s2dfree.to
URL: https://s2dfree.to/enter.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.31.16.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://s2dfree.to/enter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:40:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 02 Mar 2019 15:13:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9274
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H47hslSRBR6YliWlHc%2BoomlRtHvOVMtJQe0fkGcVFoLASsamOSISrbgpswO4KSFo4YG%2BWWUakN7ZMoK4Q%2BHhczB5oO2UT4LnFsI%2FEH301SIFCO18p2a6NEQcpP3V"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 79539c16fa1d2bb4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Feb 2023 21:05:39 GMT

GET
H3 200 style.css
s2dfree.to/static/style/home/css/ 17 KB
4 KB 38ms
37ms Stylesheet
text/css 104.31.16.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s2dfree.to/static/style/home/css/style.css
Requested by: Host: s2dfree.to
URL: https://s2dfree.to/enter.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.31.16.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95d966321b8acb3bee299edf82e5c75b7f5f997ff924bf4104c39aaab133b27a

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://s2dfree.to/enter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:40:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Jun 2019 08:13:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 30779
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HUzPO9MGQDG8I393kWSPAaqo2pH6ULQrasI31jIfcDDkVhBiiLVj3Fy557CcNYXFLXDEwdSYxG6zU8n4J7SXjjKij5IvfQToaLlYSYuWDopcezVm0T0pkdg6496u"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 79539c16fa1e2bb4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Feb 2023 15:07:14 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
905 B 214ms
80ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeZmQ4bAAAAAKWwg8de7v8YVKEYz3mpEUS34feD

Requested by

Host: s2dfree.to
URL: https://s2dfree.to/enter.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

80c8e7e175feeb53b0a24355f616ca54397de2ff4c1f3d87914ffc4d07dd2b03

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://s2dfree.to/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:40:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 585
x-xss-protection: 1; mode=block
expires: Mon, 06 Feb 2023 11:40:13 GMT

GET
H3 200 jquery-1.7.2.min.js Show response
s2dfree.to/static/style/home/js/ 93 KB
34 KB 68ms
67ms Script
application/javascript 104.31.16.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s2dfree.to/static/style/home/js/jquery-1.7.2.min.js
Requested by: Host: s2dfree.to
URL: https://s2dfree.to/enter.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.31.16.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://s2dfree.to/enter.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:40:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 02 Mar 2019 15:13:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 30779
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCIo7gmOLmAsJ9llaUo0B2hXSf8mcBwD92JNgvpNhDNBvMR8%2FFHPj7Fb00HlEyeX4X%2FJlSSCnkIzB1R%2BFRyyyVrHxi76Oxed1HHcXv9kY%2FI5%2F9bSNWCp0GKvsSzy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 79539c16fa1f2bb4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 06 Feb 2023 15:07:14 GMT

GET
H2 200 recaptcha__da.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ 404 KB
162 KB 195ms
59ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__da.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeZmQ4bAAAAAKWwg8de7v8YVKEYz3mpEUS34feD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd58ea085b09e1cd947d2548a33a0c599267345dcff3fa2d3b1628e2a98ca166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s2dfree.to/
Origin: https://s2dfree.to
accept-language: da-DK,da;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 11:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164839
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 11:22:16 GMT

GET
H3 200 invisible.js Show response
s2dfree.to/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 4448 35 KB
15 KB 37ms
37ms Script
application/javascript 104.31.16.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s2dfree.to/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675670400
Requested by: Host: s2dfree.to
URL: https://s2dfree.to/enter.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.31.16.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7337792c06cae419ddd5e22463ba3dff5df54e475eb84215c9fed58b82699a2

Request headers

accept-language: da-DK,da;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:40:13 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2qbH%2Fx1sMMlivFDNbpkNSF3Yn7AR5k9zSJ%2B0hgbrTXBwy6p1MJXLaKXs62ySth3UgIYOxHCVFbRL5ETU4F5CHIkxTEaAloninfs5MY6XeXBYw0EsaodgR9zD4Ja"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 79539c185bd92bb4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
s2dfree.to/cdn-cgi/challenge-platform/h/b/scripts/ Frame 4448 19 KB
8 KB 38ms
38ms Other
application/javascript 104.31.16.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s2dfree.to/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: s2dfree.to
URL: https://s2dfree.to/enter.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.31.16.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c649c16764bf0e4a0e395f01168231dd4aff0a0b6f4767e5b2adb0dbefb67fc3

Request headers

accept-language: da-DK,da;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:40:13 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqNKZfnTIcRZAiiDcKp7N76Zj1fjBaTVaCQTwIPpu7IxCTKrFduBTT3LqtCmNwWgPzZuSMlI5uXQ7i0mfL9TNUmLkqOlH%2BIsdjFHp2sg36dRllipM7gMDGUNeNDT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 79539c18ac5d2bb4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 79539c16981f90be Show response
s2dfree.to/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 4448 2 B
648 B 52ms
52ms XHR
text/plain 104.31.16.4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s2dfree.to/cdn-cgi/challenge-platform/h/b/cv/result/79539c16981f90be
Requested by: Host: s2dfree.to
URL: https://s2dfree.to/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675670400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.31.16.4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: da-DK,da;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 06 Feb 2023 11:40:14 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkSrgGdh5XKFYBdpBSlceMPz8s3xkORBgFeFHmmv4HC7NgMNBpo8VJhclzMAliADWW3bRspL%2BC%2FO5cDAPzsyvtzZ7BfGZqlWC0ZHKr8QxNItqWKmKq4gfrdLfMUY"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 79539c1b7ffd2bb4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F180 42 KB
22 KB 96ms
95ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeZmQ4bAAAAAKWwg8de7v8YVKEYz3mpEUS34feD&co=aHR0cHM6Ly9zMmRmcmVlLnRvOjQ0Mw..&hl=da&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=9mr1swmgnrp

