urlscan.io logo urlscan.io
SecurityTrails logo

pujdqd.usadocuments.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://l.info16.citi.com/rts/go2.aspx?h=4009490&tp=i-1NGB-Q4L-lWT-C1jVeU-1r-3KyZzS-1c-C1fuSq-l8roiBjasA-NupOi&x=6.drroham...
Effective URL: https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ
Submission Tags: falconsandbox
Submission: On May 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is pujdqd.usadocuments.com.
TLS certificate: Issued by GTS CA 1P5 on April 23rd 2023. Valid for: 3 months.
This is the only time pujdqd.usadocuments.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 63.148.46.109 53316 (ASN-CHEET...)
1 91.236.168.150 48715 (SEFROYEKP...)
7 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
19 4
Apex Domain
Subdomains		 Transfer
7 usadocuments.com
pujdqd.usadocuments.com
262 KB
6 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 6491
124 KB
1 drroham.ir
6.drroham.ir
550 B
1 citi.com
l.info16.citi.com — Cisco Umbrella Rank: 105170
435 B
19 4
Domain Requested by
7 pujdqd.usadocuments.com 6.drroham.ir
pujdqd.usadocuments.com
6 challenges.cloudflare.com pujdqd.usadocuments.com
challenges.cloudflare.com
6.drroham.ir
1 6.drroham.ir
1 l.info16.citi.com 1 redirects
19 4

This site contains no links.

Subject Issuer Validity Valid
*.drroham.ir
R3		 2023-04-26 -
2023-07-25		 3 months crt.sh
usadocuments.com
GTS CA 1P5		 2023-04-23 -
2023-07-22		 3 months crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ
Frame ID: 167859292198FDCC0ADF00F4564433B6
Requests: 10 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/scste/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: B116CB6F01431794F6AA76FD5637BF5F
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Loading...

Page URL History Show full URLs

  1. https://l.info16.citi.com/rts/go2.aspx?h=4009490&tp=i-1NGB-Q4L-lWT-C1jVeU-1r-3KyZzS-1c-C1fuSq-l8roiBja... HTTP 302
    https://6.drroham.ir/?qp=bG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ== Page URL
  2. https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ Page URL

Page Statistics

19
Requests

74 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

387 kB
Transfer

728 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://l.info16.citi.com/rts/go2.aspx?h=4009490&tp=i-1NGB-Q4L-lWT-C1jVeU-1r-3KyZzS-1c-C1fuSq-l8roiBjasA-NupOi&x=6.drroham.ir%2F%3Fqp%3DbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ%3D%3D HTTP 302
    https://6.drroham.ir/?qp=bG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ== Page URL
  2. https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://l.info16.citi.com/rts/go2.aspx?h=4009490&tp=i-1NGB-Q4L-lWT-C1jVeU-1r-3KyZzS-1c-C1fuSq-l8roiBjasA-NupOi&x=6.drroham.ir%2F%3Fqp%3DbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ%3D%3D HTTP 302
  • https://6.drroham.ir/?qp=bG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ==

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
6.drroham.ir/
Redirect Chain
  • https://l.info16.citi.com/rts/go2.aspx?h=4009490&tp=i-1NGB-Q4L-lWT-C1jVeU-1r-3KyZzS-1c-C1fuSq-l8roiBjasA-NupOi&x=6.drroham.ir%2F%3Fqp%3DbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ%3D%3D
  • https://6.drroham.ir/?qp=bG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ==
580 B
550 B 		Document
General
Check archive.org
Download Go to
Full URL
https://6.drroham.ir/?qp=bG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
91.236.168.150 Tehran, Iran, Islamic Republic Of, ASN48715 (SEFROYEKPARDAZENG-AS Sefroyek Pardaz Engineering Company, IR),
Reverse DNS
server150.nocmdp.com
Software
LiteSpeed /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
306
content-type
text/html; charset=UTF-8
date
Thu, 04 May 2023 13:04:11 GMT
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Date
Thu, 04 May 2023 13:04:10 GMT
Location
https://6.drroham.ir/?qp=bG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ==
Server
Transfer-Encoding
chunked
X-Powered-By
Primary Request MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ
pujdqd.usadocuments.com/ 		8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ
Requested by
Host: 6.drroham.ir
URL: https://6.drroham.ir/?qp=bG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5bd3ccb53de82d5d6449fdabccbfae58b4c9c7e38ff2c2b4d675d529b5d52a78
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://6.drroham.ir/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
7c20f2b849835c38-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Thu, 04 May 2023 13:04:11 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6q1T9z89tgVxgWFrC5ZuioQTA9imjdklZZeT%2Fr8E42ivaPv5%2By%2B%2FSmY%2FSQe%2BcM%2FLE0Imn3WdkDzJPkGVlqld8rAfn4g2hgpbpK2nBytkaf8lks7PprqNC5AAIXjhFNjRVOjZ6roX%2F0dg6nuQ1fYNxLkzlnpEw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
v1
pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/ 		149 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c20f2b849835c38
Requested by
Host: pujdqd.usadocuments.com
URL: https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be49f4d9729992f3368ccdc3d1ef90ff5ac8ff5c0656c55f0cda9983e998bb5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ?__cf_chl_rt_tk=BD9KToR1zPhdINLmQoMnr2Lpg0lSU8VLh3wKEY7SZhQ-1683205451-0-gaNycGzNDBA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 13:04:11 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2%2FtAUJ%2FSncqgsfgsdmxPisx7zg%2Bsw4q8PS7pY3b4vrawgKGERvATPV2a1oiNJ8IPiueDBMwFmc4RH8Cceo0dQbrvr%2BuJyiOn4sey6fuqvxrgPeUDUI6rHw0lY%2FpFLNHErQePDrybsBfz7J4Ii7a2JgBOhWkRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, must-revalidate
cf-ray
7c20f2b94a645c38-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
transparent.gif
pujdqd.usadocuments.com/cdn-cgi/images/trace/managed/js/ 		42 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pujdqd.usadocuments.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7c20f2b849835c38
Requested by
Host: pujdqd.usadocuments.com
URL: https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ?__cf_chl_rt_tk=BD9KToR1zPhdINLmQoMnr2Lpg0lSU8VLh3wKEY7SZhQ-1683205451-0-gaNycGzNDBA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ?__cf_chl_rt_tk=BD9KToR1zPhdINLmQoMnr2Lpg0lSU8VLh3wKEY7SZhQ-1683205451-0-gaNycGzNDBA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 13:04:11 GMT
x-content-type-options
nosniff
last-modified
Fri, 28 Apr 2023 14:11:18 GMT
server
cloudflare
etag
"644bd406-2a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=7200, public
accept-ranges
bytes
cf-ray
7c20f2b94a665c38-FRA
content-length
42
expires
Thu, 04 May 2023 15:04:11 GMT
api.js
challenges.cloudflare.com/turnstile/v0/g/b5e45436/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by
Host: pujdqd.usadocuments.com
URL: https://pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c20f2b849835c38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5205e201bbd649a3a4af0ecb9b1e8a80f73aa8ea4aee1740302b1b8f7435b27f

Request headers

Referer
Origin
https://pujdqd.usadocuments.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 13:04:11 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7c20f2b9ded81e6c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
658bcf730a1fb17
pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/flow/ov1/999174917:1683202007:GjvdahMzgy2cqCkg06z5ltYN0smORf7Kf-ez2WNW_6Q/7c20f2b849835c38/ 		261 KB
195 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/flow/ov1/999174917:1683202007:GjvdahMzgy2cqCkg06z5ltYN0smORf7Kf-ez2WNW_6Q/7c20f2b849835c38/658bcf730a1fb17
Requested by
Host: pujdqd.usadocuments.com
URL: https://pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c20f2b849835c38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62570997b66aafea5f2f937a4b389c2f1e2a11b127678ebb0617f7daef4f85de