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__da.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

96456ad822bacf40870a9a274689fa50c6aec469c355b5639b2532d4e55dc82e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zuN8goAly05uOtH9iyIn-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s2dfree.to/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: da-DK,da;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22317
content-security-policy: script-src 'report-sample' 'nonce-zuN8goAly05uOtH9iyIn-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 06 Feb 2023 11:40:14 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame F180 55 KB
24 KB 171ms
56ms Stylesheet
text/css 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeZmQ4bAAAAAKWwg8de7v8YVKEYz3mpEUS34feD&co=aHR0cHM6Ly9zMmRmcmVlLnRvOjQ0Mw..&hl=da&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=9mr1swmgnrp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 17:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 05 Feb 2024 17:52:32 GMT

GET
H3 200 recaptcha__da.js Show response
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/ Frame F180 404 KB
161 KB 203ms
89ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__da.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd58ea085b09e1cd947d2548a33a0c599267345dcff3fa2d3b1628e2a98ca166

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 11:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164839
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 04 Feb 2024 11:22:16 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F180 2 KB
2 KB 59ms
59ms Image
image/png 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 15:21:21 GMT
x-content-type-options: nosniff
age: 505133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 07 Feb 2023 15:21:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F180 15 KB
16 KB 203ms
56ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: da-DK,da;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 04 Feb 2023 15:47:12 GMT
x-content-type-options: nosniff
age: 157982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Feb 2024 15:47:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F180 15 KB
15 KB 218ms
71ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: da-DK,da;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 03 Feb 2023 22:33:49 GMT
x-content-type-options: nosniff
age: 219985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Feb 2024 22:33:49 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame F180 102 B
133 B 79ms
79ms Other
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=da&v=gEr-ODersURoIfof1hiDm7R5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f903fc0a3eeb6b47f347991f5c67874b36b0469a67e9f9fd8a43b2a5784252e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: da-DK,da;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeZmQ4bAAAAAKWwg8de7v8YVKEYz3mpEUS34feD&co=aHR0cHM6Ly9zMmRmcmVlLnRvOjQ0Mw..&hl=da&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=9mr1swmgnrp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
x-xss-protection: 1; mode=block
expires: Mon, 06 Feb 2023 11:40:14 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame F180 32 KB
18 KB 119ms
118ms XHR
application/json 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeZmQ4bAAAAAKWwg8de7v8YVKEYz3mpEUS34feD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__da.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

19eebdbf788e131a7e83fcc8e2eb53ed1f75d2c2b350ec08380b8bd2ea0b59bf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeZmQ4bAAAAAKWwg8de7v8YVKEYz3mpEUS34feD&co=aHR0cHM6Ly9zMmRmcmVlLnRvOjQ0Mw..&hl=da&v=gEr-ODersURoIfof1hiDm7R5&size=invisible&cb=9mr1swmgnrp
accept-language: da-DK,da;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 06 Feb 2023 11:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18730
x-xss-protection: 1; mode=block
expires: Mon, 06 Feb 2023 11:40:14 GMT

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 13:47:15	Name: _GRECAPTCHA Value: 09ANKMWsl-InrmasFKnQRYHlrIreXKRD9e3F5cCfGYTk00KCxUqTZ8fXXVlgeEaCXSoT_EsZSXtdGNFuDj-iJlqTE
s2dfree.to/	1969-12-31 23:59:59	Name: uo Value: 722b81a9a2f4b13cc7ef4e29c63a1769
.s2dfree.to/	1970-01-20 09:28:05	Name: __cf_bm Value: 7YYmbtFSXuUPF3rpkR0WyotFl2H4JdsHIuFdUXqoaos-1675683614-0-AZI0QCfde1zrh4ddDTxSFwEYuJ3jq/Oq0Qo2ljPfE/V7zq0x3FOwj4HXCTWIilI6JlKvliLBVJnnt14QaH31r+4Utih9NeXMh9sjl02n//oT/gk7g9kvci+SHlFwF1RNmTWsO9EHbHwQASXq+dvNup0=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
s2dfree.to
www.google.com
www.gstatic.com
104.31.16.125
104.31.16.4
2a00:1450:400d:805::2003
2a00:1450:400d:80a::2004
2a00:1450:400d:80d::2003
19eebdbf788e131a7e83fcc8e2eb53ed1f75d2c2b350ec08380b8bd2ea0b59bf
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
21671adb52028aa2719df70d9c3d3b99a6dba2ba07eca70e6741412f22b9a0f0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
326cde9bc63afa37b8bd3b92b3e256286d9974ebbd97cd584964af8adde74417
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
80c8e7e175feeb53b0a24355f616ca54397de2ff4c1f3d87914ffc4d07dd2b03
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
95d966321b8acb3bee299edf82e5c75b7f5f997ff924bf4104c39aaab133b27a
96456ad822bacf40870a9a274689fa50c6aec469c355b5639b2532d4e55dc82e
a7337792c06cae419ddd5e22463ba3dff5df54e475eb84215c9fed58b82699a2
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e
c649c16764bf0e4a0e395f01168231dd4aff0a0b6f4767e5b2adb0dbefb67fc3
f903fc0a3eeb6b47f347991f5c67874b36b0469a67e9f9fd8a43b2a5784252e1
fd58ea085b09e1cd947d2548a33a0c599267345dcff3fa2d3b1628e2a98ca166

s2dfree.to Open in urlscan Pro 104.31.16.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

60 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

515 kBTransfer

1312 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

3 Cookies

Indicators

s2dfree.to Open in urlscan Pro
104.31.16.4 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

60 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

515 kB
Transfer

1312 kB
Size

3
Cookies

18 HTTP transactions
0 data transactions