Request headers

Referer
https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
CF-Challenge
658bcf730a1fb17
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 May 2023 13:04:12 GMT
content-encoding
br
cf_chl_gen
jdqfSjHUYT1ROXxcGgrwuoH+5GLEd1b3o7hVvdmojNMwY1ljcgl0qJ3aQMymKJsP3L80jkbtrXfNwEvrWvh5K1R3KDjdyEsU7qGfG1qQuLCDAlsar63u4de43yNvub/OX3f5Gr2awJPuKO5orzqOEo+g1UlVI8/7K2xdR3pTZDJD9nPIbEjv/VDAMWdjs7pwdtWO5aCBLPYvLvJjOzx00AhbXV1xc7QNEB8IyZvMvUuTVtl+XtcPQEXC53cWkgJtfkDHgNSGms8JCDsPNKrcJMdPR5/3+I1LHQw1Wi2kstNYC9zwMnCRrVYWWiNAvPzxvN/lB10ITU8hyY57NCT0hZa/JA60Vg5ZJg8NVvY78r+2Jwi1Qp/AcF/E5Vud2MSTkyV6TPc39x0dxVQ/7RuvoQQnB+rMrnDT05WconzWuFN3ZUAQu4GvE2Lb7e4WH4jsq5B9W0uWrm0UjH7U6di8KEqRxDpUf+GGEwWJNjXqenJvURlDVRZ+lsNAd1uObW3aLLw8ewUsAJkS/fkniH9pCw==$J4Fgd4XHi0Eu7Zspc+bXeg==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZcpMzo0GHvaG8pWBBk9hbvGBufEypWDqv483jB6bpCM86Ow7EN3QobAp3%2FZ1JQHDDQcvNw5Q1ubWGnx3hF89vAsdDkaMAUq2W4KwgaXBssq1sTyTqfddaq2mHRFvMxXqFJXDid5ohmjKzvT%2BjGbF5q6sxi0Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7c20f2ba4d1535f4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
nMExWuaDkdXuuOc
pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/pat/7c20f2b849835c38/1683205451902/98c666ef7dac5c063c914dda447137f759fe029ec85abc3f61c89aad49ee9c3e/ 		1 B
936 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/pat/7c20f2b849835c38/1683205451902/98c666ef7dac5c063c914dda447137f759fe029ec85abc3f61c89aad49ee9c3e/nMExWuaDkdXuuOc
Requested by
Host: pujdqd.usadocuments.com
URL: https://pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c20f2b849835c38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 13:04:12 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gmMZm732sXAY8kU3aRHE391n-Ap7IWrw_YciarUnunD4AF3B1amRxZC51c2Fkb2N1bWVudHMuY29t, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAn23qyGdHVs28an7XXJsPKj7kVCaC9GVfIA_hqz7TYAdgPPPWwl9HHr2M2TPFejyc6bFISKBkmpvDiLNyAvKEm13RN65hHys38F97m-W3nV3CX88cMDzDhHNeSKqQo1MoCrKUVRA-HzoI7whFpb6oZatrsiQfT6e0EDSrkJ6AGKwW_hqtTq7Q8oQ8NMvLvQL4MtSLPzPcvwFOz2xb4cnOAAux7Xqj_X9nqx6jEU9gIxdjYa3s0NPyqM-bXlYDhp2Sss_2cyjfmadXK8iNYTmz68Ee9rJbH-kOjl28L1MjBPE6_7T93xkwiDUx1oIe6PkSyh1uv2wJROfbRBP3WttzJwIDAQAB, max-age=20
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0RhNtGrpHbJtaMGCYxU%2FXewFo0ckbr0LtJF1etr5WUL4QGXULJ6gt3dYOSQ2H1oatt8hbXTJN0CqKCDN4kXPDcrnqCsQWRuWgcDdNUAc1HssicEEvtF2bnN7u%2FII1WWqOF120rw9WhQmnP5FgVgfqNMZpDFqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7c20f2bf1ab535f4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i-jQ22sW0ACYK6h
pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/img/7c20f2b849835c38/1683205451904/ 		61 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/img/7c20f2b849835c38/1683205451904/i-jQ22sW0ACYK6h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b3daf4c654a46dd345d8bacaa233ec19f729fe146017e850c174e8c1269b7c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 13:04:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7c20f2c4098e35f4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjASIgLiQ7hg0PGOM%2FO1ZJLb%2Bsf%2Fpq9GYrDxNGxQ1s9oBFsZCnd7ac%2FzAVmJNpsuu3yNwQ6yB69SPAZtbJo%2F60ihTEpSo8tiVo6SAU%2BnKIGNb1EIknJK1mZLwPruXAqj3x26KWRAX3J8LOabbqoCBgLCqS3bsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
f2f8f940-915e-4dbb-a8f9-e3090848adc7
https://pujdqd.usadocuments.com/ 		539 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://pujdqd.usadocuments.com/f2f8f940-915e-4dbb-a8f9-e3090848adc7
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length
539
Content-Type
text/javascript
658bcf730a1fb17
pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/flow/ov1/999174917:1683202007:GjvdahMzgy2cqCkg06z5ltYN0smORf7Kf-ez2WNW_6Q/7c20f2b849835c38/ 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/flow/ov1/999174917:1683202007:GjvdahMzgy2cqCkg06z5ltYN0smORf7Kf-ez2WNW_6Q/7c20f2b849835c38/658bcf730a1fb17
Requested by
Host: pujdqd.usadocuments.com
URL: https://pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=7c20f2b849835c38
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df5b103c3f856f50b43e777680fb81047b692cdd13acf2ab20f90960562c09ff

Request headers

Referer
https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
CF-Challenge
658bcf730a1fb17
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 May 2023 13:04:14 GMT
content-encoding
br
cf_chl_gen
Y5Am50Mean+0sqxBUGSqaYfAzMpddIIXM0tdDafKJseLtbSr3MhpdOJc487dWKPS$y0Z4q8eToyi1k90q1Staqg==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V4NxwxQQ2ceWlxZUIvQn8qP2h1L1dnA4YQmyzcB%2Fs9puxW1YCAz9gp2dv6Y%2B5jIA%2BRxR%2FMQCVdKlOQ7k3AfSmv6p6z22J%2F5oeXMPyW6uHJOcksgP3DUkA14RCa3OLbkfEDPybie0q1yPpxBW%2BDZ5IW26MLLtDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7c20f2cb6a9835f4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/scste/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame B116 		22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/scste/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/b5e45436/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57b3dd45f2bcc1815a64c1327df9ee7bc1a25e974360ce17006588abf30245e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7c20f2cbde889119-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 04 May 2023 13:04:14 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame B116 		157 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c20f2cbde889119
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/scste/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c29c1724090450bb954810876c3c2f696a624ecc590410b2ba46dca96aa109

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/scste/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 13:04:14 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7c20f2cc8f289119-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
6bc7704ff5e2b0f
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1886384880:1683202154:CtHJOkqSixZGQKkbHGi8R1N4Le5vgcZB52vTs7VxTSk/7c20f2cbde889119/ Frame B116 		97 KB
54 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1886384880:1683202154:CtHJOkqSixZGQKkbHGi8R1N4Le5vgcZB52vTs7VxTSk/7c20f2cbde889119/6bc7704ff5e2b0f
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7c20f2cbde889119
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e13ef1df92834d56e8aa1d2162e3c690422d445794235456f43e17a055a2d8d4

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/scste/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36
CF-Challenge
6bc7704ff5e2b0f
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 May 2023 13:04:15 GMT
content-encoding
br
cf_chl_gen
kBRJWNwJQjlaosZpiFh7QwgDABnKK1FjNMALbklHLshF06iSQ8WcUPTOQjTKIUtAtySUkOWoUwgOKfNf1eqtqDOIi3bKbfJ4IJbQR8ZYZRTcfxfP5Q8bV4l7bMVZqFiLHJ/Nlm7SNrem2fpBVgRIl40YaFPfWHjylne/D2Nq11G7pmQ8RDFcuaS1wDprhKYTeciD5ErCYHbBYa2Ha7LkToGxN7CyVvC+znmwy6kATp/zDjZZlLe+pDIAD2/J+gRfBiK79meDFckwyl4unT3xQ9nFmLNZrp2cRfn/pDcrD0K6AhOJPnjiUA3VQ0tt2qzRJAm2EmArA7jOQX3Xzb90L5GLJNhRjn4lIFjJX8mdqzIY3aUsqKAhysflnocLjIZq69yQFd0GPIuwh2KIObuEJIt2hVu6i2PmxEFaEFRDnks=$LdGpyKYO/WN6fWR42bPj3A==
server
cloudflare
cf-ray
7c20f2cd880e9119-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
LQGPy7Su2V5Ft1H
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7c20f2cbde889119/1683205454977/0361115df3d9b9c29aa596dabff4d9638225426371e910901712de5d000a2e95/ Frame B116 		1 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7c20f2cbde889119/1683205454977/0361115df3d9b9c29aa596dabff4d9638225426371e910901712de5d000a2e95/LQGPy7Su2V5Ft1H
Requested by
Host: 6.drroham.ir
URL: https://6.drroham.ir/?qp=bG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ==
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/scste/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 13:04:15 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gA2ERXfPZucKapZbav_TZY4IlQmNx6RCQFxLeXQAKLpUAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEAn23qyGdHVs28an7XXJsPKj7kVCaC9GVfIA_hqz7TYAdgPPPWwl9HHr2M2TPFejyc6bFISKBkmpvDiLNyAvKEm13RN65hHys38F97m-W3nV3CX88cMDzDhHNeSKqQo1MoCrKUVRA-HzoI7whFpb6oZatrsiQfT6e0EDSrkJ6AGKwW_hqtTq7Q8oQ8NMvLvQL4MtSLPzPcvwFOz2xb4cnOAAux7Xqj_X9nqx6jEU9gIxdjYa3s0NPyqM-bXlYDhp2Sss_2cyjfmadXK8iNYTmz68Ee9rJbH-kOjl28L1MjBPE6_7T93xkwiDUx1oIe6PkSyh1uv2wJROfbRBP3WttzJwIDAQAB, max-age=20
server
cloudflare
cf-ray
7c20f2ce28959119-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
text/plain; charset=UTF-8
J6MX3GGm_VZyJI-
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7c20f2cbde889119/1683205454979/ Frame B116 		61 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7c20f2cbde889119/1683205454979/J6MX3GGm_VZyJI-
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a791557fee6262dd872a99c7b31b5b3b9b7fd9662ac693933dcdb6780d0878c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/scste/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

date
Thu, 04 May 2023 13:04:15 GMT
server
cloudflare
cf-ray
7c20f2cfe9eb9119-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/png
d8d1a62d-b244-4a24-85c6-7e636707751f
https://challenges.cloudflare.com/ Frame B116 		656 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/d8d1a62d-b244-4a24-85c6-7e636707751f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/scste/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length
656
Content-Type
text/javascript
f90fb14b-5b90-4bad-8f47-5c9de17f8bb1
https://challenges.cloudflare.com/ Frame B116 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/f90fb14b-5b90-4bad-8f47-5c9de17f8bb1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/scste/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length
3419
Content-Type
text/javascript
f90fb14b-5b90-4bad-8f47-5c9de17f8bb1
https://challenges.cloudflare.com/ Frame B116 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/f90fb14b-5b90-4bad-8f47-5c9de17f8bb1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/scste/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length
3419
Content-Type
text/javascript
f90fb14b-5b90-4bad-8f47-5c9de17f8bb1
https://challenges.cloudflare.com/ Frame B116 		3 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/f90fb14b-5b90-4bad-8f47-5c9de17f8bb1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/scste/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.63 Safari/537.36

Response headers

Content-Length
3419
Content-Type
text/javascript

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _cf_chl_opt function| SHA256 function| _cf_chl_turnstile_l function| _cf_chl_preload function| _cf_chl_enter boolean| _cf_chl_done_ran function| _cf_chl_done function| sendRequest object| _cf_chl_ctx string| prefix object| turnstile boolean| _cf_chl_turnstile_loaded undefined| _cf_gcr

2 Cookies

Domain/Path Name / Value
l.info16.citi.com/ Name: ASP.NET_SessionId
Value: 5eyxg3hu3rdipvmiu2im1tce
l.info16.citi.com/ Name: BIGipServercnv_ats_ssl_pool
Value: 1145509898.47873.0000

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://pujdqd.usadocuments.com/MbG9yaS5wZXRyb25lQGVjbGluaWNhbHdvcmtzLmNvbQ
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://pujdqd.usadocuments.com/cdn-cgi/challenge-platform/h/g/pat/7c20f2b849835c38/1683205451902/98c666ef7dac5c063c914dda447137f759fe029ec85abc3f61c89aad49ee9c3e/nMExWuaDkdXuuOc
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7c20f2cbde889119/1683205454977/0361115df3d9b9c29aa596dabff4d9638225426371e910901712de5d000a2e95/LQGPy7Su2V5Ft1H
Message:
Failed to load resource: the server responded with a status of 401 ()